The Daily Parker

James Fallows eloquently sums up the worst bits of American culture, in the wake of Sunday's mass shooting in Las Vegas:

I am an optimist about most aspects of America’s resilience and adaptability, but not about reversing America’s implicit decision to let these killings go on.

Decision? Yes. Other advanced societies have outbreaks of mass-shooting gun violence. Scotland, in 1996. Australia, in 1996 as well. Norway in 2011. But only in the United States do they come again and again and again.

No other society allows the massacres to keep happening. Everyone around the world knows this about the United States. It is the worst aspect of the American national identity.

...

The identity of the shooter doesn’t affect how many people are dead or how grievously their families and communities are wounded. But we know that everything about the news coverage and political response would be different, depending on whether the killer turns out to be “merely” a white American man with a non-immigrant-sounding name.

These people are indeed deranged and angry and disturbed, and the full story of today’s killer is not yet known. It is possible that he will prove to have motives or connections beyond whatever was happening in his own mind (as Graeme Wood explains). But we know that if the killers were other than whites with “normal” names, the responsibility for their crime would not be assigned solely to themselves and their tortured psyches.

I've just finished Ta-Nehisi Coates' essay "The First White President." Combined with Trump's performance today in Puerto Rico, and our inability as a polity to slow—let alone stop—gun violence, makes me despair for my country.

Via Bruce Schneier, a British reporter requested her data dossier from Tinder. As with so many other things in life, she was shocked, but not surprised:

The dating app has 800 pages of information on me, and probably on you too if you are also one of its 50 million users. In March I asked Tinder to grant me access to my personal data. Every European citizen is allowed to do so under EU data protection law, yet very few actually do, according to Tinder.

With the help of privacy activist Paul-Olivier Dehaye from personaldata.io and human rights lawyer Ravi Naik, I emailed Tinder requesting my personal data and got back way more than I bargained for.

Some 800 pages came back containing information such as my Facebook “likes”, my photos from Instagram (even after I deleted the associated account), my education, the age-rank of men I was interested in, how many times I connected, when and where every online conversation with every single one of my matches happened … the list goes on.

What will happen if this treasure trove of data gets hacked, is made public or simply bought by another company? I can almost feel the shame I would experience. The thought that, before sending me these 800 pages, someone at Tinder might have read them already makes me cringe.

Tinder’s privacy policy clearly states: “you should not expect that your personal information, chats, or other communications will always remain secure”. As a few minutes with a perfectly clear tutorial on GitHub called Tinder Scraper that can “collect information on users in order to draw insights that may serve the public” shows, Tinder is only being honest.

But as Schneier points out, "It's not [just] Tinder. Surveillance is the business model of the Internet. Everyone does this."

The Système International d'unités, also known as the Metric System, is the most widely-used system of measuring things in the known universe. Of the 7.57 billion people in the world, somewhere around 7.2 billion use SI. The laggards are almost all here in the United States.

Sarah Kaplan, writing for the Washington Post Science Alert today, blames English privateers:

In 1793, botanist and aristocrat Joseph Dombey set sail from Paris with two standards for the new "metric system": a rod that measured exactly a metre, and a copper cylinder called a "grave" that weighed precisely one kilogram.

He was journeying all the way across the Atlantic to meet Secretary of State Thomas Jefferson - a fellow fan of base-ten systems who, Dombey hoped, would help persuade Congress to go metric.

Then a storm rolled in, knocking Dombey's ship off course. The unlucky academic was washed into the Caribbean - and straight into the clutches of British pirates.

The brigands took Dombey hostage and looted his equipment. The luckless scientist died in prison shortly after his capture; his belongings were auctioned off to the highest bidders.

France sent a second emissary to promote the metric system. But by the time the replacement arrived, America had a new secretary of state, Edmund Randolph, who apparently didn't care much for measurement.

As the person who sent me this article said, perhaps the pirates just preferred saying "yarrrrd?"

But really, I put this into the same category of "American exceptionalism" that keeps us executing criminals, not getting passports, and thinking that we're somehow #1.

Hurricane Maria's eye passed directly over Vieques earlier this morning and has now struck Puerto Rico proper:

Hurricane Maria roared ashore Wednesday as the strongest storm to strike Puerto Rico in more than 80 years, knocking out power to nearly the entire island and leaving frightened people huddled in buildings hoping to ride out withstand powerhouse winds that have already left death and devastation across the Caribbean.

