Crime

Not much blogging going on here still, but here's my annual list of books read for 2019. Graham T. Allison, Destined for War: Can America and China Escape Thucydides's Trap? Ross Anderson, Security Engineering (3rd edition, draft chapters) Herbert Asbury, The Barbary Coast: An Informal History of the San Francisco Underworld Heidi Blake, From Russia with Blood: The Kremlin's Ruthless Assassination Program and Vladimir Putin's Secret War on the West Rutger Bregman, Utopia for Realists: How We Can Build the Ideal World Oliver Bullough, Moneyland: The Inside Story of the Crooks and Kleptocrats Who Rule the World Bryan Caplan and Zach Weinersmith, Open Borders: The Science and Ethics of Immigration C.J. Chivers, The Fighters: Americans in Combat Sefton Delmer, Black Boomerang Nina J. Easton, Gang of Five: Leaders at the Center of the Conservative Crusade (bio of Bill Kristol, Ralph Reed, Clint Bolick, Grover Norquist, and David McIntosh) Ronan Farrow, Catch and Kill: Lies, Spies, and a Conspiracy to Protect Predators Ronan Farrow, War on Peace: The End of Diplomacy and the Decline of American Influence Ian Frisch, Magic is Dead: My Journey into the World's Most Secretive Society of Magicians Anand Giridharadas, Winners Take All: The Elite Charade of Changing the World Reba Wells Grandrud, Sunnyslope (Images of America series) Andy Greenberg, Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers Jodi Kantor and Megan Twohey, She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement Stephen Kinzer, Overthrow: America's Century of Regime Change From Hawaii to Iraq Michael Lewis, Flash Boys: A Wall Street Revolt Jonathan Lusthaus, Industry of Anonymity: Inside the Business of Cybercrime Ben MacIntyre, A Spy Among Friends: Kim Philby and the Great Betrayal Joseph Menn, Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World Anna Merlan, Republic of Lies: American Conspiracy Theorists and Their Surprising Rise to Power Jefferson Morley, Our Man in Mexico: Winston Scott and the Hidden History of the CIA Sarah T. Roberts, Behind the Screen: Content Moderation in the Shadows of Social Media Hans Rosling, with Ola Rosling and Anna Rosling Rönnlund, Factfulness: Ten Reasons We're Wrong About the World--and Why Things Are Better Than You Think Russell Shorto, Amsterdam: A History of the World's Most Liberal City Alexander Stille, The Sack of Rome: Media + Money + Celebrity = Power = Silvio Berlusconi Jamie Susskind, Future Politics: Living Together in a World Transformed by Tech Erik Van De Sandt, Deviant Security: The Technical Computer Security Practices of Cyber Criminals (Ph.D. thesis) Tom Wolfe, The Right Stuff Tim Wu, The Attention Merchants: The Epic Scramble to Get Inside Our Heads Top for 2019: Bullough, Farrow (Catch and Kill), Wu, Chivers, Rosling, Greenberg, Blake, Allison, Caplan and Weinersmith, Kinzer, Delmer. I started the following books I expect to finish in early 2020: Myke Cole, Legion versus Phalanx: The Epic Struggle for Infantry Supremacy in the Ancient World Walter LaFeber, Inevitable Revolutions: The United States in Central America (2nd edition) Brad Smith and Carol Anne Browne, Tools and Weapons: The Promise and Peril of the Digital Age Peter H. Wilson, The Holy Roman Empire: A Thousand Years of Europe's History Two books I preordered and look forward to reading in 2020: Anna Wiener, Uncanny Valley: A Memoir (due out January 14) Thomas Rid, Active Measures: The Secret History of Disinformation and Political Warfare (due out April 21) (Previously: 2018, 2017, 2016, 2015, 2014, 2013, 2012, 2011, 2010, 2009, 2008, 2007, 2006, 2005.)

I’ve been reading Ross Anderson’s epic tome, Security Engineering: A Guide to Building Dependable Distributed Systems (2nd edition, 2008, Wiley), and have just gotten into the chapter on biometrics (ch. 15). Section 15.5.2, on Crime Scene Forensics, points out three major criminal cases where fingerprint matches have been in error, including the Brandon Mayfield case which I wrote about at this blog back in 2007. Anderson points out that law enforcement agencies have claimed to juries “that forensic results are error-free when FBI proficiency exams have long had an error rate of about one percent, and misleading contextual information can push this up to ten percent or more” (pp. 470-471). It’s probability at work: ...

