For that story, Jim Schaefer and I used text messages from Kilpatrick’s chief of staff and lover to reveal that Kilpatrick lied under oath during a whistleblower trial about their affair and their efforts to silence two cops they believed knew too much about their illicit activities. Kilpatrick’s mendacity cost taxpayers more than $8 million. On the night Kilpatrick pleaded guilty to obstruction of justice and perjury charges and agreed to resign from office, we gathered at the Anchor, as we had on so many big news nights, to mark the occasion with a beer or four. That night, Charlie LeDuff—a Detroit News journalist at the time—shouted at a belligerent Kilpatrick sympathizer at the bar, “We did that—those were our stories!” When the Free Press won the Pulitzer, we celebrated with family and friends at the Anchor.
I learned a few years later that, in a way, Kilpatrick’s fall helped me realize my ambition from my intern days. A friend from The Washington Post had stopped at the Anchor to kill a few hours during a brief layover. He called from the bar and told me he was looking at my picture on the wall. Before he could explain, I checked to make sure I was still alive. Turns out the Derderians had posted a photo of Schaefer and me, beers in hand, holding up a first edition with Kilpatrick’s admission, “I LIED,” in massive type.
It wasn’t exactly the wall of honor. But, for now, it’s close enough.
From the archives: Why the media don’t get Detroit—and why it matters
The Anchor is one place in Detroit I miss. I only went a few times but each was something akin to stepping out of a time machine … in a good way.
I love how the story ends with the fall of Kilpatrick. He was a disaster of a person and politician.
I’m surprised that there are no Japanese carriers supporting Apple’s eSIM. I’ve never heard of the two global providers, GigSky and Truphone.
GigSky seems to be data only. Truphone might have calling with data. Neither site is very good at providing information.
However, if you want to view useless graphics or pictures in white space in the hope of distracting you from their lack of details, both are excellent destinations.
If I dive into the iPhone Xs for some unexpected reason, I will do so in the T-Mobile USA pond for the eSIM. Some fine Japanese provider or MMVO will happily fill my SIM slot.
Stay tuned for my take on the Apple event.
YESTERDAY, Typhoon Barijat swept parts of Macau, Hong Kong, and Guangdong in China.
The regions were prepared for it, halting shipping and suspending classes at kindergartens and schools for children with disabilities, and evacuating around 12,000 people. But it seems it came and left in barely a whimper compared to what is coming.
Apart from gloomy skies and strong winds, there was no huge downpour. Typhoon Barijat caused no damage or significant disruption.
However, another storm is brewing. More emergency alerts have already been issued, and evacuations have been ordered in preparation for this one.
Here is what you need to know about Typhoon Mangkhut, a classified super typhoon that is currently heading towards the South China Sea.
(Via Travel Wire Asia)
Many of my US friends and family have, are, or will deal with Hurricane Florence and the storms queueing up in the Atlantic.
And in the Pacific?
Typhoon Mangkhut, named after the Thai word for mangosteen (a tropical fruit), has been categorized as a super typhoon with powerful winds and gusts equivalent to a category 5 Atlantic hurricane by the Joint Typhoon Warning Center in Hawaii.
It has already passed Guam island, leaving behind flooded streets, downed trees, and widespread power outages (80 percent of the territory).
Power has since been restored, and government agencies are conducting damage assessments and clearing roads.
China, Hong Kong, and the Philippines will all get a healthy dose of Mangkhut:
Currently, it has sustained winds of more than 200 kilometers per hour and gusts of up to 255 kilometers per hour, according to AFP.
Said to be the most powerful typhoon to bear down on the Philippines this year, is now on course to hit the country’s northeastern Cagayan province early Sept 15, 2018.
An average of 20 typhoons and storms lash the Philippines each year, killing hundreds of people and leaving millions in near-perpetual poverty, AFP reported.
Mangkhut is the 15th storm this year to batter the Philippines.
With a massive raincloud band 900 kilometers wide, combined with seasonal monsoon rains, Typhoon Mangkhut could bring heavy to intense rains that could set off landslides and flash floods.
Today, I’m feeling pretty わくわく (wakuwaku: “excited”)! Are you うずうず (uzuzu: “itching to get started”)? Because today we’re learning onomatopoeia! You may think, why do I need to learn onomatopoeia? Maybe you’re thinking of American onomatopoeia, that seems to be only in comics (“bang” and “kaboom”) and children’s books (“woof woof” and “meow meow”). But Japanese onomatopoeic expressions are so common! You will be doing a serious disservice to your language skills if you don’t at least learn the basics. You’ll be hearing them every day! Plus, you can level up your Japanese conversation skills by expressing yourself with Japanese onomatopoeia. Japanese sound effects are used in everyday speech to not only describe sounds, but also feelings. Many people think Japanese is vague, and to an extent, it is — until you get into onomatopoeia. With thousands of onomatopoeia, Japanese feelings and true meaning are uniquely expressed through sound effects. Feeling いそいそ (isoiso: “enthusiastic”) now? Let’s get learning!
