That inflammatory news blurb in your Facebook feed that’s got your dander up? Or the one some acquaintances are circulating that’s got you thinking they’ve lost their minds? Hold up a bit. There’s this recent column in The Atlantic:
“We’ve since learned that Russian trolls organized anti-immigrant rallies in two states, and posed online as Black Lives Matter supporters in one instance and as members of a Muslim American organization in another. They hoped to spark discord among factions of our fellow citizens. So if you’ve ever felt at a loss to understand how some of your neighbors could possibly reach certain conclusions, consider that they could have been targeted by teens in a Macedonian village bent on duping them.” Source: Don’t Forget to Adjust for Russian Trolls
What is going on here is a good deal more sophisticated most of what is commonly thought of as activity by trolls. These are full-on disinformation campaigns by a hostile foreign power. The objective is destabilization, and as such, they don’t appear to be all that picky about the side of the dispute they happen to be stoking.[*] The content being disseminated is divisive propaganda intended to set Western Europe and the US on fire.
Garden-variety trolls, in contrast, are merely sadistic anti-social misfits who are still single (or ought to be), probably addicted to porn, and are 30+ and have been living with a parent since birth. They are like that tomato that’s been left on the vine in the greenhouse a bit too long. A bit squishy to the actual touch. In another context they might be tormenting a neighbor’s cat. Or shooting out streetlights. Or using a drone to peep in your bedroom window. There is not much difference between the online behavior of this type of troll and some idiot keying cars in a parking lot.
But the effect both types are rather similar. Fires are being set. Some with a malevolent, well-considered purpose. Others because the arsonists are addicted to the chaos they create. And we react rather to readily to the rumor and hoaxes being served up by both. And find ourselves at war with each other.
So step back from that incendiary comment thread and take a breath, particularly if you can’t independently verify what is being asserted.
It is best to just move along. Or better yet, just get off Facebook and go get coffee.
The US Food and Drug Administration is allowing a dog breeder to use CRISPR to fix a harmful mutation. We are told that the FDA is trying not to stifle innovation.
By a dog breeder.
Why aren’t we reacting to this? An article in the Atlantic suggests it might have something to do with the innocuous acronym for the tool used to fiddle with genetics.
Why does a revolutionary gene-editing technology sound like a candy bar?
Close your eyes and imagine it is 1938. The German chemists Otto Hahn and Fritz Strassmann have just discovered nuclear fission.
Now give the process of Uncontrolled Nuclear Fission an innocuous acronym like UNUFI, something that sounds a bit like a stuffed animal. And imagine those chemists also discover ways to make it happen within reasonable reach of private parties at manageable costs. Who can then use the process in a barn somewhere out in the woods.
On the one hand, employees have a responsibility to exercise some sort of reasonable care and compartmentalize political activities from an employer’s business activity. But once reasonable care has been exercised regarding that boundary we should be free to speak our minds. And not be abused by other Christians.
If we are trolling fellow believers because of their political opinions our allegiance is no longer to the risen Christ.
Here’s an eye-opening article from The Atlantic on the weaponization of social media:
Most of us did not associate Twitter with terrorism until the Islamic State stormed into Mosul. We have given similarly scant thought to what might happen if the wondrous tools of the 21st century are ever paired with the scale and intensity of the conflicts that defined the 20th. Source: How Twitter Is Changing Modern Warfare – The Atlantic
The article lays out how bad actors exploit social media for propaganda purposes at large scales, serving up deliberate falsehoods to manipulate divisive national conflicts.
At least some of the trolls we encounter may not all be maladjusted losers living in their parents’ basements.
I recently added this site to my list after seeing the video of the construction process. Do go there and have a look.
The author’s use of fired clay is impressive enough but the heated floor is what really caught my attention. It works the same way as the Roman hypocaust and Korean ondol. I was some way though viewing that portion of the build before it dawned on me what I was looking at.
