Internet-Connected Toys Are Getting Hacked, and It’s As Creepy As We Feared It Would Be
In November 2014, British toymaker Vivid Toys debuted an Internet-connected doll, My Friend Cayla, that used speech recognition and artificial intelligence techniques to have conversations with kids. By February, researchers had hacked the doll to spew curse words. Now other Internet of Things toys are encountering similar problems.
On Wednesday, NBC Chicago reported that security researcher Matt Jakubowski had hacked Mattel's Hello Barbie, potentially exposing users' account information, home Wi-Fi networks, and MP3 files recorded by the dolls. Hello Barbie is a version of the classic toy that converses with kids, remembers things they say, and recalls details later. “I was able to get some data out of it that I probably shouldn’t have,” Jakubowski told NBC Chicago. “You can take that information and find someone’s house or business.”
When Mattel announced Hello Barbie in February, privacy advocates were concerned. The doll is always "listening," meaning that it sends audio files to a cloud server for processing and storage. In March, Angela Campbell, faculty adviser at Georgetown University's Center on Privacy and Technology, told the Washington Post, "If I had a young child, I would be very concerned that my child's intimate conversations with her doll were being recorded and analyzed." The Campaign for a Commercial-Free Childhood started a petition against the toy. And Network World published a story with the headline, "How long will it take for Internet of Things Hello Barbie to be hacked?" Well, now we have our answer.
Jakubowski hasn't published the details of his hack yet, and he noted in a tweet that the companies involved in Hello Barbie "really are doing a lot of stuff right." Oren Jacob, the CEO of ToyTalk, which provides cloud computing for Hello Barbie, said in a statement:
An enthusiastic researcher has reported finding some device data and called that a hack. While the path that researcher used to find that data is not obvious and not user-friendly, it[’s] important to note that all that information was already directly available to Hello Barbie customers through the Hello Barbie Companion App. No user data, no Barbie content, and no major security nor privacy protections has been compromised to our knowledge.
It's fair enough to point out that not everything that is colloquially called a hack is actually an exploitation of a previously unknown vulnerability, but if Jakubowski is accessing data that typical customers would assume is secure, that sounds like a problem.
Meanwhile, Motherboard reported on Friday that cordless phone and electronic toy manufacturer VTech suffered a data breach in early November that exposed personal information from almost 5 million adult customers and 200,000 children, including names, birthdays, and genders. "What’s worse, it’s possible to link the children to their parents, exposing the kids’ full identities and where they live, according to an expert who reviewed the breach for Motherboard," Lorenzo Franceschi-Bicchierai wrote. He added on Monday that the breach seems to include photos of children and family chat logs.
As everything from toys to educational tools come online, more and more data breaches will affect kids. Adults have to make their own choices about whether to trust tech companies with their data, but kids trust adults implicitly to make good cybersecurity decisions for them.
Bill Gates Is Finally Tackling Climate Change. That’s Good News for the Climate.
Getting countries to agree to legally binding emissions cuts is famously difficult. Getting them to invest in technologies that could lead to emissions cuts, it seems, is a little easier—especially when tech titans are lining up to join them.
President Obama, French President François Hollande, and Microsoft founder Bill Gates kicked off this week’s Paris climate talks with a pair of announcements that should fuel an unprecedented boom in clean energy investment over the next five years.
The first, called Mission Innovation, is a pact among 20 governments, including the United States, to double their spending on research and development of clean energy technologies by 2020. That figures to amount to an extra $20 billion for the kind of basic scientific research that could lead to new ways to collect and store renewable energy, including solar and wind power. The United States alone will ramp up its annual spending from $5 billion to $10 billion. Also on board are China, India, Brazil, Indonesia, and Saudi Arabia, among others—countries that have historically come into the climate talks with a very different agenda than their wealthier counterparts.
At the same time, Gates is spearheading something called the Breakthrough Energy Coalition, a group of 28 private investors who will commit various amounts of their respective fortunes to clean energy ventures, provided the governments follow through on their promises. Gates is personally pledging to invest $1 billion, while others have not yet announced the size of their contributions. Among the tech magnates participating are Facebook’s Mark Zuckerberg, Amazon’s Jeff Bezos, Virgin’s Richard Branson, Alibaba’s Jack Ma, Hewlett-Packard Enterprise’s Meg Whitman, LinkedIn’s Reid Hoffman, and SalesForce’s Marc Benioff. More are expected to sign on in the days to come.
Gates’ leadership here is significant. He and his wife, Melinda Gates, have built the world’s largest private foundation, and they’ve dedicated their efforts in developing countries to fighting poverty and disease. Perhaps belatedly, Gates appears to be recognizing that climate change could undo all of that good work.
