VisionFest promoters Arts4Art's fall season of free jazz, music, and art events begin September 6th at the Clemente Soto Vela Center with a poetic and musical tribute to poet Steve Cannon, including a performance of the Sun Ra Orchestra. The series runs through the fall with performances in Manhattan Community Gardens, the Weeksville Heritage Center, and over Columbus Day weekend in East Harlem. The full schedule is at arts4art.org, that's arts with an s for art dot o-r-g. It's 8pm, you're listening to WBAI New York, time for Off the Hook. I hope that's understood, Bundy, let's go! And a very good evening to everybody, the Bergamot is off the hook, Emmanuel Goldstein here with you, joined tonight by Rob T. Firefly. Good evening. Kyle. Hi there. And returning to New York, Voltaire. Hello. How you doing? Pretty good, thanks. Well, as usual, we will be discussing high technology and encouraging people to get out there and take control of it, and learn how to use things, learn how to be secure, and learn when you're being lied to, kind of grab action, take action, and just learn how to do these things, because it's so important. It's so important to be in control, rather than be controlled. And there's a lot of things going on that I think we need to fill people in on. This is something I just found out about, actually. There's a plan by Trump to use Fitbit data to stop mass shootings. Did you know you could do that? Maybe you didn't. Well, you can, apparently, if you subscribe to his particular way of thinking. In the aftermath of yet another mass shooting in America, says Gizmodo, loved ones grieve, gun control advocates call for common sense reforms, and politicians suggest new solutions that won't do anything about guns. These proposals frequently focus on mental health, but a new plan before the White House to monitor neurobehavior predictors of violence isn't just misguided, it's terrifyingly dystopian. Not my opinion, that's what they say at Gizmodo, but it's interesting. Now, last week, the Washington Post reported that the White House had been briefed on a plan to create an agency called HARPA. It's a healthcare counterpart to the Pentagon's research and development arm, DARPA, which is the precursor to the entire Internet. Among other initiatives, this new agency would reportedly collect volunteer data from a suite of smart devices, including Apple Watches, Fitbits, Amazon Echoes, and Google Homes, in order to identify neurobehavioral signs of someone headed toward a violent explosive act. Now, just think about that for a second. Your Fitbit, how's your Fitbit going to know? Your Fitbits, your Echoes, and Alexas, and all that, and Google Home devices, and your Apple Watches, they're all going to be watching you and predicting when you're going to turn into somebody who's going to do something psychotic and violent and not very nice. And then it's going to tell somebody, and then action will be taken against you, maybe before you even know it. Now, according to the Washington Post, the HARPA proposal was discussed with senior White House officials back in June of 2017, but now it's gained momentum after the mass shootings in El Paso, Texas, and Dayton. Well, I'm not going to list them all. We don't have time. The latest version of the plan, reportedly submitted to the Trump administration this month, outlined the biometric project called SAFE Home. SAFE Home. And it stands for something, too. Stopping Aberrant Fatal Events. Wow. Who said that the Trump administration is not clever? Stopping Aberrant Fatal Events, and the home part, okay, by helping overcome mental extremes. That's amazing. A source told the newspaper that every time HARPA has been discussed in the White House, even up to the presidential level, it's been very well received. Now, you know, people say that the Trump administration is not interested in doing anything about gun violence, and here we see that, in fact, they are interested. They're interested in having our home devices, our personal assistants, watch us to make sure that we're not going to go off the deep end. And when we do, they'll be there to inform on us. Isn't that comforting? I'm going to have to think twice now before the next time I listen to some death metal on my Amazon device. Or you have a screaming fit in front of your Alexa device, you know? You start shouting incoherent things. Which happens often, because, you know, that's my household. But, like, the Fitbit thing, too, I mean, this thing counts how many steps you take. How many steps does a killer take before they kill someone? Well, how do you take the steps? You know, killers take steps in a different way. You know, like the sense you're walking angrily? Well, like the TSA people, they can tell when somebody doesn't feel comfortable. Your Fitbit can't see how brown your skin is? Not yet. Not yet. Well, I imagine it. I mean, like, recording kind of, like, blood pressure and things about anxiety. Or maybe when you go to practice shooting or something, it knows a certain type of heart rate or something. And then, you know, maybe if you have that same physiological profile when you're entering someplace unusual, maybe that's, you know, something that triggers something to alert a human. Obviously, you know, an individual wouldn't be doing any one task in this. It would be some sort of software that then notifies authorities if something fits a certain profile. But my real takeaway just hearing this would, like, mainly be what is the impact of overall, like, social control? Because people are changing, as Rob said, changing their behavior, you know, what kind of subtle things will then start to happen? Like, you know, just basically because people don't want to trigger an alarm. Like, same thing with, like, fire, you know, doors that say this door alarmed or the fire alarms. People will avoid certain behaviors specifically. And what kind of greater forms of social control are exercised as a side effect? We're talking about this now in 2019. But I guarantee that if this kind of thing is not shut down now, it will become reality. And we will wonder, well, what's so unusual about this 10 years from now when it's everywhere? And all it takes is for it to work once or twice or be seen as working once or twice in stopping something from happening. It's very hard to say if you actually stop something that didn't happen from happening. But you can certainly claim credit for that. Yeah. The reason why it's so scary is because currently you need to get a, like, governments get a warrant to get your, like, Amazon data. We've had stories about that in the past. But now they're going to be asking for preemptively, like, collecting it en masse, saying, oh, we need this to be able to predict things in the future. Yeah. Maybe not gathering that from sources that are necessarily bound by sort of HIPAA and other health-related policies and regulations. If they can get it and sort of sidestep through commercial devices that people are sort of carrying around anyway, that data creating kind of a fingerprint, a psychological fingerprint of someone from sources that don't necessarily become, like, privileged or confidential health-type information. I easily could see that gaining popularity. And then really, yeah, what is your psychological