The storm first slammed the coast near Yabucoa at 6:15 a.m. as a Category 4 hurricane with 250 km/h winds — the first Category 4 storm to directly strike the island since 1932. By midmorning, Maria had fully engulfed the 160-km-long island as winds snapped palm trees, peeled off rooftops, sent debris skidding across beaches and roads, and cut power to nearly the entire island.

In an unfortunate twist, some residents of Vieques had stocked up on critical supplies in advance of Irma only to donate what they had left to harder-hit areas such as Tortola and St. Thomas. Residents rushed to restock before deliveries to the island stopped and the power flickered off yet again.

There isn't much news coming out of Vieques yet, but having been there less than a year ago, I can't imagine that much of it remains standing. The shops and restaurants on Calle Flamboyan are (were?) less than 50 m from the beach, and barely 3 m above the Caribbean. I hope everyone got out OK.

This hurricane season may not break records for numbers or aggregate storm severity, but it will probably do so for destruction and cost. With St Martin and Barbuda all but destroyed, it looks like Vieques and Culebra are next:

Hurricane Maria went through an astonishingly quick transformation from a minimal hurricane to a Category 5 monster in less than 24 hours. As of 9 p.m. ET [Monday], Maria had maximum sustained winds of 250 km/h, and the island of Dominica was right in the path of the worst of the storm's winds. 

The National Hurricane Center has warned Maria is now a "potentially catastrophic" storm. This is the only Category 5 storm to strike Dominica on record, and may be among the fastest rates of intensification of any hurricane on record.

The National Weather Service office in San Juan issued a statement on Monday afternoon warning of the massive threat this storm poses to the island. The winds alone could cause locations to be "uninhabitable for weeks or months," the Weather Service stated, in addition to warning of a potentially deadly storm surge along the coast.

I visited Vieques in November, and I've visited St Martin twice before. I hope both islands recover quickly.

Note to Scott Adams and other climate-change deniers: The intensity and destruction of this year's hurricanes don't prove human-caused climate change. They are predicted consequences of human-caused climate change. By "predicted" I mean that, 20 or 30 years ago, climatologists warned this is exactly what would happen as the planet got warmer.

Credit reporting agency Equifax reported last week that thieves had made off with 143 million customer records:

According to a person familiar with the breach investigation, Equifax appears to have been targeted initially because the company keeps on file millions of active cards, belonging to people who pay $19.95 or more per month to have Equifax monitor their credit reports and alert them to potential fraud. The hack, which the company says took place in late July, put as many as 143 million consumers -- or half the U.S. population -- at risk.

The person, who requested anonymity to discuss the ongoing investigation, said the web application the attackers used to breach Equifax’s corporate network granted access to both the credit card files and back-end systems storing the exhaustive data profiles on consumers. Those profiles include Social Security numbers, driver’s license numbers and other sensitive information, Equifax said Thursday in a statement.

Criminals took advantage of a “U.S. website application vulnerability to gain access to certain files” from mid-May through July of this year, Atlanta-based Equifax said. The intruders also accessed dispute documents with personal identifying information for about 182,000 consumers. Credit card numbers for about 209,000 consumers were also accessed, the company said.

“You would expect these guys to have compartmentalized this data far enough away from a web server -- that there would not be any way to directly access it,” said Tim Crosby, senior consultant with security-assessment firm Spohn.

Knowing how large companies work, and knowing about the diffusion of responsibility principle, and having a healthy belief in the power of governments to correct for bad incentives, I can't say I'm surprised. Neither is the Atlantic's Ian Bogost:

There are reasons for the increased prevalence and severity of these breaches. More data is being collected and stored, for one, as more people use more connected services. Corporate cybersecurity policy is lax, for another, and sensitive data isn’t sufficiently protected. Websites and apps, which are demanded by consumers as much as they serve the interests of corporations, expose paths to data that should be better firewalled. Software development has become easy and popular, making security an afterthought, and software engineering has failed to adopt the attitude of civil service that might treat security as a first-order design problem. And hacking and data theft have risen in popularity and benefit, both as an illicit business affair and as a new kind of cold warfare.