The good news is that once Gates tackles a problem in earnest, he doesn’t just throw money at it. He uses money as a lever to bring about broader changes. That appears to be the case here, too. An Obama adviser told Mashable’s Andrew Freedman that Gates was the “intellectual architect” of the private-sector effort on clean energy. On Monday, he explained his thinking in a paper called “Energy Innovation: Why We Need It and How to Get It” (PDF).
Gates places his clean energy goals in the context of the broader fight against global poverty. The world will need more energy than ever in the coming decades, he argues, as the poor aspire to a higher standard of living. But unless that energy gets cleaner, cheaper, and more efficient, the pollution it produces will change the climate irreparably. And poor countries will be among the first to bear the costs.
Gates’ charitable efforts in some fields, including U.S. education, have been criticized by some as naïve and misguided. (Zuckerberg, too, has misfired on education funding.) But his technocratic approach could be a breath of fresh air in the climate battle, which is too often viewed as a zero-sum conflict: between energy producers and environmentalists, government regulators and private industry, rich countries and poor countries.
Clean energy investment, Gates rightly points out, is not zero-sum. For instance, the U.S. Department of Energy spent $17.5 billion on research between 1978 and 2000, and realized $41 billion in benefits. Yet Gates argues convincingly that both the government and the private sector have been underinvesting in energy research, because innovations in the energy sector take a long time to pay off. U.S. tech and pharmaceutical companies invest 15 to 20 percent of their revenues on R&D, Gates’ paper reports. For energy companies, that figure is a paltry 0.4 percent. Likewise, a smaller share of government spending on energy goes to R&D than does government spending on the military or health care.
The types of technologies Gates has in mind are not your everyday photovoltaic solar panels or wind turbines. Rather, he’s looking at cutting-edge ideas such as solar paint and flow batteries. They might be years or even decades off, and maybe they’ll never work. But if they do, the payoff could be great.
This is not the first time a bunch of tech tycoons have gotten excited about renewable energy. With help from government subsidies, Silicon Valley fueled a cleantech boom between about 2007 and 2012, which led to a few big hits—think Tesla and SolarCity—but a lot of high-profile busts (like Solyndra). Two of the investors in Gates’ coalition, John Doerr and Vinod Khosla, were among the principal figures in that first boom and bust. The lesson they took away is not that clean tech is a waste of money. The lesson is that it’s foolish to expect the sort of instant mega-returns on capital that Silicon Valley investors can get from, say, social-media startups.
This time around, the tech investors’ motivations are more explicitly altruistic. “Our primary goal with the Coalition is as much to accelerate progress on clean energy as it is to make a profit,” Gates writes. The idea is to take a longer view, helping new ideas to bridge the “valley of death” between the lab and commercial viability. That seems like a wiser approach than pumping dubious startups full of cash and then expecting them to show Y Combinator–style growth within a few years.
As encouraging as the new initiatives are, $20-plus billion really does feel more like a “first step” than a grand solution to the problem of clean energy funding. Fortunately, Gates has a track record of following up and building on his charitable efforts over time. Let’s hope his Silicon Valley friends follow suit after the excitement of the Paris announcement has passed.
These Helpful, Adorable Robots Make Sure Your Online Purchases Reach Your Doorstep
Last December, Amazon gave the public a rare look into the cutting-edge tech that helps it handle the constant deluge of online orders: its robots. The world’s largest online retailer has said it has tens of thousands of warehouse bots working across 10 of its U.S. warehouses or fulfillment centers. While the company is relying on more than 100,000 temp workers this holiday season to supplement its already massive warehouse workforce, the advantages of offloading more of that work onto machines are easy to see. Robots don’t slow. They don’t tire. They don’t get injured or distracted or sick. They don’t require paychecks or try to unionize.
Amazon’s robots were invented by a company called Kiva Systems, which Amazon acquired for $775 million back in 2012. With Kiva locked down, a new player wants to give smaller online retail rivals just a bit of that robotic advantage. Locus Robotics is an offshoot of Massachusetts-based Quiet Logistics, a third-party order fulfillment company that gets merchandise out the door for big apparel retailers like Zara, Gilt Groupe, and Bonobos. And the idea behind its bots isn’t just to replace humans, but to create a system where everyone can work together more efficiently.
What most people don’t realize in the age of push-button shopping is the “shopping” part doesn’t disappear. You the consumer are no longer at the store doing the physical work of tracking down the thing you want. But somebody still has to do it. For e-commerce, that task typically falls to a worker at a distribution center who must locate the product, make sure it’s not damaged, and send it off to be packed and shipped. This can be grueling, tedious work. More than anything else, it’s about walking. Lots of walking. Locus aims to have its bots do the walking instead.
