DOJ internal watchdog to investigate FBI’s Clinton inquiry

Justice Dept. internal watchdog to investigate FBI’s Clinton inquiry

The inquiry by the Justice Department’s inspector general, likely to keep open the wounds of the bitter 2016 presidential race, will focus on whether “policies or procedures were not followed” by the FBI and Justice Department.

Of particular focus will be the letter sent by Comey to Congress just 11 days before the Nov. 8 election that disclosed that his agents were reviewing newly discovered emails possibly pertinent to the then-closed investigation on Clinton’s handling of classified material while serving as secretary of State.

At first I was heartened by this news, but if the review is limited only to whether “policies and procedures were not followed” there will be no investigation into the Hatch Act1 implications of Comey’s election-week disclosure.


  1. “The Hatch Act of 1939, officially An Act to Prevent Pernicious Political Activities, is a United States federal law whose main provision prohibits employees in the executive branch of the federal government, except the president, vice-president, and certain designated high-level officials of that branch, from engaging in some forms of political activity. The law was named for Senator Carl Hatch of New Mexico. It was most recently amended in 2012.” — via Wikipedia 

NBC stupidly shutting down Breaking News app, service

NBC stupidly shutting down Breaking News app, service

The decision, as it often does in the media business, came down to revenue. “Unfortunately, despite its consumer appeal, Breaking News has not been able to generate enough revenue to sustain itself,” Ascheim said in the letter supplied by NBC News. “We have therefore made the hard decision to close its operations so that we can re-invest that funding into NBC News’ core digital products to help us achieve our ambitious goals for those businesses.”

This is short-sighted. Web-based news isn’t generating revenue? No shit. Breaking News has been a standard-bearer of confirm-before-publishing and still manages to be ahead of every other news outlet’s attempt at a breaking news product.

I’d spend $2.99/month on this thing to keep it alive. Let’s say 1/4 of its Twitter followers would do the same. That’s $84.6 million in revenue right there.

Would that be sustainable?

Wells Fargo claims customers agreed to arbitration… for accounts they never asked for

Wells Fargo Killing Sham Account Suits by Using Arbitration

[Jennifer] Zeleny, a lawyer who lives outside Salt Lake City and opened a Wells Fargo account when she started a new law practice, said it would be impossible for her to agree to arbitrate her dispute over an account that she had never signed up for in the first place.

The bank’s counterargument: The arbitration clauses included in the legitimate contracts customers signed to open bank accounts also cover disputes related to the false ones set up in their names.

Arbitration is reasonable on a case-by-case basis but it’s a hard concept to defend:

  1. Ideologically, when a corporation is responsible for the deliberate mass-deception of its customers
  2. Contractually, when the affected customers never agreed to anything at all with regard to the accounts at issue

If Wells Fargo has any intellect in the board room or in the C-suites they’re taking this tough stance in public but working quietly on negotiating a mass settlement fund.

Of course, any intellect in the board room or the C-suites would likely prevent the type of sales environment which catalyzed this large-scale fraud and identity theft operation.

Poultry Fraud

‘Dark Meat’ by Gabriel Thompson

Failing to record injuries is one strategy to create the illusion of a safe workplace. Another is to fail to refer workers to doctors for proper tests and diagnoses. Each time an injury causes an employee to miss a day of work or to receive medical treatment beyond first aid, the company is required to record it in an OSHA log book. This data is reported each year to the Department of Labor and is used to identify industries with high injury rates—whose facilities will then face increased inspections. An industry that reports low injury rates is less likely to receive scrutiny from OSHA’s overstretched investigators.

If employers can self-report why can’t employees?

The argument against employee reports would be:

Well, employees will inflate injury rates!

Let’s think about this: employers are already fraudulently minimizing the rates. Now, that doesn’t mean it’s okay for employees to do it, too. It isn’t okay for anyone to massage the numbers in their own favor. But they do, and they will, because self-interest is a helluva drug.

So my thought is that having an inflated employee-reported rate to compare with minimized employer-reported rates may help regulators find the truth, somewhere between the two numbers.

Dropbox employee’s password reuse led to theft of 60M+ user credentials

Dropbox employee’s password reuse led to theft of 60M+ user credentials

Kate Conger, reporting at TechCrunch:

Dropbox disclosed in 2012 that an employee’s password was acquired and used to access a document with email addresses, but did not disclose that passwords were also acquired in the theft. Because Dropbox stores its user passwords hashed and salted, that’s technically accurate — it seems that hackers were only able to obtain hashed files of Dropbox user passwords and were unable to crack them. But it does appear that more information was taken from Dropbox than was previously let on, and it’s strange that it’s taken this long for the breach to surface.

Don’t reuse passwords folks. Find a password manager and learn to love it. There’s 1Password, LastPass, Dashlane and many others. That means there’s no excuse for you to keep using your dog’s name combined with your college graduation year or whatever terrible password you’re using for everything.

Secret Cameras Record Baltimore’s Every Move From Above

Secret Cameras Record Baltimore’s Every Move From Above

Pritchett had no idea that as he spoke, a small Cessna airplane equipped with a sophisticated array of cameras was circling Baltimore at roughly the same altitude as the massing clouds. The plane’s wide-angle cameras captured an area of roughly 30 square miles and continuously transmitted real-time images to analysts on the ground. The footage from the plane was instantly archived and stored on massive hard drives, allowing analysts to review it weeks later if necessary.

It must be the NSA or the CIA or the FBI, right? They must have a warrant, right? They must be deleting the video after a certain period of time, right?

Wrong.

It’s the Baltimore Police Department. The article and accompanying video clarify the motivation of the company providing the technology and the service to BPD. Founder Ross McNutt says he hopes technology like his will have a deterrent effect on crime in cities where its deployment is disclosed. That’s a good goal but it’s not the BPD or the company’s founder I’m worried about.

Anything on a hard drive that isn’t air gapped is vulnerable to exfiltration by hackers. That includes a massive digital video recorder covering an entire city for an indeterminate amount of time.

Scary stuff.

NJ law would require pet stores sell only rescue animals

NJ law would require pet stores sell only rescue animals

John C. Ensslin reports for The Record:

New pet stores in New Jersey would be allowed to sell only cats and dogs obtained from shelters, pounds and animal rescue organization under a bill the state Senate passed Thursday.

The bill still has to go to the Assembly and will face industry opposition there, but it’s a great step forward. Find more information about the bill here. You can read an embedded PDF of the Senate version below this post.


A Slack bot to alert about missing children

A Slack bot to alert about missing children

Slack screenshot of MissingKidsBot

Slack screenshot of MissingKidsBot

From the product page of MissingKidsBot, built by David Markovich and Daniel Doubrovkine:

According to the National Center for Missing and Exploited Children, roughly 800,000 children are reported missing each year in the United States — that’s roughly 2,000 per day.

This is a really great idea, and something everyone with a Slack group should consider adding. However small the chances are that you’ll ever see something that might help with one of these alerts, a child’s life will always be worth it.

Nerds can look at the code over on Github. And those of you who don’t use Slack should keep an eye out for MissingKidsBot on Facebook, Skype and WhatsApp.