fingerprint today or how can you be identified behaviorally from those different types of devices and recognized in a system that spots your profile as you move about or act in society? Right. And you just touched on this. Information about your mental health is right now a very protected thing under the law. There are HIPAA laws. There are laws protecting the confidentiality of medical information about you. But if you're wearing an Apple ankle bracelet, who cares? Right. But even then. So this is kind of an end run around the protections that such things have. And especially mental health, especially these days, is still a very stigmatized thing. And people who have mental health concerns or who may be having dark thoughts or need to pursue some sort of mental health aid, it's very difficult to get people to take that step sometimes. And if people now have to worry about what lists they're going to get on as a result of seeking help for themselves, they're not going to seek the help. And then that's going to end badly. Yeah, the policy then kind of masks the symptomatic people or individuals that are actually suffering and may need attention. Right. And I hear Andrew Cuomo said after one of the other mass shootings we had that obviously one of the things we need to do, and I think he tweeted this, was put together a mental health database. And no, that is the worst idea. Yeah, people with mental health issues are not the ones doing this. That has been proven over and over and over again. But, you know, we have to fall in line, and this is a wonderful technological way of dealing with the problem that is in our futures. Of course, predictably enough, there are naysayers. There are people who are against making things safer by having this kind of blacklist from our Alexa devices. Scientists, academics, people like that. Here's one, George David Annas. He's a deputy director of the Forensic Psychiatry Fellowship Program at SUNY Upstate Medical University. What does he know? He says, the proposed data collection goes beyond absurdity when they mention the desire to collect Fitbit data. I am unaware of any study linking walking too much and committing mass murder. As for the other technologies, what are these people expecting? Alexa, tell me the best way to kill a lot of people really quickly. Really? You know, when you say it like that, George, you kind of make it seem silly. You kind of make it seem like these people don't know what they're talking about. I don't see how that's helpful, but I am going to ask Alexa that tonight. I'm going to see just how upset I can get her. Well, I think you've just asked a bunch of our listeners, Alexa, this question. So if you get any interesting answers back, e-mail us, oth2600.com. Emma Friedel is a doctoral candidate at Northeastern University specializing in mass murder. You can do that? You can specialize in mass murder as a doctoral candidate? My goodness. You can be anything you want in America. Well, if that's not inspiring, I don't know what is. But she said to Gizmodo, Well, I guess there are the people that get things done, and then there are the scientists. And who are you going to believe? Does anyone know, do Fitbits have microphones? No. Do they? Yeah, they do. Okay. But a Fitbit, not any new models or anything like that? No. Okay. Actually, maybe the newer, smarter ones. I'm curious. I'm not sure. They're just kind of, oh, by the way, we're just going to add in this Bluetooth feature, just kind of slip that in. But then all of a sudden, your conversation could be a part of what is harvested from that. But Kyle, this is what people want. Literally, they want these things. Yeah, we've talked about the ring devices on doorbells. And now they are expanding that so that entire neighborhoods are sharing information as to who's coming up to your door, making it seem like everybody is out to get you. And that information is being shared with the police. And you're building up this surveillance network, but you're doing it yourself. You're not a victim of it. You're an instigator of it. And this is what people are expecting. And if you don't go along with it, suddenly you're the problem. Also, that's the problem with regulating this kind of thing. You can put a law in place now when a Fitbit is just a fancy pedometer. But when more features get added down the line, that will just get added to the database that these people are giving away access to. Yeah, I think it's a little disingenuous with some of the companies. Because they then go ahead and you're told that you're getting one type of device at the outset. And then a couple steps along, all of a sudden, you're a part of this big social surveillance experiment that they've signed on to. And I think that there's something unique about that that we have not seen with consumer electronics in the past. Where they have features and these arrangements with bureaucracies and so on and so forth that are sort of just thrown in as a part of them being out there doing their business thing. And I don't know. I think that there's something false about that. There's something that's, like I said, disingenuous. Yeah, I agree with Kyle's point that you shouldn't blame consumers for this. In fact, when it comes to things like smart TVs and stuff, you actually cannot buy a non-smart TV because they make extra money from being able to sell the surveillance data. It's the same when it comes to Amazon Echoes and stuff like those. But consumers are buying these things. If they stopped buying these things, then they wouldn't. But that's because nobody sells. They have some convenience. I have some. Nobody sells an off-the-shelf, easy-to-use version. I mean, you have open source products like Mycroft and Home AI, but you can't walk into Best Buy and get an off-the-shelf, privacy-preserving one. You'd be essentially buying a computer monitor at that point. If you wanted something so stripped down, you can't really get a screen that isn't a smart TV unless you're buying just a monitor. The people who put together things like Tor and Securidrop and all that, this is a great project, a consumer project. There are products like that. You have a private television set that does not spy on you, and that is something that the average consumer would want who doesn't want to be watched all the time, who wants to define the technology themselves. We're actually now in a state of affairs where, since most of these smart TVs run some Linux derivative, people are jailbreaking and rooting their televisions, just as some people do with their phones, in order to gain full control over what it does and doesn't have permission to do. Yeah, I think the prevalence of that is probably underestimated, and there's a lot of that kind of customization going on. I mean, we've seen it with a lot of little entertainment devices. I know some of the video players we've had that read different file formats and stuff, they don't work. They basically stop working because you need to buy a new one, or the development team does not really want to continue that hardware. They want you to switch up and get another one. There's a lot of that kind of thing going on with devices that are essentially full-on computers, but they don't want to maintain it anymore. They don't want