Or, well, rolling. Locus’ bots look something like an old-school overhead projector with wheels. While Amazon’s Kiva bots have a mechanism that allows them to physically hoist specially designed shelves and bring them to human workers, Locus’ carry bins on trays while they travel the lengths of standard-issue shelving. The idea is to cut out the worst parts of the job to let humans focus on the parts of the job that robots still can’t do, like selecting the individual items and checking them for any defects.
“Work in warehouses is not always pleasant to begin with, but then you add unproductive travel time, and it works against you,” says Al Dekin, a vice president at Locus, who estimates that warehouse workers walk 10 to 15 miles a day.
Despite its cute bots, however, Locus thinks of itself more as a software company than a hardware company, Dekin says. The logistics of moving merchandise from place to place in a warehouse is analogous to moving people from place to place in a city, he says: If a subway system is like a conveyor belt in a warehouse, then robots are like cars directed by a platform like Uber, sent from place to place based on availability and demand.
Locus has started with 10 robots roaming the Quiet Logistics warehouse, which covers some 500,000 square feet, to support the logistics operations of companies already working with the e-commerce company. In the coming weeks, perhaps just in time for the holidays, it plans to roll out more.
In the new year, Locus hopes to expand to work with other companies, and the demand is likely there. Yes, Amazon dominates online retail. But e-commerce overall still has so much room to grow. E-commerce sales have grown in the double digits for years according to research firm eMarketer—in 2015 alone, it’s projected to rise 13.9 percent. Yet e-commerce still accounts for just 9 percent of total U.S. retail sales. It’s hard to imagine that figure won’t increase substantially as shopping habits continue to change.
So while Amazon might be the giant that no one else can hope to catch at the moment, smaller players do have a chance to carve out space for themselves while the sector is still growing. One challenge to creating the kind of scale and efficiency that Amazon already enjoys is finding enough people to do the raw physical work that makes e-commerce possible. With machines to take up some of that load, would-be rivals have at least a modest chance of getting a leg—er, a wheel—up on Amazon.
Also in Wired:
Why Are World Leaders Calling Paris a “First Step” After 21 Years of Climate Negotiations?
The Paris climate summit officially got underway Monday with a gathering of about 150 world leaders—perhaps the largest meeting of heads of state in history outside the U.N. headquarters.
After a photo op to mark the occasion, the first day was largely devoted to a series of speeches from leaders pleading with other leaders to take action. With so many heads of state gathered in one small space, it made for some tense moments in the hallways, and leaders frequently ran well past their allotted three minutes—President Obama’s speech, for example, clocked in at 13 minutes and 55 seconds.
Many of the kickoff speeches hit on a refrain that became depressingly common during the monthslong runup to the Paris climate meetings. For instance, Chinese President Xi Jinping said, “The Paris conference is not the finish line but a new starting point." The New York Times even used the sentiment as its headline on Monday: “Paris Deal Would Herald an Important First Step on Climate Change.”
To be absolutely clear, Paris is no first step. This is the 21st year of global climate negotiations—that’s why it’s called COP21—and that long journey has been marred by agonizingly slow progress until just recently. Keep this basic fact in mind over the next several days when you hear anyone claim “success” is imminent.
A better way to frame the talks is as a long-overdue potential “turning point,” like Obama did during his address to the delegates on Monday.
“There is such a thing as being too late,” said Obama, quoting Martin Luther King Jr. “That hour is almost upon us.”
Obama got one particular part exactly right: None of the leaders assembled in Paris will likely ever live to see a world in which global temperature has stabilized. That’s because basic physics is at odds with basic political calculus in modern democracies—there’s an inherent lag in the planet’s climate system that locks in the effect of current emissions for decades. If you’re worried about short-term economic growth, climate change just doesn’t seem like a priority, even if it is an existential risk. Hence, 21 years of climate talks without even leaving the starting gate.
Obama summed this challenge up nicely and framed it as a call to action:
My fellow leaders, accepting this challenge will not reward us with moments of victory that are clear or quick. … That’s what’s always made this so hard. Our generation may not even live to see the full realization of what we do here, but the knowledge that the next generation will be better off for what we do here, can we imagine a more worthy reward than that?
The leaders and their delegations will spend the better part of the next two weeks wading through a sea of jargon in an effort to hammer out the most ambitious international agreement ever attempted. A fresh analysis released Monday by policy analysts at Climate Interactive, shows that the global economy would likely avoid climate disaster if the delegates embrace a so-called “ratchet mechanism” that would commit countries to a series of ever-tightening five-year carbon-cutting targets. Still, such an agreement wouldn’t be legally binding and would leave ultra-important issues—like the fate of the oceans—to follow-on agreements. If we let history be our guide, a more likely scenario is that the delegates in Paris will kick the can down the road yet again.
