One More Reason Not to Use PowerPoint: It’s The Gateway for a Serious Windows Vulnerability
PowerPoint. It's a situation as much as it is a product. And people do (aesthetically) terrible things with it. But now hackers are exploiting it in a new way. Microsoft announced on Tuesday that a vulnerability in nearly all versions of Windows is being attacked through PowerPoint files. We would expect nothing less.
The only version of Windows that's safe from this attack is Server 2003, which is kind of significant because Windows Server 2003 is sort of like the XP of server operating systems. Basically it's still around. But for everyone else, opening a compromised PowerPoint file could give a hacker remote system control.
Microsoft says that people who have encountered a malicious PowerPoint file often got a User Account Control prompt. That's sketchy and shouldn't happen just because you opened an Office document, so if you see that be on alert. Other office documents could spread the attack, too, or any file type that supports Microsoft's Object Linking and Embedding (OLE) protocol.
For now Microsoft has released a quick fix "OLE packager Shim Workaround" that fixes the PowerPoint issue, but isn't a full patch. That will presumably come as soon as Microsoft can churn it out. Microsoft also says that by operating Windows with limited permissions people can protect themselves from the attack.
Once and for all, just stay away from PowerPoint, okay?
Netizen Report: Twitter Users Under Fire in Mexico, Venezuela, Turkey
Global Voices Advocacy's Netizen Report offers an international snapshot of challenges, victories, and emerging trends in Internet rights around the world. This week's report begins in the Twittersphere, where activists in Mexico, Venezuela, and Turkey have faced steep and sometimes fatal consequences for politically charged tweets over the last two weeks.
In Mexico, Maria del Rosario Fuentes Rubio was kidnapped and murdered in the northern border state of Tamaulipas in an apparent warning to citizen journalists reporting on drug-related violence. Photos of her corpse were posted on her Twitter account, which has since been suspended. Fuentes Rubio, who was a doctor, volunteered as a contributor to the citizen media platform Valor por Tamaulipas (Courage for Tamaulipas). An administrator of the platform later described her as “an angel who gave everything, her life, her future, her safety and peace ... for the good of the people of the state.”
In Venezuela, several users were arrested for sending tweets that police allege link them to the assassination of Robert Serra, a 27-year-old Socialist Party deputy who was found stabbed to death in his home on Oct. 1. All of those detained have voiced criticism of the current government on Twitter. Inés Margarita González (@inesitaterrible), a prominent voice on political issues, was detained and charged with "inciting crime" after tweeting her opinion on Serra's killing. She is currently being held incommunicado.
The Turkish government briefly detained journalist Aytekin Gezici for tweets criticizing government officials and raided Gezici’s home, searching his computer, cell phone, camera and other electronics. Many believe this is the first use of Turkey’s new “reasonable doubt" rule, a pending amendment to the country's criminal code that will lower the threshold requirement for authorities to search and seize property in a criminal investigation. Now, rather than needing to show "strong suspicion based on concrete evidence", authorities must simply prove that they have a reasonable doubt of the suspect's innocence in order to obtain a search warrant.
China’s anti-rumor campaign continues
Daqin, a news website run by Tencent in Shaanxi province, is the latest casualty in China’s crackdown on “online rumors.” The site will be closed for seven days for its “lack of control on contents,” according to the Shaanxi Internet Information Office.
Hacks, hackers, and Russia’s proposed Internet fast lane
Russia may implement its own Internet fast lane as its Federal Anti-Monopoly Service considers allowing Internet service providers to collect fees from websites to prioritize delivery of their content. Citing the U.S. Federal Communications Commission, the FAS claims the fees would enable ISPs to make much-needed investments in national telecom infrastructure. But media freedom advocates argue they will endanger for the country’s already-threatened independent media space.
Russian hackers were able to spy on several Western governments, NATO, and the Ukrainian government, among others, by exploiting vulnerabilities in Microsoft Windows, according to a report by computer security firm iSight Partners. It is unclear what information might have been retrieved through the attacks, which started as early as 2009 and ramped up this summer, but they were often tied to escalations in the standoff in Ukraine.
The App That Will Make Algebra Classes Seem Even More Pointless
Math is important and I’m a big fan. No hard feelings about that time I got a 50 on a calc final in college. I still like math (plus I passed the class). But a new app called PhotoMath is making all those high school classes feel a little more pointless. You just take a picture of any equation and the app does the rest.