to write a firmware or software for it that can still fit the hardware requirements, but add new features that are going to kind of hook new consumers. Yeah, you know, there's a great New Yorker cartoon from many decades ago, where somebody is in line at a repair shop talking to the repair guy, who's telling them that you fixed the problem by buying a new one. Roku is what you were thinking of before, because we've got a Roku device, and it just keeps freaking out and not working, and kind of bricking itself. And I've looked up online. We fed it as many SD cards as we could find. It says you need an SD card, but it has an SD card. We're trying to do everything we can. It claims to be full, and then you have to start over again, and literally the advice that you get is just, yeah, just buy another one. Guess what the new Roku devices have in them? Cameras? Microphones. Oh, wonderful. Yeah, even the remotes. Why does my Roku need to hear me? Well, that's another thing. Because they want to sell the data. By the way, Roku, it's an amazing device. It allows you to basically watch videos from all over the world through YouTube and other applications. And it's got a lot of good features, but it also has some bad features. And the irony, I think, is that we're working with devices that are as configurable and can be repurposed, right? Like, they're just running a particular set of software that someone developed when they were originally designing the product. But we're working with stuff that is way more reconfigurable and modifiable than many devices in the past. Most consumer electronics and electronic devices were something you would have to add hardware. You'd have to add various things. But you have devices that are incredibly affordable and full architectures for microcontrollers or small CPUs and are running full copies of Linux, as Rob and Voltaire were saying. And that's just sort of a shame in this moment. And that's why I think that prevalence of more projects where people are taking ownership, and if they find out there's a camera in their TV or they find out there's a feature that really doesn't serve them, that they're taking ownership in such a way that they can reconfigure and adapt it the way they're happy with as the owner of it. And that is pretty much the theme of everything we encourage people to do, is reconfigure things to your liking and have that ability to do that. Don't let somebody tell you you're not allowed to do this. We were watching a Blu-ray the other day, and it told us that, no, you can only watch this in a certain region. Of course, we have a region-free player, so you just enter the codes. But why should we have to do that? Why should we feel like we're breaking the rule for something we bought? We bought the player, we bought the disc. How can people accept that you're being told you're not allowed to watch this because somebody decided it? It's completely unfair. Whether it's hardware, whether it's software, you should have the ability to configure it to your liking. Whether it's wanting to see the credits at the end of Netflix. Oh, my God, that drives me crazy. Where they put it into a little tiny thing, and you have to do all these clicks to get it to fill up the screen so you can read the credits like you're supposed to be able to do. And by that time, the credits have already gone by, so you have to rewind in order to get to the part you missed. I'm sorry. I'll sit down. But, man, that really bothers me. You have trauma. I can tell. It used to work. And the thing is, on older TVs, it still does. Well, it's true. The developers, the companies that are maintaining, if at all, a lot of this stuff, they're fixing things. They often fix things in ways that aren't actually what you want. But they fixed it. They did something. They did something, yeah. It's very, no, all too common. They make up their mind as to what they think it should work. Maybe for them it does, but not for me. Give me that option. And this goes for every bit of software, every bit of hardware. People should have this ability to do this. If you have a funny experience about a particular device or working with something like this, do write us a letter. We'd love to share your story. Well, I don't have time to write a letter, but I can tell you about something right now on the air if you want. I had a funny experience with a television set. It involved a tornado last week. There was a tornado out on Long Island. It was really kind of cool. And a water spout. All sorts of fun out there. So there was an emergency alert that went out over the radio stations and the TV stations and things like that. Now, my cable system, which is run by a company called Altice now, which is formerly known as Optimum, formerly known as Cablevision, I don't know, they have naming identity issues. They have a new feature, and we've talked about this, where they send a blue screen that basically tells you there's some kind of emergency going on. It's like teletext. A little bit, a little bit. It's like a text. And at first it'll tell you what the emergency is, and then it'll just tell you that there's an emergency alert. And it'll say something like LI-ALL, which means all of Long Island. Right. So we had this situation where there was a tornado warning. A tornado was touching down out east. And so, you know, you tune to their news station, which is News 12, and you want to hear the details. And you hear maybe about 10 seconds of it. Then the blue screen comes back and blocks it all out. Because they're alerting you that there's an emergency. And you're trying to hear about the emergency. So you have to turn the cable box off and turn it on again to get rid of the blue screen. And then the same thing keeps happening over and over again. So you can't get the information because they're too busy telling you that there's an emergency. Who thinks of these things? For God's sake, people. What are you doing? This is not how it's supposed to be working at all. It's great that you can send the blue screen to everybody and tell them there's an emergency, but you're kind of preventing them from hearing the details, which is very important. There's so much idealizing, I think, and field testing is critical. People really have to listen to feedback. You have to listen to the consumers, the people that are using the stuff, and really take feedback seriously so that you're not putting out crap. I got feedback. I got feedback from somebody. I tweeted about this, and someone said that, yeah, this is the system that we have to keep you safe. Yeah, keep me safe from getting information. That's not what I want. Anyway, if you have similar issues or complaints or anything you'd like to share with us, you can always write to us, othat2600.com. We'd love to hear your stories. And you can call us. In fact, we'll be taking phone calls in just a little bit, 212-209-2877. And what, tweet at us? Yes. Okay, it sounds violent, but go ahead, tweet at us. At Hacker Radio Show. Yes. Hacker Radio Show. Hacker Radio Show on Twitter. And maybe you design or develop some of this garbage. Please, tell us how the sausage is made. We want to know how little, how few dams you give. You know what? Write an article for 2600, too, because that is always good. That gets out to so