For residents of vulnerable countries and the activists that speak on their behalf, that’s just not good enough.
Over the weekend, activists in thousands of cities around the world joined together to show their support for ambitious action on climate change. A Reuters report called the global network of marches and demonstrations "perhaps the biggest day of climate action in history."
In Paris, one major protest turned violent on Sunday as anarchists infiltrated a peaceful "human chain" that drew an estimated 10,000 participants in defiance of an emergency ban on large outdoor gatherings that was instituted after the terrorist attacks there earlier this month. More than 200 people were detained, and police used tear gas to clear the area. Prior to the clash, French officials had used emergency powers to place at least two dozen climate activists under house arrest out of concern they may incite violent protests.
In a statement to Slate, activist Naomi Klein, a key force behind the burst of activism, applauded the fact that so many turned out in Paris despite the official government ban:
What I saw [Sunday] was Parisians ready to take back their city from fear. In multiple ways, people defied attempts to sweep away dissent and insisted on their right to protest, assemble and disagree passionately with their governments. Even if one does not agree with every action that took place, this general atmosphere of defiance is something to celebrate. After all, government response to the climate crisis is wholly inadequate and puts us all in great danger. Obedience in the face of this failure would be tantamount to acquiescence.
The largest gatherings this weekend were in London and Melbourne, Australia, which each drew around 50,000 participants. In Sydney, protesters held placards saying "There is no Planet B." Globally, more than 700,000 people participated around the world—including one demonstration in Sanaa, Yemen, despite bombs falling nearby.
Even if You Cancel a Stolen AmEx, Hackers Can Glean Your Next Credit Card Number
When Samy Kamkar lost his American Express card last August and received its replacement in the mail, something about the final digits on the new card set off an alert in the hacker lobe of his brain. He compared the numbers with those of his previous three American Express cards—as a universally curious security researcher and serial troublemaker, he’d naturally recorded them all—and a pattern emerged.
So Kamkar sent out a message to his friends on Facebook, asking them to send him the final digits of all of their current and most recently canceled AmEx cards. Ten friends responded, and the same disturbing pattern applied to every number he checked: With any given card, Kamkar found he could apply his trick and predict the full number of the next card they’d received.
Kamkar immediately saw the potential for a nasty fraud technique: Any hacker who’d compromised a card number could predict the card’s replacement as soon as it was reported stolen—and then, using the date of the previous card’s cancellation, figure out the replacement’s expiration date too. “The day that card is canceled, as soon it gets rejected, two seconds later I know what your new number and expiration date will be,” Kamkar says. “If I were doing fraud, that would be pretty useful.” The trick could be applied again and again, stealing new card numbers as fast as American Express could generate them.
The trick could be applied again and again, stealing new card numbers as fast as American Express could generate them.
Three months later, Kamkar has built a device for just $10 that’s designed to prove the danger of that number-predicting vulnerability and to convince American Express to fix it. His watch-sized gadget, which he calls MagSpoof, can store more than a hundred credit card numbers and emit an electromagnetic field that’s strong enough to hit a credit card reader’s sensor from close proximity, sending a signal that imitates a credit card being swiped. Kamkar’s device also includes a button that implements his prediction algorithm; if a criminal using MagSpoof were to find that a credit card he or she tried to spoof had been canceled, the device could immediately generate the victim’s next card number. A week or so later, when the fraudster could be fairly sure a new card had been freshly activated, he or she could steal it again. “As soon as the card gets declined, you press a button and it switches to the next number,” Kamkar says. “It sucks for [Amex users], because they could have their new credit card stolen almost instantly.”
Kamkar admits that his attack can’t, however, access the victim’s four-digit CVV from the back of the card, which reduces the number of businesses where it can be used. And the MagSpoof hardware doesn’t look like a credit card, so a thief couldn’t convincingly hand it to a cashier or waiter. But Kamkar points out (and demonstrates in the video below) that he can use a digital credit card device like Coin to store the numbers that his device creates, a technique that would make his number-prediction trick much less suspect. “If you don’t want to hand someone this thing, you can just hand them a Coin instead,” he says.
Coin responded to Kamkar’s video by arguing its devices can’t easily be used for fraud. “We require several security steps before a credit card can be used with a Coin payment device,” Coin spokesperson Kayla Abbassi wrote to Wired in a statement. “These steps allow us to verify identity, as well as the validity and ownership of each card, based on information such as the last four digits of the cardholder’s social security number and billing zip code.” Kamkar admits that he’s only loaded predicted numbers for his own cards onto a Coin device and hasn’t tried anyone else’s. But he suggests that Coin’s security measures can be defeated, and points to an upcoming talk describing how to circumvent them scheduled for later this month at the Kiwicon security conference in New Zealand.
