Flames, infosec shenanigans, Policy, work

On journalism, “fake news,” and the business of news media

I tweeted most of this last night. But as several people have requested, I’m re-posting this here for the purposes of readability, illumination, and annotation.

Journalism is (supposed to be) a search for the truth. It’s not (supposed to be) easy. Like science, sometimes the results are imperfect. Only through peer review, conversation, revisions and (occasionally) corrections does journalism more closely approach the truth.

This is why the drive to make news generation more efficient is so horrible for actual journalism. We’ve already repeatedly seen the problems created by what people call “the news cycle,” particularly on 24-hour cable news networks, but the problem has become more widespread as news media goes “digital.”

The problem with television journalism (especially cable) is that it is transactional, disposable and low fidelity, making quality even harder.  TV journalists are largely generalists thrown at stories with perceived mass appeal, and are expected to quick-read themselves into instant experts on topics they have little if any background in.  (For more on this, see the story I wrote on Sharyl Atkisson in November 2014). It is not a crucible for truth.

If nobody does a sanity/fact check on a story or forces the reporter to defend each sentence, and the focus is on volume, the results will inevitably be lower quality. Narratives will get forced. Facts will be bruised and bent. It’s even worse when there’s a war against truth being waged, and the sources of truth are being destroyed or obscured by bullshit. When you are time-limited and don’t have a review process on story selection and production, bad things can and will happen.

So that’s why it’s especially disheartening to see the New York Times cutting copy editors, and others trading quality for quantity & efficiency. The “digital” process adds more roles for reporters and “preditors” (producer/editors), and by focusing on producing more digital content at the expense of quality control and editorial dialogue, media companies are creating more opportunities for error–and more opportunities for the enemies of truth to exploit those errors to discredit journalism writ large.

The truth can hardly ever be found with efficiency at scale. I’m lucky because Ars is sort of artisanal about journalism. Even so, I know and acknowledge that I make mistakes, especially when thrown headlong into a breaking story. But I make a lot less of those mistakes when I have another editor checking my stuff.

Given how people are actively working to derail journalism and destroy truth, we need to acknowledge how hard a job this is. And we really need to take a step back and look at what “efficiency” and speed in news production actually costs us.

Unfortunately, we’re being driven by a business model that is anathema to deliberateness and reflection. But we need to realize that the more automated, efficient and digitally optimized “news” becomes, the more vulnerable it becomes to manipulation and attack. Journalism needs to take a deep look at its threat model, and harden itself against the forces aligned to bring it down.


Web Culture, work

Fun facts: My Wikipedia cites

When you write for Ars, it’s nice that people notice. And sometimes, they notice enough to cite you on Wikipedia.

Strangely, the first hit I get on Google when searching my Wikipedia cites is for my coverage of a bus company.

Suburban Express – Wikipedia, the free encyclopedia


In early 2013, according to Ars Technica, Suburban Express had developed a “bad reputation online” from reviewers who …. Gallagher, Sean (May 2, 2013).


This was confirmed by Sean Gallagher writing in Ars Technica and by others. However, no one else has confirmed the report that books never opened in ADE …


Jump up ^ Sean Gallagher (Mar 12, 2015). “CryptoLocker look-alike searches for and encrypts PC game files”. Ars Technica. Retrieved 14 March 2015. Jump up …


Sean Gallagher of Ars Technica commented that the key failure was the dependency on automated testing rigs, which “can’t show what the system’s …


Ars Technica. Retrieved 2014-02-18. Jump up ^ Gallagher, Sean (2013-02-15). “Facebook computers compromised by zero-day Java exploit”. Ars Technica.