I was asked earlier today if I could give my opinion on whether the work-from-home opportunity advertised at the domain onlineprofitmasterssystem.com is a scam. A quick bit of research produced some interesting results, my conclusion is that it is almost definitely a scam, by people with a history of promoting scams. First, the domain registration: Registrant: Phillip Gannuscia 1780 W. 9000 South #315 West Jordan, Utah 84088 United States Registered through: Go Daddy Domain Name: ONLINEPROFITMASTERSSYSTEM.COM Created on: 04-Nov-11 Expires on: 04-Nov-12 Last Updated on: 29-Nov-11 Administrative Contact: Gannuscia, Phillip [email protected] 1780 W. 9000 South #315 West Jordan, Utah 84088 United States (801) 803-5769 Fax – The very domain and URL and web content of the page are already screaming red flags, and there are more to be found in the above data. It’s a recently registered domain, and the contact physical address appears to be a private mail drop service. Both the address and telephone number listed are associated with multiple other companies (e.g., BBB F-rated eVenture International, run by Richard Scott Nemrow, who was cited multiple times by the Utah Division of Consumer Protection in 2009) and domain names (e.g., makerichesfromhome.com, educationtrainingsonline.com, executivelearningonline.com, learningresourceontheweb.com, and lightlifemaster.com) which also look like scams,. This particular company, Online Profit Masters, has an F rating from the BBB. The named contact, Phillip Gannuscia, has an email address with someone else’s name, [email protected], apparently Essent VP Nathan L. Kozlowski, a former Mormon missionary. Does Gannuscia even exist, or is the name just an alias for Kozlowski? The company whose domain is used here for the contact email address, Essent Media LLC, another Richard Scott Nemrow company, has a corporate registration which expired in 2010. I’d steer clear of any business with these guys. And if you come across this blog post because you’ve already been ripped off by them (like this guy reports), I suggest you file a complaint with the Internet Crime Complaint Center as well as contacting your local law enforcement agency. ...

I recently had a few opportunities on a plane to catch up on some reading and podcasts.  A few of the more interesting things I came across: A bunch of interesting articles in The Economist for the past few weeks: January 28-February 3, 2012: "Saving Lives: Scattered Saviors" -- harnessing social media and mobile devices to deploy first aid faster than an ambulance can arrive (United Hatzalah in Israel believes it will be able to have first responders on the scene within 90 seconds). "China's new tribes: Ant tribes and mortgage slaves" -- a new vocabulary in Mandarin describing emerging social groups in China.  (Reminds me of Cory Doctorow's Eastern Standard Tribe.) "Affinity fraud: Fleecing the flock" -- the rise in affinity fraud, especially religious affinity fraud, during the economic downturn, and why it works so effectively.  (Also see my blog post from 2008 and another on the same topic from the Secular Outpost in 2006.)  Briefly mentioned is the Baptist Foundation of Arizona affinity fraud, which victimized my step-grandfather by stealing most of his retirement savings. "Visible-light communication: Tripping the light fantastic" -- an update on where we stand with Li-Fi (using LED lighting as a mechanism for data transmission). February 4-10, 2012: "Synaesthesia: Smells like Beethoven" -- A new study finds correlations between odors and sounds, even among people who are not synaesthetes. "Scientific publishing: The price of information" -- On the boycott of Elsevier by scientists tired of excessive charges for journals, and the competition from arXiv and PLoS. "Biomimetics: Not a scratch" -- lessons from the microstructure of scorpion armor for reducing wear rates on aircraft engines and helicopter rotors. Podcasts: Philosophy Bites interview with Alain de Botton on Atheism 2.0: de Botton, author of Religion for Atheists, argues that there are good and useful components of religion which can be secularized, and that it is as legitimate to borrow things we like from religion while discarding what we don't as it is to prefer different kinds of art and music.  (Also see the Token Skeptic interview with de Botton and watch his TED talk.)  I think his picture of religion, like that of Scott Atran (In Gods We Trust) and Pascal Boyer (Religion Explained) makes more sense than the way some atheists talk about it as though fundamentalist religion is the essence of religion, and should be discarded completely (which doesn't seem likely to happen as long as we live in social communities). Rationally Speaking interview with Joseph Heath: Heath, author of Economics without Illusions: Debunking the Myths of Modern Capitalism (Canadian title: Filthy Lucre: Economics for People who Hate Capitalism, which the publishers decided wouldn't sell in the U.S.), talks about misunderstandings of economics on both the right and the left.  (Also see this BloggingHeads TV interview of Heath by Will Wilkinson, who writes: "The section on right-wing fallacies is largely on the money and a great challenge for rote libertarians and conservatives. The section of left-wing fallacies is terrific, and it would be terrific if more folks on the left were anywhere near as economically literate as Heath.")  Heath's "Rationally Speaking pick" also sounds fascinating, Janos Kornai's The Socialist System: The Political Economy of Communism, which explains the creative but ultimately futile ways that human beings tried to replace markets with planning and design.)

