Sips from the Firehose
A blog that seeks to filter the internet into a refreshing, easily-gulped beverage


Aug 04

Shwedagon Pagoda and Dave by Night

Posted: under Design.
Tags: , , , , , , , , , , , ,

As with so many major cities in Asia, the ancient and the modern exist side-by-side.

The guy on the right is dancing a jig, I think. They are hidden under the eaves, and I only spotted this group because I was looking up in awe as the heavens opened and the rain poured down.

Read More

Comments (0)



Jul 18

Quirks of the Internet in Myanmar

Posted: under Blogging, Blogs, Conspiracy Theories, Politics & New Media.
Tags: , , , ,

No TOR, but Rule 66 instead

I’ve been in Yangon for more than two weeks now, and I’m starting to run into the outer edges of what is allowed here on the internet.

First, Netflix and Apple Music work here. So I’m able to (pretty much) update the apps on my iPhone and download & watch movies. Which is nothing short of amazing, really.

However, connecting to the TOR network seems to be blocked; the login process looks a lot like this:

TOR network connections in Myanmar

It gets about 1/3 of the way to connected, and then it just … stops.

I don’t know if this is a temporary of a permanent condition. However, in talking to the locals, there is a lot of controversy over a Telecommunications Law, that is known as Rule 66. This basically holds that if you “defame” someone on the internet, that is a crime and you go to jail.

The nefarious thing is that not only can the person claiming they were defamed go running and get someone peremptorily locked up…

… but any third party can denounce someone else. So basically, if I see that you’ve said something – anything – online that might be construed as negative, EVEN IF IT’S NOT ABOUT ME, I can go running to the authorities and have you locked up.

From FrontierMyanmar.net:

The previous parliament approved the Telecommunications Law in October 2013 to liberalise the sector and encourage private investment. While the law has certainly achieved that aim – billions of dollars of investment have been pumped into telecoms since licences were awarded to the country’s first two foreign mobile operators in 2014 – its provision on defamation has also been used to stifle comment online, particularly on Facebook.

Section 66(d) of the law forbids anyone from “extorting, coercing, restraining wrongfully, defaming, disturbing, causing undue influence or threatening any person by using any telecommunications network”, and carries a possible prison term of three years.

The section is a stark reminder that the Telecommunications Law is as much a product of the military regime as the Thein Sein era. Reports from as far back as 2008 indicate that the junta wrote the initial draft.

Find the flaw in THAT law. Sheesh.

The good news is that there are a lot of people here that are realizing that the current law, as written, is unwieldy and wide-open to abuse.

The bad news is that rather than junking it, the effort underway seems to be to instead replace it with something that is more narrowly construed to target the press.

Oy.

Comments (0)



Jul 06

Mobile Phone Wizards

Posted: under Digital Migration.


I bought a new Sim card from one of the hundreds of tiny shops that line Insein Road here in Rangoon. The guy on the right here wasn’t absolute magician with my phone. His fingers move so fast I could barely see them as he was setting up my phone to work on the Telenor network. 

Comments (0)



Jun 28

Just What Is a Digital Native Anyway?

Posted: under advertising, Digital Migration.
Tags: , , , , , ,

Not to get all existential on your or anything, but it’s the difference between “Being” and “Doing”

Digital natives are not like other media - cat hiding among meerkats

It’s the difference between a cat … and a meerkat. Between an organization that pays lip service to the idea of engaging with an audience on digital platforms (while secretly wishing everything would go back to The Way Things Were) … and one that lives and breathes comfortably on a variety of platforms, while still maintaining its core ethos.

Recently, while putting the finishing touches on a Great Big Important Research Project For A Huge Client, I got into a discussion with Janine Warner, my partner in all things analog and digital, over nomenclature. What do we call these guys? Are they all digital entrepreneurs? News startups? New media players? Journalists-turned-geeks? Fact-based info-ventures? Digital natives?

It’s not exactly an earth-shattering insight, but what we call things deeply influences how we think about them. “Death tax” instead of “inheritance tax.” “Right-sizing employee headcount” instead of “firing workers to boost profits.” “Undocumented feature” instead of “bug.”  Read More

Comments (0)



Jun 21

Whither Digital Advertising, Mid-2017 Edition: NYTimes Take; Analytics to the Rescue!

Posted: under adsense clickfraud, advertising, newspaper crisis, Newspaper Deathwatch, Newspapers.
Tags: , , , , , , ,

Are we about to see advertisers “flee to quality”?

And would a complete overhaul of digital advertising be good for journalists and netizens who produce honest, high-quality content (and more importantly, bad for Fake News)? Mark Thompson, the CEO of the New York Times (a publication that now is the poster child for abandoning advertising in favor of subscription revenue), unloaded on the complex ad-delivery technology that’s arisen in the past 10 years, pointing out all the flaws that have been glaringly evident to anyone who has paid attention to the space. Do a quick search for “clickfraud” and count backwards to when the articles started appearing – hell, I’ve been yammering about it on this blog for at least 5 years myself.

ad clickfraud search results june 2017 digital advertising

Not just the sheer number of results – check out the related searches as well. Right out there in the open: tools for you to launch your very own online fraud business.

Read More

Comments (0)



Jun 18

DDoS Attacks for $2/day: Researching the DarkNet

Posted: under Blogging, Sip With Caution.
Tags: , , , , , ,

Hackers hire out their botnets for DDoS attacks for as little as $2/day

I’ve been working on a series of articles on the threats to activists, independent journalists and innocent bystanders targeted by trolls that lurk on the web. This has led me to some of the shadier corners of the internet: the fabled DarkNet. The research phase of looking into DDoS attacks has already made me tape over the camera on my laptop and run repeated anti-virus scans on my computer, every damn device attached to my home network, and my external hard drives.