many people, and it's forever. And we love to hear about how things work from within. So if you have access to information like that, no matter what it is, it's always relevant. If it involves a system of any sort, you know, a train system, a computer system, an emergency alert system, whatever, there are people who are interested in that, and we are those people. So please check out our webpage, 2600.com. There's information on how to send articles in there. And you will have an audience for a long, long time that will be very fascinated by this. Plus, you'll be educating people on how certain things work, because we don't always get it right, that's for sure. We're not experts. No, we don't claim to be. Never did. And you know who else is not experts? The Department of Homeland Security. This doesn't surprise me. It shouldn't surprise anybody. They stored sensitive data from the nation's bioterrorism defense program on an insecure website where it was vulnerable to attacks by hackers for over a decade. It wasn't vulnerable to attacks by anyone else, just by hackers, the only threat. Terrorists or criminals or just plain outright thieves or whatever. No, hackers are the ones you have to be afraid of. You know, hackers probably were the ones who revealed this. Wouldn't be surprised. The data included locations of at least some BioWatch air samplers, which are installed at subway stations and other public locations in more than 30 U.S. cities. They're designed to detect anthrax or other airborne biological weapons. You need a website for that? I can tell you where those are. I mean, they're right there. You can see them. It also included the results of tests for possible pathogens, a list of biological agents that could be detected and response plans that would be put in place in the event of an attack. Now, this information was housed on a .org website run by a private contractor. It's been moved behind a secure federal government firewall, and the website was shut down back in May. But Homeland Security officials acknowledge they do not know whether hackers ever gained access to the data, and we're not going to tell them, are we? No. If you're going to demonize us like this. Yeah, okay, we have all the information. We do. Yeah, we have access to everything. We know all about it. Yeah. Internal Homeland Security emails and other documents, which somehow these people at the L.A. Times have gotten their hands on. They set off a bitter clash within the department over whether keeping the information on a .org website posed a threat to national security. A former Biowatch security manager filed a whistleblower complaint alleging he was targeted for retaliation after criticizing the program's lax security. Your problem is not hackers. Your problem is you don't know what you're doing. Your problem is that you take action against people that reveal the truth. Yeah, you're not listening to your own people. You're not listening. You're not learning. Websites shared information among locals, state, and federal officials. It was easily identifiable through online search engines, but a username and password were required to access sensitive data, but I'll bet that was pretty easy to get as well. A security audit completed in January of 2017 found critical and high-risk vulnerabilities, including weak encryption, that made the website extremely prone to online attacks. The audit concluded that there does not seem to be any protective monitoring of the site, and that's according to a Homeland Security report summarizing the findings. So, yeah, but they keep going back to this. Was it vulnerable to hackers? And that's not the point. The point is that you put all this stuff out there. Who did that? Who is responsible? Who is making these bad decisions? Are they learning anything? Because we're all hoping they are. Yeah, I mean, one thing I'm always banging on about on this program is that responsible security disclosure is a thing, but it's also a fact of it that when you find a vulnerability somewhere, you never assume you were the first idiot smart enough to find that vulnerability. You assume other people have found it before you or will find it after you if it's not been fixed. This is a fact of information security. And the reason why you should always reveal information when you find it, whether it's publicly or whether it's leaking it to newspapers or magazines, basically, if you don't do that, the security hole is still going to be there, and the next person who finds it might not be as nice as you, and they're probably not going to tell anybody, and they're probably going to use it in one way or another that really causes problems. So when you find something like this, yeah, I mean, I'm aware that when you reveal information, you're very often treated as if you created the problem in the first place. This happens everywhere from grade school all the way into the government. We just reported this. People are basically punished for revealing security holes. It happens all the time. So that's why you have to do it anonymously whenever possible and just make sure it gets to the right people and make sure that you embarrass the right people as well because they need to be embarrassed in order to do their job. That's very important. All right, and speaking of embarrassment, we all know that Jack Dorsey's Twitter account was hacked. Jack Dorsey, of course, is one of the founders. He's the CEO, in fact, of Twitter. And on Friday, well, he either turned into a racist bigot or somebody got a hold of his account. You know, if any of us were able to become Jack Dorsey, there are so many more important things we would say with that account than just tweeting out anti-Semitic and racist and ignorant things, but that is the mentality that we find ourselves in today. So everyone who watched the events, this is according to an article from Business Insider, everyone who watched the events seemed to have the same thought. If Twitter can't protect its CEO's account from hackers, and again, hackers are the issue here, how can it protect Donald Trump's account? I have a better question. How can you protect us from Donald Trump's account? I mean, how would we even know if his account was hacked? Seriously. There are so many times I've thought that, no, this can't be right, and it's 100% what he's saying. Maybe we shouldn't be taking Twitter so seriously, and by extension, the people who use Twitter to say things, maybe we shouldn't be assuming that that's coming from the best source in the first place. The headline to this story, it took Twitter longer to secure Jack Dorsey's account from hackers than it would for a nuclear missile to travel around the world, and that should terrify you. What terrifies me is people who take Twitter this seriously that they actually think that war can be started through a tweet. I think it could. You think what? I think it could. Well, no, it can, but that should terrify you, the fact that people are taking Twitter so seriously. That is the problem, not the fact that they couldn't secure it quickly enough. But it's like in tautology, people are taking Twitter seriously because people take Twitter seriously, so you kind of have to live in that reality. Why? Why can't we change that reality where people don't