The Roman designs heated large surface areas and large masses of masonry, leading to the need for a lot of labor to feed the furnace. Although this was probably not a big deal from the Roman point of view because of the prodigious use of slaves. But the author’s use of large stones in the floor covering a heating channel should provide a source of radiant warmth for the entire living space long after the fire went out. And would require less labor for the resultant heat.
“Dadada.” According to the article below this was the password for Mark Zuckerberg’s hacked LinkedIn account. I found this astounding. And I am just a regular guy who works in an office full-time, not some super-geek.
But Zuckerberg is ridiculously wealthy. He can afford to pay people to clean up the mess.
For the rest of us poor schmucks the article has some suggestions which are worth perusing. I got my AOL account in the late 80s and have used hundreds of various online accounts since then.. I probably have at least 50 active user passwords. It would be nice to have a reasonable way to manage that. Unfortunately the suggestions are not packaged for users in the real world. And the article fails to engage real-world questions that need to be asked about any website you use before deciding which to use:
Are you famous or do you otherwise have some sort of highly visible public profile?
Is the information you need to protect important?
Would theft of the information affect anyone besides you?
Is the data valuable?
If the answer to all these questions is “no” then pick any junk password you like. If you answered with a strong “yes” to any, then find someone with actual expertise and don’t fool around with trying to do this on your own, particularly if you need super-secure options like hardware tokens. But most people will likely answer “no” to the first and a mild “yes” to one or more of the rest. So here is my stab at a rework of the suggestions, in order of priority:
Turn on basic two-factor authentication (2FA) for every site that provides it. Two-factor (or multi-factor) means something besides your user name and password is required to sign in. The easiest version to use sends a text to your mobile phone with an access code when the site fails to recognize you. A slightly more complicated but more reliable variant installs an app on a smart phone (which most people have these days). Basic 2FA means most thieves will need your crappy password and physical possession of your phone.
Lock all your computers, tablets, and smartphones. A basic four-digit pin or pass-code is probably fine, provided that the device does not connect to a corporate network, and has no remote access capability (or remote access is turned off). This is basic stuff. You lock your residence and car, don’t you?
This should keep out casual thieves and provides reasonable security for most of us. But if a thief gets both your passwords and access to your computer and mobile phone you have bigger problems. You might now be some hacker’s personal project. Or you might be bound, gagged, and in the trunk of a car bouncing along a dirt road. As one writer has pointed out, your potential threats boil down to “Mossad or not-Mossad[1].” If it’s the first one you are pretty much screwed.
For sites that don’t provide two-factor authentication, do the following:
Create unique and reasonably complex passwords. Passwords should contain at minimum mixes of upper case letters, lower case letters, and numbers. Special characters should be added if the site allows. But as long as you do not spell out actual dictionary words, your passwords need NOT be super long or super complex. Eight characters is good enough for most purposes. Whether to use more depends on how much damage unauthorized access will do. Passwords for your bank need to be longer than passwords for your streaming media.
Long passphrases can be easier for most people to remember than completely random sequences. Just don’t use components that you have posted on social media. Use something obscure, like the combination of a partial childhood address and the name of a childhood pet. Or the long name of a band you would never admit listening to. Then mangle it with numbers and mix the upper and lower cases.
If you have too many passwords to remember, then create a secured list to build a barrier between where you record them and where you use them. A plain, old paper notebook is just fine, provided you keep it somewhere reasonably safe. An encrypted Microsoft Office or Evernote document, or something equivalent will also work. Or if you are at least slightly geeky you can use a password manager app[2]. The point is to find something that works for you and create the barrier. So when your device gets stolen and/or hacked the thief doesn’t get your passwords.
The article had some additional suggestions, which are distilled below to something normal people might actually use:
Don’t let websites retain information that connects to your financial accounts. This means debit cards, account numbers, or anything else that points directly to your bank. The only exception I can see to this is the website of another bank. Charges on a stolen credit card can be high-order nuisances. But stolen bank balances are something else entirely.
If you let your web browser store your login information, then use a browser that encrypts the data and requires a password to access it. And never allow storage on a computer you don’t own and completely control.