I’ve ramped up my Japanese language learning significantly in the last week or so. Articles like this one add in a bit of useful fun.
Which one is your favorite?
During the speech, Martin posed five basic questions board members should be asking of their technical teams.
These cover: how the organization deals with phishing, privileged IT accounts, software and device patching, supply chain security and authentication.
“Crucially, we are also telling you what to look for in the response,” he added.
“If the answer is: ‘We have hired X and bought Y to address the problem,’ ask the question again. You need to understand what is actually happening — not what activity has been bought.”
Cannot agree more.
Martin admitted that the government’s strategy on providing businesses with cybersecurity advice and best practice hasn’t worked out as expected, with organizations focusing on good governance and simply outsourcing expertise.
Focusing on good governance is not a bad thing. Many organizations don’t do it well if at all. However, it might not help much independent of other activities.
Outsourcing expertise also isn’t a bad thing, but boards need to know that they cannot outsource ownership and responsibility. Finding a “trusted security advisor” is a great move, and any worth their salt will help educate the board.
Ultimately, this is the key take-away:
… board members can’t manage risk they don’t understand, so they must become more cyber-literate …
The phrase “holy grail of tone” shows up a lot in the marketing of guitar gear, a promise of perfection that seems more than a little ironic. Perfect “tone”—that nebulous term used to describe the sound produced by an ideal combination of instrument, effects, amplifier, and settings—is ever sought but never seemingly found. Guitarists bicker and advise on forums, and religiously consult the gear guides of the pros, who often deign in magazines and videos to explain their own peculiar setups.
While more and more manufacturers are promising to recreate the tone of your favorite guitarist in digital simulations, true tone-ophiles will never accept anything less than the real thing. Pink Floyd’s David Gilmour, a guitarist whose tone is undeniably all his own, has inspired a cottage industry of fan-made videos that teach you how to achieve “The David Gilmour Sound.” But there’s no substitute for the source.
In the clip above from a BBC documentary, Gilmour vaguely discusses “the Floyd sound” and some of the techniques he uses to get his distinctive guitar tone. Every discussion of tone will include the admonishment that tone resides in the player’s fingers, not the gear. Gilmour suggests this initially. “It’s the tiniest little things,” he says, that “makes the guitar so personal. Add a hundred different tiny inflections to what you’re doing all the time. That’s what gives people their individual tone.”
It’s a true enough statement, but there are still ways to get close to the sound of Gilmour’s guitar setup, if not to actually play exactly like him. You can buy the gear he’s used over the years, or something approximating it, anyway. You can learn a few of his tricks—the bluesy bends and slides we know so well from his emotive solos. But unless you have the luxury of playing the kinds of huge stages, with huge volume, Gilmour plays, he says, you’ll never quite get it. Small amps in small rooms sound too cramped and artificial, he says.
And if you’re playing stages like that, you’ve probably discovered a holy grail of tone that’s all your own, and legions of fans are trying to sound like you.
(Via Open Culture)
I do not play music, so the whole thing is academic for me if still fascinating. Plus, it’s Pink Floyd, y’all!
It’s based on the misconception of adding security features. It’s like dieting, where people insist you should eat more kale, which does little to address the problem you are pigging out on potato chips. The key to dieting is not eating more but eating less. The same is true of cybersecurity, where the point is not to add “security features” but to remove “insecure features”. For IoT devices, that means removing listening ports and cross-site/injection issues in web management. Adding features is typical “magic pill” or “silver bullet” thinking that we spend much of our time in infosec fighting against.
We don’t want arbitrary features like firewall and anti-virus added to these products. It’ll just increase the attack surface making things worse. The one possible exception to this is “patchability”: some IoT devices can’t be patched, and that is a problem. But even here, it’s complicated. Even if IoT devices are patchable in theory there is no guarantee vendors will supply such patches, or worse, that users will apply them. Users overwhelmingly forget about devices once they are installed. These devices aren’t like phones/laptops which notify users about patching.
(Via Errata Security)
Read the whole article for the full take. I tend to agree with all the points.
At its core, cryptography relies on the mathematical quirk that some things are easier to do than to undo. Just as it’s easier to smash a plate than to glue all the pieces back together, it’s much easier to multiply two prime numbers together to obtain one large number than it is to factor that large number back into two prime numbers. Asymmetries of this kind — one-way functions and trap-door one-way functions — underlie all of cryptography.
To encrypt a message, we combine it with a key to form ciphertext. Without the key, reversing the process is more difficult. Not just a little more difficult, but astronomically more difficult. Modern encryption algorithms are so fast that they can secure your entire hard drive without any noticeable slowdown, but that encryption can’t be broken before the heat death of the universe.
(Via Schneier on Security)
Bruce’s focus is on quantum computing but he talks about cryptography generally in an accessible way. It’s a good summary. One could take this post and make a good presentation to high level leadership to educate them on the topic.