News

You are currently browsing the archive for the News category.

When Clouds Crash

December 7, 2022 in Future, News | 2 comments

Rackspace is in a crater right now, on fire.

So are many of its customers. I’m one of them.

What happened, Rackspace says, was “the result of a ransomware incident.” Damaged, lost or destroyed is its Hosted Exchange business. On that cloud platform, companies and individuals around the world run their email and much else.

It’s quite a saga.

The first report from Rackspace came at 11:49pm Pacific (where I am) on Thursday, posted on its Incidents page:

We are investigating an issue that is affecting our Hosted Exchange environments. More details will be posted as they become available.

Updates got more wordy as the outage continued. About a day later, a long posting said,

We proactively powered down and disconnected the Hosted Exchange environment while we triaged to understand the extent and the severity of the impact. After further analysis, we have determined that this is a security incident.

They also offered a lifeline of sorts:

At no cost to you, we will be providing access to Microsoft Exchange Plan 1 licenses on Microsoft 365 until further notice. At no cost to you, we will be providing access to Microsoft Exchange Plan 1 licenses on Microsoft 365 until further notice. To activate, please use the below link for instructions on how to set up your account and users.

For reasons not worth going into, this was useless to me. But I’m also just one guy, and almost all of Rackspace’s customers are businesses with more to lose.

Getting help from Rackspace quickly became difficult or impossible, while details about the situation were minimal, until this morning (6 December), when they said it was a ransomware incident. Which countless tweets had been suggesting from the start.

Here is what Rackspace said it was doing about it:

Alongside our internal security team, we have engaged a leading cyber defense firm to investigate. Our investigation is still in its early stages, and it is too early to say what, if any, data was affected. If we determine sensitive information was affected, we will notify customers as appropriate.

No FBI? CIA? NSA? DHS? Police? My guess is that at least two of those have been notified because it would make sense for them to be involved. But I’m sure abundant caution on Rackspace’s part is the reason we’re not hearing about any of that.

As for notifying customers, good luck. In a posting two days ago, Rackspace said,

For those who are finding the process challenging and are awaiting support, we ask for your patience as we increase staff to help every customer. Since our last update, we have mobilized roughly 1000 support Rackers to reduce wait times and address ticket queues. We will continue to accelerate and deploy even more resources to further help customers.

Search for Rackspace+wait on Twitter to see how that’s going.

Yesterday morning I chose the “we’ll call you back asap” option at the Rackspace support number, after calling them fruitlessly before that. Since then, crickets. Meanwhile, I’ve been working almost non-stop on moving my email hosting to Hover, which answers the phone quickly and is always helpful.

Of course, I haven’t been able to export anything from Rackspace, and I have growing doubts that I ever will. If the failure is total, many details of my life in the digital world will be lost forever.

One bit of good fortune is that my wife and sister, who both also have searls.com email addresses, were on Rackspace’s basic non-Exchange email service. Since that was still working today, we could export their mail archive from Rackspace as .mbox files, and start new accounts for them on Hover. (Ironically, I moved to Rackspace’s Exchange service because I punched through the basic service’s 25Gb limit on storage, and they sold me on the Exchange service’s better security.)

Ramsomware is bad shit. If you’re Rackspace or one of its customers, there is plenty to fear.

But the larger story here isn’t about Rackspace or its customers. It’s about the cloud business, which is beyond massive.

I’ve been looking for examples of cloud failures that are bigger than this one. Here’s a list from five years ago. Here is one from July of this year. Here is one from August. Most list disruptions lasting hours. This one has been going on for five days with no end in sight.

So let’s imagine that Rackspace and its customers are stuck in that crater, and it just keeps burning. For years. What are the lessons from that?

[Later, on 10 December…] This report by Kevin Beaumont on the Rackspace catastrophe (which continues) is long on technical and administrative details that nobody else seems to be reporting, and is damning to Microsoft as well.

