Posts tagged with ‘Reporting’
A team of hackers based in south central Russia stole over a billion passwords from sites large and small, The New York Times reported Tuesday.
The breach, conducted by a hacker group called CyberVor and discovered by a computer security firm, is the largest known to date but continues a trend of mass credential theft:
In December, 40 million credit card numbers and 70 million addresses, phone numbers and additional pieces of personal information were stolen from the retail giant Target by hackers in Eastern Europe.
And in October, federal prosecutors said an identity theft service in Vietnam managed to obtain as many as 200 million personal records, including Social Security numbers, credit card data and bank account information from Court Ventures, a company now owned by the data brokerage firm Experian.
The CyberVor hack appears impressively large (1.2 billion accounts stolen from 420,000 sites) but a number of commentators are skeptical that the breach is as extensive as the Times reports.
At Forbes, Kashmir Hill questions Hold Security, the firm the Times sourced its information to, for withholding information about what sites were hacked, and standing to benefit from the breach itself:
Panic time, right? You can’t even change your passwords to protect yourself because you don’t know which websites are affected or if they’re still vulnerable. This is the worst kind of news, spare on details and causing a panic without offering a solution. Oh wait, but there is a solution! You can pay “as low as $120″ to Hold Security monthly to find out if your site is affected by the breach . Hold Security put a page up on its site about its new breach notification service around the same time the New York Times story went up.
Then there’s the issue of what CyberVor is or isn’t doing with the stolen user names and passwords.
Via Lily Hay Newman at Slate:
Strangest of all, the Times reports that the hackers are mainly just using the credentials to hack social media accounts and spam them. Which is weird, because when criminals steal valuable things, they usually try to sell them. Or if they steal things that give them access to money they take the money. So maybe the credentials aren’t that valuable on their own.
Russell Brandom at The Verge points out that CyberVor may have purchased the bulk of the credentials off the black market which, while serious, isn’t as disastrous as a full-fledged, successful botnet attack.
Still, the breach is a strong reminder of our collective vulnerability, and underscores the inadequacy of username password combinations. Increasing one’s personal digital security requires a few extra steps. While not foolproof, Newman offers some sensible recommendations:
The key is adding extra layers of protection. Using a password manager, or at least randomly generating strong passwords, eliminating duplicate passwords used on multiple accounts, and adding two-factor (or multi-factor) authentication everywhere it’s offered are all readily available steps that can help you protect yourself.
Takeaway: Digital security threats and the cybercrime that accompanies it cost the global economy somewhere in the neighborhood of $400 billion per year and affects tens of millions who have personal information stolen.
That said, articles such as this one from The New York Times oversells (1.2 billion credentials stolen!) and under-delivers (but we can’t tell you who might be at risk). With scant details on what individuals can do outside of paying its primary source for an audit, the worry is there’ll be a lot of hype with very little information to take action on.
1. Forbes clarifies that $120 is a yearly monitoring cost at $10/month.
— John Horton, former columnist for The Plain Dealer, to Poynter, before adding, “I miss the daily challenge that you had, the feeling that you were doing something larger that made a big difference, fighting that fight every day. I think journalism is one of the few jobs that really has that aspect to it.” How mass layoffs in 2013 changed the lives of former Plain Dealer staffers.
That opinion then becomes something like a movement. Pressure is exerted on people and institutions — in this case, NBA commissioner Adam Silver, Sterling’s fellow-owners, even Michael Jordan. The sportswriterly consensus doesn’t necessarily match the fans’ take — see the case of NCAA amateurism, where I’m pretty sure the writers are ahead of many or most of their readers. But watching the speed with which this happens has been astounding. It’s something like the sports-page equivalent of community organizing.
Veteran readers of the sports page know that social justice wasn’t always Topic A, and if it was, it was often that only for a few lonely crusaders. What changed?
— Bryan Curtis, Grantland. How Sports Media Has Handled the Donald Sterling Controversy.
Janet Malcom, The Journalist and the Murderer, via Slate. The Storytellers: Walter Kirn gets taken in by a con man.
So begins a review in Slate of Blood Will Out, a new memoir by Walter Kirn about his relationship with Clark Rockefeller, a real life Mr. Ripley who impersonated a famous name, lived the high life and was eventually charged on kidnapping and murder charges. Kirn’s book explores how, as a writer, he was taken in by the faux Rockefeller. Or, more precisely, by the German-born Christian Gerhartsreiter who successfully played a Rockefeller in New York City social circles.
But while Kirn explores why and how he was taken over a decade-long relationship, let’s go back to Malcom’s original quote, to the journalist as con man, to his or her relationship with sources, and why sources should talk with reporters.
In the wake of NSA revelations, national security journalists have spoken about their increased difficulty reporting the news (see here, here and here). And with the Obama administration’s use of the Espionage Act to prosecute whistleblowers you can see why that would be the case.
So why should sources talk to reporters? It’s an important, unasked question, says Edward Wasserman, dean of the Graduate School of Journalism at UC Berkeley:
When you think about it, that question goes to the foundation of the entire edifice of a free press. And that foundation, at the moment, is shaky.
Let’s back up. No honest press, whatever its sense of mission and however firm its legal protections, can outperform its sources. It can’t be any better, stronger, braver, more richly informed, or more dedicated to broad public purpose than the people who swallow their misgivings, return the phone call, step forward, and risk embarrassment and reprisal to talk to the reporter.
The mythology of journalism enshrines the sleuths, sometimes the editors, even the publishers, but sources are really the whole ball game. Press freedom is nothing more than source freedom, one step removed. The right of a news organization to tell what it learns is an empty abstraction without the willingness of news sources to tell what they know.
Considering how important sources are, it’s stunning how little affection they get and how flimsy the protections are that anybody claims for them.