The title of this post is the title of my multi-book review article in the current issue of Skeptic magazine, which is primarily about last year’s Inside Scientology: The Story of America’s Most Secretive Religion by Janet Reitman and The Church of Scientology: A History of a New Religion by Hugh Urban. It’s a very long article for a book review in the magazine, running from pp. 18-27 with a couple of sidebars and a couple pages of footnotes. What I had in mind when I started writing it wasn’t what I ended up with–my envisioned article would probably be more like a book that tells the story of Scientology’s two wars with the Internet, which Reitman only devoted a few paragraphs to. (If that never happens, the best place to find the information in question is in the writings of Village Voice editor Tony Ortega, who has done more than anyone to cover those topics.) I also would have liked to have done a bit more analysis of Urban’s book, which I think is a bit wishy-washy in places in the name of academic objectivity, and makes a few promises at the beginning that it fails to deliver on as though it were rushed to completion. But I think it came out OK, and I recommend Reitman’s book as the best and most up-to-date single overview of Scientology and its history, and Urban’s for its coverage of Scientology’s battles with the IRS for religious tax exemption and its contribution to explaining what Hubbard was up to when he created Scientology. I think Hubbard died believing his own nonsense, because some Scientology doctrines literally became true for him–he was the one person in Scientology who really could dream things up and make them happen around him, through the efforts of his devotees. I also hoped to devote a bit more space to what I allude to in my first footnote, referencing John Searle’s The Construction of Social Reality, pp. 90-93 and 117-119, about how institutions can quickly collapse when collective agreement about social facts is undermined, as seems to be happening at an accelerating pace within the Church of Scientology. (All posts on Scientology at this blog–65 so far since 2005–can be found here. An overview of my involvement in Scientology’s battles with the Internet is in my 2006 “Scientology Sampler” post, which was updated with a 2009 post, “Scientology v. the Internet history lesson.") UPDATE (26 January 2012): Tony Ortega, editor-in-chief at the Village Voice and prolific investigative journalist on the subject of Scientology, says very nice things about my article and Michael Shermer’s associated article in Skeptic at his “Runnin’ Scared” blog, where there are lots of comments. This issue of Skeptic should be available in all Barnes & Noble stores beginning around the first of February.

As this blog has reported on multiple prior occasions (in 2006, 2008, and 2009, at the very least), the fact that U.S. airport security separates the checking of the boarding pass by TSA from the use of a boarding pass to check in to board makes it easy to get through security with a boarding pass that matches your ID while flying under a boarding pass on a ticket purchased in a different name. Now, as The Economist (July 2, 2011) reports, Olajide Oluwaseun Noibi, a 24-year-old Nigerian American, has been arrested after successfully doing something along these lines to fly around the country, apparently on multiple occasions. Only Noibi wasn’t even using boarding passes valid for the flights he was on–he was caught with a boarding pass in another person’s name for a flight from a day prior. And he wasn’t caught because the boarding pass was detected at check-in–he had already successfully boarded the flight and was seated. He was only caught because of his extreme body odor and a fellow passenger complained, which led to his boarding pass being checked and found to be invalid. ...

As a result of the investigative reporting of Radley Balko, Cory Maye is about to be released from prison after ten years of incarceration and seven years after being sentenced to death on the basis of a terrible defense and kooky testimony from a now discredited and removed medical examiner. Maye shot and killed a police officer during a no-knock drug raid against a duplex property in which Maye resided, on the basis of a report of unusual traffic at the other unit of the duplex by an unreliable informant. Maye was defending his daughter from an unknown intruder kicking his door in. Through the efforts of Balko and a legal team from Covington & Burling, Maye was removed from death row in 2006.