On solving the worldwide shipping crisis

October 15, 2021 in Business, Ideas, Journalism, News, Pandemic | 8 comments


The worldwide shipping crisis is bad. Here are some reasons:

  1. “Just in time” manufacturing, shipping, delivery, and logistics. For several decades, the whole supply system has been optimized for “lean” everything. On the whole, no part of it fully comprehends breakdowns outside the scope of immediate upstream or downstream dependencies.
  2. The pandemic, which has been depriving nearly every sector of labor, intelligence, leadership, data, and much else, since early last year.
  3. Catastrophes. The largest of these was the 2021 Suez Canal Obstruction, which has had countless effects upstream and down.
  4. Competing narratives. Humans can’t help reducing all complex situations to stories, all of which require protagonists, problems, and movement toward resolution. It’s how our minds are built, and why it’s hard to look more deeply and broadly at any issue and why it’s here. (For more on that, see Where Journalism Fails.)
  5. Corruption. This is endemic to every complex economy: construction, online advertising, high finance, whatever. It happens here too. (And, like incompetence, it tends to worsen in a crisis.)
  6. Bureacracies & non-harmonized regulations. More about this below*.
  7. Complicating secondary and tertiary effects. The most obvious of these is inflation. Says here, “the spot rate for a 40-foot shipping container from Shanghai to Los Angeles rising from about $3,500 last year to $12,500 as of the end of September.” I’ve since heard numbers as high as $50,000. And, of course, inflation also happens for other reasons, which further complicates things.

To wrap one’s head around all of those (and more), it might help to start with Aristotle’s four “causes” (which might also be translated as “explanations”). Wikipedia illustrates these with a wooden dining table:

  • Its material cause is wood.
  • Its efficient cause is carpentry.
  • Its final cause is dining.
  • Its formal cause (what gives it form) is design.

Of those, formal cause is what matters most. That’s because, without knowledge of what a table is, it wouldn’t get made.

But the worldwide supply chain (which is less a single chain than braided rivers spreading outward from many sources through countless deltas) is impossible to reduce to any one formal cause. Mining, manufacturing, harvesting, shipping on sea and land, distribution, wholesale and retail sales are all involved, and specialized in their own ways, dependencies withstanding.

I suggest, however, that the most formal of the supply chain problem’s causes is also what’s required to sort out and solve it: digital technology and the Internet. From What does the Internet make of us?, sourcing the McLuhans:

“People don’t want to know the cause of anything”, Marshall said (and Eric quotes, in Media and Formal Cause). “They do not want to know why radio caused Hitler and Gandhi alike. They do not want to know that print caused anything whatever. As users of these media, they wish merely to get inside…”

We are all inside a digital environment that is making each of us while also making our systems. This can’t be reversed. But it can be understood, at least to some degree. And that understanding can be applied.

How? Well, Marshall McLuhan—who died in 1980—saw in the rise of computing the retrieval of what he called “perfect memory—total and exact.” (Laws of Media, 1988.) So, wouldn’t it be nice if we could apply that power to the totality of the world’s supply chains, subsuming and transcending the scope and interests of any part, whether those parts be truckers, laws, standards, and the rest—and do it in real time? Global aviation has some of this, but it’s also a much simpler system than the braided rivers between global supply and global demand.

Is there something like that? I don’t yet know. Closest I’ve found is the UN’s IMO (International Maritime Organizaiton), and that only covers “the safety and security of shipping and the prevention of marine and atmospheric pollution by ships.” Not very encompassing, that. If any of ya’ll know more, fill us in.

[*Added 18 October] Just attended a talk by Oswald KuylerManaging Director of the International Chamber of Commerce‘s Digital Standards initiative, on an “Integrated Approach” by his and allied organizations that addresses “digital islands,” “no single view of available standards” both open and closed, “limited investments into training, change management and adoption,” “lack of enabling rules and regulations,” “outdated regulation,” “privacy law barriers,” “trade standard adoption gaps,” “costly technical integration,” “fragmentation” that “prevents paperless trade,” and other factors. Yet he also says the whole thing is “bent but not broken,” and that (says one slide) “trade and supply chain prove more resilient than imagined.”

Another relevant .org is the International Chamber of Shipping.

By the way, Heather Cox Richardson (whose newsletter I highly recommend) yesterday summarized what the Biden administration is trying to do about all this:

Biden also announced today a deal among a number of different players to try to relieve the supply chain slowdowns that have built up as people turned to online shopping during the pandemic. Those slowdowns threaten the delivery of packages for the holidays, and Biden has pulled together government officials, labor unions, and company ownership to solve the backup.

The Port of Los Angeles, which handles 40% of the container traffic coming into the U.S., has had container ships stuck offshore for weeks. In June, Biden put together a Supply Chain Disruption Task Force, which has hammered out a deal. The port is going to begin operating around the clock, seven days a week. The International Longshore and Warehouse Union has agreed to fill extra shifts. And major retailers, including Walmart, FedEx, UPS, Samsung, Home Depot, and Target, have agreed to move quickly to clear their goods out of the dock areas, speeding up operations to do it and committing to putting teams to work extra hours.