When PhotoMath captures the problem you’re trying to solve, it gives you an answer and you can elect to see the steps it used to get to that answer. Created by text recognition company MicroBlink, the app is meant for students who don’t get enough tailored instruction at school or who can't afford tutors and other aides. By seeing the steps to answering a problem, they can learn how a particular concept/strategy works. PhotoMath could also be useful for parents trying to help their kids with homework.
But let’s be real here. Kids are going to use this app to cheat, right? A MicroBlink spokesperson told Quartz that that’s not the intention behind the product. And since there are so many ways to cheat already out there—Wolfram Alpha, TI graphing calculators, friends who are better at math than you—it doesn’t even seem like PhotoMath will make much of a difference. Though it is extremely simply to use. Tempting.
The main barrier to cheating using PhotoMath right now is that you can’t necessarily trust its results. The app works well enough for simple problems, but it still falters on complicated equations. And as Yahoo Tech points out, it sometimes mistakes things like “x” variables for the multiply symbol. Additionally, PhotoMath can only analyze problems that are typed out, it can’t read handwritten equations.
Former math teacher and current math education graduate student Dan Meyer wrote on his blog on Wednesday that:
We should wish PhotoMath abundant success—perfect character recognition and downloads on every student’s smartphone. Because the only problems PhotoMath could conceivably solve are the ones that are boring and over-represented in our math textbooks.
The math teachers are ready for PhotoMath. Are you?
Internet Weather Poseurs, Begone
It’s hard to know where to go to get a decent weather forecast on the Internet these days.
In just the last few months, we’ve had a nonexistent New York City snowstorm, a ”sideways tornado” in Baltimore, and faux hurricanes headed for New Orleans. Even the once-venerable Weather Channel has gone off the rails recently, earning acclaim for transforming into a leading source of clickbait.
Because of these and other reckless antics and Facebook farces, 2014 will almost assuredly go down as the year of the Internet weather hoax. Last month, Gawker’s Dennis Mersereau, king of weather-hoax debunkery, wrote a surprisingly useful tutorial of the genre.
But take heed, all you who threaten us with your barometric bluffs and atmospheric ambuscades: The National Weather Association has just the thing. At this year’s annual meeting, which is currently taking place in Salt Lake City, the NWA announced a new certification program for purveyors of Internet weather blogs and webcasts: the NWA Digital Seal of approval.
Immediately, the meteorological community rejoiced:
The National Weather Association now certifies webcasts and weather blogs with the NWA Digital Seal. This separates pros from amateurs.— Miles Muzio (@MuzioMiles) October 19, 2014
To qualify for a NWA Digital Seal, you don’t have to have a degree in meteorology. If you’ve been writing about the weather or making Internet videos for awhile and pass a 100-question test, you can submit a portfolio of your work to the NWA. If the NWA considers you a trusted source of weather content, you’re in. Traditional TV meteorologists aren’t eligible.
By email, the very first NWA Digital Seal holder, Bill Murray (not to be confused with the actor who once famously played a meteorologist on the silver screen), told me the achievement is a validation of a lifelong education in the weather. “Weather on the Internet has a huge noise to signal ratio now and I believe that the NWA Digital Seal is a positive filter,” Murray told me. The other two inaugural Digital Seal holders are Mike Mogil, whose weather photography was enshrined on a U.S. postage stamp in 2004, and Jason Samenow, weather editor of the Washington Post’s Capital Weather Gang.
Josh Larson, a Denver-area meteorologist who helps run the weather5280.com site, is eager to apply. “I feel it is doing the public a service,” he told me by email. Still, he has reservations: “The seal is only as good as the job the NWA does communicating to the public what it means.”
The NWA (not to be confused with the ‘80s hip hop group of the same name, or the U.S. government’s National Weather Service, where all your official forecasts come from) has been certifying broadcast TV meteorologists for many years. Now, with television becoming less and less popular source of weather information—checking the weather is the No. 1 mobile activity, according to one recent survey—the new move by NWA could help separate the sunshine from the storms, so to speak. There are signs that the American Meteorological Society, the NWA’s older and more well-known cousin, may also eventually follow suit.