Of course Equifax, as would be expected of a normally-functioning American corporation, bungled the response:

On Thursday night, I entered my last name and the last six digits of my Social Security number on the appropriate Equifax web page. (They had the gall to ask for this? Really? But I digress.) I received no “message indicating whether your personal information may have been impacted by this incident,” as the site promised. Instead, I was bounced to an offer for free credit monitoring, without a “yes,” “no” or “maybe” on the central question at hand.

By Friday morning, this had changed, and I got a “your personal information may have been impacted by this incident” notification. Progress. Except as my friend Justin Soffer pointed out on Twitter, you can enter a random name and number into the site and it will tell you the same thing. Indeed, I typed “Trump” and arbitrary numbers and got the same message.

So, yes, your worst suspicions are now confirmed. Equifax may actually make money on this breach. We would expect nothing less from the credit reporting industry, with which few of us would choose to do business but nearly everyone has to sooner or later.

The solution many people recommend is to freeze your credit reports—for a fee, multiplied by 4 to make sure you get all of the credit-reporting agencies. (Everyone has heard of Equifax, TransUnion, Experian...and Innovis. You've heard of Innovis, right? The one that doesn't offer a free annual report?)

Almost immediately, a team of lawyers including a former Georgia governor filed a class-action lawsuit. So have a group of plaintiffs in Oregon. We can also expect an action from the SEC relating to at least three Equifax managers selling their stock right before the announcement.

This situation is why we have government. The incentives for credit-reporting agencies run directly counter to the incentives of the hundreds of millions of people whose data they store. (You're not Equifax's customer; commercial enterprises are.) Without government regulation and higher liabilities for data breaches, this will just keep happening. But that's not "business-friendly," so the right-leaning American and British governments will dither for another few years until someone publishes the leaders' own data. Because their incentives are bad, too.

I've visited St Martin/Sint Maarten twice, once in 2009 and again in 2014. It's unclear when I or anyone will spend a vacation there in future, because this morning the strongest hurricane ever recorded in the Atlantic smashed directly into the island.

At 8:43 AST, the Guardian posted these videos.

Twitter user Kurt Siegelin posted this video at 9:12 AST.

As of 9:30 AST,

French Interior Minister Gerard Collomb also said that government buildings on the island of Saint Martin - the most sturdy built there - had been destroyed.

“We know that the four most solid buildings on the island have been destroyed which means that more rustic structures have probably been completely or partially destroyed,” he told reporters.

Meanwhile, Puerto Rico is bracing for impact as most models forecast the eye to pass just north of San Juan:

This is the first Category-5 storm to hit Puerto Rico since 1928, and is significantly more powerful.

The forecast track puts the storm in South Florida on Sunday.

Meanwhile, Tropical Storm Jose is right behind Irma, but forecast to pass northeast of the Windward Islands over the weekend. And Tropical Storm Katia is about to blow across southern Mexico.

I'll be following all three closely this week.

A new paper in the journal Theoretical and Applied Climatology tries to replicate the most-referenced papers in the 3% minority that find alternate explanations for human-caused global warming. Turns out, the deniers are still looking for their Galileo:

This new study was authored by Rasmus Benestad, myself (Dana Nuccitelli), Stephan Lewandowsky, Katharine Hayhoe, Hans Olav Hygen, Rob van Dorland, and John Cook. Benestad (who did the lion’s share of the work for this paper) created a tool using the R programming language to replicate the results and methods used in a number of frequently-referenced research papers that reject the expert consensus on human-caused global warming. In using this tool, we discovered some common themes among the contrarian research papers.

Cherry picking was the most common characteristic they shared. We found that many contrarian research papers omitted important contextual information or ignored key data that did not fit the research conclusions.

We found that the ‘curve fitting’ approach also used in the Humlum paper is another common theme in contrarian climate research. ‘Curve fitting’ describes taking several different variables, usually with regular cycles, and stretching them out until the combination fits a given curve (in this case, temperature data). It’s a practice I discuss in my book, about which mathematician John von Neumann once said, "With four parameters I can fit an elephant, and with five I can make him wiggle his trunk."

This represents just a small sampling of the contrarian studies and flawed methodologies that we identified in our paper; we examined 38 papers in all. As we note, the same replication approach could be applied to papers that are consistent with the expert consensus on human-caused global warming, and undoubtedly some methodological errors would be uncovered. However, these types of flaws were the norm, not the exception, among the contrarian papers that we examined.