“The supply chain is essentially in the hands of the private sector,” a White House official told Donna Littlejohn of the Los Angeles Daily News, “so we need the private sector…to help solve these problems.” But Biden has brokered a deal among the different stakeholders to end what was becoming a crisis.

Hopefully helpful, but not sufficient.

Bonus link: a view of worldwide marine shipping. (Zoom in and out, and slide in any direction for a great way to spend some useful time.)

The photo is of Newark’s container port, viewed from an arriving flight at EWR, in 2009.

A side view of the Ranch 2 Fire

August 17, 2020 in fire, Geography, News | Permalink

What you see there is a flammagenitus cloud rising to the north above Ranch 2, a wildfire about fifteen miles east of here in the San Gabriel Mountains, just north of Asuza (one of too many towns to remember, in greater Los Angeles). If the video works, you’ll see how how the clouds give shape to the heat from the fire, even as smoke (darker and with a gray/magenta color) stopping at a lower elevation, spreads northward in the same direction.

The fire was caused by arson, says the guy who confessed to starting it.

It’s interesting to see how much reporting on fires has changed in the time I’ve been following stories like this in Southern California. Inciweb, the canonical close-to-live running catalog of wildfires in the U.S. has moved from the .org where it started to NCWG.gov, the National Coordinating Wildfire Group. When I first wrote about Inciweb, back in ’06, I didn’t mention that it was entirely the heroic work of one Linux hacker at the Forest Service who didn’t wish to be identified.

Anyway, if you want to catch up on the Ranch2, one of too many wildfires clouding the western skies right now, here’s the Twitter search for the latest.

 

Bad $20

June 1, 2020 in News | 1 comment

I once tried to pass a counterfeit $20 bill. Actually, twice.

The first was when I paid for a lunch at Barney Greengrass in New York, about two years ago. After exposing the $20 to a gizmo at the cash register, the cashier handed it back to me, saying it was counterfeit. Surprised—I had no idea there were counterfeit $20s in circulation at all—I asked how he could tell. He pointed at the gizmo and explained how it worked. I said “Okay,” gave him a different $20, got my change and walked out, intending later to compare the fake 20 with a real one.

The second was when I paid for something with the bad $20 at some other establishment, not meaning to. I just forgot I still had it in my wallet.

In respect to the current meltdown in this country—one that started, reportedly, when George Floyd attempted to pay for something with a bad $20 bill, two facts ricochet around in my mind. One is that the cashier at Barney Greengrass didn’t call the cops on me. Nor was I killed. The other is that I surely got my bad $20 where everybody gets all their $20s: from a cash machine. And that there must be a lot of counterfeit $20s floating about in the world.

Beyond that I have nothing to add. What’s happening in the U.S. today says more than enough.

 

The Great Trivializer

August 27, 2019 in Internet, movies, News, personal data, Politics, privacy | 1 comment

black hole

Last night I watched The Great Hack a second time. It’s a fine documentary, maybe even a classic. (A classic in literature, I learned on this Radio Open Source podcast, is a work that “can only be re-read.” If that’s so, then perhaps a classic movie is one that can only be re-watched.*)

The movie’s message could hardly be more loud and clear: vast amounts of private information about each of us is gathered constantly in the digital world, and is being weaponized so our minds and lives can be hacked by others for commercial or political gain. Or both. The movie’s star, Professor David Carroll of the New School (@profcarroll), has been delivering that message for many years, as have many others, including myself.

But to what effect?

Sure, we have policy moves such as the GDPR, the main achievement of which (so far) has been to cause every website to put confusing and (in most cases) insincere cookie notices on their index pages, meant (again, in most cases) to coerce “consent” (which really isn’t) to exactly the unwanted tracking the regulation was meant to stop.

Those don’t count.

Ennui does. Apathy does.

On seeing The Great Hack that second time, I had exactly the same feeling my wife had on seeing it for her first: that the very act of explaining the problem also trivialized it. In other words, the movie worsened the very problem it solved. And it isn’t alone at this, because so has everything everybody has said, written or reported about it. Or so it sometimes seems. At least to me.

Okay, so: if I’m right about that, why might it be?

