The hot new chat app

goole-docs-logo-291x300This article about teenagers using Google Docs is just fascinating. It’s a testament of the futility of trying to stop elemental forces like “teenagers wanting to pass notes to each other.” Or, frankly, anything that somebody really wants to do, and someone else for some other reason (preserving authority, preventing copying of media, etc.) doesn’t want them to do. Give the kids a tool and they will find the mostly-disused feature they can repurpose. Fight it all you want, but users will do what users want to do, and the it’s smarter to figure out how to make that work well for everybody than try to force a less satisfactory behavior that they don’t want.

Greetings from Bombay Beach

The Salton Sea is on my list of weird places I’d like to go see, but probably won’t get around to. (Just being honest here.) The Guardian profiled Bombay Beach, one of the towns there. The area is basically what’s left after ecological disaster.

Birds and fish died. Toxic dust swirled. The air stank. Tourists and most residents fled, leaving a virtual ghost town of abandoned, decaying homes.

For decades the only regular visitors were film-makers who came to shoot horror flicks about zombies and Armageddon.

Now, Bombay Beach, population 295, is enjoying a rebirth of sorts with an influx of artists, intellectuals and hipsters who have turned it into a bohemian playground.

It sounds like a very tiny slice of Burning Man without any Silicon Valley types helicoptering in.

There is an opera house, a gallery, an “Hermitage” museum, a conceptual pavilion and a drive-in movie theatre. Which sounds rather grand, but the desert wind whistles through the cracks and it looks like Mad Max did the decorating.

The closest thing to a hotel – a shipping container with plywood floors and walls – is adorned with photographs of the criminally insane.

There are also giraffe sculptures, a defunct sensory deprivation tank, a four-dimensional hypercube called a tesseract and a fake particle accelerator made of gold-painted junk. Plus a festival, the Bombay Beach Biennale, with exhibitions, philosophy seminars, ballet and poetry. Sandstorms and scorching sun can make it feel closer to Mars than Venice’s biennale.

There are some detractors to all of this – long-time residents who think a bunch of weirdos are basically making everything too hip and expensive – well, “hip” might be too strong a word. But given the current cultural currency of dystopias, Bombay Beach sounds like a natural hot spot.

If that didn’t sell you on going there, here are some fun facts: it’s right on top of the southern end of the San Andreas fault. And, while there is a beach, the sand-like material there is pulverized bones of millions of fish.

Just about three hours from LA or San Diego, or you can fly to El Centro! You’d definitely have one of the most interesting “What I did on vacation” stories of your peer group.

If our current fascination with disaster continues, look for it to start popping up on the Instagram feeds of models.

Irish Brexit border woes

irelandIt’s fair to say that everyone is running out of patience with the Brexit shitshow, as the UK presses forward with its plan to commit economic suicide but can’t just seem to find the right building to jump off of. But it’s a particular problem for Ireland and Northern Ireland, with a 310-mile currently open border than would be transformed into a border of the European Union should the UK actually take the leap. Paschal Donohue, Ireland’s finance minister, is being quite clear that endless delays are not going to fly.

Paschal Donohoe said London would need to convince the EU27 that an extension to article 50 would not further risk economic disruption.

“I believe it is highly important that we do all we can to avoid being in a scenario of rolling cliff edges … particularly from a financial market stability perspective and economic stability, we need to be aware of that,” he said.

Theresa May is expected to ask the EU for an extension next week at the European council summit after MPs voted overwhelming to delay Brexit until 30 June.

Donohoe said the taoiseach, Leo Varadkar, had made it clear that Ireland would “provide a generous response” but that London needed to spell out what it wanted from any extension.

Is it likely that a delay to the end of June would change anything? That’s an honest question; while I’ve been following this like everyone else, I don’t know what can be done. It seems like they’re at an impasse, and I don’t know that three months will really change much.

Adding to the problems are that in Northern Ireland, like Scotland, voters clearly rejected Brexit (apparently English nativism and xenophobia don’t play so well outside of England). So they’re just being dragged unwillingly off the ledge, and the Irish will pay a heavier price for Brexit with its serious threats to the order established by the Good Friday agreement.

In order to get an extension all 27 non-UK EU members have to agree. Hey, what could go wrong? (The Irish losing patience and saying “Figure it out, people.” Spain being unhappy about the status of Gibraltar. The French being French. Luxembourg wanting to remind everyone that it exists. Seriously, what couldn’t go wrong?)

I really, really hope the UK gets its act together and we don’t have yet another example of England screwing with Ireland.

