Copy
Dream big, fight hard.
View this email in your browser
IN THIS WEEK'S ISSUE: Glassholes at scale, uncompromising Python, and a new course on data center fabrics

Please remember to enable the images; the magazine looks a lot better that way!

Table of Contents

Issue Number 151

 

03/05/2020

 
The "I see you" issue. 
 

Thought For The Week:

Looks like my conference travel plans are being canceled for me.

Surveillance As A Service - Whether You Opted In Or Not

by Drew Conry-Murray


When Google Glass debuted, people were immediately creeped out by a wearer’s ability to take photos and video without a subject’s knowledge or consent.

The ensuing backlash was one of the reasons Google abandoned the consumer version (it still makes Glass for industrial uses). No amount of marketing could shove the word “glasshole” down the memory hole.

While the glasses themselves are gone, the glasshole impulse persists. Call it Glasshole 2.0. It’s been scaled up and carried forward into a new crop of companies that build databases of your face, movements, location, and other details so that they can sell access and analysis services to law enforcement, government agencies, and private companies.

 

Glassholes At Scale

Clearview AI has recently received a swathe of negative media attention as a surveillance purveyor. The company has built a massive database of facial images by scraping social media sites and other sources. It uses this database to provide facial recognition services to clients, including government agencies and corporations.

The company says it takes the power of its application seriously. It has issued a code of conduct and says that only law enforcement and “select security professionals” have access for investigative purposes.

But according to a story in the New York Times, investors and potential clients also have access. They use the application for personal investigations or “…at parties, on dates and at business gatherings, giving demonstrations of its power for fun…”.

 

I Didn't Sign Up For This

Do you remember when Clearview AI asked your permission to include you in its database? Of course not, because the company doesn't ask.

A reporter from Vice used a California privacy law to compel Clearview to tell her what images the company had of her, and documented the steps she had to take to get Clearview to opt her out of its searches.

If you don’t live in a state with a similar privacy law, good luck to you.

Another surveillance company, called Banjo, recently signed a deal with the state of Utah in which the state will provide the company access to traffic cameras, public safety and CCTV cameras, 911 emergency sytems, and other information.

Banjo will combine these feeds with social media information, satellite data, and other sources, and run it all through an artificial intelligence system to alert law enforcement to anomalies that may indicate a crime.

The company says it strips out publicly identifiable information, but a separate Vice story notes that there’s little public oversight over how the AI works, or how it determines what’s relevant to police.

Algorithmic bias is a well-documented problem, which makes the use of “AI” systems in law enforcement especially troubling.

Clearview AI and Banjo are involuntary commercial surveillance systems. If I need to drive on a road, I don’t really have a choice of whether I’m captured on a traffic camera.

If I upload a photo to share with friends on social media, I don’t have much recourse if a third-party site grabs it and adds it to their facial recognition database.

 

Fear Sells

In the United States we've long struggled to balance public safety with personal privacy. That struggle has often been between the government and its citizens.

Now corporations are opening a new front, pitting their profit-making ability against the privacy of the citizen/consumer. Companies such as Clearview AI, Banjo, and Amazon’s Ring have joined forces with government and law enforcement to tip the balance in their favor.

For instance, Ring has partnered with more than 800 police departments in the United States, in which police can access Ring video without a warrant. The EFF notes that Ring provides talking points to police to encourage homeowners to participate, and has even written or approved supposedly impartial endorsements from local police departments.

While individuals may feel safer with always-on surveillance, there’s little evidence that these security systems are effective.

That doesn't stop these companies from trading on fear. They invoke the threat of violent crime and terrorism, and tap into justifiable disgust for child molesters and kidnappers as justifications for the surveillance infrastructure they build and profit from.

Violent crime and children's safety are emotionally powerful arguments. But they shouldn’t be played like trump cards against reasonable concerns about privacy, the misuse and abuse of these tools, problems of false positives and flawed analysis, a need for public oversight, and the rights of citizens against involuntary participation in these corporate surveillance systems.

The Packet Pushers Present...

Things we made to tickle your brain stem.

 

PODCASTS

YOUTUBE

IGNITION - Members Only Premium Content

Not an Ignition member? $99 a year is your all-access pass. Subscribe.