One reason is that there’s no story. See, every story requires three elements: character (or characters), problem (or problems), and movement toward resolution. (Find a more complete explanation here.) In this case, the third element—movement toward resolution—is absent. Worse, there’s almost no hope. “The Great Hack” concludes with a depressing summary that tends to leave one feeling deeply screwed, especially since the only victories in the movie are over the late Cambridge Analytica; and those victories were mostly within policy circles we know will either do nothing or give us new laws that protect yesterday from last Thursday… and then last another hundred years.

The bigger reason is that we are now in a media environment summarized by Marshall McLuhan in his book The Medium is the Massage: “every new medium works us over completely.” Our new medium is the Internet, which is a non-place absent of distance and gravity. The only institutions holding up there are ones clearly anchored in the physical world. Health care and law enforcement, for example. Others dealing in non-material goods, such as information and ideas, aren’t doing as well.

Journalism, for example. Worse, on the Internet it’s easy for everyone to traffic in thoughts and opinions, as well as in solid information. So now the world of thoughts and ideas, which preponderate on social media such as Twitter, Facebook and Instagram, are vast floods of everything from everybody. In the midst of all that, the news cycle, which used to be daily, now lasts about as long as a fart. Calling it all too much is a near-absolute understatement.

But David Carroll is right. Darkness is falling. I just wish all the light we keep trying to shed would do a better job of helping us all see that.

_________

*For those who buy that notion, I commend The Rewatchables, a great podcast from The Ringer.

Where Journalism Fails

July 23, 2019 in Digital Life, Journalism, News, Politics, problems, publishing | Permalink

“What’s the story?”

No question is asked more often by editors in newsrooms than that one. And for good reason: that’s what news is about: The Story.

Or, in the parlance of the moment, The Narrative. (Trend. More about that below.)

I was just 22 when I wrote my first stories as a journalist, reporting for a daily newspaper in New Jersey. It was there that I learned that all stories are built around three elements:

  1. Character
  2. Problem
  3. Movement toward resolution

Subtract one or more of those and all you’ll have is an item, or an incident. Not a story. Which won’t run. So let’s unpack those elements a bit.

The character can be a person, a group, a team, a cause—anything with a noun. Mainly the character needs to be worth caring about in some way. You can love the character, hate it (or him, or her or them). Mainly you have to care about the character enough to be interested.

The problem can be of any kind at all, so long as it causes conflict involving the character. All that matters is that the conflict keeps going, toward the possibility of resolution. If the conflict ends, the story is over. For example, if you’re at a sports event, and your team is up (or down) by forty points with five minutes left, the character you now care about is your own ass, and your problem is getting it out of the parking lot. If that struggle turns out to be interesting, it might be a story you tell later at a bar.)

Movement toward resolution is nothing more than that. Bear in mind that many stories never arrive at a conclusion. In fact, that may be part of the story itself. Soap operas work that way.

For a case-in-point of how this can go very wrong, we have the character now serving as President of the United States, creating problems and movement around them with nearly everything he says and does.

We have never seen Donald Trump’s like before, and may never again. His genius at working all three elements are without equal in our time—or perhaps any time. So please, if you can, set your politics aside and just look at the dude through the prism of Story.

Donald Trump spins up stories at least four ways:

  1. Through constant characterization of others, for example with nicknames (“Little Mario,” “Low Energy Jeb,” “Crooked Hillary,” “Sleepy Joe,” “Failing New York Times”)
  2. By finding or creating problems, and characterizing those too: “witch hunt,” “fake news,” “illegal ballots,” “Dominion-izing the Vote.”
  3. By creating movement via the Roy Cohn and Roger Stone playbook: always attack or counter-attack, sue constantly, claim victory no matter what. (Roy Cohn was a lawyer Frank Rich felicitously called “The worst human being who ever lived … the most evil, twisted, vicious bastard ever to snort coke at Studio 54.” Talk about character: Cohn was absolutely interesting. As Politico puts it here, “Cohn imparted an M.O. that’s been on searing display throughout Trump’s ascent, his divisive, captivating campaign, and his fraught, unprecedented presidency. Deflect and distract, never give in, never admit fault, lie and attack, lie and attack, publicity no matter what, win no matter what, all underpinned by a deep, prove-me-wrong belief in the power of chaos and fear.”)
  4. By playing the ultimate alpha. That’s why he constantly calls himself the winner, no matter what.
  5. By de-legitimizing facts, truths, norms, and those who traffic in them. Key to this is accusing others of wrongs he commits himself. This is why he labels CNN and other news organizations “fake news” while turning the generation of it into an art form. Also why his accusations against others are a reliable tell of his own guilt for doing the same thing.
  6. As for movement, every new problem Trump creates or intensifies is meant to generate an emotional response, which is movement in itself.