take Twitter seriously? Well, one thing that's being done along those lines is the Mastodon Project, which is the open source knockoff of Twitter. So if you're interested in that, go to joinmastodon.org and check that out. And if you use it, you can add us at hackerradioshowatmastodon.social. Do people take that as seriously as Twitter, though? No, we're all still having fun with it over there. It's like the early days of Twitter, when it was just a fun Twitter. But, I mean, we take it seriously in the sense that it is useful and provides joy and a way to communicate with your friends and communicate news, and I think that's a generally useful tool. To think that a nuclear war could be started by Twitter. But it could. Okay, that to me is a disconnect from reality. How? Unless you believe everything you're told because it's on the Internet. But people do. Yeah, but that's the problem, is my point. That's the problem we should be focusing on. Not the fact that Jack Dorsey's Twitter account got hacked or that Twitter took too long to deal with it. The fact that we're believing things we're saying, we're hearing, we're reading all the time on the Internet. But how is saying it on the Internet any different than 200 years ago, like in books? It's harder to... It's just a new field of foreign communication. Well, we didn't have nuclear war 200 years ago, and books took a while to publish. It's kind of a different universe, but you should always question whatever you're told. That's a very important thing, and I think people are doing that a lot less and just assuming what they're reading is true all the time, and that's kind of how we've gotten to the state we're in right now. Yeah, like there was always, in the old days of the public-facing Internet, there were people who took things like IRC drama too seriously in real life, and I think what we're seeing now is the modern iteration of that. Yeah, have you ever heard the phrase, it's only IRC? I've said that to people so many times, and they're like, yeah, you know what? I'm going to calm down a little bit. But people just overreact to things that don't matter, and yeah, it's true that we have a president that takes Twitter super seriously. It doesn't mean we have to. We can ignore the things he says and not believe them as much and just focus on the things he does and the things that he is actually standing in front of microphones and spouting forth. But Twitter, yeah, I'm not saying let him off the hook, but let's not start wars based on something like this. That's insane, and to believe that's possible, I think that's the real problem we need to focus on. But we've seen concrete examples of this, like stocks will get crashed if miscommunicated tweets happen. Yeah, all you're doing is proving my point, that people are taking it too seriously, and bad things happen as a result. What do you think? Okay, I'm curious. What do you think should happen to the person who hacked Jack Dorsey's account? Or let's say a person hacked Donald Trump's account and said the same things, although people would probably believe it was him anyway. But what should happen? What is the penalty for hacking a Twitter account? I'm more concerned with Twitter, the company, for having such lax security practices. Exactly, that is the issue. But not because our physical security is at risk. But it is at risk. It shouldn't be. I think it is because so many corporations and serious bureaucratic entities are using it as an official communications channel, whereas in the past they would have put forth an official press release, something that would have a contact person in the communications office, someone that if you wanted to verify that press release, you could contact them directly, tell them what you're trying to figure out about it, or otherwise verify where it's coming from. This stuff's way easier to fake, like taking over someone's account, or putting forth something that appears a certain way because people aren't giving it the same scrutiny. It doesn't have the same weight when it comes from a Twitter account, even though it's verified, or whatever credential we want to attribute to something on that platform. It's not the same to me, and I think it's an effect of this sort of individual fun and joy you're talking about combining and being mixed in with the very serious corporate branding side, or the corporate communications side, or governments, representatives using it. It's colloquial and folksy, and brings us joy and stuff, but it's also being used for things that otherwise would not have the same level of interaction, would not have the same projection, and the ability to move around on that platform in the same way. And that speed, that I think, is why we're a little bit terrified that yes, a war or something could start, because if NORAD said something, and the president said something, and some government we hate said something, it might be enough there. And it's all based on tweets and things like that. Look, back then you had bona fide news sources. Like Kyle said, you could verify, you could contact somebody. Today, anything is a source. Today, anybody is a journalist, and you don't have that verification, so that means misinformation can spread so much quicker and faster, and if we take it all seriously, we're going to pay the price for that. Just letterhead. I know you've messed around with letterhead in your day, but like an official press release coming on letterhead from an organization, and having a point of contact, and having that ability to verify. I think that's where authentication and security is kind of a stand-in, but it's not working. And I think that's your point. And when it's broken, you need to point out how it's broken, and how to fix it. And I think that's what they need to do here. But I just want to read this last couple of paragraphs from this story, again from Business Insider. In total, 21 minutes elapsed before the company was even able to confirm that its CEO's account had been hacked at 2.22 p.m. Pacific time. One hour and 36 minutes after the first hacked tweet hit the ether, Twitter pronounced Dorsey's account secure. How long would it take a nuclear-tipped missile to travel from North Korea to the U.S.? In 37 minutes, a North Korean missile could reach Honolulu. It would take only 41 minutes to reach Washington, D.C. Yeah, Trump is right. Twitter is like a rocket, and we've now had two very clear warnings that the company is not up to the task of handling such a serious responsibility. I had to read this three times to make sure that that was a serious statement. But they actually believe that Twitter is so serious that somebody who is hacking accounts is actually putting us in physical jeopardy. And I think that's a real reality check we have to all undergo before we take something like that seriously. No, I think the tragedy is that it's incredibly silly, but it is the reality we live in. So we have to keep it secure. If it's incredibly silly, why are we living in an incredibly silly reality? We need to change that. It's called capitalism. Yeah, well, you know, there are people working to fix that and to just make it something a bit more serious and logical. And let's be specific, you know, like for the sake of it, for the sake of the discussion