Lifehacker has a wonderful article about what’s going on with Twitter these days.
SAN FRANCISCO — Uber disclosed Tuesday that hackers had stolen 57 million driver and rider accounts and that the company had kept the data breach secret for more than a year after paying a $100,000 ransom. The deal was arranged by the company’s chief security officer and under the watch of the former chief executive, Travis Kalanick, according to several current and former employees who spoke on the condition of anonymity because the details were private. The security officer, Joe Sullivan, has been fired. Mr. Kalanick was forced out in June, although he remains on Uber’s board. The two hackers stole data about the company’s riders and drivers — including phone numbers, email addresses and names — from a third-party server and then approached Uber and demanded $100,000 to delete their copy of the data, the employees said. Uber acquiesced to the demands, and then went further. The company tracked down the hackers and pushed them to sign nondisclosure agreements, according to the people familiar with the matter. To further conceal the damage, Uber executives also made it appear as if the payout had been part of a “bug bounty” — a common practice among technology companies in which they pay hackers to attack their software to test for soft spots. The details of the attack remained hidden until Tuesday. The ride-hailing company said it had discovered the breach as part of a board investigation into Uber’s business practices. The breach at Uber is far from the most serious exposure of sensitive customer information. The two breaches that Yahoo announced in 2016 eclipse Uber’s in size, and an attack disclosed in September by Equifax, the consumer credit reporting agency, exposed a far deeper trove of personal information for a far larger group of people. But the handling of the breach underscores the extent to which Uber executives were willing to go to protect the $70 billion ride-hailing giant’s reputation and business, even at the potential cost of breaking users’ trust and, perhaps more important, state and federal laws. The New York attorney general’s office said on Tuesday that it had opened an investigation into the matter. Dara Khosrowshahi, who was chosen to be chief executive of Uber in late August, said he had only recently learned of the breach. “None of this should have happened, and I will not make excuses for it,” Mr. Khosrowshahi said in a company blog post. “While I can’t erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes. We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.” A spokeswoman for Mr. Kalanick declined to comment. The revelation of the breach and the way it was kept quiet renewed questions about the tenure of Mr. Kalanick, who has faced criticism over his management style and practices after Uber came under scrutiny for its workplace culture this year. The New York Times also reported on a secret program called Greyball that had been undertaken on Mr. Kalanick’s watch, in which Uber staff members surveilled law enforcement officials in order to evade them. Since his exit as chief executive, he has been sued by one of Uber’s earlier investors for fraud. The breach is also a black mark for Mr. Sullivan, who was a prominent figure in the information security industry. Mr. Sullivan joined Uber as the company’s first chief security officer in 2015, after serving as the head of security at Facebook for seven years. Unlike many cybersecurity executives, Mr. Sullivan was previously a lawyer and had studied cyberlaw at the University of Miami. He began his career in the technology industry as a federal prosecutor during the tech boom of the late 1990s, working at companies including eBay in 2002, where he was head of trust and safety. Mr. Sullivan’s decision to join Uber was seen as a win for the company. As Uber’s ranks of drivers and riders had grown, people in and outside the company became worried about privacy and security. Uber had faced complaints about driver and rider assaults, as well as allegations that it was not doing enough to protect rider data. Mr. Sullivan was tasked with keeping drivers and riders safe. The other Uber employee who was fired alongside Mr. Sullivan was Craig Clark, the company’s legal director of security and law enforcement. Neither Mr. Sullivan nor Mr. Clark responded to requests for comment. The company’s decision to conceal the breach and pay the ransom quickly raised questions among security experts. Many have repeatedly warned companies against paying hackers a ransom to cover up breaches or return stolen data, advice that was included in a 2016 statement from the F.B.I. And several states including California have laws mandating that companies disclose when they are breached by hackers. “Companies are funding organized crime, an industry of criminals is being created,” said Kevin Beaumont, a cybersecurity expert based in Britain. “The good guys are creating a market for the bad guys. We’re enabling them to monetize what years ago would have been teenagers in bedrooms breaching companies for fun.” Uber has experienced breaches