As for American Express’ more fundamental problem that its card numbers can be predicted, Kamkar says he contacted the company several times and finally had an hourlong discussion with an engineer who assured him the predictable card numbers weren’t a serious security risk—at least not one that it planned to fix. An American Express representative followed up with Wired to point out that AmEx users would still be protected from Kamkar’s card prediction trick by its extra protections like an extra security code embedded in its magstripe data and the chip-and-PIN technology rolling out across the United States now, which requires a chip in the card to be read to make a purchase.
“Simply knowing a card number wouldn’t allow a fraudster to complete a purchase face to face because a card product would need to dipped at many of the stores with EMV chip portals or swiped. In addition, the security code embedded in the card product would need to be verified. For both EMV chip and magnetic stripe cards, the security code changes with the card number and is impossible to predict,” writes AmEx spokesperson Ashley Tufts. She also noted that the company uses other security measures that it declined to detail.
Kamkar confirms that AmEx’s extra security magstripe code does seem to block his prediction attack in some cases. He’s still not sure exactly at which points of sale the trick works. But he’s found, for instance, that he was able to use predicted card numbers at two different restaurants—one fast-food joint and one high-end place where he spent more than $100—without a problem. He demonstrates a successful MagSpoof transaction at the fast-food venue in the video above. (He only tested the technique with his own cards, of course.)
Even chip-and-PIN protections on a victim’s card may not work to protect against his MagSpoof attack, Kamkar argues. The presence or absence of that extra chip in the card as a safeguard is noted in the card’s communications with the reader, he says. By spoofing a “no-chip” signal to the point of sale terminal, Kamkar says he can trick the reader into accepting a stolen chip-and-PIN card number as if it were chipless.
Kamkar says he built his MagSpoof prototype out of little more than a programmable Atmel ATtiny microcontroller, a battery, an LED, a capacitor, a resistor, and some copper wire. In fact, the setup is simple enough that he’s not planning to release its prediction algorithm—or even any hints of how the prediction works, for fear that it might fuel real fraud. But he argues that despite his discretion, American Express nonetheless needs to fix the problem before other hackers exploit the technique—or to limit the damage from those who already have. “It’s not like I cracked some crazy pseudorandom number generator. This is really obvious,” Kamkar says of his card number prediction technique. “I’ve never heard of anyone finding this, but I’d be surprised if someone hadn’t figured it out.”
Also in Wired:
Your Jargon-Busting Guide to the Paris Climate Change Talks
On Monday, more than 140 world leaders will gather in Paris to kick off tense two-week treaty negotiations over the fate of a planet in crisis. If this were about any topic other than climate change, it might even make the news.
Granted, there’s been a lot of other news out of France recently—a major climate-themed march in Paris will be canceled for security concerns. And there is going to be a lot of coverage of the Paris climate talks. But it will be nothing compared to the attention that would be paid to a last-ditch meeting to avoid a nuclear standoff—even though climate change is no less dangerous. As Climate Home previews, “a treaty at this scale has never been accomplished before, and the one under construction will affect the way the entire global economy operates.”
Maybe climate change tends to take a back seat because the talks themselves are a jargon-filled monstrosity of diplomatic protocol, which means no one—not even the diplomats themselves!—understands what’s happening half of the time.
"The most experienced lawyer on the Earth will not be able to understand this text" says Oleg Shamanov, Russia envoy #ADP2— Edward King (@edking_CH) October 23, 2015
Here we are, closing out what’s quite possibly the warmest year since the invention of agriculture 10,000 years ago, with our atmosphere’s carbon dioxide at record levels and emissions still rising. But, alas, the most interesting drama and diplomatic wrangling are buried in a sea of legalese and acronyms.
Case in point: Peru’s environment minister, Manuel Pulgar Vidal—a key figure in recent years at international climate negotiations—recently tweeted a link to a document designed to provide a more-or-less official guide to the Paris talks. It’s titled: “Scenario note on the twelfth part of the second session of the Ad Hoc Working Group on the Durban Platform for Enhanced Action.” Not exactly helpful or soul-stirring.
So, here is my attempt to translate diplomat-speak to commoner language, focusing on why everyone’s in Paris, what the major sticking points are, and what it all means:
“Ad Hoc Working Group on the Durban Platform,” often abbreviated ADP2, especially for hashtagging purposes, is the official title of the international climate talks. Over the last four years or so, representatives from nearly every nation on Earth have gathered about once every three months, primarily in Bonn, Germany. At these preliminary talks, ADP2 laid the framework for a draft agreement—an unwieldy 54-page document. It’s called the “Durban Platform” because back in 2011 in Durban, South Africa, world leaders agreed that the first global climate treaty would be agreed upon in 2015—which brings us to today, in Paris. This mega-gathering is officially the 21st Conference of the Parties to the Kyoto Protocol, or #COP21 for short.