LulzSec breached the security of the Arizona Department of Public Service (DPS) at some point in the past, and on June 23 around 4 p.m. Arizona time, posted some or all of what they had acquired. This included the names, email addresses, and passwords of several DPS officers as well as a number of internal documents which appeared to have been obtained from email attachments or perhaps from the compromise of end user systems. The documents included a PowerPoint presentation on gang tattoos that purported to be a way of identifying Islamic radicals, which was reminiscent of similar ludicrous law enforcement presentations from the 1980s about identifying Satanic cult members by their black clothing and occult symbols. (Some police departments still promote such nonsense, citing exposed fraud “Lauren Stratford” as a source). The documents also included a bulletin which expresses concern about the “Cop Recorder” iPhone application. On June 24, DPS posted a press release responding to the attacks, accusing LulSec of being a “cyber terrorist group”–a term better reserved for the use of criminally disruptive activities intended to cause physical harm or disruption of critical infrastructure, not embarrassing organizations that haven’t properly secured themselves. In the press release, DPS enumerates the steps they’ve taken to secure themselves and the safeguards they’ve put in place. It’s an embarrassing list which suggests they’ve had poor information security and continue to have poor information security. First, their press release has a paragraph suggesting that the damage is limited, before they’re probably had time to really determine that’s the case. They write: There is no evidence the attack has breached the servers or computer systems of DPS, nor the larger state network. Likewise, there is no evidence that DPS records related to ongoing investigations or other sensitive matters have been compromised. Just because they have “no evidence” of something doesn’t mean it didn’t happen–what records did they review to make this determination? Were they doing appropriate logging? Have logs been preserved, or were they deleted in the breach? Do they have centralized logging that is still secure? When did the compromise take place, and when did DPS detect it? The appearance is that they didn’t detect the breach until it was exposed by the perpetrators. What was the nature of the vulnerability exploited, and why wasn’t it detected by DPS in a penetration test or vulnerability assessment? LulzSec has complained about the number of SQL injection vulnerabilities they’ve found–was there one in DPS’s web mail application? Next, they report what they’ve done in response, and again make statements about how “limited” the breach was: Upon learning that a limited number of agency e-mails had been disclosed, DPS took action. In addition to contacting other law enforcement agencies, the Arizona Counter Terrorism Information Center (ACTIC) has been activated. Remote e-mail access for DPS employees remains frozen for the time-being. The security of the seven DPS officers in question remains the agency’s top priority and, since a limited amount of personal information was publicly disclosed as part of this breach. Steps are being taken to ensure the officers’ safety and that of their families. They’ve disabled the e-mail access that they believe was used in the breach–that’s good. Presumably the exposed officer passwords were discovered to be from this system. Perhaps they will not re-enable the system until they have a more secure mechanism that requires VPN access and two-factor authentication–or at least intrusion prevention, a web application firewall, and effective security monitoring. They’ve notified ACTIC–presumably in part because of their overblown claim that this breach constitutes “terrorism” and in part because there are some ACTIC personnel who have good knowledge of information security. And they’re doing something to protect the safety of officers whose personal information (including some home addresses) was exposed. In the final paragraph of the press release, they list some of the safeguards they have in place: ...

Rep. Gabrielle Giffords (D-AZ CD8) was shot this morning at an event at a Tucson grocery store, along with several other people. The Tucson Citizen reports that she was “shot point blank in the head." This brings to mind a previous gun incident at another Tucson event at a grocery store in August 2009. The image below is from Sarah Palin’s website, “Take Back the 20." The lower right target sight image on Arizona is Congressional District 8, which was one of the “targets” for candidates who supported the Health Care Reform bill to be defeated. ...

From CNN: A Florida woman has been charged with first-degree murder in connection with the death of a lottery millionaire whose body was found buried under fresh concrete, authorities said. Dorice Donegan Moore, 37, was arrested last week on charges of accessory after the fact regarding a first-degree murder in the death of Abraham Shakespeare, 43, said Hillsborough County Sheriff David Gee. She remains in the Hillsborough County Jail, he said. Moore befriended Shakespeare after he won a $31 million Florida lottery prize in 2006 and was named a person of interest in the case after Shakespeare disappeared, authorities said.