before. The company was hit with a data breach in May 2014, an event Uber discovered later that year and disclosed in February 2015. In that attack, the names and driver’s licenses of more than 50,000 of the company’s drivers were compromised. This latest breach puts Uber in another difficult situation just as the company is working to repair its battered image and preparing to seek an initial public offering in 2019. Mr. Khosrowshahi has characterized his tenure at the company as “Uber 2.0.” As part of that, he has tossed out the aggressive corporate values that were prized by Mr. Kalanick and given the ride-hailing service a new list of values that includes “doing the right thing. Period.” Uber has hired Matt Olsen, former general counsel at the National Security Agency, as an adviser, and has retained Mandiant, a security firm, to conduct an independent investigation of the security breach. Uber said Mr. Olsen planned to reorganize the company’s security team. But the damage has already been done, and Uber officials are aware of the long road back to good standing with the public. While it is not illegal to pay money to hackers, Uber may have violated several laws in its interaction with them. By demanding that the hackers destroy the stolen data, Uber may have violated a Federal Trade Commission rule on breach disclosure that prohibits companies from destroying any forensic evidence in the course of their investigation. The company may have also violated state breach disclosure laws by not disclosing the theft of Uber drivers’ stolen data. If the data stolen was not encrypted, Uber would have been required by California state law to disclose that driver’s license data from its drivers had been stolen in the course of the hacking. An Uber spokesman declined to comment.
Tina Fey’s segment on SNL’s Weekend Update this week was so good I’ve watched it three times already. It’s just amazing. Yet, remarkably, it has drawn criticism from people on the left. Exhibits A, B, and C. If you’re claiming to be offended by Tina Fey’s segment this week, you’re either utterly humorless or willfully obtuse, and either way, you are part of the problem. The only people to be offended by this week are fucking Nazis, and Tina Fey just skewered them. I remember being a kid learning that Jonathan Swift’s A Modest Proposal was controversial in its time, because some sanctimonious shitheads thought Swift literally wanted people to eat Irish children. I just couldn’t believe there were people who were incapable of understanding satire. But here we are today, with people thinking Tina Fey literally wants us to stay home and eat cake. If that’s what you think, let me break it to you: your heart might be in the right place, but you’re an idiot.Couldn’t have said it better, John. The United States is never going to move forward if the folks that are trying to move it forward keep attacking their own.
You know, I really should thank Donald Trump. Now, mind you I can’t still bring myself to put the words “President” and “Trump” together in a sentence and I will continue to do so for the foreseeable future. If in his presence I would never call him “Mr. President”. I’m not sure I wouldn’t spit on him, but I really should thank the man before I do so.
During the Obama years things felt fairly comfortable. The country seemed to be moving in a forward direction. Sick people were getting taken care of, thanks to the Affordable Care Act. Marriage was available to all. Though we weren’t putting a great deal of money into the Space Program, I felt like we might be able to obtain that Star Trek existence after all.
But then Donald Trump was elected into office due to sheer idiocy on all sides of the equation and all hell has broken loose. And since that day after Election Day, when I took time off from work and drove down to New York to protest with others in front of Trump Tower, I have had a fire in my belly like I haven’t felt since the days of ACT-UP back when I lived in Boston in the late 1980s.
In the seemingly endless nearly eight months since Trump was sworn into office we’ve seen countless displays of sheer stupidity coming out of Washington. Sheer stupidity fueled by evil intentions. Efforts to repress any sort of minority that doesn’t meet the criteria laid out of who is a true American as defined by a bunch of old white men currently holding office in Washington, D.C. The United States is better than the people’s representation today and I have to thank Donald Trump for showing me that I had become apathetic. His buffoonery and horrible leadership has demonstrated that the progress I saw during President Obama’s administration was only on the surface and that the racism, homophobia and other detrimental qualities of this country still run deep.
So thank you, Donald Trump. I no longer tolerate people that support you. I no longer just grimace and stay silent if someone makes a racist joke in my presence. I am ready, willing and able to boycott whatever company supports your outdated, harmful and hateful policies. As of this writing, I’ve got my eye on these companies: Campbell’s Soup, Pepsi and Dell.
