Later On

A blog written for those whose interests more or less match mine.

Archive for July 18th, 2019

Interesting sugar comparison

with 4 comments

This is a screengrab from this video. I thought it was interesting enough to pull out. Fill disclosure: I avoid sugar, but after watching the video, I think I’m open to using date sugar.


Written by LeisureGuy

18 July 2019 at 8:29 pm

This is terrifying: “I found your data. It’s for sale.”

leave a comment »

I have disabled (and removed) several extensions after reading in more detail what they can access. Geoffrey Fowler reports in the Washington Post:

I’ve watched you check in for a flight and seen your doctor refilling a prescription.

I’ve peeked inside corporate networks at reports on faulty rockets. If I wanted, I could’ve even opened a tax return you only shared with your accountant.

I found your data because it’s for sale online. Even more terrifying: It’s happening because of software you probably installed yourself.

My latest investigation into the secret life of our data is not a fire drill. Working with an independent security researcher, I found as many as 4 million people have been leaking personal and corporate secrets through Chrome and Firefox. Even a colleague in The Washington Post’s newsroom got caught up. When we told browser makers Google and Mozilla, they shut these leaks immediately — but we probably identified only a fraction of the problem.

The root of this privacy train wreck is browser extensions. Also known as add-ons and plug-ins, they’re little programs used by nearly half of all desktop Web surfers to make browsing better, such as finding coupons or remembering passwords. People install them assuming that any software offered in a store run by Chrome or Firefoxhas got to be legit.

Not. At. All. Some extensions have a side hustle in spying. From a privileged perch in your browser, they pass information about where you surf and what you view into a murky data economy. Think about everything you do in your browser at work and home — it’s a digital proxy for your brain. Now imagine those clicks beaming out of your computer to be harvested for marketers, data brokers or hackers.

Some extensions make surveillance sound like a sweet deal: This week, Amazon was offering people $10 to install its Assistant extension. In the fine print, Amazon said the extension collects your browsing history and what’s on the pages you view, though all that data stays inside the giant company. (Amazon CEO Jeff Bezos owns The Washington Post.) Academic researchers say there are thousands of extensions that gather browsing data — many with loose or downright deceptive data practices — lurking in the online stores of Google and even the more privacy-friendly Mozilla.

The extensions we found selling your data show just how dangerous browser surveillance can be. What’s unusual about this leak is that we got to watch it taking place. This isn’t a theoretical privacy problem: Here’s exactly how millions of people’s data got grabbed and sold — and the failed safeguards from browser makers that let it happen.

I didn’t realize the scale of the extension problem until I heard from Sam Jadali. He runs a website hosting business, and earlier this year found some of his clients’ data for sale online. Figuring out how that happened became a six-month obsession.

Jadali found the data on a website called Nacho Analytics. Just one small player in the data economy, Nacho bills itself on its website as a marketing intelligence service. It offers data about what’s being clicked on at almost any website — including actual Web addresses — for as little as $49 per month.

That data, Nacho claims, comes from people who opt in to being tracked, and it redacts personally identifiable information.

The deeper Jadali looked on Nacho, the more he found that went way beyond marketing data. Web addresses — everything you see after the letters “http” — page titles and other browsing records might not seem like they’d expose much. But sometimes they contain secrets sites forget to hide away.

Jadali found usernames, passwords and GPS coordinates, even though Nacho said it scrubs personal information from its data. “I started realizing this was a leak on a catastrophic scale,” Jadali told me.

What he showed me made my jaw drop. Three examples:

  • From DrChrono, a medical records service, we saw the names of patients, doctors, and even medications. From another service, called Kareo, we saw patient names.
  • From Southwest, we saw the first and last names, as well as confirmation numbers, of people checking into flights. From United, we saw last names and passenger record numbers.
  • From OneDrive, Microsoft’s cloud storage service, we saw a hundred documents named “tax.” We didn’t click on any of these links to avoid further exposing sensitive data.

It wasn’t just personal secrets. Employees from more than 50 major corporations were exposing what they were working on (including top-secret stuff) in the titles of memos and project reports. There was even information about internal corporate networks and firewall codes. This should make IT security departments very nervous.

