The Daily Parker

Politics, Weather, Photography, and the Dog

Sit down, Don, you fat motherf----r

Jeet Heer grapples with the depressing reality that we'll never be completely free of Donald Trump during his lifetime:

For argument’s sake, let’s assume the best-case scenario: that we somehow manage to survive Trump’s first term and send him packing in 2020. At the moment, the odds of him winning reelection appear about equal to those of the Titanic triumphantly resurfacing under its own steam. His approval ratings are at historic lows, and he evinces no interest in finding a way to expand his base. The doting crowds he still draws at his campaign-style rallies convince him that he’s beholding—and beloved by—a majority of Americans, since those are the only moments he ever comes face-to-face with a citizen unpossessed of either a trust fund or a hedge fund.

So: What happens after Trump finds out that America has rejected him in favor of whatever crooked, terrorist-loving, jobs-destroying candidate the Democrats have decided to nominate? Nothing dignified. For starters, he’ll likely skip his successor’s “fake inauguration” and stage his own swearing-in, surrounded by what he will tout as the biggest crowd of onlookers in the history of onlooking. There is no scenario in which Trump will accept that he has lost fair and square; no matter how resounding his margin of defeat may be, he will begin his post-presidency by howling about massive voter fraud and political witch hunts and the failure of whatever attorney general has replaced Jeff Sessions to put his opponent behind bars. In his mind, Trump will still be president, and he will devote himself to a lifelong and evidence-free campaign to expose the conspiracy that illegally deposed him.

All Trump ever wanted to do was to play the president, a role that will be immeasurably easier once he’s actually out of office. Sarah Palin tried and failed to become a TV star after leaving office. Trump enacted that strategy in reverse. As ex-president, he will be perfectly positioned to return to his natural habitat, the simulacrum of “reality TV.”

He's right, sadly. And we still have 1,225 days until this term is over.

Statistical sins: smoking v. e-cigratettes

Deeply Trivial finds evidence for why there is little evidence about the safety of e-cigarettes:

[T]he statistical sin here isn't really something the researchers have done (or didn't do). It's an impossibility created by confounds. How does one recruit people who have only smoked e-cigarettes or who at least have very little experience with regular cigarettes? What's happening here is really an issue of contamination - a threat to validity that occurs when the treatment of one group works its way into another group. Specifically, it's a threat to internal validity - the degree to which our study can show that our independent variable causes our dependent variable. In smoking research, internal validity is already lowered, because we can't randomly assign our independent variable. We can't assign certain people to smoke; that would be unethical. Years and years of correlational research into smoking has provided enough evidence that we now say "smoking causes cancer." But technically, we would need randomized controlled trials to say that definitively. 

That's not to say I don't believe there is a causal link between smoking and negative health outcomes like cancer. But that the low level of internal validity has provided fuel for people with an agenda to push (i.e., people who have ties to the tobacco industry or who otherwise financially benefit from smoking). Are we going to see the same debate play out regarding e-cigarettes? Will we have to wait just as long for enough evidence to accrue before we can say something definitive about e-cigarettes?

For my part, their safety or lack of to the smoker makes little difference to me. I just don't like people blowing their exhaust fumes into my environment.

Change to Illinois small business insurance

With only a very small group to insure, Blue Cross/Blue Shield of Illinois is leaving the Obamacare exchange for small businesses:

Calling all small businesses with a Blue Cross & Blue Shield of Illinois plan through the Obamacare public health insurance exchange: Look out for an email this week informing you that the state's largest insurer is officially leaving the online marketplace.

That leaves small employers looking for an exchange plan for 2018 with one option: downstate Health Alliance. Chicago-based Blue Cross, which has a dominating market share in Illinois among consumers and small businesses alike, still plans to woo small employers with plans off the exchange.

To be sure, the so-called Small Business Health Options Program, or SHOP, where small businesses nationwide can buy coverage on the federally-run online marketplace HealthCare.gov, never gained steam for a host of reasons. For one, small employers prefer trusted brokers instead of using their time to navigate the incredibly complex world of health insurance.

Blue Cross disclosed in August that it planned to leave SHOP, while the insurer proposed rate hikes for individual plans sold on the exchange. The online marketplace wasn't the most effective way to offer employers choice, said Brian Cheney, Blue Cross vice president of the small business market. Besides, businesses can buy the same sets of Blue Cross plans and rates on and off the exchange.