and the issues at hand. You know, let's be deliberate in how we're looking at it, because it is important. And I mean, yeah, there are attributes that are silly, but it's deadly serious as well. Yeah, we've always, to a degree, lived in a very silly reality. But there are aspects of the reality now that everyone is still figuring out what the hell to do with. One of them is the fact that, like in the old days, even when a president wanted to get out there and say something, there would be like an announcement crafted and it would go through other people before it reached the public on that letterhead. And now we have presidential thoughts being tweeted directly from the toilet or whatever. And we're all absorbing things directly in that manner. And none of us know what the hell to do with this media environment that we've got. None of us know how to put through these things or deal with it in a healthy manner. I just want to say, I would say there probably would be a distinction there between that leadership and how that platform is being used by that particular leader and sort of the rest of, I think, what we're pointing out about society and how this mix of individual thoughts and opinions is going along with, you know, corporate or, you know, businesses and those entities and governments and how they present on these platforms. And, you know, I think that is a very unique, crazy scenario that we're experiencing and living through. And right, I mean, who's going to tell the president that he's using Twitter wrong or like he needs to change it? I mean, that's just not something I think people feel is like accessible. The thing is, you know, I want to be able to say that if you have the ability to get into Trump's Twitter account, if it's that insecure, you should do it. You should do it and prove how insecure it is. But we should not all have to pay the price with our lives because people take Twitter too seriously. And I should not get in trouble for telling people that, yeah, if you can get into Trump's Twitter account, you should because we all need to see how ridiculous it is to treat a platform like that. Like it's, you know, the final word on anything. Like Rob said, we're all bad at this. We're all learning as we go along. And there's a comfort in that. There's a comfort in knowing that we're all stumbling through this technology and learning ways to, you know, to use it properly. That's a really good point. It is emerging and like we need to remind ourselves that five, ten years in, this is still very new and especially the way it's being used. It's like we can have it for five years and people have not yet quite figured out the power and how to leverage it. Now people have entire departments. People are working on this in a very mature, you know, it's reached a point of saturation in society so that it is new but there's new ways of using it. I think that we're also still learning very, very much so. Yeah, I think to your point, it takes time to get used to these things. Yes, it's new and it happens a lot faster but also like in the 1940s and stuff like the king and queen of England that would never go on the TV or the radio because that was considered not posh enough and it's novel and they went on it for the first time. Now we have, when Obama first got, or was first president to get, I assume when he got a Twitter account, people thought that that was like very novel and like maybe unpresidential. But it was wholly like curated to every letter and it was, you know, probably... So you're saying that Trump being on Twitter is Obama's fault? No, not at all. No, I think it is actually. It is actually, wow. But look at the distinction of how it's being used, right? He had probably entire teams helping him craft every single one or at least checking, you know, to make sure it's looking... I think Obama could craft a tweet on his own. All right, but is it on brand? Is it, you know, is it his, you know, something that... It becomes the brand. He defined... I'm not gonna get into that. All I'm saying is that after this, if Trump ever leaves... There's no after this. There will be a vacuum of how Twitter is not being used that way because I don't think any of the alternatives were they to take that position. I don't think they'll use it nearly in the same way, perhaps more so than Obama and maybe less filtered than what I'm saying. I think Obama's account may have been, but I don't know that. I'm just throwing that out there as a hypothetical that, yeah, we're going to notice less of that, as I said, unique leader if he ever leaves, but it is still going to be a new platform that is used in a way that had not been in previous administrations. Listening to Off the Hook here on WBAI in New York, come join the conversation. Call us, 212-209-2877. We are live on the radio here in New York. If you're interested in exactly how the CEO of Twitter's account was hacked, according to Wired, it was a so-called SIM swap attack with a particular focus on AT&T. In a SIM swap, and here's Wired buying into it as well, a hacker, because only a hacker will do this, either convinces or bribes a carrier employee to switch the number associated with a SIM card to another device, at which point they can intercept any two-factor authentication codes sent by text message. It's hard to stop a determined SIM swapper, but at the very least, you should switch from SMS two-factor to an authenticator app. So that apparently is how that particular hack was done. So SMS two-factor was not working. So the attacker woman calls and says, That's better. Hi, I just lost my phone, and I bought another one, and I just got a SIM from a retail location. Hey, can you just go ahead and update it so that I don't have to blah, blah, blah, blah, blah. And then the person on the phone says, Well, okay, can you give me this? Can you give me that? Yeah, okay, you're that person. And what do you want to do again? Okay, yeah, so basically I lost my phone. I flushed it down the toilet, and I have a SIM card that a friend gave me. Here's the IMEI, or whatever the number on the SIM card is. Can you go ahead and change that? I'm actually getting on a bus right now, blah, blah, blah, blah, blah, and then all of a sudden, I'm Jack Dorsey. I had you connected to AT&T while you were saying all that, and they've done it again. Yeah, it's that easy. It's that easy. Voltaire. Yeah, and this gets back to why we should be blaming Twitter for this and not the individual attacker, because there's this multi-factor authentication system. It makes it extremely difficult not to fall back to SMS, which is much less secure than with an authentication app. Wow, so SMS 2FA is no longer adequate, given this scenario. I'd say it's better than nothing. But they're encouraging this third-party software to help protect the authentication. No, I'm saying they should be encouraging third-party software as opposed to something like Google. Oh, and they're not? Yeah, they're encouraging SMS. I thought that was guidance that they had released as a part of what he was reading. It's easy to hang all this on Twitter right now, but I think in the larger scheme of things, Twitter as a service, as a company, may not be around forever. Eventually something else will take over. We used to go