Jadali documented his findings in a report titled “DataSpii,”and has spent the last two weeks disclosing the leaks to the companies he identified — many of which he thinks could do a better job keeping secrets out of at-risk browser data. I also contacted all the companies I name in this column. Kareo and Southwest told me they’re removing names from page data.

I wondered if Jadali could find any data from inside The Washington Post. Shortly after I asked, Jadali asked me if I had a colleague named Nick Mourtoupalas. . .

Continue reading.

Written by LeisureGuy

18 July 2019 at 7:45 pm

How America Got to ‘Zero Tolerance’ on Immigration: The Inside Story

leave a comment »

Jason Zengerie reports in the NY Times:

On the last day of March, Kirstjen Nielsen set off for what was supposed to be a weeklong trip to Europe with a packed itinerary. In London, she would meet with British officials on counterterrorism matters, then travel on to Stockholm to discuss election security with her Swedish counterparts and finally head to Paris, where she would represent the United States at a meeting of Group of 7 interior ministers. These are some of the far-flung obligations of the secretary of homeland security, who bears responsibility for not only thwarting terrorist attacks and preventing foreign interference in American elections but also cleaning up after hurricanes and ensuring that the United States doesn’t cede control of the Arctic to Russia and China.

But the Department of Homeland Security’s mission had increasingly been telescoped into a single, all-encompassing concern. “Under Trump,” says Juliette Kayyem, a professor at Harvard’s John F. Kennedy School of Government who served as an assistant secretary at the department under President Barack Obama, “it’s a department that looks at homeland security only through a lens of border enforcement.” A few days before Nielsen left for London, she learned that, in March, the number of undocumented immigrants Customs and Border Protection stopped as they were crossing the country’s Southwest border would top 100,000 — the first time the monthly statistic had hit six figures in 12 years. In response, President Trump threatened to halt all cross-border traffic, people and goods between the United States and Mexico — a move that would wreak havoc not only on the Mexican economy but on the American one as well.

Nielsen went ahead with the trip to Europe and spent her flight to London ordering “emergency surge operations” on the border. At least 750 Customs and Border Protection officers assigned to process cars and trucks at ports of entry were redeployed to the border to hunt for people who crossed the border illegally. But after 24 hours in Britain, following a series of calls with Trump, Vice President Mike Pence and the acting White House chief of staff, Mick Mulvaney, Nielsen cut her European trip short. She rushed back to the United States to conduct a series of emergency border visits, if only to demonstrate to the president — her “audience of one,” as a Nielsen adviser described him — that she was working to fix the problem. Stockholm and Paris were scrapped in favor of El Paso; Yuma, Ariz.; and Calexico, Calif., where, on the first Friday in April, she met Trump at the Calexico Border Patrol Station.

In the squat, sand-colored building in the Sonoran Desert, Nielsen looked on as Trump held a press event with C.B.P. officers. He praised their work capturing migrants trying to cross the border and praised Mexico for its recent efforts to prevent migrants from reaching it. “I’m totally willing to close the border, but Mexico, over the last four days, has done more than they’ve ever done,” Trump said. “They’re apprehending people now by the thousands and bringing them back to their countries, bringing them back to where they came from.” During those four days, Nielsen had been in regular contact with Mexican officials, assuring them that Trump “was as serious as a heart attack about sealing the border,” a former administration official told me. When Mexico responded, the official says, “it felt like the president had been walked back from the brink.”

Then Trump charged toward a different precipice. Still speaking to the C.B.P. officers but now directing his comments to potential immigrants, he made a proclamation. “This is our new statement,” Trump said. “The system is full. Can’t take you anymore. Whether it’s asylum, whether it’s anything you want, it’s illegal immigration. We can’t take you anymore. We can’t take you. Our country is full.” Trump went on: “So turn around. That’s the way it is.”

This position had long been a bone of contention between Trump and Nielsen. A year earlier, during a cabinet meeting at the White House, Jeff Sessions, the attorney general at the time, told Trump that to solve the immigration crisis, his homeland security secretary, Nielsen, simply needed to stop letting people into the country, according to two former administration officials. (Sessions could not be reached for comment.) Nielsen tried to explain that this wasn’t something she believed that she — or the United States, for that matter — could do. Under federal law and international treaties, people fleeing persecution in their home country may seek to live in safety in the United States. If someone arriving at the border requested asylum, she said, the United States could not legally turn that person away without processing the claim, and there was no legal mechanism by which the United States could hang a “no vacancy” sign at its borders.