BCBSIL has no plans to leave the individual Obamacare exchange.

Slosh modeling started here

The science of modeling hurricane storm surges started here in Chicago after the seiche of 1954:

When the surge hit Chicago, it hit a city that housed one of the world’s great meteorology departments, at the University of Chicago. One of its professors was the meteorologist George Platzman....

The meeting of those two freak concepts—real but rare deadly Great Lakes storm surges, and the bizarre possibility of an atomic bomb detonating in Lake Michigan—along with his computer-forecasting experiments, led Platzman to take up the nonexistent science of storm-surge prediction, beginning with an attempt to reverse-engineer the 1954 tragedy. His first model, in 1958, got the timing right, but was off by half on the height of the surge; nonetheless, it was used to accurately predict a 1960 Lake Michigan storm surge on Chicago, resulting in a public warning that may have saved lives.

Five years later, Platzman published a much more ambitious run at the phenomenon, crunching 20 years of hourly wind and water-level data at six weather stations on Lake Erie. He also used a much more sophisticated model than his 1958 study—which didn’t include wind stress—a level of complexity only possible in the computer age. And it worked, with an accuracy of about 90 percent.

The models improved into today's SLOSH model, which meteorologists have been using with abandon the past two weeks.

Predictable and sad

Credit reporting agency Equifax reported last week that thieves had made off with 143 million customer records:

According to a person familiar with the breach investigation, Equifax appears to have been targeted initially because the company keeps on file millions of active cards, belonging to people who pay $19.95 or more per month to have Equifax monitor their credit reports and alert them to potential fraud. The hack, which the company says took place in late July, put as many as 143 million consumers -- or half the U.S. population -- at risk.

The person, who requested anonymity to discuss the ongoing investigation, said the web application the attackers used to breach Equifax’s corporate network granted access to both the credit card files and back-end systems storing the exhaustive data profiles on consumers. Those profiles include Social Security numbers, driver’s license numbers and other sensitive information, Equifax said Thursday in a statement.

Criminals took advantage of a “U.S. website application vulnerability to gain access to certain files” from mid-May through July of this year, Atlanta-based Equifax said. The intruders also accessed dispute documents with personal identifying information for about 182,000 consumers. Credit card numbers for about 209,000 consumers were also accessed, the company said.

“You would expect these guys to have compartmentalized this data far enough away from a web server -- that there would not be any way to directly access it,” said Tim Crosby, senior consultant with security-assessment firm Spohn.

Knowing how large companies work, and knowing about the diffusion of responsibility principle, and having a healthy belief in the power of governments to correct for bad incentives, I can't say I'm surprised. Neither is the Atlantic's Ian Bogost:

There are reasons for the increased prevalence and severity of these breaches. More data is being collected and stored, for one, as more people use more connected services. Corporate cybersecurity policy is lax, for another, and sensitive data isn’t sufficiently protected. Websites and apps, which are demanded by consumers as much as they serve the interests of corporations, expose paths to data that should be better firewalled. Software development has become easy and popular, making security an afterthought, and software engineering has failed to adopt the attitude of civil service that might treat security as a first-order design problem. And hacking and data theft have risen in popularity and benefit, both as an illicit business affair and as a new kind of cold warfare.

Of course Equifax, as would be expected of a normally-functioning American corporation, bungled the response:

On Thursday night, I entered my last name and the last six digits of my Social Security number on the appropriate Equifax web page. (They had the gall to ask for this? Really? But I digress.) I received no “message indicating whether your personal information may have been impacted by this incident,” as the site promised. Instead, I was bounced to an offer for free credit monitoring, without a “yes,” “no” or “maybe” on the central question at hand.

By Friday morning, this had changed, and I got a “your personal information may have been impacted by this incident” notification. Progress. Except as my friend Justin Soffer pointed out on Twitter, you can enter a random name and number into the site and it will tell you the same thing. Indeed, I typed “Trump” and arbitrary numbers and got the same message.

So, yes, your worst suspicions are now confirmed. Equifax may actually make money on this breach. We would expect nothing less from the credit reporting industry, with which few of us would choose to do business but nearly everyone has to sooner or later.

The solution many people recommend is to freeze your credit reports—for a fee, multiplied by 4 to make sure you get all of the credit-reporting agencies. (Everyone has heard of Equifax, TransUnion, Experian...and Innovis. You've heard of Innovis, right? The one that doesn't offer a free annual report?)