Look closely: the news Trump makes is deliberate, theatrical and constant. All of it is staged and re-staged, so every unavoidably interesting thing he says or does pushes the last thing he said or did off the stage and into irrelevance, because whatever he’s saying or doing now demands full attention, no matter what he said or did yesterday.

There is true genius to this, and it requires understanding and respect—especially by those who report on it.

You can call this trolling, or earned media coverage, meaning the free kind. Both are true. Comparing Trump to The Mule in Isaac Azimov’s Foundation and Empire also makes sense. (The Mule was a mutant with exceptional influence over the emotions of whole populations. It was by noting this resemblance that I, along with Scott Adams, expected Trump to win in 2016.)

This speaks of two big fails for journalism:

  1. Its appetite for stories proves a weakness when it’s fed by a genius at hogging the stage.
  2. It avoids reporting what doesn’t fit the story format. This includes most of reality.

My favorite priest says “some truths are so deep only stories can tell them,” and I’m sure this is true. But stories by themselves are also inadequate ways to present essential facts people need to know, because by design they exclude what doesn’t fit “the narrative,” which is the modern way to talk about story—and to spin journalists. (My hairs of suspicion stand on end every time I hear the word “narrative.”)

So here’s the paradox: We need to know more than stories can tell, yet stories are pretty much all human beings are interested in. Character, problem and movement give shape and purpose to every human life. We can’t correct for it.

That’s why my topic here—a deep and abiding flaw (also a feature) of both journalism and human nature—is one most journalists won’t touch. The flawed nature of The Story itself is not a story. Same goes for  “earned media coverage.” Both are features rather than bugs, because they cause much of journalism’s success, and debugging them has proven impossible.

I’ll illustrate those points with the killing fields of Cambodia. Those fields are the setting for a story well-known today, about how Pol Pot and the Khmer Rouge committed genocide on a massive scale, wiping out between one and a half to two million people, or around twenty-five percent of Cambodia’s population. And yet that story meant close to nothing until it was about one man with a problem rather than a whole dead population.

I heard about that genocide one evening in the late 1970s, when Hughes Rudd, a CBS anchor at the time, said on a newscast, almost offhand, that perhaps half a million people were dead in Cambodia. Rather than a story, this was just an item: too important to not mention but lacking in the elements of a story. The next morning I checked The New York Times and found the same item mentioned in a short piece on an inside page. It blew my mind: half a million dead, and no story.

What made it not a story was the absence of all three elements. There were no characters, no conflict that was easy to describe, no movement toward resolution. Just a statistic. It hardly mattered to journalistic institutions of the time that the statistic itself was a massive one.

The killing fields finally became a story on January 20, 1980, when Sydney Schanberg‘s The Death and Life of Dith Pran ran in the Times‘ Sunday Magazine. Now the story had all three elements, and pulled in lots of relevant and interesting facts. Eventually it became the movie that gave Cambodia’s killing fields their name.

What matters for our current inquiry is that years went by, with a million or more people dying, before the killing fields became a big story.

And this was neither the first nor the last time massively important and consequential facts got too little attention in the absence of one or more of a story’s three elements. Consider The Holocaust (six million dead) vs. the story of Ann Frank. The Rwandan genocide vs. Hotel Rwanda. China’s one child policy (untold millions of full-term fetuses aborted or born babies killed or left beside the road to die) vs. One Child Nation. The Rohingya conflict (more than 10,000 civilians dead, 128,000 internally displaced, 950,000+ chased elsewhere) vs. approximately nobody. Heard of Holodomor? East Pakistan? How about any of the dozens of millions who died during Mao’s revolution in China?

Without a story, statistics are cemeteries of facts.

Sure, academics and obsessives of other kinds (including journalists) can exhume those facts. But Big-J journalism will always be preoccupied with stories. Including, unavoidably, the genius for generating them who currently occupies the White House.

Bonus link.

*However, if you want good advice on how best to write stories about the guy, you can’t beat what @JayRosen_NYU tweets here. I suggest it also applies to the UK’s prime minister.

Venus, Moon, Jupiter and Mercury in the dawn’s early light

January 2, 2019 in astronomy, News, Science | Permalink


Walked out on the front deck this morning and grabbed a photo set of the Moon between conjunctions with Venus (that was yesterday), Jupiter (tonight and tomorrow) and then Mercury (Saturday), before passing next to the Sun as a new moon on Sunday.