But Trump brushed her argument aside, dressing her down for several minutes, in front of her cabinet colleagues, for being weak and naïve. The tongue-lashing was so intense that after the meeting, Nielsen discussed with Pence whether she should resign. (Pence told her she shouldn’t.)

After the C.B.P. press event, Nielsen, sporting aviator sunglasses and a navy blue quilted vest, escorted Trump across a dusty field to inspect a new section of border wall. Briefly pulling him aside from the Kevlar-clad C.B.P. officers and gun-toting local law-enforcement officials who were accompanying them, Nielsen, according to two people familiar with the conversation, reviewed with the president the options available to him short of refusing to let people in. Trump wasn’t pleased. Kevin McAleenan, then the commissioner of C.B.P., one of the agencies under the D.H.S. umbrella, was also on the wall-inspecting trip. According to two people familiar with the encounter, Trump urged him to block asylum seekers from entering the United States. If McAleenan went to prison for doing so, Trump said, he would pardon him. (The White House has denied that Trump said this.)

Flying back to Washington that evening, Nielsen arranged for a meeting with the president in the White House residence on Sunday afternoon. According to the former administration official, she intended to ask the president to create a “border czar” position, headquartered in the White House, to oversee the administration’s border and immigration policy in her place. It was an extraordinary request — a cabinet member voluntarily proposing to cede a share of her power. Before she could fully discuss it, though, Trump told her that he thought it was time for a change. Nielsen offered to step down, left the White House and wrote her resignation letter.

On Sunday night, she was preparing to leave her post, when, according to two former senior administration officials, she and her advisers received urgent calls from White House officials, asking her to stay in the job a few extra days. Trump intended to name McAleenan as acting secretary, but in order for him to do so, the White House would need to fire Nielsen’s acting deputy secretary, Claire Grady — who by law would become acting secretary once Nielsen stepped down. Nielsen would also need to rewrite the department’s orders of succession so that in the absence of a secretary and a deputy secretary, the head of C.B.P. became acting secretary.

In a subsequent conversation, Nielsen told Mulvaney, according to a person familiar with the exchange, that she thought it was a bad idea and that Trump should just nominate McAleenan to be secretary. But Mulvaney explained that Trump preferred the “flexibility” of having his homeland security secretary be an acting one. (Mulvaney currently serves as Trump’s acting chief of staff.) Nielsen acceded to Trump’s wishes. “I share the president’s goal of securing the border,” Nielsen told a gaggle of reporters outside her rowhouse in Alexandria, Va., the next morning as she headed to D.H.S. headquarters. “I will continue to support all efforts to address the humanitarian and security crisis on the border. And other than that, I’m on my way to keep doing what I can for the next few days.”

From the first day of his 2016 presidential campaign, when he used his kickoff speech in Trump Tower to rail against Mexican immigrants who were “rapists” and who were “bringing drugs” and “bringing crime” to the United States, immigration has been Trump’s lodestar. In his first week in the White House, Trump issued his “travel ban” executive order blocking citizens of seven majority-Muslim countries from entering the United States. Last December, he shut down the federal government for five weeks — the longest government shutdown in American history — over congressional Democrats’ refusal to allocate $5 billion for the construction of a border wall. Today, Trump’s extreme focus on combating illegal immigration is manifested in the overcrowded detention facilities packed with sick, unwashed and hungry adults and children along the Southwest border.

Supporting Trump in all this are a group of immigration restrictionists — officials and advisers who have single-mindedly pursued a policy of not just cracking down on illegal border-crossing, in the manner of conventional immigration hawks, but also limiting all immigration to the best of their ability. Chief among them is Trump’s senior policy adviser, Stephen Miller. Since arriving in Washington a decade ago, Miller, who is 33, has been even more focused than Trump on reducing both illegal and legal immigration to the United States. In 2014, as an aide to Sessions — who was an Alabama senator at the time and who holds similar views — Miller worked with media allies at Breitbart and The Daily Caller to gin up conservative outrage that was instrumental in scuttling bipartisan immigration-reform legislation. In 2016, as a staff member on Trump’s presidential campaign, he not only wrote the candidate’s hard-line anti-immigration speeches but also often served as the warm-up act at his rallies. “They say, ‘Oh, well, we’re going to secure the border,’ ” Miller told a crowd in Las Vegas in June 2016. “Do they ever get it secure, folks?” The crowd roared: “Nooooooo!”