through so many waves of whatever the cool social network was to be on at the time, and then Facebook and Twitter sort of just stayed there, and the general public hasn't moved on to anything else yet. But maybe one day they will. And so I think it's better to think about this in a more distant sort of way and just re-examine how we depend on all of these social media pieces of guff and its place in our lives and how much we're actually hanging on it, how much importance we're actually ascribing to it. And how easy it is to do something that is fake and compare that to things in the past, how easy it is to do things fake there, and always have some doubt in your mind as to whether or not you're being told the truth. If you do that, have some cynicism. I think you won't fall for these things quite as easily. Yeah, critical thinking at every turn when you're using something that's new-like, for instance, or something doesn't seem right, definitely give it a second look. It never hurts to analyze things in that way. So when did Trump switch to an iPhone? What? Didn't he start out on an Android phone? Is he on an iPhone now? You look at me like I would care about this or pay attention to it. I don't know. I'm wondering if that was in the story. Forget it. You know what? It's not that important. Well, he's not using a Blackberry that much, I do know. Okay, good. 212-209-2877. I don't know if we're intimidating people. We're not technical experts on any of this. These are our opinions. We want to hear your opinions, so don't be intimidated if we're talking too much technology. That's just our nature sometimes. 212-209-2877. Call from anywhere. We'd love to hear your opinions. Now, apparently in Spokane, they're planning to keep their computers hack-free. Yeah, good luck with that. When parents sign up their kids for school, they never imagined that private family information could be exposed as easily as a teacher clicking on a virus. This week in Long Island? Okay, I don't know how this relates to Spokane. This week in Long Island, the school district was forced to pay $88,000 in ransom after a hacker, again, threatened to release student and staff information. Always a hacker. Is the newspaper or the publication you're reading, is that from Spokane? No, the website is khq.com. I don't know if that's what. It has a K. It's on the West Coast. It could also just be three letters. You don't know it's even a TV station. This is what I mean. I'm reading this, and it could be completely fake. You don't know. That's like deja vu for 2015. Louisiana is under a state of emergency after several of their school systems were also hacked. Both of these districts had been using antivirus software, and here in Spokane, public schools say they've been doing their homework about this. We're certainly watching the national trends and what's been happening around the country. It's a constant area of improvement for us, and we'll continue to be vigilant with it, says Brian Coddington of Spokane Public Schools. Coddington says the district monitors threats every day and haven't experienced problems like other schools around the country. Spokane Public Schools' website was built in-house, which they feel is safer from being hacked, and the same goes for their school's app as they've used third-party vendors. Part of our process in selecting vendors is making sure they've taken the necessary steps to be protective of our families' information. How is this a story? All they're doing is saying we haven't gotten hacked yet and we're better than everybody else, and, wow, you see, I kind of fell for it here. I read the story, and it's really just a bunch of bravado. Okay, well, Spokane Public Schools, we'll see how good you are. It's not like I'm saying that people should go out there and, oh, am I pronouncing it wrong, Kyle? Yes, it's Spokane. You're from Washington. That has nothing to do with it. All right, fine. I can't even pronounce the city right. Spokane. Okay, we have a caller. 212-209-2877. Hi, yes, can you guys hear me? We hear you fine. Perfect. I hate to always be one for, like, advertising and an awesome hacker-related event coming up, but I feel like this is a good venue for that. It is a hacker radio show, so go ahead. Just letting everyone know that there's going to be an event this Saturday, that's September 7th, starting at 8 p.m. at DROM at 85th Avenue A in Manhattan. It's called Hustlers Paradise, and what it is is a bunch of sex workers who are fed up with the censorship of the Internet and SESTA-FOSTA are making a pop-up strip club, and all the money that's going to be raised during this pop-up strip club is going to be donated to the EFF to fight online censorship, promote privacy, and to fight SESTA-FOSTA for their worker rights. I just wanted to let everyone know that event's coming up because, unfortunately, they don't have a website for it besides DROM's own website, and I feel like it's not really been promoted that much, so I'm just trying to spread the word to fight Internet censorship. Well, that's great. We wish you luck, and I urge people to check that out. That sounds really awesome. Interesting concept. Is there a specific organization that's running it? Yeah, do they have any contact info for the production? Unfortunately, I mean, besides two of the people at EFF, that's been one of the problems, is the lack of promotion for this. The thing is, it's more of a bunch of different independent sex workers that all each other got together and did this, so there's no organization, unfortunately. But they are doing this. Sure, go ahead. What's the name? It's going to be called Hustlers Paradise, and I'm pretty sure if you type that in and type DROM, which is D-R-O-M for New York, it's in their website. The URL is ridiculously long for the event, but that's the only event team. Okay. And this is, again, when? It's happening this Saturday from 8 p.m. to 10 p.m. All right. Well, thanks for sharing the information. Thank you. All right. And our front lines are open. 212-209-2877. See how easy that was? All you have to do is give a call and say whatever is on your mind, and we'll be a receptive audience. It's also great hearing about groups like this that get together and have a common goal to actually change some of the bad decisions and some of the other situations in which we find ourselves. And people doing what they do for a living but for a good cause just always warms my heart. And representing. Representation matters, and you've got to represent and represent for a cause. That's, I think, important and inspiring. Absolutely. Here's a phone call. Let's see who is on the other end of this one. Off the hook. Yeah, hi. I just wanted to make a comment about a discussion you were having last week about Brexit. Oh, yeah. Okay. Sure. Go ahead. Yeah, I don't think they should have ever given him that choice. David Cameron, who was the prime minister during that time, 2016, I think it was, he's the one who put up that referendum back then. Right. But I don't think he should have ever done it. I mean, he did it because it was an election promise. He promised during the election, I would offer this referendum. But he shouldn't have done it. I mean, people make election promises all the time and don't fulfill them. He should have