More about the show at EarthSky. Get up early and check it out.

New York lights

November 15, 2018 in infrastructure, Nature, new york, News, Travel | Permalink

I had a bunch of errands to run today, but also a lot of calls. And, when I finally got up from my desk around 4pm with plans to head out in the car, I found five inches of snow already on the apartment deck. Another five would come after that. So driving was clearly a bad idea.

When I stepped out on the street, I saw it was impossible. Cars were stuck, even on our side street.

So I decided to walk down to the nearest dollar store, a few blocks north on Broadway, which is also downhill in this part of town, to check out the ‘hood and pick up some deck lights to replace the ones that had burned out awhile back.

What I found on Broadway was total gridlock, because too many cars and trucks couldn’t move. Tires all over spun in place, saying “zzzZZZZzzzZZZ.” After I picked up a couple 5-foot lengths of holiday lights for $1 each at the dollar store, I walked back up past the same stuck length of cars and trucks I saw on the way down. A cop car and an ambulance would occasionally fire up their sirens, but it made no difference. Everything was halted.

When I got back, I put the lights on the deck and later shot the scene above. It’s 10pm now, and rains have turned the scene to slush.

I do hope kids got to sled in the snow anyway. Bonus links: Snow difference and Wintry mixing.

Tags:

Facebook’s Cambridge Analytica problems are nothing compared to what’s coming for all of online publishing

March 23, 2018 in adtech, advertising, Berkman, Business, Customertech, Ideas, infrastructure, Internet, Journalism, Law, Links, marketing, News, Personal, privacy, problems, publishing, Research, Technology, VRM | 72 comments

Let’s start with Facebook’s Surveillance Machine, by Zeynep Tufekci in last Monday’s New York Times. Among other things (all correct), Zeynep explains that “Facebook makes money, in other words, by profiling us and then selling our attention to advertisers, political actors and others. These are Facebook’s true customers, whom it works hard to please.”

Irony Alert: the same is true for the Times, along with every other publication that lives off adtech: tracking-based advertising. These pubs don’t just open the kimonos of their readers. They bring readers’ bare digital necks to vampires ravenous for the blood of personal data, all for the purpose of aiming “interest-based” advertising at those same readers, wherever those readers’ eyeballs may appear—or reappear in the case of “retargeted” advertising.

With no control by readers (beyond tracking protection which relatively few know how to use, and for which there is no one approach, standard, experience or audit trail), and no blood valving by the publishers who bare those readers’ necks, who knows what the hell actually happens to the data?

Answer: nobody knows, because the whole adtech “ecosystem” is a four-dimensional shell game with hundreds of players

or, in the case of “martech,” thousands:

For one among many views of what’s going on, here’s a compressed screen shot of what Privacy Badger showed going on in my browser behind Zeynep’s op-ed in the Times:

[Added later…] @ehsanakhgari tweets pointage to WhoTracksMe’s page on the NYTimes, which shows this:

And here’s more irony: a screen shot of the home page of RedMorph, another privacy protection extension:

That quote is from Free Tools to Keep Those Creepy Online Ads From Watching You, by Brian X. Chen and Natasha Singer, and published on 17 February 2016 in the Times.

The same irony applies to countless other correct and important reportage on the Facebook/Cambridge Analytica mess by other writers and pubs. Take, for example, Cambridge Analytica, Facebook, and the Revelations of Open Secrets, by Sue Halpern in yesterday’s New Yorker. Here’s what RedMorph shows going on behind that piece:

Note that I have the data leak toward Facebook.net blocked by default.

Here’s a view through RedMorph’s controller pop-down:

And here’s what happens when I turn off “Block Trackers and Content”:

By the way, I want to make clear that Zeynep, Brian, Natasha and Sue are all innocents here, thanks both to the “Chinese wall” between the editorial and publishing functions of the Times, and the simple fact that the route any ad takes between advertiser and reader through any number of adtech intermediaries is akin to a ball falling through a pinball machine. Refresh your page while reading any of those pieces and you’ll see a different set of ads, no doubt aimed by automata guessing that you, personally, should be “impressed” by those ads. (They’ll count as “impressions” whether you are or not.)

Now…

What will happen when the Times, the New Yorker and other pubs own up to the simple fact that they are just as guilty as Facebook of leaking data about their readers to other parties, for—in many if not most cases—God knows what purposes besides “interest-based” advertising? And what happens when the EU comes down on them too? It’s game-on after 25 May, when the EU can start fining violators of the General Data Protection Regulation (GDPR). Key fact: the GDPR protects the data blood of what they call “EU data subjects” wherever those subjects’ necks are exposed in borderless digital world.