Miller is the architect of the Trump administration’s immigration policy — but staffing an entire federal government with Stephen Millers is an unrealistic proposition. Expertise and experience must be drawn on, however reluctantly; career agency employees can’t just be fired and replaced en masse. A defining conflict of the Trump administration, accordingly, has been the one between the small group of ideologues like Miller and the much bigger cadres of conventional Republican appointees who have gone to work for Trump.

For that group, Trump’s presidency has offered a Faustian bargain. Because many of the senior, thoroughly qualified Republicans who would have filled out, say, a Jeb Bush administration refused — or were refused — jobs under Trump, his presidency has provided a remarkable opportunity for more junior, or less distinguished, bureaucracy climbers to ascend to heights of government that they might not otherwise have reached anytime soon, if ever. But doing so has required them to acquiesce to, and often execute, policies that both Democratic and Republican administrations previously considered beyond the pale — all while reassuring themselves that if they were not there, the administration’s policies would be even more extreme.

Perhaps nowhere has the bargain been rendered in starker terms than in the Department of Homeland Security, which oversees most of the country’s immigration system. This article is based on interviews with more than 20 current and former department and government officials. Most of them requested anonymity so that they could speak candidly and because they feared retribution. The Department of Homeland Security did not respond to a list of detailed queries regarding this article. In response to an inquiry, Hogan Gidley, the principal deputy White House press secretary, said in a statement: “These are just more baseless, phony fabrications from angry Beltway bureaucrats who oppose the president’s strong determination to create a lawful, sane immigration system that serves the American people.”

The story the current and former officials tell is one of a cabinet department buffeted by “irrational” demands and “silly ideas,” as it has struggled with its role as the tip of the spear of the president’s top policy priority. Indeed, for the past two and a half years — whether it was the travel ban or family separation or now the humanitarian crisis at the border — D.H.S. has found itself at the center of some of the Trump administration’s greatest political controversies and moral dilemmas. . .

Continue reading. There’s a lot more. It’s comprehensive report.

Written by LeisureGuy

18 July 2019 at 5:52 pm

Trump claims he tried to stop the “Send her back” chant by “speaking quickly” — check the video

leave a comment »


Written by LeisureGuy

18 July 2019 at 5:23 pm

Home elevators have killed and injured kids for decades. Safety regulators won’t order a simple fix.

leave a comment »

The government is not doing its job. Todd Frankel reports in the Washington Post:

It was lunchtime when 2 1 /2-year-old Fletcher Hartz opened the door to the elevator at his grandparents’ home in Little Rock.

His mother, Nicole Hartz, stood a few feet away in the kitchen making peanut butter and jelly sandwiches. She didn’t see him walk into the hallway and pull open the elevator door, which looked like an ordinary closet door. But she heard him cry.

She thought Fletcher, a curious little boy with thick brown hair, was upset because he couldn’t reach a light switch. She went to check on him and found Fletcher trapped behind the door to the elevator, which her in-laws had installed a few years earlier to accommodate their own elderly parents at the two-story home.

Nicole yanked on the door. It was locked, automatically secured by a safety device after being closed. But she could pull it open a crack. She could see Fletcher was caught in the narrow gap behind the outer door and just in front of an accordion door that closed off the elevator car, a no-man’s land where the floor ended and the edge of the elevator car began. The space was only a few inches wide, just enough for his tiny body.

She didn’t panic. He wasn’t hurt. It’s going to be okay, she recalled telling him that day in February 2017.

But she didn’t know what many in the elevator industry had known for more than 70 years: that children caught between the doors had been killed and injured before, crushed by moving elevators when their tiny bodies collided with the door frame above or fell into the elevator shaft below — a danger allowed to exist all these years by companies and regulators despite a simple solution, according to interviews with 28 officials, parents and regulators, plus a review of hundreds of documents from courts, companies and government agencies.