Give Wasserman’s article a good read.
It moves well beyond national security issues as it explores, again, why when a source’s quote can be nitpicked a thousand different ways — in “the online multiverse, and his or her words, motives and integrity will be denounced or impugned, often by pseudonymous dingbats, some of them undisclosed hirelings” — he or she should ever want to talk to the news media.
As 2013 comes to a close, we see best of lists everywhere and think we should create one of our own. As de facto head of this operation I put forth The First Annual FJP Absolutely Arbitrary Best of Everything List: 2013 Edition.
So while arbitrary, these are things we bandied about during the year.
We read/watch/listen a lot. We sit around and talk about how we consume a lot.
We talk about how to digest what we consume. We talk about healthful media diets.
Jihii leads this charge and keeps us honest and relatively sane. Meanwhile, we eat the news.
So here are things that didn’t make the Tumblr but occupies what we read, watched and talked about over the last 365 days. They’re the oddities and peculiarities that caught our interest. Obviously there’s much more but in the spirit of occupying attention for a few moments before passing it along, here’s our abbreviated – and arbitrary – hit list. – Michael
Most Important Presentations on the NSA, Surveillance, What it All Means, Why it Matters and Why You Should Order a Tinfoil Hat Now
Tie, Jacob Applebaum (video), Glenn Greenwald (video) and the Guardian (interactive).
Best Reflection on Women and the Internet
Quinn Nortan, Online and Offline Violence Towards Women.
Best Explainer for Why All Language is Metaphor
The Economist, The impossibility of being literal.
Best Comic Reflecting How Social Media Influences Our Reporting
xdcd: Social Media.
Best MacGyvering by Citizens when Their Government Shuts Down the Internet During Protests
Vice, Protesters Are Dodging Sudan’s Internet Shutdown with a Phone-Powered Crowdmap.
Best Five Percent of the American Public
The Verge, Study says five percent of Americans find the internet pointless.
Best Ad About Covering Up Poo Stink
PooPourri with this ad about covering up poo stink.
Best New Google Streetview Map
Google, Large Hadron Collider
Best Demonstration of Social Media in the 16th Century
The Economist, How Luther Went Viral.
Best Explainer on Whether You’re an Internet Addict
Pacific Standard, We Are All Internet Addicts Now—Just Don’t Call It That.
Best Example on the Highs and Lows of Covering the Marijuana Beat
Center for Investigative Reporting, High on the job.
Best Demonstration of Google’s Global Reach
Techspot, Five-minute Google outage reportedly caused 40% drop in global traffic.
Best Example of Moore’s Law Presented in One Image
Singularity Hub, Moore’s Law is No Joke – Pile of Electronics from 1993 Fits in your Palm Today.
Best Way to Incarcerate A Large Portion Your Population
The Register, Jail time promised for false tweets in China.
Best Waiver a University Makes Students Sign
TIME, Chinese University Asks Students to Sign ‘Suicide Waivers’.
Best Humblebrag about a Newsroom’s Excellent Multimedia Reporting
New York Times, The Year in Interactive Storytelling.
Best documentary about corporate spin, lawsuits and the media that we should have known about and finally just saw on Netflix.
Big Boys Gone Bananas.
Best representative segment of FOX News being FOX News
Spirited Debate, Reza Alslan interview.
Best Analysis of CNN Jumping the Shark
John Stewart, Good Thing Versus Bad Thing. See also, Jay Rosen on why he no longer bothers to criticize CNN.
Best Art Hack of How the Contemporary New Cycle Works
Jonathan Chomko, News Machine.
Best Best of Lists, Journalism and Storytelling Style
Various: Check Josh Stearns on online storytelling, Nieman Storyboard on best narrative, Electronic Frontier Foundation on how MENA activists are fighting governments, Slate on crime reporting, and, of course, Longform’s Best of 2013.
Seymour Hersh has got some extreme ideas on how to fix journalism – close down the news bureaus of NBC and ABC, sack 90% of editors in publishing and get back to the fundamental job of journalists which, he says, is to be an outsider. →
FJP: Filed under — blow it up and let’s start over.
H/T: Roberto Juárez-Garza.
Wikileak-type organizations, not so much.
Via the Los Angeles Times:
Journalists and bloggers who report news to the public will be protected from being forced to testify about their work under a media shield bill passed by a Senate committee Thursday.
But the new legal protections will not extend to the controversial online website Wikileaks and others whose principal work involves disclosing “primary-source documents … without authorization.”…
…The final hurdle for the Judiciary Committee was defining who is a journalist in the digital era.
Sen. Dianne Feinstein (D-Calif.) insisted on limiting the legal protection to “real reporters” and not, she said, a 17-year-old with his own website.
"I can’t support it if everyone who has a blog has a special privilege … or if Edward Snowden were to sit down and write this stuff, he would have a privilege. I’m not going to go there," she said.
Feinstein introduced an amendment that defines a “covered journalist” as someone who gathers and reports news for “an entity or service that disseminates news and information.” The definition includes freelancers, part-timers and student journalists, and it permits a judge to go further and extend the protections to any “legitimate news-gathering activities.”
But the bill also makes it clear that the legal protection is not absolute. Federal officials still may “compel disclosure” from a journalist who has information that could stop or prevent crimes such as murder, kidnapping or child abduction or prevent “acts of terrorism” or significant harm to national security.
FJP: TL;DR? Seventeen year olds are on their own. Ditto sites that host primary source documents like Wikileaks. Because there must be a responsible adult intermediary (read: liable) between information and the public.
For what it’s worth, the Reporters Committee for Freedom of the Press says that while the bill isn’t as inclusive as it would have liked, it generally likes the bill.