“Point-of-sale malware infecting Target found hiding in plain sight”. Ars Technica. Retrieved November 8, 2014. Jump up ^ Sean Gallagher (September 18, …

Th3j35t3r – Cybersecurity Wiki

Berkman Center for Internet & Society

Aug 8, 2012 – Sean Gallagher, “Patriotic hacktivist” The Jester unmasked—or maybe it’s a big troll, Ars Technica, May 15, 2012. Retrieved from …

Tailored Access Operations – Wikipedia, the free encyclopedia

Jump up ^ Gallagher, Sean (2013-11-12). “Quantum of pwnness: How NSA and GCHQ hacked OPEC and others”. Ars Technica. Retrieved 2014-01-18.

RSA Security – Wikipedia, the free encyclopedia

Jump up ^ Gallagher, Sean. (2014-01-21) “TrustyCon” security counter-convention planned for RSA refusniks. Ars Technica. Retrieved on 2014-05-11. Jump up …

Tor (anonymity network) – Wikipedia, the free encyclopedia

Jump up ^ Gallagher, Sean (18 April 2014). “Tor network’s ranks of relay servers cut because of Heartbleed bug”. Ars Technica. Retrieved 28 April 2014.
October 22, 2013. Jump up ^ Gallagher, Sean (March 27, 2015). “A $50 device is breaking North Korean government’s grip on media”. Ars Technica. Jump up …

Project Narwhal – Wikipedia, the free encyclopedia

Slate.com. Retrieved 12 November 2012. Jump up ^ Gallagher, Sean (Nov 9, 2012). “Inside Team Romney’s whale of an IT meltdown”. Ars Technica.

Computer security – Wikipedia, the free encyclopedia

… Jump up ^ Gallagher, Sean (May 14, 2014). “Photos of an NSA “upgrade” factory show Cisco router getting implant”. Ars Technica. Retrieved August 3, 2014.

SourceForge – Wikipedia, the free encyclopedia

… Jump up ^ http://arstechnica.com/information-technology/2015/05/sourceforge-grabs-gimp-for-windows-account-wraps-installer-in-bundle-pushing-adware/ …

Syrian Electronic Army – Wikipedia, the free encyclopedia

Jump up ^ Gallagher, Sean (May 8, 2013). “Network Solutions seizes over 700 domains registered to Syrians”. Ars Technica. Retrieved October 15, 2014.
2010-04-06. Retrieved 2014-01-12. ^ Jump up to: Gallagher, Sean. “How IBM’s Deep Thunder delivers “hyper-local” forecasts 3-1/2 days out”. Ars Technica.

Random-access memory – Wikipedia, the free encyclopedia


Jump up ^ Gallagher, Sean. “Memory that never forgets: non-volatile DIMMs hit the market”. Ars Technica. Jump up ^ Bellis, Mary. “The Invention of the Intel …

Kim Dotcom – Wikipedia, the free encyclopedia

Jump up ^ <http://arstechnica.com/tech-policy/2015/01/why-kim-dotcom-hasnt- … Kim Dotcom, 26 January 2012; Jump up ^ Gallagher, Sean (26 January 2012).

Ubuntu (operating system) – Wikipedia, the free encyclopedia

Jump up ^ Gallagher, Sean (20 November 2012). “How Team Obama’s tech efficiency left Romney IT in dust”. Ars Technica. Retrieved 4 December 2012.
Jump up ^ Gallagher, Sean (June 26, 2015). “Private investigator snooped on e-mail of Scientology critics [Updated]”. Ars Technica. Retrieved June 27, 2015.

Chubby Checker – Wikipedia, the free encyclopedia

Archived from the original on 2008-02-09. Jump up ^ Gallagher, Sean (2013-02-14). “HP sued by Chubby Checker over webOS penis size app”. Ars Technica.