Corporate memos going back to at least 1943 highlighted the hazard. Lawsuits filed on behalf of dead and injured children since 2001 further spelled out the risk. In 2005, several elevator experts tried to change the nation’s elevator safety code to shrink the door gap — and were rejected. After more accidents, the elevator code finally changed in 2017, but it applied only to new installations. Nothing was done to fix hundreds of thousands of existing residential elevators, despite a problem that could be solved with a $100 space guard, according to elevator experts.

“It’s a hazard with an urgency that’s second to none,” said Bob Shepherd, executive director of the National Association of Elevator Safety Authorities, which certifies elevator safety inspectors.

But the Consumer Product Safety Commission — the federal agency responsible for regulating safety in 15,000 consumer products, including residential elevators — has done little to address the problem, despite knowing about child fatalities since 1981 and having studied the issue closely since 2013. The agency’s inaction highlights how a lack of urgency by regulators and resistance from companies can combine to stop the CPSC from warning the public or demanding a recall, even when a hazard poses a particular threat to children.

“What is the safety agency there for if not this?” said a frustrated senior agency official who spoke on the condition of anonymity to discuss internal deliberations.

CPSC spokesman Joe Martyak said the agency is working “to come up with a solution to the complex issues involved.”

Industry officials have argued to the CPSC that the problem is complicated and, in some cases, overblown in scale and not their responsibility, according to interviews. It was an argument they made during two recent private meetings with the CPSC as the agency faces renewed pressure from victims’ families to take action.

The elevator industry’s plan for dealing with regulators was laid out in an email accidentally sent to The Washington Post. Alesa McArthur, executive director of the National Association of Elevator Contractors, wrote that industry representatives had agreed that during a meeting with the CPSC last month they would argue “they did not think a recall would be a good idea or even all that useful” because of the “difficulty in reaching” elevator owners and because the industry believes the size of the door gap was “appropriate.” McArthur did not respond to additional requests for comment.

Another industry official who attended the private talks with the CPSC cautioned that the agency needed to appropriately evaluate the risks.

“There are many risks in the home,” Mark Townsend, a director of the residential-elevator trade group Accessibility Equipment Manufacturers, said in an interview. “You don’t stick your knife into your toaster to get the toast out, and you don’t play around with an elevator as a little kid.”

So far, the industry’s arguments against a recall have prevailed, over the objections of some in the agency’s leadership.

“No parent should have to experience this,” said Elliot Kaye, a CPSC commissioner who wants the agency to require the elevator industry to fix the problem. “There are just some things we should be beyond as a society.”

In Little Rock, as Nicole struggled to free Fletcher, she phoned her mother-in-law for help unlocking the door, according to police reports and interviews. A friend of hers . . .

Continue reading.

Written by LeisureGuy

18 July 2019 at 4:46 pm

White Security Guard Pulls Gun on Black Cop in Full Uniform Because the Black Cop Had a Gun

leave a comment »

Stephen A. Crockett Jr. writes in The Root:

An Ohio police officer in full uniform, you know, the uniform that clearly identifies him as a police officer and as such gives him reason to have a radio, taser, and gun, faced some scary and tense moments when a security guard pulled a gun on him and tried to arrest the POLICE OFFICER for carrying a gun.

According to ABC 13, Lucas County Sheriff’s deputy Alan Gaston stopped by a local IRS office on May 31 to ask a question about a letter he received. I don’t know if I mentioned this earlier but Gaston was in full uniform including his police badge and belt and his police-issued holster that housed his police-issued gun.

Gaston was on duty and trying to get a phone number when he came very close to losing his life. See, this is America and Gaston is a black man.

Full stop.

That’s it.

That’s the crime.

Didn’t matter that he was in a police uniform. How did the guard Seth Eklund aka “Paul Blart” know that Gaston hadn’t stolen it? How was Blart to know that Gaston was an actual officer? Sure he was wearing an officer’s uniform but don’t they sell those around Halloween? And yes he had a badge, but was that an official police badge?

Gaston told ABC 13 that Blart asked him to leave his gun in his car and Gaston informed the fake cop that as a real cop he can’t do that. That’s when Blart drew his weapon and the conversation ended. Gaston left the office.

“Basically preparing myself to be shot at that moment. Bracing for a shot in my back,” Gaston told the news station.

