Teen Vogue story on Facebook prompts sponsored content fears, vanishes – Business Insider

This is some sneaky shit on Facebook’s part.

After pondering it for a day, I think its audience wasn’t Teen Vogue but actually Congress. Not that anyone in Congress reads Teen Vogue, but Facebook COO Sheryl Sanberg was all too happy to crow about this puff piece. I think Facebook was trying desperately to show Congress its serious about policing itself when in actuality it only cares about money.

I feel bad for Teen Vogue as the teen magazine has been running really good stories explaining cybersecurity. Of course, they also run stories telling teens about the joys of anal sex, so it’s a wash I guess. At any rate,any credibility Teen Vogue may have had is gone now. Hope the money was worth it.

Here’s the original story, captured by The Internet Archive’s magnificent Wayback Machine.

(Also, that’s the least clickbait-y headline EVER. Obviously it wasn’t meant for teens.)

An uncritical story in Teen Vogue about Facebook’s efforts to secure its social network ahead of the 2020 election caused bewilderment over contradictory messages about whether it was paid for by Facebook — before it just disappeared completely.

On Wednesday, Teen Vogue published “How Facebook Is Helping Ensure the Integrity of the 2020 Election.” It’s a 2,000-plus-word story comprising a series of interviews with various senior Facebook employees about how the Silicon Valley tech giant is working to avoid nefarious political activity in the US’s coming presidential election.

The positive tone of the piece, and lack of byline indicating who wrote it, led some on Twitter to speculate that it was a piece of sponsored content — that is, an article paid for and overseen by Facebook to promote itself.

This suspicion was seemingly confirmed when, some time after publishing, Teen Vogue appended a note to the top of the story, reading: “Editor’s note: This is sponsored editorial content.”

The note raised questions about editorial ethics — why wasn’t this disclosed from the start? — but the saga didn’t end there. Facebook instead denied that it was sponsored content, saying it was just a regular article, and the note disappeared from the top of the story again.

Source: Teen Vogue story on Facebook prompts sponsored content fears, vanishes – Business Insider

bellingcat – Guide To Using Reverse Image Search For Investigations – bellingcat

Reverse image search is one of the most well-known and easiest digital investigative techniques, with two-click functionality of choosing “Search Google for image” in many web browsers. This method has also seen widespread use in popular culture, perhaps most notably in the MTV show Catfish, which exposes people in online relationships who use stolen photographs on their social media.

However, if you only use Google for reverse image searching, you will be disappointed more often than not. Limiting your search process to uploading a photograph in its original form to just images.google.com may give you useful results for the most obviously stolen or popular images, but for most any sophisticated research project, you need additional sites at your disposal — along with a lot of creativity.

This guide will walk through detailed strategies to use reverse image search in digital investigations, with an eye towards identifying people and locations, along with determining an image’s progeny. After detailing the core differences between the search engines, Yandex, Bing, and Google are tested on five test images showing different objects and from various regions of the world.

Source: bellingcat – Guide To Using Reverse Image Search For Investigations – bellingcat

How Lindsey Graham Lost His Way – Rolling Stone

Lindsey Graham and Donald Trump were born nine years and one month apart. Trump came first, but when they appear side by side, as they often do these days, the men look about the same age. On November 6th, in the East Room of the White House, the president held an event to mark the record number of federal judges his administration has appointed, and Graham was there, having played a critical role in the achievement as chairman of the Senate Judiciary Committee. Trump’s staff had scheduled the event in part to shift focus from the House impeachment investigation, to remind any wobbly Republicans of the reason they’d held their noses and voted for the guy in the first place.

Over the course of his three terms representing South Carolina in the Senate, Graham had become predominantly known for two things: extreme hawkishness on foreign policy, following the lead of his close friend and mentor, the late Arizona Sen. John McCain, and a bipartisan streak that resulted in high-profile attempts to cut big deals on issues like immigration reform and climate change. A former senior staffer for a Democratic senator who has worked alongside Graham on bipartisan legislation tells me, “Like John McCain, he was a conservative Republican, but it was always worth asking where he was going to be on a particular issue, because he wasn’t completely beholden to party orthodoxy. He’d often be way out ahead of his staff, negotiating on the Senate floor unbeknownst to them, and they would be playing catch-up.

Will Folks, a conservative political blogger in South Carolina, says, “The joke here is Graham has a ‘count to six’ approach to governing: He spends the first four years of his term doing whatever he wants, veering off toward the left, and then the last two years, when the electorate is paying more attention, he comes right.

”Graham is “never flustered, and just a natural at dealing with people who don’t like him,” says David Woodard, a political-science professor at Clemson University who ran Graham’s first two campaigns for the House of Representatives and recalls the first-term congressman as quickly becoming the unofficial social director for his freshman class, though he added, “You’re going to find Lindsey knows a lot of people, but he’s not close to anybody.”