As Samenow put it in an email: “When it comes to online weather info, it's a bit of a wild, wild west out there. I hope, that over time, the digital seal can help establish some order, directing the public to the best sources of credible information across platforms.”
My bold prediction is that the NWA’s new program won’t do much to tamp down the plethora of misleading weather content, but at least we’ll know where to look first for the fact check.
Thunderstruck: Rock Out With Mother Nature’s Evil Side
Windchimes aren’t the only musical instruments powered by the weather. The genre-defying musician and one-man band known only as Quintron has created a giant analog synthesizer controlled completely by the weather.
Called the Weather Warlock, it works when sensors detect changes in sunlight, wind, rain, and temperature. Copper wires then carry that information via a water-proof casing to the synth that sits, for now, in the living room of Quintron’s home in New Orleans’ 9th Ward.
“The weather has so many elements that are constantly fluctuating all day, every day. My goal was to translate those into something we could actually hear—not just digital readouts on a weather station but actual sound changes,” Quintron said.
So what exactly does Mother Nature’s soundtrack sound like? “If this were an orchestra, rain and wind would be the percussive elements and temperature provides the bass. Sunrise and Sunset are the soloists,” Quintron said.
For the curious who want to experience it for themselves —and who wouldn’t, really?—outputs from the Weather Warlock are streamed live, 24 hours a day on Weather for the Blind. Special audio events take place at dusk and dawn. The project’s name refers to circadian rhythm disorders often experienced by blind people brought about by being isolated from environmental time cues, such as sunrise and sunset. Of the 100,000 people in the United States who are completely blind, about 70 percent are unable to perceive enough light to establish a normal night sleep patterns.
The Weather Warlock is the latest addition to Quintron’s cache of self-made electronic instruments. Among them are the Spit Machine, a hand organ that uses saliva as a tuning conduit, and the Drum Buddy, a light-oscillated drum machine.
Quintron had been tinkering with the concept of a weather-controlled machine for years, but he began focusing on the project in 2011, when a health crisis forced him to spend time at home, instead of touring. The project began when he mounted the first set of sensors to the roof of his home and built the first prototype of the base station on the front porch. The earliest incarnation, he says, “literally sounded like the voices of hell.”
“It was just white noise with these kind of burbling scary backwards voice noises going on,” he said. “Then about two or three months into it I stumbled on the idea that this thing had to be pleasant to listen to because I was wanting it to be on all the time.”
Once he settled on turning it to a major E chord, the instrument had a surprisingly meditative effect. “I instantly calmed down and was better able to focus on the building when I had these nice sounds going, too,” he said.
But working out its kinks was more than an exercise in tuning. It turns out all weather is not the same when it comes to the analog approximation of its sound. Translating rain at its various levels of intensity, Quintron says, was especially challenging.
“The obvious idea would be to just build some weather-proof contact microphones and pick up the actual rain as it hits a sheet of metal or something,” he said. But the result, he said, “sounded like an angle grinder, not the pitter-patter of God's springtime water can.”
Instead of capturing the sounds of rain via microphone, Quintron build electronic audio circuits to approximate those sounds. The circuits are based on those sounds you might hear on old organ drum—electronic bongos, for example, come to mind. He then used the semi-conductivity of rain to turn LED lights on and off. Light sensors, triggered by the LEDs, kicked in to turn the sounds on and off.
With the third and most recent prototype now finished after completing a residency earlier this year at the Robert Rauschenberg Foundation, Quintron took the synth on the road as part of a touring band—also called the Weather Warlock—with Gary Wrong of Wizzard Sleeve and Aaron Hill of EyeHateGod.
“We took a very heavy guitar-bashing approach. I wanted it to be totally in tune with what the weather was doing but kind of represent the more evil side of Mother Nature,” he said.
Eventually, Quintron hopes to build more base stations around the world so that listeners can experience musical interpretations of a diversity of climates. In the meantime, Quintron is forever tweaking the Weather Warlock.
“I’m messing with it all day long. Tune in anytime and chances are you’ll hear me jamming,” he said.
Rain or shine.
Planet Money Uncovers One Surprising Reason the Internet Is Sexist
We’ve reached peak Gamergate by now: Analysis of the venomous hydra/hashtag fizzes everywhere, from Deadspin to The New Yorker to the front page of the New York Times. I won’t try to unravel the details here, but the movement is largely understood as a defensive lashing out against the growing inclusivity of video game culture. For all its soapboxing about journalistic ethics, it mostly seeks to intimidate women and define games as meaningless, apolitical toys (rather than art with a message that can be espoused or challenged).
I think of the peculiar entitled, rageful sexism that expresses itself in Gamergate as “Cheeto-breath bigotry,” because I can’t help conjuring up some dude on his basement couch in his underwear eating Cheetos when I read about the harassment women like Anita Sarkeesian and Zoe Quinn have faced and continue to face. Cheeto guy wants everything to stay the same, though it is changing. He doesn’t want his pastime to grow up.
But it’s worth asking how we got to that basement in the first place. From World War II through the early ’80s, a lot of the world’s pioneering computer scientists—Grace Hopper, Alice Burks, Margaret Fox—were women. And as an episode of Planet Money pointed out this week, for many years, the number of ladies studying computer science was growing faster than the number of men doing the same. If the beginnings of the Internet and digital culture had female fingerprints all over them, how and why did the Web become a man’s man’s world?
According to the Planet Money hosts, something strange happened in 1984. The percentage of women in computer science, which had been climbing at a comparable rate to the percentages of women in law, medicine, and the physical sciences, suddenly flatlined. And then it fell off a cliff.
Personal computers had begun to appear in American households “in significant numbers.” (Apple unveiled its version in 1977, and the more vastly popular IBM model came out in 1981. Between 1980 and 1985, the number of personal machines in the world leapt from 1 million to more than 30 million.) And the introduction of computers as a consumer good meant that people would have to figure out how to market them.
The strategy that emerged was to sell computers exclusively to men. Early devices were good for word processing and a few elementary programs like Space Invaders, Pong, and Zork. The violent, adventure-story themes of the primordial video game led advertisers to craft a narrative in which digital culture existed for the fellows—specifically, for smart, high-strung fellows called geeks. The novelist Julie Smith described the geek as “a bright young man turned inward, poorly socialized … who thought of that secret, dreamy place his computer took him to as cyberspace—somewhere exciting, a place more real than his own life, a land he could conquer.”
In short, the culture of computers represented a place for disaffected young men to exercise power.
Furthermore, as NPR’s Steve Henn observes, the ’80s saw the release of dork-canon movies like Weird Science, Revenge of the Nerds, and War Games. “The plot summaries are almost interchangeable,” Henn writes. “Awkward geek boy genius uses tech savvy to triumph over adversity and win the girl.” The message sank in: By the ’90s, studies showed that parents were far more likely to purchase computers for their sons than for their daughters. The few female students who did pursue coding classes in college reported feeling isolated, unsupported, unprepared.
And so on—you can see where this is going. Over time, thanks to a bunch of gendered advertisements, the “boys-only” narrative consolidated its grip on the popular imagination. Now it’s planted itself in the basement, and it’s fighting for its life.
Canadian Town Cancels Outdoor Halloween Because Polar Bears
The children of one small town in northern Canada are on the front lines of climate change. In Arviat (map), a hamlet of 2,300 people in the Canadian territory of Nunavut, that means no outdoor trick-or-treating this year for the first time.
Instead of going door to door, kids in Arviat will instead spend their holiday inside the town’s community hall, which will feature a haunted house, face painting, and plenty of candy.
Over the last several years, shore ice has diminished along the western edge of Hudson Bay, forcing the annual polar bear migration closer and closer to town. Bears prefer to be as far out on the ice as possible, to get closer to seals and fish. Less ice means there’s nowhere for the bears to go but straight through town, in many cases. Hudson Bay has warmed by about 3 degrees Celsius—more than three times the global rate—since the 1990s.
That means bear-human run-ins have become increasingly common. Arviat is now a town under siege by polar bears. According to an interview with Leo Ikakhik, Arviat’s polar bear monitor, no one has ever been injured by a polar bear there, although one attacked a sled dog last September. Still, a deadly encounter is a very real possibility: "[U]nfortunately, polar bear-human conflicts are very likely going to increase in many parts of the circumpolar Arctic as climate warming progresses," an expert told BBC Nature in 2011. During peak bear season—October—Ikakhik spots as many as seven or eight bears a day, which is worrisome. The World Wildlife Fund helped support the town’s construction of electric fences around its perimeter and hired Ikakhik, actions that have brought down the rate of self-defense bear kills by freaked-out townspeople.