I also have to thank you, Donald Trump, for continually reminding us about Hillary Clinton and the obviously strong impact she made on your psyche. When I see, hear, or think of Hillary Clinton, I am reminded that there are good people out there. Not all politicians are as deplorable as you are. So, please, by all means, keep bringing her name up.
Keep reminding us who won the popular vote. We all know who should have really been President of the United States. And it wasn’t the Nazi that ran as a publicity stunt.
We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness. — That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed, — That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness.In case you don’t recognize it, the quote above is taken from the Declaration of Independence, unanimously signed on July 4, 1776 by the thirteen United States of America. I bring this up because that first sentence of the quote, “That all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness”, has always resonated loudly with me. First of all, the Declaration of Independence talks about “their Creator”, not “God”. The use of “their Creator” is religiously ambiguous. And while folks like to translate the Bible, written thousands of years ago, six ways from Sunday, the Declaration of Independence was written only 241 years ago, and we know that these words were written by men, on the North American continent, and they purposely used “their Creator”. Not “God”. There was no religious bias in the Declaration of Independence. Christianity does not have priority over any other religion in this context. Secondly, the Declaration of Independence recognizes certain unalienable Rights, mainly Life, Liberty and the pursuit of Happiness. That one is pretty self-explanatory; everyone deserves these rights regardless of who they are. All men are created equal. Again, there’s no bias to religion here, there’s nothing that says “Christian Men”. All men. It is reported that on Thursday of this week, the National Day of Prayer in the United States (everyday should be a National Day of Prayer with this administration, but I digress), Trump will sign an executive order. This Religious Freedom Executive Order will allow anyone to not serve someone if it runs contrary to their personal religious beliefs. So if you want to buy bacon and the clerk’s religious beliefs hold pork sacred, they can refuse to sell you bacon. If you are on a birth control prescription and the pharmacist is against birth control, they can sell it to you. If you are a gay couple checking into a hotel and the front desk clerk is dead set against gay marriage, they can turn you away and refuse you a room. If your wife is dying from AIDS and the doctor believes, just believes that she contracted AIDS through unsafe sexual practices, which is a sign of the devil in their eyes, that doctor can refuse treatment. If an emergency room attendant believes gay men should be stoned to death, he can turn Earl and I away from seeking treatment for a medical catastrophe because we are a married gay couple. Shall I continue with all the examples of this Executive Order is dangerous, why it runs contrary to The foundation of the United States of America for nearly 241 years? Right-wing jackals on the Internet are fond of calling anyone with progressive views a “snowflake”, yet here they are pushing this idiot in the Oval Office for an Executive Order that protects them from being offended by diversity in the world. This is not representative of the Republican Party I know, this is not representative of the centrists I know and it’s certainly not representative of the United States of America I know. Over the past several months I have seen countless video examples of people losing their minds over some sort of disagreement in public and they’re always screaming “I voted for Trump!” and “This is the United States of America!”, as if it makes them superior in some way over the people around them, or that being an American citizen gives them special privileges over other citizens of the world. It doesn’t. There’s nothing particularly special about the United States, other than the populace seems to have gone batshit crazy over the past year or so, but folks go around spewing their Yankee Doodle Yacking as of it’s the third act of their holy gospel. This Executive Order is wrong. I’m really hoping that some judiciary influence will rule that like many of Trump’s other Executive Orders, it’s completely unconstitutional, rendering it null and void. The problem is that it will stir up the fringe right-wing lunatics. I fear that at the very least we will continue to see a rise in all the hate action that has been occurring since Trump took office. The last thing we need in this country right now is more hate. Trump is signing this order for one reason: to keep the Far Right happy so they continue to give him support. Honestly, I don’t think he still possesses the cognitive skills to even know what he’s signing. I think he lost it long ago and that scares me a lot. Hang on folks, the ride is just going to get bumpier. Let’s hope things don’t completely rattle apart in the process.