Megaupload – Wikipedia, the free encyclopedia

Jump up ^ Gallagher, Sean (30 January 2012). “Feds: Megaupload user files may be deleted starting Thursday”. Arstechnica. Archived from the original on …

UltraSPARC T1 – Wikipedia, the free encyclopedia

Jump up ^ Sean Gallagher (28 September 2011), “SPARC T4 looks to be good enough to stave off defections to x86, Linux”, arstechnica.com (Ars Technica) …

Microsoft Office 2013 – Wikipedia, the free encyclopedia

Retrieved August 26, 2012. Jump up ^ Gallagher, Sean (July 16, 2012). “Office 2013: Microsoft’s bid to win the future”. Ars Technica. Retrieved June 7, 2013.

Seagate. Retrieved 3 November 2013. Jump up ^ Gallagher, Sean (27 October 2013). “Seagate introduces a new drive interface: Ethernet”. Arstechnica.com.

Naval aviation – Wikipedia, the free encyclopedia

Jump up ^ Gallagher, Sean (23 April 2014). “Top Gun, robot-style: Navy moves ahead on carrier-based drone program”. arstechnica. Retrieved 24 March 2015.

Gordon Lyon – Wikipedia, the free encyclopedia


Website, http://insecure.org/fyodor/ … Org — The top 100 network security tools (ranked by thousands of Nmap … Jump up ^ Sean Gallagher (4 June 2015). “Black “mirror”: SourceForge has now seized Nmap audit tool project”. Ars Technica.

That’s what I’ve found so far. Feel free to quote me.

Administrivia, work

Web rot, SQL injection, and life

Recently, I went to check up on my personal website to find a link for my father for a story I wrote about virtualized desktops in education.  I ended up redirecting the domain name to this blog, which holds much of the archives of my personal musings over more than a decade, and sending him the Word file of the story instead.

That’s because I found that in the month or two since I had bothered to look at it (what with a certain other site demanding more of my attention), someone had  hacked the thing and turned it into a virus farm. These are the risks you run when you trust your digital namesake to a $7-a-month hosting provider. I also found that the site I had written the story for had been shut down, and over a year of work consigned to /dev/null.

I was amused, ironically, more than upset.  I’ve been writing about website hacks for a while, and it was pretty clear what had happened once visiting my home page resulted in a file download starting.  Obviously, I had missed the last WordPress security patch, or someone had found another SQL-injection attack point to go after. That’s okay. It gave me an excuse to delete it and consolidate.

Though I am still recovering my clip file from the bowels of a hosed MySQL database, perhaps those clips are best left w here they were—after all, half of them point to dead websites, or to sites that have changed their structure, or sites that have been sold five or six times and their archives have been purged.  If you write for the web, you are writing ephemera. Few stories written for the web stand the test of time; they are written in the moment, and then the moment changes.

Looking at some of my posts on this blog from long ago, it’s hard to say anything but the personal ones have any value anymore. There’s a lot that’s happened in the last few years that has not made it to these pages, because it’s been shared instead in person, over the phone, on Facebook, over SMS or IRC or IM. I’m ok with that. Some of it may find its way here eventually, or into other things I write, but my words have been shared where they have counted, for friendship, family, karma and commerce.

If you’re looking for a more thorough accounting of where my brain is, take a look at my author page on Ars Technica, or my Twitter feed, or my Google+ page. Or, you could always ask me personally.

Baltimore, buzzword compliance, dot-communism, Friends, work

Nesting, flocking, and the solitary geek

i have now been a telecommuter for almost 15 years – nearly three times as long as I’ve spent in “traditional” work environments. Sure, I’ve spent time in the office on each of those jobs–some more than others. But it’s always been clear to me that I have been operating at a handicap by not physically being in the office–both professionally and psychically. The benefits to my family have usually outweighed those–we haven’t had to move from Baltimore, where we can afford to live comfortably (relatively speaking) and the kids have had stability; I haven’t had to deal with daily commutes, and have had more time to participate in my family’s life (at least until the last couple of years), and there have been other direct and indirect lifestyle benefits.

But I’ve been going out of my fucking mind.