You can count the insurance industry among the groups that believe the science is settled. Insurers appear to have started looking at climate change as an inevitability, not a risk, which changes their models radically:

[F]lood insurance was not a lucrative business to begin with. Congress set up the National Flood Insurance Program in 1968 as it became clear that private companies couldn’t profitably provide coverage. Now, nearly half a century later, the program is—ahem—under water by $24.6 billion. As a result, there’s a push to move flood insurance toward the private market. That could mean less building in flood-prone areas, as they become effectively uninsurable thanks to sky-high rates. Says Morningstar’s Brett Horn: “Frankly, that’s not a bad outcome.”

Meanwhile, the second major hurricane of the season is heading for Florida...

Via Bruce Schneier, an essay on how the fact that something appears in nature means it can exist, and what this means for military robots:

In each of the [Planet Earth II] documentary’s profiles of monkeys, birds, and lizards, I saw what technologists refer to as an “existence proof.” Existence proofs are the simplest way to resolve an argument about what is technologically possible. Before 1900, people argued whether building a human-carrying powered airplane was possible. In 1903, the Wright Brothers ended the debate with an existence proof. As I watched Planet Earth II, I saw existence proof after existence proof of technological capabilities that, applied to warfare and espionage, would make global militaries and intelligence agencies significantly more powerful – but also significantly more vulnerable.

I realized Hollywood has it all wrong. The future of military robotics doesn’t look like The Terminator. It looks like Planet Earth II.

Imagine a low-cost drone with the range of a Canada goose, a bird that can cover 1,500 miles in a single day at an average speed of 60 miles per hour. Planet Earth profiled a single flock of snow geese, birds that make similar marathon journeys, albeit slower. The flock of six-pound snow geese was so large it formed a sky-darkening cloud 12 miles long. How would an aircraft carrier battlegroup respond to an attack from millions of aerial kamikaze explosive drones that, like geese, can fly hundreds of miles? A single aircraft carrier costs billions of dollars, and the United States relies heavily on its ten aircraft carrier strike groups to project power around the globe. But as military robots match more capabilities found in nature, some of the major systems and strategies upon which U.S. national security currently relies – perhaps even the fearsome aircraft carrier strike group – might experience the same sort of technological disruption that the smartphone revolution brought about in the consumer world.

The next war won't look anything like the last one. (Then again, it never does.)

It's hard to overstate how bad this is. Via Bruce Schneier, it turns out that the Swedish Transport Ministry outsourced its database hosting to IBM, which subcontracted the work to a Serbian company with ties to the Russian military. And what databases did Sweden wind up hosting in its "Cloud" facility in Serbia? All of them:

Part of what IBM contracted to was run, and which was run from Serbia, was the Swedish government’s secure intranet – the SGSI, the Secure Government Swedish Intranet. This network is in turn connected to the European Union’s STESTA, which is a European Union secure network. This is what the Swedish Transport Agency gave staff in Serbia administrative network accessto, and it is no conspiracy theory that Serbia is a close military ally with Russia. While it can’t be proven in this specific case that high-value military information in Serbia’s hands also comes into Russia’s hands, it’s one of those things that should just be assumed in the general case.

The net effect here is that the EU secure Intranet has been leaked to Russia by means of deliberate lawbreaking from high ranking Swedish government officials. Even if there are additional levels of encryption on STESTA, which there may or may not be, this has “should never happen” written all over it.

Sweden's own data, leaked through this outsourced administration, include:

• The weight capacity of all roads and bridges (which is crucial for warfare, and says a lot about what roads are intended to be used as wartime airfields);
• Names, photos, and home addresses of fighter pilots in the Air Force;
• Names, photos, and home addresses of everybody and anybody in a police register, all of which are classified;
• Names, photos, and home addresses of all operators in the military’s most secret units – equivalent to the SAS or SEAL teams;
• Names, photos, and home addresses of everybody in a witness relocation program or who has been given protected identity for other reasons;
• Type, model, weight, and any defects of any and all government and military vehicles, including their operator, which says a ton about the structure of military support units....

There isn't a desk in the world sturdy enough for the massive head impacts that the rest of the worlds' security forces are perpetrating on them right now.

Stunning.