Source: How Lindsey Graham Lost His Way – Rolling Stone

‘Shattered’: Inside the secret battle to save America’s undercover spies in the digital age

When hackers began slipping into computer systems at the Office of Personnel Management in the spring of 2014, no one inside that federal agency could have predicted the potential scale and magnitude of the damage. Over the next six months, those hackers — later identified as working for the Chinese government — stole data on nearly 22 million former and current American civil servants, including intelligence officials.

The data breach, which included fingerprints, personnel records and security clearance background information, shook the intelligence community to its core. Among the hacked information’s other uses, Beijing had acquired a potential way to identify large numbers of undercover spies working for the U.S. government. The fallout from the hack was intense, with the CIA reportedly pulling its officers out of China. (The director of national intelligence later denied this withdrawal.)Personal data was being weaponized like never before. In one previously unreported incident, around the time of the OPM hack, senior intelligence officials realized that the Kremlin was quickly able to identify new CIA officers in the U.S. Embassy in Moscow — likely based on the differences in pay between diplomats, details on past service in “hardship” posts, speedy promotions and other digital clues, say four former intelligence officials. Those clues, they surmised, could have come from access to the OPM data, possibly shared by the Chinese, or some other way, say former officials.

The OPM hack was a watershed moment, ushering in an era when big data and other digital tools may render methods of traditional human intelligence gathering extinct, say former officials. It is part of an evolution that poses one of the most significant challenges to undercover intelligence work in at least a half century — and probably much longer.The familiar trope of Jason Bourne movies and John le Carré novels where spies open secret safes filled with false passports and interchangeable identities is already a relic, say former officials — swept away by technological changes so profound that they’re forcing the CIA to reconsider everything from how and where it recruits officers to where it trains potential agency personnel. Instead, the spread of new tools like facial recognition at border crossings and airports and widespread internet-connected surveillance cameras in major cities is wiping away in a matter of years carefully honed tradecraft that took intelligence experts decades to perfect.

Source: ‘Shattered’: Inside the secret battle to save America’s undercover spies in the digital age

A Letter From Gary Larson | TheFarSide.com | TheFarSide.com

Gary Larson has finally arrived online and the promise of new The Far Side cartoons is in the air, yet I don’t know how I feel about this. I will always love The Far Side but I cringe at the thought of the new stuff not measuring up to old stuff. I also miss seeing the cartoon nestled in the comics pages of an actual newspaper. And, truth be told, Larson’s hero status fell in my eyes when he aggressively chased his cartoons off the Internet.

Twelve years after I wrote that I still feel the same way. Now that Larson wants to join the party is he still welcome? Does The Far Side belong on the Internet at all, even if it’s Larson’s own doing? Or should it ride off into the sunset along with the newspaper industry?

I kinda wish I hadn’t had to ponder this question.

Truthfully, I still have some ambivalence about officially entering the online world — I previously equated it to a rabbit hole, although “black hole” sometimes seems more apropos — but my change of heart on this has been due not only to some evolution in my own thinking, but also in two areas I’ve always cared about when it comes to this computer/Internet “stuff”: security and graphics.

Source: A Letter From Gary Larson | TheFarSide.com | TheFarSide.com

Families Don’t Use Landlines Anymore – The Atlantic

The early telephone’s bulky size and fixed location in the home made a phone call an occasion—often referred to in early advertisements as a “visit” by the person initiating the call. (One woman quoted in Once Upon a Telephone recalls the phone as having the “stature of a Shinto shrine” in her childhood home.) There was phone furniture—wooden vanities that housed phones in hallways of homes, and benches built for the speaker to sit on so they could give their full attention to the call. Even as people were defying time and space by speaking with someone miles away, they were firmly grounded in the space of the home, where the phone was attached to the wall.

Over the course of the 20th century, phones grew smaller, easier to use, and therefore less mystical and remarkable in their household presence. And with the spread of cordless phones in the 1980s, calls became more private. But even then, when making a call to another household’s landline, you never knew who would pick up. For those of us who grew up with a shared family phone, calling friends usually meant first speaking with their parents, and answering calls meant speaking with any number of our parents’ acquaintances on a regular basis. With practice, I was capable of addressing everyone from a telemarketer to my mother’s boss to my older brother’s friend—not to mention any relative who happened to call. Beyond developing conversational skills, the family phone asked its users to be patient and participate in one another’s lives.

Source: Families Don’t Use Landlines Anymore – The Atlantic

Electronics testing at the airport

I haven’t posted a TSA story in a while because I’m lucky enough not to travel as often as I did. When I have traveled, I have come to appreciate how professional the team at my home airport, Raleigh-Durham, is. I’ve never had a bad experience with them and this – I want to stress – is not a bad one, either. Just unusual.

For years I have enjoyed the benefit of TSA-Pre, allowing me to speed through security lines. Naturally, I headed into the TSA-Pre line when I flew out of Raleigh on Wednesday morning. Expecting all to be well, I was intrigued when I apparently set off the metal detector.