Murkowski & Manchin: let’s do… something about climate change

polluted-earth-changing_e1ajrlvzg__f0000This op-ed from Lisa Murkowski and Joe Manchin about dealing with climate change proposes… well, not much of anything, but it is awfully earnest.

Yet, our witnesses also agreed that to effectively mitigate the impacts of climate change, we must do more to pursue low- and zero-carbon technologies that will continue to lower emissions.

The United States leads the world in research and development. Our national labs and universities are working toward the next scientific breakthrough, and private investors are pursuing the next game-changing technology. The United States is at the forefront of clean-energy efforts, including energy storage, advanced nuclear energy, and carbon capture, utilization and sequestration. We are committed to adopting reasonable policies that maintain that edge, build on and accelerate current efforts, and ensure a robust innovation ecosystem.

That all sounds good. Perhaps we could put together a set of programs to spur investment in cleaner technologies and leverage our R&D investments to spur business investment in them. Why, that could even lead to job creation and economic growth. We just need a catchy name: maybe, “Green New Deal?”

Seriously, the principles they’re talking about are the principles behind the Green New Deal proposal. Is this s sign that these two are going to roll up their sleeves and help make the proposal better? I doubt it.

Nice sentiments. Maybe show us something concrete?

Healthy attitudes about human sexuality

Wonkette asks, “Wanna see a Republican legislator scream about anal sex for a full minute?” It’s Friday, of course you do!

The bill that has him so aroused is a pretty sensible bit of legislation that would stop the insanity of labeling teens who sext naked pictures to one another as “sexual predators” for the rest of their lives. He actually has a lot to say about non-butt sex too!

I wonder how these people make it through their days. I kept expecting him to burst into a chorus of “These are a few of my favorite things!”

63red Safe, incompetent and butthurt

maga-make-america-great-again-hat-burning-at-berkeley-getty-640x480So an app described as “Yelp for Conservatives” appeared this past week, promising to let people review businesses so Trump supporters would know where they could go where nobody would be mean to them because they support a criminal, sexual predator, borderline white supremacist president. Well, as they say, it’s a free country.

Except – oops! – the guy behind the app is not so good at coding.

Alderson said that in taking a look at the publicly available source code, he found that Wallace had implemented an open API in order to communicate with the 63red Safe server, which contains the app’s database. The issue is that API has no log-in protection.

“In this case, they ‘forgot’ to implement an authentication mechanism,” Alderson tweeted. “It means everybody can use their API, it’s open bar!”

He also discovered that there’s a list of API endpoints in the app’s source code, making it possible for someone with a bare minimum of software engineering skills to more easily access user data stored on the server. This includes profile IDs, when the profiles were created, profile pictures, the number of people a user follows and is following, UIDs and email addresses. It’s also possible to block users and create new profiles, he said.

Alderson said that he was able to see that 4,466 persons created a profile on the app. He said he didn’t download the database, but he noted that it was possible to use two specific APIs requests to obtain the information.

This is not “we made a mistake and missed it in our testing.” This is “I have no idea how to do this, and what is this thing that you call ‘testing?'”

Very embarrassing. Security researchers poke into this stuff all the time, and generally when someone finds out they’ve released software with security problems, they say ‘thank you’ and fix it really fast. So naturally, this 63red guy responded… with intense butthurt.

We take security very seriously, and have already taken action to additionally protect our data. The security of our users, and conservatives generally, is our primary concern, and we will continue to improve our systems in any way possible to guarantee their safety.

Please note that the individual who noticed an issue never gained access to any user’s passwords, nor were they able to change or alter any data on our servers, nor were they able to log into our servers or access our databases directly. The small amount information in which they were able to access has now been additionally protected.

As we have seen across the United States, conservatives particularly have come under attack for their political beliefs — verbally, physically, and electronically. This is unacceptable in a free society, and we will take every action to stop it, and assist our users in that as well.

Then he called the FBI to report someone walking through his open door.

“We take security very seriously?” Oh, honey, no.

So, the usual MAGA butthurt victim bullshit, for which the dude’s being roundly mocked all over the place. As he deserves!

Something else about this that crossed my mind: Apple is always bragging about how they carefully review apps to keep everybody safe, and unfortunately people get a false sense of security and nearly as careful with their iOS apps as they ought to be, because “Apple checks it all!” Well, this thing was there on their app store.

Assuming someone else took care of it is a very bad security approach. You need to pay attention to the permissions apps are seeking and ask yourself who is on the receiving end of the information they collect. Yes, even if you have an iPhone. Personally – I think Apple is doing a real disservice to its users by suggesting their policies have these things covered.

So pay attention to what you’re installing and who made it and what it’s asking for. And, of course, delete your Facebook!