The text of the Durban Platform contains 1,300 square brackets that provide different options for wording. For example, here’s what the section on the global temperature target currently looks like:
In Paris, it will be the delegates’ job to eliminate the square brackets in the text.
Among the major sticking points:
How much and how fast should countries reduce their emissions?: The world’s first climate treaty, the United Nations Framework Convention on Climate Change, was signed by 165 countries in 1992. Enshrined the UNFCCC, is the idea of “common but differentiated responsibility” that although all countries should reduce their emissions, developed countries with historically high emissions—like the United States, Japan, and Germany—should make steeper cuts. Negotiations leading up to Paris produced a series of voluntary pledges, or Intended Nationally Determined Contributions (INDCs) designed to allow countries to set their own plans, and then be shamed by the international community into ramping them up. It’s worked, sort of, but since the INDCs alone are not enough, a major topic at Paris will be coming up with a method to keep increasing the rate at which countries cut emissions.
Finance: One way to encourage climate-friendly development that is for rich countries to give poor countries lots of money. Developed countries have already committed to contributions of $100 billion per year by 2020, but there’s still no clear idea on where that kind of money would come from. Many poor countries, to their credit, have hard-coded their finance requirements into their INDC pledges, noting they’d be able to transition to renewable energy much more quickly with help from the international community.
Loss and damage: Even with rapid emissions reductions, there’s still a lot of warming in the pipeline thanks to thermal inertia in the ocean and the inherent lag in the global climate system. Basically, if we stopped all emissions now, the amount of CO2 in the atmosphere would quickly stabilize and then slowly decline—but elevated levels would remain for centuries, barring the widespread adoption of some sort of carbon-sucking geoengineering. That means that climate-linked disasters will continue to escalate over the coming decades, and like most disasters, they’ll hit poor and vulnerable countries the hardest. Understandably, these poor and vulnerable countries want a mechanism in place to appeal for aid and help in adapting to future weather extremes.
Ratchet mechanism: Since the Paris talks on their own won’t fix climate change, a key negotiating point will be how often countries should announce bolder targets. Rich countries are generally advocating a ramp-up in targets once per decade, while poor countries say new targets should be agreed upon once every five years.
Since the U.N. climate talks operate by consensus, the strategy this time around, to avoid the failures of Kyoto and Copenhagen, is to make everything voluntary. Still, the European Union—especially host country France—wants the Paris deal to be legally binding. That would mean it would need to be approved by the Republican-controlled U.S. Congress, which is about as likely as a snowball’s chance in the Oklahoma summer. So, the U.S. is forcefully opposing strict legal language in Paris.
Some other key players to watch:
The G77 + China, which now contains 134 members (with China playing an increasingly minor role) is a major force for the interests of developing countries. China and India increasingly operate like heavyweight developed countries; they act as a sort of intermediary between the EU/U.S. and the truly threatened countries like Bangladesh, Burkina Faso, and the Maldives. Among the groups advocating for the strongest possible climate deal are the Alliance of Small Island States (AOSIS), the Vulnerable Countries Forum (V20), and the Least Developed Countries (LDC). Major fossil fuel producing countries like Russia, Venezuela, and Saudi Arabia will advocate for the weakest deal possible.
If you’d like to follow along with the negotiations on Twitter, I’ve put together a list that includes the best climate journalists, activists, and diplomats from the talks.
No matter what’s decided in Paris, it won’t immediately be enough to bend global emissions to a level consistent with the internationally agreed-upon goal of limiting warming to 2 degrees Celsius above pre-industrial levels. But it probably will be enough to avoid the worst-case scenario. In the cards is a deal that will explicitly, for the first time, advocate for the eventual phase-out of fossil fuel use altogether—something that, absurdly, has never been enshrined in formal language at this high of a level. And that, if done in the next three decades or so, would be worth celebrating.
Future Tense Newsletter: Giving Thanks for Cybersecurity
Happy Thanksgiving! Will you be heading out to some of America’s dying department stores for our annual ritual of post-consumption commercial gluttony this Friday? If so, look out for the Salvation Army’s new digital red kettles. And keep in mind that some stores are now using face recognition technology to monitor shoplifters (and the rest of us). Let’s just hope they don’t expect crime fighting algorithms to save their floundering business models.