Luckily for Gaston, the entire debacle was caught on tape. Blart can be seen following the actual cop into the hallway with his gun drawn trying to take Gaston into custody.

“There’s really no way to know how you’re going to act when there’s a gun pointed at you and when you think you’re going to lose your life,” said Gaston.

Gaston, who works with the police department as a defensive tactics instructor, says that he kept trying to de-escalate the situation by walking away.

And here is where this already bizarre case takes an even more bizarre turn. Someone called the police and said that there is a man with a gun that he won’t relinquish but conveniently forgot to mention that the man with the gun is a uniformed deputy sheriff!

Gaston told the news station that while he was concerned for his own safety he was also worried about the other people in the building who may be hit if this crazed fake cop began firing.

“If I’m going to get shot,  . . .

Continue reading.

Video at the link.

Written by LeisureGuy

18 July 2019 at 4:36 pm

Mexican Magic Beans, Corn & Peppers

with 2 comments

Sticking with the power names as advised by Dr. Greger, behold the new dish:

UPDATE: After making this, I realized that by using canned beans, you really don’t have to cook this at all. You can just mix everything together in a big bowl.

However, opinions differ on whether frozen corn kernels require cooking. I have taken the view that frozen corn kernels have been blanched—rinsed in boiling water—and the scallions and peppers and cilantro in this recipe are rinsed just in cold water. If that is sufficient for them, I see no reason why using frozen corn kernels without (further) cooking would be a problem. From the Kitchn: “Every single kernel of corn in the grocery store freezer aisle has been cooked before freezing. Blanching — giving the corn a quick boil before eating or preserving — not only removes surface dirt (from the field or our hands), but it also deactivates enzymes that lead to spoilage.”

OTOH, there are a lot of other steps corn goes through in the processing plant where bacteria could be re-introduced, and the fact that there are cooking instructions on frozen vegetable packages indicates that the manufacturer wants to protect himself in case someone eats the corn straight out of the bag: if the person becomes sick and did not follow the preparation instructions, then the manufacturer is covered. And I’m told there have been a few listeria outbreaks traced back to frozen veggies, so you might want to give the corn a quick cook before using it — or used canned Niblets, which are good to go right out of the can.

Note, however, this recipe from the Bean Institute. (I would probably use diced daikon radish instead of jicama.)/update

I would mince the garlic a little finer if not cooking. I guess I just wanted to use my skillet. But the next time I make it: no cooking.

And it would have gone without saying, except that I’m saying it: You can vary the proportions and ingredients to suit your own palate. Use more jalapeños or fewer; add a couple of Anaheim peppers or not; try a dash of Worcestershire or soy sauce or a little mustard or horseradish; see what a couple of tablespoons of capers will do; and so on. Experiment. For example, I think the next time I make this, I’ll used cooked whole-grain kamut rather than corn, or perhaps cooked hulled barley. — Update: Just made the kamut batch. Very tasty but distinct from the corn version. Try both./update

It went like this (after updating with The Eldest’s suggestions and making changes to eliminate cooking). Prepare vegetables and put into a large bowl:

6 large cloves garlic or 10 regular cloves, peeled and chopped
2 bunches large scallions, chopped including leaves
2 large jalapeño peppers, chopped small including core, seeds, and ribs
2 large red bell peppers, cored and seeded and chopped somewhat small
2 large poblano peppers, same
the remainder of a bag of frozen corn kernels (about 2 cups)
1 or 2 cans of black beans, drained and rinsed
1-2 avocados, peeled and cut into chunks
1 bunch cilantro, chopped
juice of 2-3 large limes (or 1-2 lemons)
1 1/2 tablespoons extra-virgin olive oil
1 tablespoon dried mint
1 tablespoon freshly ground black pepper

I had planned to add about 1/2 cup chopped celery, but I forgot. So it goes. Next time perhaps. The large red bell peppers can be red, yellow, orange, or a combination.

Mix well and refrigerate.

I’m having some. Very tasty. Good warmth in the mouth.

UPDATE: The Eldest suggests sliced radishes as well—I tried it, but they didn’t work for me—and in the comments is a nice idea about sliced jicama to eat with it on the side, as a kind of vegetable cracker. Update to update: Diced daikon radish works very well.

Written by LeisureGuy

18 July 2019 at 4:03 pm

%d bloggers like this: