Alternative Fact: What Constitutes Privilege

Avatar
by Lisa

Alternative Fact: James Comey “unilaterally and surreptitiously made unauthorized disclosures to the press of privileged communications” – Trump’s personal lawyer, Marc Kasowitz, in a public statement.

Real Facts: I was a little surprised to hear that Comey himself leaked the meeting notes, but it makes sense in the broader context. And someone with vast legal knowledge and experience in law enforcement will know if something is illegal (i.e. request immunity before testifying to the fact) or not (i.e. announce it in widely broadcast Congressional testimony). He specifically wrote the memo to be unclassified, so the White House could not claim disclosure of classified information.

So they went with “privileged”. Trump does not understand that FBI lawyers are not actually his legal council (bit of a frightening proposition)? They certainly aren’t his spouse or clergy (although I believe both spouse and clergy can unilaterally waive privilege under the Federal Rules of Evidence).

Alternately, Trump wants to assert executive privilege. Equally nonsensical. Executive privilege could have prevented Comey’s testimony in the first place. Or can be used when refusing to disclose information/evidence to legal or legislative bodies. Executive privilege does not protect information from the Executive branch from being disclosed to media outlets. Or subsequently published. And even so, Executive privilege can be denied if the information is deemed critical to the case (i.e. if a Congressional investigation is meant to determine if Trump obstructed justice in pressuring the FBI director to end an investigation … testimony from the FBI Director regarding Trump’s requests to conclude the investigation are central to the investigation. Which, I assume, is why the White House did not even try to claim privilege and prevent Comey’s testimony.).

Bonus Real Facts: Oh, Marc Kasowitz’s statement following James Comey’s testimony. Where to start? Saying it would be good to find out if some peripherally related individual is found to be guilty of collusion isn’t actually support of an investigation. It could also be interpreted in the full context of the conversation as “it would be good if this whole investigation got closed up quickly. Here’s how you do it: find some stooge from my campaign and pin it all on him.”.

Not being investigated does not mean anything — the original scope of a case may be an individual. The initial investigation implicates a few more who then become part of the investigation. The new targets yield evidence that implicates new people and so on. This is the fact behind Comey saying he did not want to publicly state that Trump was not under investigation for collusion with the Russian government — if something comes up that brings into question Trump’s actions, he will be under investigation. At which point, the ‘duty to correct’ means the FBI would need to announce that Trump is under investigation … substantively meaningless as many people are investigated without being guilty.

I was investigated for bribery in negotiations with China – not because I even knew my company had negotiations with China but because I was involved in the internal corporate investigation and participated in evidence gathering (i.e. they were investigating if the evidence “gathering” was more of an evidence purging activity). I had properly collected the evidence and turned it over to inside council, end of investigation. At the outset of the investigation, though, an announcement that “Lisa is under investigation as part of our inquest into international bribery” sounds bad.

Worse, though … Nixon didn’t personally break into the Watergate hotel, but covering it up after the fact and obstructing justice was illegal. Reagan didn’t personally ring up the Ayatollah to delay the release of Iranian hostages – but having a campaign adviser speaking to a cleric representing the Ayatollah … sounds illegal to me even if the investigation got curtailed in sympathy for a man with cognitive decline. Bill Clinton’s impeachment was over testimony regarding an extramarital affair — also nothing to do with the original investigation. When someone is determining if your actions constitute obstruction of justice, proclaiming your innocence in the initial matter is a complete red herring. Normally, yeah, innocent people don’t intentionally obstruct justice. Letting the Chinese bribery investigation run its course served me well — no personal harm, no professional harm. Just a few wasted hours of paid time.

But the investigation is hampering Trump’s agenda, and getting rid of the investigation might leave him clear to pursue legislative initiatives. The investigation, regardless of guilt, is causing harm. Which makes obstruction … well, not outside the realm of possibilities.

 

Android Mail Client Malfunction On FierceXL

Avatar
by Lisa

Both Scott and I have an odd issue with our FierceXL using the stock mail client to communicate with Exchange 2013 over the OWA interface. Randomly, one or more of the connected accounts stops receiving e-mail. We know OWA still works and is available from the phone — we can go into Chrome on the phone and log into OWA. There is absolutely no traffic coming across the reverse proxy / Exchange server from the phone IP. Switching between the cellular network and home WiFi has no impact.

I had just been rebooting my phone. Upon startup, communication is again seen on the reverse proxy server. A few seconds later, the backlog of new mail starts popping into the mail client. Scott recently discovered that you can resolve the issue by closing the mail app (bringing up the recent/running application list and swiping mail off of the screen) and re-opening it.

It appears something within the mail client is getting a thread hung — not the mail client en toto as I often cease receiving messages to one of three accounts. Ending the process and re-spawning it clears whatever is hung. Unfortunately, we have not had any updates for these phones since November of last year so there’s not a quick software fix that can be applied to resolve the issue.

Don’t drink the water and don’t breath the air

Avatar
by Lisa

I was about eleven years old when I heard Tom Lehrer’s song “Pollution“. I wondered if the pollution in America was ever that bad — and took some time to research my own question. Pollution in the Cuyahoga River was sufficiently bad that the sludge on top of the water caught fire (not just once, either … but once that received national media attention). Decades earlier, a toxic smog cloud killed a dozen people near Pittsburgh, PA. Not the only occurrences of either air or water pollution in the United States, but some of the most stunning.

Debate climate change all you want; debate human’s impact on climate change. Just forget about climate change – I don’t get how anyone thinks dumping coal mining runoff into the river is a good thing. Or spewing industrial waste into the air. I know people want to make money now … forgetting about compassion for others, maybe they think they’ll have enough cash to a clean environment at home. Work from home, home school the kids. Grow your own food. Raise your own animals. Grow your own cotton and make your own clothes. This is getting to be a LOT of work to avoid the pollutants you want to be able to eject into the environment. And at some point, you’re going to want to leave your biodome, right? Kid might want to go sleep over at a friend’s house? Your fav band is playing a few towns over? Medical problems require a specialist? Seriously, why can we not all agree that protecting the environment from industrial pollutants … yeah, it reduces business profits. Might even reduce opportunity / slow growth. But anyone who thinks unfettered growth is worth any price … please, take a holiday over in Beijing (where, please note, environmental protection is actually becoming a bit of a ‘thing’ as the results of unfettered growth are seen).

Official Withdrawl

Avatar
by Lisa

Well, the non-suspense is over. The US has been withdrawn from the Paris Climate Agreement. My concern is not environmental. Companies want to make money, and will need to keep producing more efficient and less polluting products to attract customers. Customers don’t want to ‘waste’ their money on fossil fuels, so will demand more efficiency. And, climate change aside, anyone who tried to breathe in LA or London in the 80s (or has seen Beijing today) will push for emissions regs.

My concern is the precedent we’ve established regarding military invasion when a country contravenes a treat obligation (be that just neglecting enforcement or withdrawal). An argument can be made that spewing toxic pollutants into the air endangers the lives of your civilian population. And the rest of the world population too. That’s a fairly long-standing American criterion for invading a foreign country.

Reality TV Presidency

Avatar
by Lisa

LeBron James left the Cleveland Caveliers in 2010. Players change teams all the time. Even star players change teams occasionally – salary caps, better chance at a championship, whatever. Sucks, but it happens. Making the announcement on a live ESPN broadcast – no matter how much money he managed to generate for a charity – was a terrible way to handle the announcement. From a reality-TV perspective, sure it’s great. Guaranteed viewers, suspense, drama, heartbreak. But as a person it lacks tact, lacks compassion … and as a highly paid athlete who is revered by many, it’s an offensive way to treat fans who bought your merchandise and watched you play. The guy was a kid at the time, and his move back to Cleveland seemed to be handled in a more mature fashion.

I cannot help but think of being in Cleveland during the James announcement (complete with LebronFire events burning jerseys) when the White House declares Trump will be announcing his decision on the Paris Climate Agreement on Thursday. Oh, the drama. The suspense. The heartbreak – because, really, does anyone think he’s going to remain in the agreement? Even if he allows the country to remain in the agreement (an agreement, remember, that was limited greatly by a desire to achieve something that might be acceptable to US Republicans) … does he have any intention of enforcing the agreement? Honestly, the world is better off with America out – re-write the agreement with stricter goals. US companies will need to continue increasing energy efficiency and decreasing emissions or they’ll be unable to sell products outside of the country. Hell, US cities will create their own clean air and water regulations. One impetus behind the clean air act was the cloud of toxic chemicals around Pittsburgh that literally killed people. Practically needed a respirator to walk around LA. London – not a US city, but I remember getting back from a day walking around London to spend an hour blowing black snot out of my nose (and how much of that crud remained in my lungs??). I cannot imagine NYC was any better. And if customers refuse to buy the products — what use is your coal plant if no one will purchase your electricity? Some foreign company’s super-efficient SUV is more attractive even if it costs more up front — pay 100$ a week to fill the tank v/s 100$ a month and you’re looking at a fuel savings of 18k over five years.

Trump campaigned on abandoning the treaty. Look at who he appointed to lead the EPA. Seriously, the only suspense was if we’d officially withdraw or if we’d just neglect enforcement. By indicating that there’s an announcement … I already know we’re withdrawing. But why try to recreate LeBron’s The Decision spectacular?

Redistricting By Algorithm

Avatar
by Lisa

American government representation is, in many cases, proportional to population. This means that each Rep from Ohio in the House has a district with the same number of people as the other guys from Ohio. A Rep from Cleveland doesn’t represent more people than a Rep from Marion. There may be multiple districts across Cleveland whereas the district for Marion may include other nearby towns as well. It’s a reasonable idea – otherwise Ohio has 44,825 square miles and 16 HR members so every 2800 or so square miles would be a Rep. This means someone represents a whole lot of and and a couple people whereas someone else represents a LOT of people densely packed into a little land. Cuyahoga County covers 457 square miles and has 1.2 million people. Marion *County* covers 404 square miles and has about 66,000 people. Even if Cuyahoga had 2 reps to Marion’s 1 … the population of Cuyahoga is 18x larger.

This means political boundaries are drawn around population numbers. A process which can be perfectly fair and reasonable, but a process which can be manipulated to a particular party’s advantage. The manipulation is called gerrymandering. And it is how Democrats can win 51% of the popular vote in Pennsylvania HR races but only hold 5 of the 18 seats. Statistically they should have had 9 (or even 10 since they had a slight popular vote advantage and you cannot have a fraction of a representative).

What does this look like on a map? See Pennsylvania’s District 7 — let’s take this group of left-leaning people from SE Philly, make a little isthmus, and now how many right-leaning people do we need from West Chester to make it a Republican district? The only district boundaries that have any business not being a straight line are state borders!

When I was in University in the mid-90’s, we were working on a process to analyze the gravitational disturbances caused by binary black hole collisions. Now it’s not reasonable to calculate anything across the entire universe. No one has that kind of time or computing power (oh, and there may be a basic tenet of computing and physics that precludes doing so) … but we want to know what the disturbances would look like across the entire universe. There will be areas of greater impact and areas of lesser impact. The method we used for the analysis is called adaptive mesh refinement. It’s essentially taking a broad overview of the entire universe but using a more detailed (‘refined’) view of sections where something “interesting” is happening.

I propose we use a similar system for algorithmic drawing of Congressional districts. What would that look like? Imagine a state with six million people that has been allocated six districts. Calculate the statistical people per rep — one million in this case — this is going to be our target population within a district. When we get within a percentage of that number, we’ll hold the district as it is.

Chop it in half and see what the population is like in the two ‘districts’ – and check the populations again. We’ve got one within the defined delta of the one million target (since this is a nice example, we have one at our target).

Take the oversized district and chop it in half again. Get population counts and hold any district within the delta of target.

Keep chopping …

Eventually you’ll arrive at districts that are all within the predefined delta of the target. Since a real-world scenario wouldn’t involve nice round numbers and equally spaced populations, we’ll need to have the algorithm shift the district boundaries E<=>W and N<=>S until the proper number of people are contained within each district. Algorithms are quite good at this sort of thing.

But this doesn’t take into account geographical obstacles — what if there’s a river that bisects the district and the nearest bridge is thirty miles up stream? Well, these are not polling centers – put a polling center on each side of the river.

The point of this approach is that a computer algorithm that doesn’t know a thing about the individuals in each area can easily define districts irrespective of political parties. Statistically, an individual voter may end up in a district that differs vastly from their personal beliefs. But there’s no intentional marginalizing of voters based on political parties. And when the next census numbers come in, load a new data set and re-run the program.

What would adaptive mesh districting look like? Essentially this – big squares and rectangles in sparsely populated areas, smaller and smaller squares and rectangles in population centers.

The Peril Of Hosting Your Own Services

Avatar
by Lisa

I love hosting my own services — home automation, file shares, backups, e-mail, web servers, DNS … bit of paranoia, a bit of control freak, and a bit of pride. But every now and again, hosting my own services causes problems because, well, vendors don’t develop processes around someone with servers in their house.

We got a new cable modem. Scott went to a web page (happened to be Google) and got redirected to the TWC activation page. Went through whatever, ended up calling into support, and finally our account was sorted. Woohoo! Everything works … umm, except I cannot search Google.

Turns out TWC manages their activation redirection by serving up bogus DNS info — their server IP instead of the real one. Which then got cached on our DNS server. No idea what TTL TWC set on their bogus data, but it was more than a minute or two. Had to clear the DNS server cache before we were able to hit Google sites again.

Alternative Facts: NATO

Avatar
by Lisa

Alternative Fact: NATO countries owe money for defence expenditures the US has made.

Real Fact: The target was for member nations to devote 2% of GDP to defence spending. A target is not a guarantee. Not meeting a target may be disappointing, but it doesn’t mean you owe someone money. If your target is to donate 5% of your net income to charity … but at the end of the year have only managed 3%, it does not mean you owe charities 2% of your net income! It means you didn’t meet your goal. Consistently missing goals can also be a clue that the goal is not realistic. Take, for instance, someone whose goal is to donate 80% of their net income to charity. But they also pay their rent/mortgage, buy some food, turn the lights on occasionally. And don’t have 80% of their net income available after covering essentials. The person can commit to the goal and evaluate their other spending (move into a smaller residence, buy cheaper food, conserve on utilities) or they can change their goal to meet the 10% of their net income that is actually discretionary.

Another real fact? NATO countries, by and large, fund their own military. One might make the argument that the US would have been able to scale back the military budget if only other partners increased their expenditures. *But* that’s disingenuous from someone seeking an enormous increase in the military budget whilst questioning the nation’s continued commitment to NATO. But even if the ‘target’ was actually a contractual obligation … it would be to NATO and not the US.

OK, Google

Avatar
by Lisa

Chrome 58 was released last month – and since then, I’ve gotten a LOT of certificate errors. Especially internally (Windows CA signed certs @ home and @ work). It’s really annoying – yeah, we don’t have SAN dnsHost attributes defined. And I know the RFC says falling back to CN is deprecated (seriously, search https://tools.ietf.org/html/rfc2818 for subjectAltName) but the same text was in there in 1999 … so not exactly a new innovation in SSL policy. Fortunately there’s a registry key that will override this for now.

The problem I have with SAN certificates is exemplified in Google’s cert on the web server that hosts the chromium changes site:

Seriously – this certificate ensures that the web site is any of these hundred wild-carded hostnames … and the more places you use a certificate, the greater the possibility of it being compromised. I get why people like wildcards — UALR was able to buy one cert & use it across the entire organisation. Cost effective and easy. The second through nth guy who wanted an SSL cert didn’t need to go about establishing his credentials within the organisation. He didn’t have to figure out how to make a cert request or how to pay for it. Just ask the first guy for a copy of his public/private key pair. Or run everything through your load balancer on the wildcard certificate & trust whatever backend cert happens to be in place.

But the point of security design is not trusting large groups of people do act properly. To secure their data appropriately. To patch their systems, configure their system to avoid attacks, to replace the certificate EVERYWHERE every TIME someone leaves the organisation, and otherwise prevent a certificate installed on dozens of servers from being accessed by a malicious party. My personal security preference would be seeing a browser flag every time a cert has a wildcard or more than one SAN.