Almost immediately, a team of lawyers including a former Georgia governor filed a class-action lawsuit. So have a group of plaintiffs in Oregon. We can also expect an action from the SEC relating to at least three Equifax managers selling their stock right before the announcement.

This situation is why we have government. The incentives for credit-reporting agencies run directly counter to the incentives of the hundreds of millions of people whose data they store. (You're not Equifax's customer; commercial enterprises are.) Without government regulation and higher liabilities for data breaches, this will just keep happening. But that's not "business-friendly," so the right-leaning American and British governments will dither for another few years until someone publishes the leaders' own data. Because their incentives are bad, too.

How to ruin a musical in one letter

A meme is going around Facebook: change one letter of a musical's name to ruin it.

Some of my favorites so far:

  • On A Clear Day You Can Pee Forever
  • Oklahomo
  • Big Liver
  • Legally Blande
  • The Wound of Music
  • Babes in Farms
  • Sweeney Toad

One musician friend posted this on his wall and got over 200 responses.

St Martin destroyed; second hurricane due tomorrow night

Dutch Prime Minister Mark Rutte said yesterday that Hurricane Irma caused "enormous devastation," leaving the island without gas or electricity:

Most communications with the outside world are being conducted via the military, he said, adding that there was “no clarity” on victims.

The Dutch navy, which has two ships stationed off the coast of the island, tweeted images gathered by helicopter showing damaged houses, hotels and boats.

French authorities have counted at least eight dead on the French side of the island.

Photo of Princess Juliana Airport, looking south; Dutch Dept. of Defense.

An official said that 95% of the island was destroyed, rendering the island uninhabitable.

Irma's winds, estimated at 280 km/h when it hit St Martin, mean it had the strength of an EF4 tornado.

And Hurricane Jose, with sustained winds of 240 km/h, is forecast to hit St Martin by 8pm AST tomorrow—about 12 hours before Hurricane Irma hits Florida head-on.

Software frustrations

I'm on the Board of Directors for the Apollo Chorus of Chicago, and information technology is my portfolio. Under that aegis, I'm in the process of taking all of our donor and membership spreadsheets and stuffing them into a new Neon CRM setup.

So far, it's going well, and it's going to make the organization a lot more effective at managing membership, events, and donations.

That said, in the last 24 hours I've logged five bug reports, including one of the most frustrating user experience (UX) bugs possible: a broken back button. This UX failure is so well-known and so irritating that we were talking about it when I started developing Web apps in the late 1990s. Jakob Nielsen called it the #1 web design mistake...of 1999:

The Back button is the lifeline of the web user and the second-most-used navigation feature (after following hypertext links). Users happily know that they can try anything on the web and always be saved by a click or two on Back to return them to familiar territory.

Except, of course, for those sites that break Back by committing one of these design sins:

  • opening a new browser window (see mistake #2)
  • using an immediate redirect: every time the user clicks Back, the browser returns to a page that bounces the user forward to the undesired location
  • prevents caching such that the Back navigation requires a fresh trip to the server; all hypertext navigation should be sub-second and this goes double for backtracking

Neon, however, has made some alternative design choices, and even has a FAQ explaining how they've broken the rules.

Seriously, guys. It's a good product, but wow, is that irritating.

Sint Maarten under the weather

I've visited St Martin/Sint Maarten twice, once in 2009 and again in 2014. It's unclear when I or anyone will spend a vacation there in future, because this morning the strongest hurricane ever recorded in the Atlantic smashed directly into the island.

At 8:43 AST, the Guardian posted these videos.

Twitter user Kurt Siegelin posted this video at 9:12 AST.

As of 9:30 AST,

French Interior Minister Gerard Collomb also said that government buildings on the island of Saint Martin - the most sturdy built there - had been destroyed.

“We know that the four most solid buildings on the island have been destroyed which means that more rustic structures have probably been completely or partially destroyed,” he told reporters.

Meanwhile, Puerto Rico is bracing for impact as most models forecast the eye to pass just north of San Juan:

This is the first Category-5 storm to hit Puerto Rico since 1928, and is significantly more powerful.

The forecast track puts the storm in South Florida on Sunday.

Meanwhile, Tropical Storm Jose is right behind Irma, but forecast to pass northeast of the Windward Islands over the weekend. And Tropical Storm Katia is about to blow across southern Mexico.

I'll be following all three closely this week.