just forgot about it. Because now this is what has caught this quagmire therein. So, yeah, I don't think they should have ever done it. And then Theresa May, who came in after him, everything she did as far as the negotiations, she did everything wrong. I mean, she was a good person, but she did everything wrong. And in my opinion, at this point, it's very difficult for this guy, Boris Johnson, to go back right now and try to renegotiate that deal that she already did. I actually like Boris Johnson. I think he's a good guy. I think what's going on now, I'm actually following this thing. I find it just fascinating. I'm not from the UK. I don't know anything. I just find this particular thing fascinating. But I think he's a good guy, and I think if they actually give him a chance, I think he can get something done. And what he's doing now, to me, I think is the right stance, which is, we're going to the 31st anyway. In other words, hold the EU feet to the fire, and somehow, I just think it's a bluff. I think he's just bluffing. I don't think he plans to leave on the 31st without a deal. I think he's just bluffing. Well, he can't leave now. He's lost three major votes, including a vote to have an election in October. What I'm encouraged by—I wasn't so encouraged last week. I'm encouraged this week, because I'm seeing democracy in action in England in ways that it does not seem to happen here, where basically people from someone's own party actually have the guts to stand up and question and criticize. They paid the price. Yeah, he sacked them from the party, but they did the right thing. And as a result, it's not going towards that cliff that everybody said it was going towards on October 31st. It might be January 31st. There might be another referendum. I disagree. I think that people should have another say in this, because they've learned so much about what Brexit actually means. And if they know this, we should ask, or they should ask, are you sure this is what you want to go through with? I agree. I agree. There should be another referendum. That's the right way right now. Okay, well, then let's agree on that. And hopefully sanity will prevail. I think, you know, if they get through that, it'll be a tremendous inspiration to all the other countries in the world that are going through crises of one sort or another. I love your show, by the way. And thank you for calling. All right, thanks. We're going to take— it's not that funny—we're going to take one call. But first, Kyle, you had something to say? No, I just wanted to say, stay curious, and it's cool that you're following it. It's an interesting system, and we like systems and like learning about them. Good evening. You're on Off the Hook. Hi. I'm calling you from way out here behind Bedminster and Hunterdon County, and I just want to say something that may strike you as totally off the wall, but as we're dealing with an off-the-wall president who wants to, you know, make sure that you're crazy enough to, you know, join one organization but not the other. How about as the NRA is a profit-making organization, maybe they should come out with their own credit card and when anybody comes in and buys an excess of M.O., that not only do they get a picture of him, they get the tag of the vehicle, they get—and then we would have a much better control. You know, you don't lose money with credit card companies. You will lose people down the booby hatch because their medication is not up to Donnie's standards. Am I making sense? A little bit. I just— I'd kind of like to steer in a direction where so much M.O. isn't being sold in the first place. Yeah, but the thing is this, if you know where it went and— But how do you know it wasn't given to somebody else? I mean, this latest mass shooter got the gun he wasn't allowed to get because somebody gave it to him, and apparently that's not illegal. Well, here's another thing I wanted to say. It's certainly great to surveil the whole damn country, which is virtually impossible, and you know it'll be used for political purposes. Why is it so strange that when people are buying masses of stuff, that we start looking at them before they get to where they got? Right, right. If we look at people for various other reasons, it seems like this should be one of them that we look at people, but is that the answer? Is that the road we want to go down? We need to have the conversation. No, not necessarily, but we've got people in the government who believe that, oh, well, you didn't take your Ritalin this morning, you know, we're going to come out and get you. Uh-huh, yeah, that's not the right road to go down, obviously. Yeah, but as I say, we've got the NRA makes millions of dollars a year. They could actually set up an insurance fund for some of the victims, and also the municipalities have to clean up these messes, you know? You don't just walk into Walmart and just with a wet mop and start to clean up things. It costs money to murder people. I think it's going to take a lot more pressure for them to take responsibility and do so in such a way that they institute a program, or like you said, devise their own credit card that has some sort of verification or tie-in with a gun ownership registry of some sort. That's also the same group, and dare I say, a social group that is going to look at any kind of list like that in much the same way we do as far as privacy goes. Let's close with the last words of the caller. It costs money to murder people. I think that's a great note to end on. Thank you for the call. Okay, have a good night. Thanks for being there. And you can write to us, OTH at 2600.com, and Rob, yes, you seem to have something to say. I do. 2600 meetings happen all over the world this weekend. 2600.com slash meetings. First Friday of every month, huh? First Friday of every month, unless you're in Israel and it's Thursday. That's right. You can't stop it. We'll be back next week talking about other things as well. Again, write to us, OTH at 2600.com and stay tuned to WBAI. Good night. Children will want them Mothers supply them as long as your killers are heroes And all the media will feed them while Rome runs acting like modern time heroes Prevention is better than cure Bad apples are better than cure You'll gather your senses I'm sure that I agree to Melt the guns and never hold you fire them Melt the guns and never hold you fire them I am speaking to the Justice League of America I am speaking to the Justice League of America The US of A, hey you, yes you, yes you in particular I wanna come to the judgement day and you're standing at the gates in your weaponry You dare go down on one knee, clap your hands in prayer, start quoting me We sing, we sing Our father, we pledge to continue the epidemic in one place now Let's hope they shoot themselves instead of others, have to sterilize the race now We've trapped the souls of the brave in the land of the free and the home of the brave And if you listen quietly, you can hear them shooting from a place so brave If you listen quite quietly, you can hear them shooting from a place so brave If you listen quite quietly, you can hear them shooting from a place so brave The 2019 local station board elections are underway. Visit elections.pacifica.org for candidates' written statements.