Sponsor: Forward Networks


Automated Verification of Network Designs and End-to-End Policies Is Now Achievable


Forward Networks has pioneered the ability to quickly identify end-to-end network behavior and compare it with intended network, security and application requirements. In seconds, network teams can isolate potential errors, misconfigurations and compliance issues!

Imagine having an all-seeing network brain at your side, 24/7, to oversee all your network updates and verify implementations, while reducing the risk of outages and roll-backs.

Compare network behavior from prior weeks and months to see how policy compliance and network designs have evolved over time. Build custom policy checks to focus visibility on known trouble spots. Get proactive in handling network issues rather than reacting after the fact.

“Fantastic Software to simulate your network and identify and resolve more problems”
— System and Network Administrator in the Services Industry

“Seeing is believing. Forward Networks’ visibility seems pretty close to a holy grail.”
— Remington Loose, Network Architect, @localpref_net

More reviews here.

Schedule a live demo at: http://forwardnetworks.com/request-a-demo
Drew, Greg & Ethan go deep on network design while showcasing the latest industry products and discussing current trends.

Add wit & wonder to your life with Day Two Cloud, as Ned Bellavance tackles the operational realities of cloud with experienced guests.

Technical Blogs

Why are US Broadband Prices so High? - POTs and PANs


https://potsandpansbyccg.com/2020/02/28/why-are-us-broadband-prices-so-high/

Doug Dawson, a long time telecoms analyst, outlines that the lack of regulation of US telcos has resulted in poor competition and high prices in the US. This isn’t a surprise to people in Europe, where regulation is high and competition is fierce as telcos are prevented from abusing the market. (It's also not a surprise to people in the US - Drew)

Telecom regulation has been all but benn killed in the US. This is almost entirely at the bidding of lobbyists. The current FCC went so far as to write themselves out of regulating broadband. All of these events resulted in US broadband that now costs twice as much as the rest of the industrialized world.

There are markets that require regulation to promote competition. This seems to prove that lack of oversight leads to poor quality, high-priced bandwidth. - Greg
 

The Ultimate PCAP - Weberblog.net

https://weberblog.net/the-ultimate-pcap/

Johannes has collected a number of common protocols into this PCAP file to use for study. As someone who blogs in public, it's going to be useful for me as a demo capture (I don’t have a lab anymore). The packet capture remains the absolute source of truth and this is a useful collection to have squirreled away. - Greg

Building a Raspberry Pi Stratum 1 NTP Server - The Life Of Kenneth

http://blog.thelifeofkenneth.com/2020/03/building-raspberry-pi-stratum-1-ntp.html

Fire up your soldering iron and connect a GPS chip to a Raspberry Pi. You’re making an NTP server that really knows where its towel is! Kenneth guides you through it all in fantastic detail. A fun DIY alternative to the commercial solutions that are out there. Because...you need hardcore NTP for the house. Don’t we all? - Ethan

New Ignition Course!

Understanding Data Center Fabrics

Network architect, author, and routing expert Russ White debuts a new course on data center fabrics on Ignition, the Packet Pushers' subscription site. This 9-lesson course combines lectures with diagrams, animations, and illustrations to help you grasp key concepts.

Course participants will learn:

  • Fabric origins in telephone networks
  • Justifications for designing a fabric
  • A brief history of the Clos fabric
  • Key fabric characteristics including tiers, traffic patterns, topologies, trees, and more
  • Options for scaling your fabric and hardware limitations
  • Underlay essentials including the use of BGP
  • Using link state protocols such as IS-IS and OSPF in the underlay
  • Advanced underlay options
If you're already an Ignition member, this course is included and you can start it right now.

Want to sign up? It's $99 a year, which gets you full access to courses, whitepapers, industry analysis, and videos.
Join Chris Wahl & Ethan Banks as they bust silos and explore the latest in cloud, automation, data centers and more.

We're not making any more Datanauts episodes, but you can get the full catalog of all 173 shows here.
Drew Conry-Murray & Greg Ferro deliver fast-paced news and sharp-witted analysis on networking & IT each week. Free virtual donuts.