There are, of course, plenty of options for those who’d like to shop from home, like this new company that makes shirts for shorter guys. But if you’re doing your gift-buying online, consider activating two-factor authentication on your Amazon account, especially in light of the company’s recent admission that some user passwords were improperly stored.
Are you hoping to get a drone this holiday season (or planning to buy yourself one on the sly)? You may have to register it with the FAA before you send it aloft, but the process should be surprisingly simple. What’s more, that registration will probably be exempt from Freedom of Information Act requests, a detail that has Slate’s Justin Peters up in arms. For now, at least, all you need to know is that third-party drone registration services are a waste of time and money
Here are some of the week’s other stories that had us wishing we’d learned to code in the classroom:
- International education: Online exchange programs are letting kids from all over the world reach out to one another. But can they really transform the ways students interact?
- Data breaches: Think your Thanksgiving conversations are going to be awkward? Cybersecurity expert Josephine Wolff has to tell her relatives—whom she had to list on government forms while getting a security clearance—that their information was compromised in the OPM data breach.
- Energy independence: Though its identity has long been entangled with oil, California is finally breaking free from its reliance on refineries.
- Online relationships: Facebook is making it easier to deal with breakups. And Lily Hay Newman has a poignant story about why that change was so necessary.
- Join Future Tense in Washington, D.C., for a screening of October Sky hosted by Dr. France Córdova, director of the National Science Foundation, at 6:30 p.m. on Dec. 2. To attend, please RSVP to firstname.lastname@example.org with your name, email address, and any affiliation you’d like to share.
- Join Future Tense in New York on Dec. 3 at 6:30 p.m. for “Afrofuturism: Imagining the Future of Black Identity.” Click here to RSVP.
- Algorithms are learning more and more about us while we seem to understand them less and less. Join Future Tense for lunch in Washington, D.C., on Thursday, Dec. 10, 2015, for a discussion of this emerging topic. Visit the New America website to learn more and RSVP.
for Future Tense
Support Slate’s journalism! When you join Slate Plus, your membership helps underwrite our most ambitious projects—you’ll also get a suite of benefits, including exclusive interviews with Slate editors and writers, early access to the Slate stories everyone will be talking about, extra podcast segments, and reduced advertising.
Start your free trial today at slate.com/plus.
Palestinians Finally Get Mobile Broadband
In 2014, Tim Berners-Lee, known best for creating the World Wide Web, proposed that the Internet is a human right. While not everyone agrees, it’s hard to deny that it plays an increasingly central role in almost all of our lives. Ensuring equal access can be an important step toward guaranteeing economic, social, and political equality. That’s all the more reason to celebrate the arrival of 3G wireless networks to Palestinians, who live, as the AP explains, in “one of the last places in the world without mobile broadband services.”
The AP’s Mohammed Daraghmeh and Daniella Cheslow report, “Under interim peace accords, Israel controls Palestinian wireless networks in the West Bank.” As Al Jazeera’s Samuel Nelson Gilbert wrote in 2013, the Oslo accords—signed in the mid-’90s—also “cover Palestinians' right to faster communications.” Nevertheless, for years, Israeli authorities have limited the region to 2G connectivity, making it difficult for residents to utilize GPS services and other applications that require rapid data transfer. According to a 2012 World Bank report, this has restrained Palestinians’ economic development.
Daraghmeh and Cheslow write that this development comes after “years of delays.” Notably, it arrives on the heels of Israeli Prime Minister Benjamin Netanyahu’s recent meeting with President Obama. And as the Jerusalem Post adds, it also comes in advance of Secretary of State John Kerry’s visit to Israel. Daraghmeh and Cheslow suggest that this decision derives from an attempt to ease tensions in the region. Nevertheless, as they note in passing, Israel still declines to “extend 3G frequencies to the Gaza Strip, which is controlled by the Islamic militant group Hamas.”
Why did it take the Israeli government so long to make these changes? Where some suggest that it was a product of technical complications, others propose that profit motives drove the delay. According to the AP, one former Palestinian communications minister “believes Israeli carriers were behind the ban, trying to protect their interest in the captive Palestinian market.” Previously, Palestinians who needed faster mobile Internet were obliged to use Israeli carriers, resulting in inconsistent and unreliable coverage.
Whatever the case, a definite date for these changes is not yet clear, but the Jerusalem Post writes that they’re “expected to go into effect in mid- 2016.”
The FAA’s Drone Registry Shouldn’t Be Exempt From FOIA Requests
When its proposed national drone registry comes online, the Federal Aviation Administration will be poised to collect the names and street addresses of recreational drone users across the country. Who will be able to access that data after it is collected? If the FAA’s drone task force has its way, the answer will be not journalists.