"Picture 1,200 kids going door to door in Arviat in the middle of polar bear season," Steve England, the town’s senior administrative officer, told the CBC. "It's a pretty obvious conclusion of what tragedies could come out of that."
Towns are few and far between in far northern Canada, but the mayor of Churchill, Manitoba—which is about 150 miles south of Arviat and calls itself the “polar bear capital of the world”—has some advice to kids preparing for indoor trick-or-treating: Don’t dress up as a seal.
Will Amazon Lead Us to the Golden Age of Books? A Future Tense Event.
We've been saying that Amazon has revolutionized books ever since the company first enabled us to order a book late at night in our PJs ... and at a discount. But Amazon’s impact is increasingly being felt not only by readers, but by authors, publishers, and editors as well. Once merely an online book retailer, Amazon is arguably becoming the most influential arbiter of publishable content, and a threat to the traditional author-publisher-reader intermediation. There is no disputing that Amazon will play an outsize role in shaping the future of books, but only time will tell whether its endgame is a desirable destination for book culture.
On Wednesday, Oct. 29, Future Tense and New America NYC will host a group of diverse stakeholders—an author, publisher, bookstore owner, and technology journalist—for a conversation about the future of books. The event will be held at New America NYC, at 199 Lafayette St., Suite 3B, and will begin at 6:30 p.m. For more information and to RSVP, visit the New America website.
Author, the WOOL series
Host and managing editor, New Tech City, WNYC
Executive editor and associate publisher, Regan Arts
Owner, McNally Jackson Books
The Earth Just Had Its Warmest “Year” on Record
A few days ago, I told you that—according to NASA data—we just finished the warmest six-month streak on record. Welp, it just got worse.
According to data released Monday by the National Oceanic and Atmospheric Administration, last month was the warmest September on record globally. What’s more—and here’s the kicker—the NOAA says the Earth has just completed its warmest 12-month period on record. From the NOAA:
The past 12 months—October 2013–September 2014—was the warmest 12-month period among all months since records began in 1880, at 0.69°C (1.24°F) above the 20th century average. This breaks the previous record of +0.68°C (+1.22°F) set for the periods September 1998–August 1998, August 2009–July 2010; and September 2013–August 2014.
Though this record-setting “year” is likely to go unheralded compared with a calendar year record, it’s actually more impressive statistically. (Each calendar year contains a dozen 12-month-period starting points. Starting the year in January is completely arbitrary.) But, don’t fret, the NOAA says we’re still on pace to beat the calendar year record in 2014, too.
On Monday, the NOAA also announced that global oceans are again record-warm—the third time this year that ocean temperatures have soared to new heights. The most recent record was set just last month. Ocean warming has implications for the health of coral reefs, sea level rise, and weather patterns worldwide.
What’s most shocking about our planet’s current warm stretch is that the heat records are being broken without an El Niño—the periodic oscillation that warms the Pacific Ocean. But, one of those is on the way, too—and it might stick around for a while.
So far in 2014, record-setting hot spots have been scattered almost uniformly across the globe, from Alaska to California to Cuba to Scandinavia to Brazil to Australia. A couple of exceptions: The eastern United States has been one of the coldest spots on the planet, relatively speaking. So has coastal Antarctica, where record amounts of sea ice have been recorded—strangely, also possibly connected to global warming.
Librarians Are Dedicated to User Privacy. The Tech They Have to Use Is Not.
Adobe has made it extremely easy for unwanted eyes to read over the shoulders of library patrons. Last week reports surfaced about how Adobe’s Digital Editions e-book software collects and transmits information about readers in plain text. That insecure transmission allows the government, corporations, or potential hackers to intercept information about patron reading habits, including book title, author, publisher, subject, description, and every page read.
But the Adobe scandal is just the tip of the iceberg. Libraries sign contracts with technology companies to bring services to patrons all the time, and those contracts are not always favorable to library patrons. Whether it's an agreement with an ISP to provide the library with Internet access, the publisher of a database of scholarly articles and primary source documents, or a children's educational game vendor, these contracts are both commonplace and a relatively new development.
But problems arise when those contracts allow vendors to collect large amounts of user information, especially where, as we saw last week, companies don’t always handle that information responsibly.