Community & Opinion Blogs

The uncompromising Python code formatter - The Black Project on GitHub

https://github.com/psf/black

The idea behind Black goes back to Henry Ford’s early Model T sales. You could have any color Model T you wanted, as long as it was black. This is the idea behind Python formatter Black. Your code will be formatted exactly how you want it, as long as that’s the way Black thinks it should be. “Black is the uncompromising Python code formatter. By using it, you agree to cede control over minutiae of hand-formatting.” I like this idea very much, and plan to experiment with Blackening my code. - Ethan

Passing the CompTIA Security+ SY0-501 exam - Inyene Essien

https://www.yennie.co/blog/passing-the-comptia-security-sy0-501-exam

Inyene Essien shares tips and resources (some paid, some free) for folks interested in this security certification. This post strikes a nice balance between sharing details and getting to the point, for which I applaud the author. - Drew

My Cisco Certified DevNet Professional Journey, Part 1 by Nick Russo - Lost in Transit

http://lostintransit.se/2020/03/04/my-cisco-certified-devnet-professional-journey-part-1-by-nick-russo/

Nick Russo makes a guest appearance on Daniel Dib’s blog (it took me a minute to figure out what was going on) to share his tips for success in passing this exam, which he compares in difficulty to the CCIE written. It’s the first of a two-part family of DevNet exams (one core and one specialization) that focus on applications, infrastructure, APIs, automation, and software development. - Drew

Add Nornir.tech To Your Readers - Nornir

https://nornir.tech/

The paint is not even dry on this new site promising to be a content hub for Nornir, an open source network automation tool for Pythonistas. I suspect this will be a good one. - Ethan

For The #LULZ

IT News

The Dystopian Lake Filled by the World’s Tech Lust - BBC Future

https://getpocket.com/explore/item/the-dystopian-lake-filled-by-the-world-s-tech-lust

This incredible article and accompanying photos puts the impact of our technological desires into stark perspective. The sleek gadgets that beguile us come at a substantial environmental and human cost. - Drew

Let's Encrypt Revokes Over 3 Million of Its Digital Certs - Dark Reading

https://www.darkreading.com/operations/lets-encrypt-revokes-over-3-million-of-its-digital-certs/d/d-id/1337241

The certificate authority Let's Encrypt, which is known for its free TLS certs, is revoking millions of certificates after it discovered a bug in its issuing system. If you're on the revocation list, you need new certs or risk being unreachable. You can check here. - Drew

Ed Horley, Tom Coffeen & Scott Hogg take the mystery out of IPv6 deployment. Practical talk about v6 adoption for network engineers.

Scott Lowe discusses the latest automation tools & interviews folks about their journey to becoming a full stack engineer.

Vendor Announcements & Industry Blogs

Python Objects - NetworkToCode Blog

https://blog.networktocode.com/post/Python-Objects/

Jacob McGill explains a crucially fundamental concept of Python programming: objects. Once you grasp classes and objects, reading Python documentation, writing Python code, and using a Python IDE like PyCharm will make a lot more sense. - Ethan

SMB over QUIC: Files Without the VPN - Microsoft

https://techcommunity.microsoft.com/t5/itops-talk-blog/smb-over-quic-files-without-the-vpn/ba-p/1183449

We block TCP445 on the Internet because 1) Microsoft makes insecure software 2) we want to protect data. So when Microsoft announces:

“Departments trying to use Azure Files often find their ISP has blocked port 445. Even though users are just as likely to be deskless and organizations are doing more hybrid computing than ever, SMB hasn’t kept up. That’s all changing with SMB over QUIC.”

I’m not entirely sure that world needs this (except for stupid people asking the wrong questions). Prove me wrong. Greg

The End Bit

Sponsorship and Advertising - Send an email to humaninfrastructure@packetpushers.net for more information. You could reach over 6,300 people. 

Human Infrastructure is weekly newsletter with view, perspectives, and opinions. It is edited and published by Drew Conry-Murray, Greg Ferro, and Ethan Banks from PacketPushers.net. If you'd like to contribute, email Drew at drew.conrymurray@packetpushers.net.

We don't give away your email address or personal details because that would suck. 

Copyright © 2020 Packet Pushers Interactive LLC, All rights reserved.


unsubscribe from this list    update subscription preferences