Paranoia is just the entry fee for this fun game. Read More

Comments (0)



May 01

Internet Security for Creative Professionals – The Basics

Posted: under Conspiracy Theories, Digital Migration, Sip With Caution.
Tags: , , , , , , , ,

Hackers want in. Don’t make it easy for them.

With all the controversies swirling around hacked emails and cyber-threats, I was asked to come in to USC-Annenberg, and speak to the students about what they need to know about security. Basically, I had to come in do a digital “Scared Straight” to try to get them to recognize how they will be targeted, and the steps they need to take to avoid having their emails, texts, private photos and snarky internal comments leaked out for maximum damage.

norse attack map shows cyber attacks in real time

I start out with the “attack map” from Norsecorp. And if you’ve never seen it, it’s a real show-stopper. It looks like the climactic scenes from Wargames – only it’s taking place right now. Every second of every day, cyber-attacks zoom back and forth, testing the intrusion counter-measures on Google, Facebook, Microsoft, the US government, NORAD, the international banking infrastructure, etc. etc. Check it out – it’s hypnotic. And then very chilling.

Particularly when you realize that a lot of the attacks are aimed at getting into America’s command-and-control infrastructure, to either lock us out from controlling our nuclear arsenal … or maybe to launch the damn things. Who knows the motives of a bunch of nihilistic haxx0rz?

Read More

Comments (0)



Mar 03

Experimental VR Art Project at Google’s Venice HQ

Posted: under Design, Friday Noon Videos, UX/UI, Video.
Tags: , , ,

Depending upon your tolerance for the sight of people wearing virtual reality helmets all craning their necks and looking about themselves, this video is either really charming or really alarming.

Thanks to Kluge interactive for the invite to this special event.

UPDATE: I had to upload this video to YouTube to get it to embed correctly. 

​​

Comments (0)



Feb 20

The UX of Decent Online Discussions: Twitter’s New Troll-Killing Algo

Posted: under Blogging, Sip With Caution.
Tags: , , , , ,

Twitter declares open season on trolls

“I think the new moderators are striking *just* the right tone for dealing with the 4chan infestations…” (/lame attempt at New Yorker-style caption)

Twitter is rolling out three new tools to crack down on trolls, spam & abuse

Meanwhile, there’s also “Project Coral” – backed by NY Times, Washington Post and Mozilla – rolling out Talk and Ask, aimed at making comment threads a way to connect with an audience – rather than to alienate & depress them. Read More

Comments (0)



Jan 16

Guccifer hacker is back; claims not to be Russian

Posted: under Conspiracy Theories, Politics & New Media, Ukraine.
Tags: , , , , , ,

Guccifer hacker – the one who leaked DNC emails – taunts US government

I guess this is the world we live in now.

With increasing attention being paid to the way that hacks of formerly secure and private information is destablilizing governments around the world, the hacker known as “Guccifer” has emerged from hiding (?) and posted a sarcastic message on his/her/their blog:

I really hope you’ve missed me a lot. Though I see they didn’t let you forget my name. The U.S. intelligence agencies have published several reports of late claiming I have ties with Russia.

I’d like to make it clear enough that these accusations are unfounded. I have totally no relation to the Russian government. I’d like to tell you once again I was acting in accordance with my personal political views and beliefs.

Sure you were. Sure you were.

It must be noted that the original “Guccifer” is in jail , and this “nym” only came up after the hacking operation against the Democratic National Committee was exposed, and people started pointing fingers at the Kremlin. More on that in a bit.

Guccifer hacker operating out of Kremlin

Fireworks over the Kremlin

Guccifer had previously claimed to be Romanian. However, according to IT News, this claim proved to be false:

There’s good reason to doubt Guccifer’s claims. He or she — or they — previously claimed to be Romanian, but a journalist previously reported testing out Guccifer’s Romanian skills and found them lacking.

Guccifer 2.0’s re-emergence after a two-month hiatus from Twitter and his blog is certainly designed to stir the pot. Especially after Donald Trump spent weeks doubting Russian involvement in the hack and only this week changed his tune to match that of U.S. intelligence agencies.

It was based on that intelligence assessment that President Obama ordered sanctions against Russia and also vowed covert action.

Digging deeper into the provenance of the Guccifer hacker, we find that it’s not really the intelligence agencies and the Obama administration that’s pointing the finger at the Russians – it’s pretty much every reputable internet security outfit as well.

considering a long trail of breadcrumbs pointing back to Russia left by the Guccifer hacker, as well as other circumstantial evidence, it appears more likely that Guccifer 2.0 is nothing but a disinformation or deception campaign by Russian state-sponsored hackers to cover up their own hack—and a hasty and sloppy one at that.

The main element pointing to Russia is the timeline of the events. For a year, hackers with ties to the Russian government—likely the FSB and the military GRU—were inside the servers of the DNC, stealing documents and even reading chats and emails, according to CrowdStrike and The Washington Post. Then, after the IT people at the DNC noticed weird network activities and called in CrowdStrike, the hackers got kicked out. This led to the operation being exposed in the media.

So when you start looking closer, some things leap out at you: The leaked documents contain metadata indicating they’ve been opened and processes on multiple virtual machines, as the independent cybersecurity researcher known as Pwn All The Things pointed out on Twitter on Wednesday. Some of these machines had different configurations, including one with the Cyrillic language setting and the username of “Iron Felix,” referencing Felix Dzerzhinsky, the first head of the Soviet intelligence services.

Again: this “lone hacker” uses many VMs, speaks Russian; username is founder of USSR secret police & likes laundering docs via Wikileaks.

Not exactly hard to connect the dots there.

Comments (0)