Russian agents pollute social media

A few weeks ago, I shared my long-held skepticism about the effectiveness of influenza vaccines and was pleased to see a friend chime in in agreement. My skepticism of flu shots is based on science – that the effectiveness of the mass-produced vaccine is abysmal and has been for years. My friend’s skepticism is based on something less reliable, it seems, because she shared a post from the dubious news site, YourNewsWire.com. It quotes an unnamed CDC doctor:

A CDC doctor has warned this year’s “disastrous” flu shot may be responsible for the deadly flu epidemic sweeping the country.

“Some of the patients I’ve administered the flu shot to this year have died,” the doctor said, adding “I don’t care who you are, this scares the crap out of me.”

“We have seen people dying across the country of the flu, and one thing nearly all of them have in common is they got the flu shot.”

Scientists were worried this year’s flu season was going to be rough and their fears have been proven well founded. The flu season is off to a record-breaking start, with the CDC reporting widespread flu activity from coast to coast. Many health officials believe that 2018 will ultimately be the worst flu outbreak that we have experienced since 1918.

The CDC doctor’s experience of patients dying of the flu after receiving the flu shot is sadly not uncommon. Eight Santa Barbara County residents have died from the flu in the last fortnight. Seven of them had the flu shot.

This seemed like a pretty radical claim, so I searched the Internet for it and … nothing. The unnamed doctor obviously does not exist. YourNewsWire is the place Russian trolls work to perfect their craft.
Continue reading

I feel the need … the need for speed

Optimizing MarkTurner.Net

A few days ago I was playing with Pingdom’s Website speed test and shocked to find how long it was taking MT.Net to load for my legions of website visitors. There were several things slowing it down, earning my site a grade of a gentleman’s “C.”

After digging through some of Pingdom’s suggestions and carefully pruning my WordPress plugins and settings, I’ve managed to whittle down the load time from an average of over 3 seconds to just a hair over one second.

While there’s probably a little bit more performance I could squeeze out this is far better than it was. Enjoy!

Amazon won’t say if it hands your Echo data to the government | ZDNet

Amazon has a transparency problem.Three years ago, the retail giant became the last major tech company to reveal how many subpoenas, search warrants, and court orders it received for customer data in a half-year period. While every other tech giant had regularly published its government request figures for years, spurred on by accusations of participation in government surveillance, Amazon had been largely forgotten.

Eventually, people noticed and Amazon acquiesced. Since then, Amazon’s business has expanded. By its quarterly revenue, it’s no longer a retail company — it’s a cloud giant and a device maker. The company’s flagship Echo, an “always listening” speaker, collects vast amounts of customer data that’s openly up for grabs by the government.

But Amazon’s bi-annual transparency figures don’t want you to know that.

Source: Amazon won’t say if it hands your Echo data to the government | ZDNet

Spoken stats from my weather station

Last Christmas (2016), I got an AcuRite weather station from Costco as a gift to replace my falling-apart Oregon Scientific station. It’s a decent little setup, with wireless transmission from a multi-sensor box outside to the panel inside. For the longest time my biggest complaint was its need to use Windows software to archive its data.

Acurite weather station

Then early last year I hooked up the open source weather software weewx to my station. Weewx creates a nice (if simple) graph of weather data (as seen at https://www.markturner.net/wx) and also kicks the data over to my MySQL database so I can save and query those stats. Last month I was able to create a fancy Grafana dashboard that dynamically displays that data in a beautiful format. Now I had taken a $75 weather station and made it much more useful!
Continue reading

The Space Review: A NEMESIS in the sky: PAN, MENTOR 4, and close encounters of the SIGINT kind

PAN/NEMESIS satellite

Here’s an interesting story from 2016 about spy satellites. Amateur satellite spotters determined that the “PAN” satellite of the U.S. Government were tiptoeing up next to geostationary commercial communications satellites so they could vacuum up the signals being relayed through them. Speculation is that PAN was able to triangulate the position of satellite phones used by terrorists, enabling drone strikes.

This would make a fun new hobby.

After launch, the enigma became even bigger. PAN was placed in a geostationary orbit and observations by amateur satellite trackers (including this author) from Europe and South Africa revealed very unusual behavior. Every few months—usually once every six months—PAN moved to a new position. In a mere four years time, it moved at least nine times to various longitudes scattering between 33 and 52.5 degrees east (see my blog post “Imaging Geostationary satellites, and PAN’s past relocations”). This costs fuel, and it is something you normally do not do with a geostationary satellite, as liberally spending fuel drastically shortens the satellite’s operational lifetime. In late 2013, the relocations suddenly stopped and PAN has remained at longitude 47.7 degrees east. This active stationkeeping at this longitude means it must still be operational, although the satellite obviously has ended its previous roving state. All very mysterious! What was this spacecraft doing?

Source: The Space Review: A NEMESIS in the sky: PAN, MENTOR 4, and close encounters of the SIGINT kind

‘Kernel memory leaking’ Intel processor design flaw forces Linux, Windows redesign • The Register

A massive security issue has been found in Intel’s processors that will very shortly have a huge performance impact on almost all computers. Details are sketchy at the moment but it’s not looking good.