To explain more about how this works, here is the (lightly edited) text of a tweet thread posted this morning by @JohnnyRyan of PageFair:

Facebook left its API wide open, and had no control over personal data once those data left Facebook.

But there is a wider story coming: (thread…)

Every single big website in the world is leaking data in a similar way, through “RTB bid requests” for online behavioural advertising #adtech.

Every time an ad loads on a website, the site sends the visitor’s IP address (indicating physical location), the URL they are looking at, and details about their device, to hundreds -often thousands- of companies. Here is a graphic that shows the process.

The website does this to let these companies “bid” to show their ad to this visitor. Here is a video of how the system works. In Europe this accounts for about a quarter of publishers’ gross revenue.

Once these personal data leave the publisher, via “bid request”, the publisher has no control over what happens next. I repeat that: personal data are routinely sent, every time a page loads, to hundreds/thousands of companies, with no control over what happens to them.

This means that every person, and what they look at online, is routinely profiled by companies that receive these data from the websites they visit. Where possible, these data and combined with offline data. These profiles are built up in “DMPs”.

Many of these DMPs (data management platforms) are owned by data brokers. (Side note: The FTC’s 2014 report on data brokers is shocking. See https://www.ftc.gov/reports/data-brokers-call-transparency-accountability-report-federal-trade-commission-may-2014. There is no functional difference between an #adtech DMP and Cambridge Analytica.

—Terrell McSweeny, Julie Brill and EDPS

None of this will be legal under the #GDPR. (See one reason why at https://t.co/HXOQ5gb4dL). Publishers and brands need to take care to stop using personal data in the RTB system. Data connections to sites (and apps) have to be carefully controlled by publishers.

So far, #adtech’s trade body has been content to cover over this wholesale personal data leakage with meaningless gestures that purport to address the #GDPR (see my note on @IABEurope current actions here: https://t.co/FDKBjVxqBs). It is time for a more practical position.

And advertisers, who pay for all of this, must start to demand that safe, non-personal data take over in online RTB targeting. RTB works without personal data. Brands need to demand this to protect themselves – and all Internet users too. @dwheld @stephan_lo @BobLiodice

Websites need to control
1. which data they release in to the RTB system
2. whether ads render directly in visitors’ browsers (where DSPs JavaScript can drop trackers)
3. what 3rd parties get to be on their page
@jason_kint @epc_angela @vincentpeyregne @earljwilkinson 11/12

Lets work together to fix this. 12/12

Those last three recommendations are all good, but they also assume that websites, advertisers and their third party agents are the ones with the power to do something. Not readers.

But there’s lots readers will be able to do. More about that shortly. Meanwhile, publishers can get right with readers by dropping #adtech and going back to publishing the kind of high-value brand advertising they’ve run since forever in the physical world.

That advertising, as Bob Hoffman (@adcontrarian) and Don Marti (@dmarti) have been making clear for years, is actually worth a helluva lot more than adtech, because it delivers clear creative and economic signals and comes with no cognitive overhead (for example, wondering where the hell an ad comes from and what it’s doing right now).

As I explain here, “Real advertising wants to be in a publication because it values the publication’s journalism and readership” while “adtech wants to push ads at readers anywhere it can find them.”

Doing real advertising is the easiest fix in the world, but so far it’s nearly unthinkable for a tech industry that has been defaulted for more than twenty years to an asymmetric power relationship between readers and publishers called client-server. I’ve been told that client-server was chosen as the name for this relationship because “slave-master” didn’t sound so good; but I think the best way to visualize it is calf-cow:

As I put it at that link (way back in 2012), Client-server, by design, subordinates visitors to websites. It does this by putting nearly all responsibility on the server side, so visitors are just users or consumers, rather than participants with equal power and shared responsibility in a truly two-way relationship between equals.

It doesn’t have to be that way. Beneath the Web, the Net’s TCP/IP protocol—the gravity that holds us all together in cyberspace—remains no less peer-to-peer and end-to-end than it was in the first place. Meaning there is nothing about the Net that prevents each of us from having plenty of power on our own.

On the Net, we don’t need to be slaves, cattle or throbbing veins. We can be fully human. In legal terms, we can operate as first parties rather than second ones. In other words, the sites of the world can click “agree” to our terms, rather than the other way around.