In an article Monday, I praised the task force’s recent report on what the impending drone registry should look like and urged the FAA to pay it heed. I’d like to temper my initial enthusiasm just a bit. On Twitter today, journalist Alex Howard pointed out a section of the report that I somehow overlooked during my first read. In it, citing individual privacy concerns, the panel recommended that the FAA issue “an advance statement that the information collected will be considered to be exempt from disclosure under FOIA.” (FOIA is the Freedom of Information Act.)
As a journalist, I blanch whenever I see the phrase exempt from disclosure under FOIA. Maybe I’m old-fashioned, but I think that nonclassified public records ought to be made accessible to the public. Government agencies are allowed to withhold data from FOIA requestors if, among other reasons, the data being requested contains “information that, if disclosed, would invade another individual’s personal privacy.” And, yes, the FAA could make a case that disclosing the names and addresses of drone registrants would constitute a violation of individual privacy.
But the idea of a blanket exemption is nevertheless troublesome. The FOIA.gov website states that “even if an exemption applies, agencies may use their discretion to release information when there is no foreseeable harm in doing so and disclosure is not otherwise prohibited by law.” The task force is basically recommending that the FAA should never use its discretion and should always presume foreseeable harm.
This emphasis on guarding registrants’ data against legitimate FOIA requests seems especially curious because overall the panel had very little to say about securing data. Though the FAA had asked the task force to consider how the registration data should be stored, accessed, and used, these questions went unanswered. The final report said nothing about how—or even if—the registry data would be kept secure, let alone how to shield it from hackers or others who might prefer to access it through illegal means.
In the report, the task force noted that “the timeframe provided for deliberations did not allow for in-depth analysis of all the factors involved in instituting a federal requirement for registering [drones],” and I can only presume that this compressed timeframe is also responsible for some of these omissions. But it’s also worth noting that the panel was comprised almost entirely of trade organization representatives and industry personnel; as I noted in October, no dedicated civil-liberties advocates were appointed to serve. This imbalance was a mistake, and I can only hope that the agency rectifies it by taking civil libertarians’ concerns into consideration before implementing the registry. Far from instilling trust in the FAA’s ability to protect registrants’ personal information, a preemptive strike against FOIA will just end up making people wonder what the FAA has to hide.
This article is part of a Future Tense series on the future of drones and is part of a larger project, supported by a grant from Omidyar Network and Humanity United, that includes a drone primer from New America.
Some Good Advice for the FAA’s Drone Registry Initiative
Earlier this year, Federal Aviation Administration Administrator Michael Huerta woke up in a cold sweat. (Dramatization, may not have happened.) Christmas was coming, and hundreds of thousands of drones would soon be sold to novice pilots. If one of these newcomers were to do something stupid, like fly a drone over an airport or crash it into a sports stadium, the FAA would have no good way of tracing the errant aircraft back to its reckless owner. “We need a national drone registry,” Huerta shrieked, “and we need it by Christmas. Or else our planet is doomed. Doomed!”
With the stakes thus established, Huerta and U.S. Secretary of Transportation Anthony Foxx convened a task force and charged it with considering what, exactly, that registry might entail: the types of drones that would have to register; how the registration process would work; how much, if anything, registration would cost. On Saturday, the panel delivered its final report to Huerta, and its recommendations are good and sensible, meant to encourage compliance by making the registration process simple and free.
According to the panel’s recommendations, drones weighing between 250 grams and 55 pounds would be have to be registered, and their owners would complete this registration process through a website or an app. (The report urged the FAA to “expressly establish a reasonable and proportionate penalty schedule” to punish noncompliance but did not offer any specifics on what those penalties should be.) The task force recommended that the registrant provide her name and address and receive one single registration number that she must then affix to or inscribe on each of her drones. The panel also recommended that before a registrant can complete the registration process, she must affirm that she has received some basic safety information that “could be similar to the existing content in the Know Before You Fly program.” If the task force has its way, registration would not cost drone owners a penny; at most, it would cost $0.001.
According to the report, the panel sought “to provide the FAA with a workable solution that met its safety and policy requirements while not unduly burdening the nascent UAS industry and its enthusiastic owners and users of all ages.” On first read, it looks like the final report met both of these goals. The recommendations are not binding; the FAA will consider the report alongside public comments and other factors before ultimately deciding what the registry will entail. Still, the FAA would do well to pay it heed. The drone registry as outlined by the task force’s report might not save the planet—but it’s a significant step toward making the national airspace slightly less chaotic as we move toward our inevitable drone-dense future.
This article is part of a Future Tense series on the future of drones and is part of a larger project, supported by a grant from Omidyar Network and Humanity United, that includes a drone primer from New America.