My current company is at least geographically relatively close, compared to previous employers — a 75-mile drive, an hour-and-a-half commute off peak. I spend most Mondays in the office just so people know I exist. It’s certainly less of a grind than my last corporate gig, where I spent nearly every other week flying to New England, and the folks at the office park Sheraton knew me by name. That job drove me to the edge, to dark places I never want to go again, with the lost hours in airports, on Southwest, on the 128 to Needham, in a bad hotel restaurant, in cubeland trying to figure out why things were so fucked and what it was exactly I was supposed to be doing since nobody knew I existed even when I was there.

But I digress.

There is a great deal of what I do that is best done in isolation, with no interruptions. I find that I write best in the dark hours, when the house is quiet, and there are no interruptions– or at least that’s when I am *able* to write. But the inspiration for writing has to come from a more social world, and my brain needs other people to engage it sometimes.

That became clear to me when I stood up and guided a session at the recent SocialDevCampEast here in Baltimore, and then participated in several more. Part of it is ego, and part of it is just plain human need — I like the feedback that comes with gettting up and talking and thinking on my feet, and I like talking about things I’m passionate about. As solitary as I am most of the time, I am a social animal, and given my usual isolation, I find that I need approval and acceptance all the more so when I get the opportunity.

In other words, I’m a needy, egotistical serial loner. Quite the personality profile.

But, as it turns out, a lot of other very smart people are also needy, egotistical serial loners looking to be more social. One of the conversations at SocialDevCampEast was about co-working.

Dave Troy, who I used to occasionally co-guest with on the Marc Steiner Show (on what was then WJHU, along with Eric Monti) , is leading ab effort to bring co-working in the style of Philadelphia’s Indy Hall to Baltimore. Co-working, for the uninitiated, is a social approach to independent info-working, providing the professional and creative benefits of networking and idea bouncing for those who might itherwise spend the day talking to their cat.

So far, the Beehive group has been meeting at Blue House, a Fells Point coffee shop, and doing Tuesday and Thursday “jellies”-sessions where people loosely show up and work in each other’s company and leech off the establishment’s wifi. But plans are in the works for an actual shared space in Canton.

I, unfortunately, have yet to get to a jelly. But I think I’ll be trying to frequent the shared space when it opens, being as it beats driving to Falls Church for a day in the office.

buzzword compliance, dot-communism, work


I’m listening to a speaker from Hampton Roads Transit sing the praises of Google Transit. Last night, the folks from Alabama’s Homeland Security showed off Virtual Alabama, a statewide geospatial application built on Google Earth, which incorporated county data and aerial imagery with utility, law enforcement, school district and other data to create an all-seeing first responder’s application–allowing users, for example, to overlay sex offender data on school bus routes.

Government, especially local and state, loves the word free. And Google’s geospatial and other data standards have made them even more dear to them, since local government data has been locked up in GIS and other databases that would cost millions to integrate independently.

Also, it’ll make the transition to googlement that much easier when the googleplex takes over the world.

comings and goings, General Chaos, work

Return from the Wilderness

OK, I haven’t been gone, really. But let me just say that when you work at home like I do, and things go wrong with one part of the work/life balance, it all goes to shit.

I have no one to blame, really, but myself. Just because you can do a job doesn’t mean that you should take the damned thing. And sure, the first six months were filled with energy, ego-stroking attention, and other good things.

But the travel killed me. It really did. And the more I travelled, the less I slept, the less energy I had, the more introverted I became, the more useless to pretty much every freaking person in the universe I became. I imploded.

Unfortunately, I denied much of it up until the end. And then one day, WOOSH, it crushed me into a little tiny ball and spit me out.

I should have seen it coming. But few trapped inside the event horizon can see beyond it. Thankfully, the collapse freed me from the things that had prevented me from seeing the problem — a problem that, admittedly, I’ve struggled with before. I had fallen down the not-writing rabbit hole again, and it took all my creativity and ability to think rationally along with it.

And now I have emerged. Well, I