Customer Commons is working on exactly those terms. The first publication to agree to readers terms is Linux Journal, where I am now editor-in-chief. The first of those terms is #P2B1(beta), says “Just show me ads not based on tracking me,” and is hashtagged #NoStalking.

In Help Us Cure Online Publishing of Its Addiction to Personal Data, I explain how this models the way advertising ought to be done: by the grace of readers, with no spying.

Obeying readers’ terms also carries no risk of violating privacy laws, because every pub will have contracts with its readers to do the right thing. This is totally do-able. Read that last link to see how.

As I say there, we need help. Linux Journal still has a small staff, and Customer Commons (a California-based 501(c)(3) nonprofit) so far consists of five board members. What it aims to be is a worldwide organization of customers, as well as the place where terms we proffer can live, much as Creative Commons is where personal copyright licenses live. (Customer Commons is modeled on Creative Commons. Hats off to the Berkman Klein Center for helping bring both into the world.)

I’m also hoping other publishers, once they realize that they are no less a part of the surveillance economy than Facebook and Cambridge Analytica, will help out too.

[Later…] Not long after this post went up I talked about these topics on the Gillmor Gang. Here’s the video, plus related links.

I think the best push-back I got there came from Esteban Kolsky, (@ekolsky) who (as I recall anyway) saw less than full moral equivalence between what Facebook and Cambridge Analytica did to screw with democracy and what the New York Times and other ad-supported pubs do by baring the necks of their readers to dozens of data vampires.

He’s right that they’re not equivalent, any more than apples and oranges are equivalent. The sins are different; but they are still sins, just as apples and oranges are still both fruit. Exposing readers to data vampires is simply wrong on its face, and we need to fix it. That it’s normative in the extreme is no excuse. Nor is the fact that it makes money. There are morally uncompromised ways to make money with advertising, and those are still available.

Another push-back is the claim by many adtech third parties that the personal data blood they suck is anonymized. While that may be so, correlation is still possible. See Study: Your anonymous web browsing isn’t as anonymous as you think, by Barry Levine (@xBarryLevine) in Martech Today, which cites De-anonymizing Web Browsing Data with Social Networks, a study by Jessica Su (@jessicatsu), Ansh Shukla (@__anshukla__) and Sharad Goel (@5harad)
of Stanford and Arvind Narayanan (@random_walker) of Princeton.

(Note: Facebook and Google follow logged-in users by name. They also account for most of the adtech business.)

One commenter below noted that this blog as well carries six trackers (most of which I block).. Here is how those look on Ghostery:

So let’s fix this thing.

[Later still…] Lots of comments in Hacker News as well.

[Later again (8 April 2018)…] About the comments below (60+ so far): the version of commenting used by this blog doesn’t support threading. If it did, my responses to comments would appear below each one. Alas, some not only appear out of sequence, but others don’t appear at all. I don’t know why, but I’m trying to find out. Meanwhile, apologies.

Enough Alreadies

March 15, 2018 in News, Personal, problems, publishing | 3 comments

I just unsubscribed from Quora notifications.

Reasons:

  1. With my new full-time gig as editor-in-chief of Linux Journal, I have close to no time for anything else, even though many other obligations do take time. Some of those also pay, and so require that I cut out as many distractions as I can.
  2. The filter bubble thing works a bit too well. Two topics I’ve answered a lot—about IQ and radio—seem to bring an avalanche of others that beg to be answered, which I do too quickly, again and again. As a result I’ve said the same damn thing, or the same kinds of damn things, too many times.
  3. I’m not sure writing there does much good. But then, the world is now so thick with “content” that I’m not sure writing anywhere does as much good as it used to.
  4. It’s time now to look for effects. Except for up and down voting, which say almost nothing to me, I have little if any sense that anything I write on Quora means much, if anything, to other people.
  5. It’s not my space. It’s Quora’s

Also, in case you haven’t noticed, I’ve slacked off here, at doc.blog and other bloggy places of mine online, other than in Linux Journal. And even there a lot of what I do there is behind the scenes.

Even for people like me, whom marketers call “influencers” (and is nothing to brag about), writing to effect is getting harder and harder. Even if something gets a lot of notice, the news cycle is hardly longer than Now, and the sense of having done something quickly disappears.

So, while it’s a small thing, I’m moving on from Quora and focusing on stuff I know matters, whether I sense effects or not.

Life in the Fast & Vast Lane, I guess.

« Older entries