Remember the Year 2000 (Y2K) bug? This is likely to eclipse Y2K. Why? Because patching broken software is trivial but patching broken hardware is all but impossible. We will feel the effects of this design flaw for years. Soon nearly all computers you interact with (including online services like Facebook, SalesForce, Netflix, etc) could be from five to thirty percent slower.

When I purchased a new Intel processor last year, I did so thinking it would give me a decade or more of service. Now it’s already obsolete. If any class-action lawsuits spring up over this I would be willing to join in. This is ridiculous.

A fundamental design flaw in Intel’s processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

Programmers are scrambling to overhaul the open-source Linux kernel’s virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we’re looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – specifically, PCID – to reduce the performance hit.

Similar operating systems, such as Apple’s 64-bit macOS, will also need to be updated – the flaw is in the Intel x86 hardware, and it appears a microcode update can’t address it. It has to be fixed in software at the OS level, or buy a new processor without the design blunder.

Source: ‘Kernel memory leaking’ Intel processor design flaw forces Linux, Windows redesign • The Register

Bonus link: Some technical speculation on the bug from “pythonsweetness.”

Cheap Thoughts: Microcell towers

A microcell site outside of the gas station at Raleigh’s Costco.

I’d been a bit puzzled by all of the microcell sites I’ve seen popping up around town. The first I found was the one behind Adventure Landing on Capital Boulevard a few years ago. Since then, more and more have appeared at locations like Hillsborough Street near N.C. State, Cameron Village Shopping Center, Red Hat Amphitheater, St. Augustine University, outside the Subway on Creekside Drive, and the one pictured above outside of Costco on Six Forks Road near Wake Forest Road.

Many of these new towers sit almost literally in the shadow of massive, existing towers. Why were all of these micro towers going up in places that already have clearly good coverage?

Then the Eureka moment hit me. These cheap, utility-pole cell sites are poaching cellphone users away from the massive towers and collecting the connection fees!
Continue reading

Broken DHCP on the Ubiquiti EdgeRouter Lite

The Ubiquiti EdgeRouter Lite (ERL), an amazing little networking box.

Back in October I finally squeezed gigabit speeds out of my AT&T Fiber connection by switching from my old OpenWRT-based TP-Link Archer C7 routers to an Ubiquiti EdgeRouter Lite (ERL). The Archer hardware could not keep up with gigabit speeds but the ERL can.

I love the ERL! It’s only about $100 but it’s a very powerful device! Previous versions of the firmware were a bit cryptic (at least in the UI area) but the latest one provides a lot of functionality (and wizards).

I had followed one such wizard to do my initial setup with the ERL back in October, after upgrading it from version 1.9.1 of EdgeOS to EdgeOSv1.9.7+hotfix.4. All seemed to work … except for it properly pulling a DHCP address from AT&T. See, I have bypassed AT&T’s PACE router in favor of my own and the ERL now does everything but the initial 802.1x authentication that opens the port on AT&T’s switch.

Why do you need to use DHCP on your AT&T link? You can put a static IP on your end of the link but AT&T offers DHCP leases of 14 days and expects you to use them. If your box (i.e., my ERL) doesn’t renew its IP near the end of those 14 days, AT&T considers the link to be dead and shuts down the connection. At this point, the only way you’ll get it going again is to reconnect the AT&T router and let it do its 802.1x authentication again. This is a pain, so avoiding it is very useful.
Continue reading

How this sign put Berkeley in the center of the cellphone safety debate

If you’re in the market for a cellphone or tablet in the City of Berkeley, you will probably notice a sign displayed near the register of a cellphone retailer, or on store shelves.It’s a flier alerting customers of possible radiation exposure from mobile devices.

“Berkeley is the first city in the country to get stores to post warnings. It’s a small step, but it’s an important step,” said Joel Moskowitz, PhD, director of UC Berkeley’s Center for Family and Community Health at the University’s School of Public Health.

In 2009, Moskowitz turned his focus from scientific research on the health effects of tobacco to cellphones after a visiting scholar from the National Cancer Center in South Korea exposed him to scientific literature looking at whether mobile phone use increased the risk of tumors.

“The cellphone manufacturers want you to keep a minimum distance away from your body and you should find out what that distance is,” Moskowitz said. “If you keep the device by your body you will exceed the safety limits provided by the FCC.”

Source: How this sign put Berkeley in the center of the cellphone safety debate

“Suspicious” event routes traffic for big-name sites through Russia | Ars Technica

Russia briefly hijacked key Internet sites Wednesday through manipulation of BGP, the Internet’s routing tables. In a war, you can bet that the Internet will be one of the first targets. Is Russia testing its plans?

Traffic sent to and from Google, Facebook, Apple, and Microsoft was briefly routed through a previously unknown Russian Internet provider Wednesday under circumstances researchers said was suspicious and intentional.

The unexplained incident involving the Internet’s Border Gateway Protocol is the latest to raise troubling questions about the trust and reliability of communications sent over the global network. BGP routes large-scale amounts of traffic among Internet backbones, ISPs, and other large networks. But despite the sensitivity and amount of data it controls, BGP’s security is often based on trust and word of mouth. Wednesday’s event comes eight months after large chunks of network traffic belonging to MasterCard, Visa, and more than two dozen other financial services were briefly routed through a Russian government-controlled telecom, also under suspicious circumstances.

Source: “Suspicious” event routes traffic for big-name sites through Russia | Ars Technica