“Wait right here, sir,” the screener said, calmly. “We’re going to screen your electronics.”

I waited on the mat next to the metal detector while another agent got through checking another traveler’s electronics. He invited me over and I carried my bags to the testing station.

“Got any thing that is sharp, going to stick me, contraband, etc?” he asked. When I answered no, he politely asked if I had a laptop in the bag. I showed him the pocket it was in and he laid it out on the counter.

He then swabbed my laptop with a chemical pad, popped the swab into the sensor for analysis, and stepped away. To my surprise, the sensor began beeping. My newish work laptop had only been on my office desk and my home desk – not to the coca fields of South America or anything. I began to think over kind of substance could have possibly set off this false alarm.
Continue reading →

A Destroyer – By John Steinbeck

USS Elliot (DD-967) in North Arabian Gulf, circa 1998

John Steinbeck spent a few weeks aboard a destroyer in World War II, the USS Knight (DD-663), and wrote this ode to destroyers called “A Destroyer” in 1943. It appeared in a collection of his dispatches published in 1958 in a book called Once There Was a War.

I think it sums up life on a destroyer quite well.

A destroyer is a lovely ship, probably the nicest fighting ship of all. Battleships are a little like steel cities or great factories of destruction. Aircraft carriers are floating flying fields. Even cruisers are big pieces of machinery, but a destroyer is all boat. In the beautiful clean lines of her, in her speed and roughness, in her curious gallantry, she is completely a ship, in the old sense.

For one thing, a destroyer is small enough so that her captain knows his whole crew personally, knows all about each one as a person, his first name and his children and the trouble he has been in and is capable of getting into. There is an ease on a destroyer that is good and a good relationship among the men. Then if she has a good captain you have something really worth serving on.

The battleships are held back for a killing blow, and such a blow sometimes happens only once in a war. The cruisers go in second, but the destroyers work all the time. They are probably the busiest ships of a fleet. In a major engagement, they do the scouting and make the first contact. They convoy, they run to every fight. Wherever there is a mess, the destroyers run first. They are not lordly like the battleships and the men who work them are seamen. In rough weather they are rough, honestly and violently rough.
Continue reading →

AD/LDAP authentication on Linux hosts

I’ve been working with the Lightweight Directory Access Protocol (LDAP) for 18 years now. Then Microsoft embraced and extended LDAP with Active Directory. Nowadays most companies base all of their authentication and authorization on Active Directory and for good reason. In a Windows-only world it works great. For a mixed-platform environment, it’s a bit more difficult to make work.

I recently worked out how to make Linux systems authenticate against Active Directory using only the LDAP protocol and wanted to share it here for any fellow DevOps/sysaedmins who might want to try it themselves. The goals were to do it with minimum fuss and using the native tools – no third-party apps. I also want to do it solely with LDAP and not have to worry about pointlessly “joining” a Linux host to a domain.

The modern way that Red Hat likes to connect Linux hosts to AD like to do this is to use the SSSD suite of packages, join the host to the Active Directory tree, and talk to AD directly. This seems like a lot of bloat to me when all you need is authentication. Fortunately, you can use the “legacy” means and do it all with LDAP libraries.

Bridging Active Directory and Linux hosts

One way to integrate Linux/UNIX hosts into AD is to add Microsoft Windows Services for UNIX (SFU) schema extensions. This means every AD entry would be defined with common Unix attributes like uid (user id) and gid (group id). These could sometimes get out of sync with the AD attributes and at any rate would require constant updating of the AD records.

Ideally, we won’t depend on Services for UNIX additions in AD and the complexity it brings. Instead, we’ll identify standard AD attributes and map them to Linux/UNIX equivalents. The nss-pam-ldapd package allows us to do this in the /etc/nslcd.conf file, which we’ll see in a minute.

Differences between CentOS 6/AWS and CentOS 7 hosts

One stumbling block has been that Amazon Linux (amzn) uses old, old libraries, based on CentOS 6 packages. The nss-pam-ldapd package which ships with this version of Amazon Linux is version 0.7.5; a version too old to include the mapping functionality we need to avoid using Services for UNIX.

Fortunately, we can remove the amzn version and add an updated one. I have tested one I have found at this link which updates any amzn hosts to the 0.9.8 version of nss-pam-ldapd.

The version of nss-pam-ldapd that ships with CentOS 7 is 0.8.3 and works fine with attribute mapping.

Obtaining the domain’s ObjectSID

The goal of using a directory is consistency. If a user appears in AD, that user will be available to Linux hosts. Also, that user will be treated the same on every directory-equipped server as that user will ideally have the same uid/gid. Without adding Services for UNIX, we need some way to ensure a uid on one host is consistent with the uid on another host. This is done by nss-pam-ldapd by mapping Linux uid/gids to their equivalents in AD, called ObjectSIDs. You need to obtain your AD server’s domain ObjectSID.
Continue reading →

S	M	T	W	T	F	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31