Oh, and if your passwords are stored on your computer or smart phone please remember these gadgets are not immortal. Back up the list to a flash drive or printout and hide that somewhere you can find it. And be sure to include those stupid security questions and answers. You might need them a year from now.
[2] If you want to really lock your stuff up and need a suggestion for a password app I use KeePass. It’s highly configurable and open-source (and free). I’ve also heard good things about LastPass but I’ve never used it.
December 4, 2017 update: Thank you to a reader who pointed me to a secure password generator at this site: https://www.vpnmentor.com/tools/secure-password-generator/. She rightly pointed out how easy it is to slip into making weak ones.
Harvard historian Karen L. King ignited a controversy at a 2012 conference in Rome when she presented a papyrus fragment which appeared to refer to Jesus’ wife. An article in the July/August 2016 Atlantic details a subsequent investigation into the fragment’s provenance:
“A hotly contested, supposedly ancient manuscript suggests Christ was married. But believing its origin story—a real-life Da Vinci Code, involving a Harvard professor, a onetime Florida pornographer, and an escape from East Germany—requires a big leap of faith.” Source: Did Jesus Have a Wife? – The Atlantic
An interview with the Boston Globe echoed the Atlantic article. King has acknowledged that material given to her in support of the fragment’s provenance appears to have been fabricated. And King’s source has denied forging the papyrus or any knowledge regarding its authenticity.
It is possible that the fragment might be an old fraud. But King clearly believes she has been lied to (see follow up Atlantic column), so this seems unlikely.
The article is quite long but well worth reading. It lays out the anatomy of what increasingly appears to be an elaborate deception. In fairness King never ruled out the possibility of fabrication. But I am not an academic so I really don’t understand why the document was presented publicly in the first place, given the very large blank space where the provenance ought to have been. The scholarship is summarized by the Harvard Divinity School here.
The most effective deceptions are indirect. The perpetrator presents a fragmentary context buttressed primarily by misdirection and a few strategic lies. The core falsehood is misstated, as if the con artist doesn’t actually believe it, and is trusting the mark to help sort the matter out. It helps if the deception fits into something the mark really wants to believe. Then the mark is allowed to fill the very substantial blanks with whatever facts and opinions may happen to fit.
And even otherwise knowledgeable people get sucked in.
It appears that a hacker with no more access than your cellular number can exploit a hole in network security to turn on your camera, read your email and texts, and listen in on your calls. And who knows what else?
Makes me want to run right out and do my banking on a mobile phone.
The video is behind a paywall but it is definitely worth watching.
Researchers from the University of Tel Aviv have found the following:
An analysis of handwriting on ancient pottery suggests that literacy may have been more widespread than previously known in the Holy Land around 600 B.C.
Analysis of writing on pottery shards at the site of a small fort (at at the time remote) showed at least six different hands in the lettering.
The does appear to show that a basic level of literacy was available in the culture to support the composition of Biblical texts before the deportation to Babylon.
According to researchers this kitchen gadget “…solves one problem (physically having to get up and switch your kettle on!) and creates a whole bunch more.”
This is an example of a completely stupid idea birthed in the rush to the “Internet of Things.” Apparently the security flaw in the appliance can allow a hacker to gain access to your wifi network.
Perhaps it is time to step back and ask a broader question. Why does anyone actually need network-connected kitchen appliances? Is this gizmo going to root around in the pantry and find the coffee beans for me?
I’m thinking I should just get my sorry butt out of bed and go make coffee.
“We’ve since learned that Russian trolls organized anti-immigrant rallies in two states, and posed online as Black Lives Matter supporters in one instance and as members of a Muslim American organization in another. They hoped to spark discord among factions of our fellow citizens. So if you’ve ever felt at a loss to understand how some of your neighbors could possibly reach certain conclusions, consider that they could have been targeted by teens in a Macedonian village bent on duping them.” Source: Don’t Forget to Adjust for Russian Trolls
