Who killed Shireen?

CPJ calls for swift, transparent investigation into shooting death of  Al-Jazeera's Shireen Abu Akleh while reporting in West Bank - Committee to  Protect JournalistsThe killing of Al Jazeera veteran journalist Shireen Abu Akleh last week has haunted me in the days since it happened. She was covering a raid by Israeli forces in the refugee camp of Jenin in the West Bank. For specifics about what happened, I would urge you to read Bellingcat’s analysis.

The Israelis initially said she was killed by Palestinians, then changed their story to say they weren’t sure who actually fired the fatal shot. Various other sources, including representatives of the Palestinian government and various Al Jazeera reports that have aired in the past week, claim it was Israelis, and done deliberately. These reports state that a sniper took careful aim at Shireen because she was wearing body armor and a helmet. The single shot hit her head just below her ear, which wasn’t protected.

The map shows her position (the red dot at the top), as well as the positions of Army forces and Palestinians. Both groups were similarly armed with M4 assault rifles using the same ammunition. I’ll get back to this in a moment.

What is even sadder about the circumstances surrounding Shireen’s death are the circumstances around her funeral. There were additional clashes with the Israeli army and police at both the hospital morgue and the church where her services were held. I am not going to link to the video clips but let’s just say it is pretty clear that “clashes” is probably not the best descriptor. Tensions and emotions were high, and it was ugly.

There have been 19 journalists killed in Israel (including Gaza and the West Bank) over the past two decades. That link will take you to the Committee to Protect Journalists — two other people have been killed there without confirmed motives. What makes this more personal for me was first, Shireen was a dual American/Palestinian citizen and a journalist. She is buried in the Christian cemetery that I visited three years ago when I was searching for the grave of Oskar Schindler. The route that took her to the cemetery is one that I have frequently walked over my many visits to the city. Finally, I have seen numerous reports of hers over the years that I have watched the Al Jazeera English channel, and admired her reporting and how often she was in the line of conflict. She was amazingly courageous.

Now, figuring out the origins of that bullet aren’t going to be easy. The Israelis and Palestinians don’t want to work together, but to have a definitive answer means you need to test the guns that were used that day. Some of them have been collected, but the chain of custody is probably broken on both the bullet and the weapons. Never has a single bullet carried so much weight since that November day in Dallas when JFK was killed.

I mourn Shireen’s death greatly.

Retaining my back catalog

Taylor Swift and I have something in common: we both are having trouble retaining our back catalogs. In her case, she is busily re-recording her first six albums since the originals are now under the control of a venture-backed investment group. In essence, she is trying to devalue her earlier work and release new versions that improve upon the recordings. In my case, I am just trying to keep my original blog posts and other content available to my readers, despite the continued effort by my blog editors to remove this content. Granted, many of these posts are from several years ago, back when we lived in simpler times. And certainly a lot of what I wrote about then has been eclipsed by recent events or newer software versions, but still: a lot hasn’t. Maybe I need to add more cowbell, or sharpen up the snare drums. If only.

I realize that many of my clients want to clean up their web properties and put some shiny new content in place. But why not keep the older stuff around, at least in some dusty archive that can still receive some SEO goodness and bring some eyeballs into the site? Certainly, it can’t be the cost of storage that is getting in the way. Maybe some of you have even done content audits, to determine which pieces of content are actually delivering those eyeballs. Good for you.

Although that link recommends non-relevant content removal, which I don’t agree. I think you should preserve the historical record, so that future generations can come back and get a feel for what the pioneers who were making their mark on the internet once said and felt and had to deal with.

Some newspaper sites take this to the extreme. In July 2015, the venerable Boston Globe newspaper sent out a tweet with a typo, shown here. Typos happen, but this one was pretty odd. How one goes from “investigate” to “investifart” is perhaps a mystery we will never solve, but the Globe was a good sport about it, later tweeting, “As policy we do not delete typographical errors on Twitter, but do correct#investifarted…” Of course, #investifarted was trending before long. The lesson learned here: As long as you haven’t offended anyone, it’s ok to have a sense of humor about mistakes.

Both Tay and I are concerned about our content’s legacy, and having control over who is going to consume it. Granted, my audience skews a bit older than Tay’s –  although I do follow “her” on Twitter and take her infosec advice. At least, I follow someone with her name.

I have lost count on the number of websites that have come and gone during the decades that I have been writing about technology. It certainly is in the dozens. I am not bragging. I wish these sites were still available on something other than archive.org (which is a fine effort, but not very useful at tracking down a specific post).

I applaud Tay’s efforts at re-recording her earlier work. And I will take some time to post my unedited versions of my favorite pieces when I have the time, typos and investifarts and all.

In any event, I hope all you stay healthy and safe this holiday season.

 

 

FIR podcast episode #151: How Akamai rebuilt its website and drove customer engagement

Few of us get to have as much influence over a more public website than Annalisa Church, VP Digital Technology, Insights & Operations for Akamai.  She has built a career on converging marketing and technology to drive better experiences for customers and build long-term value for enterprises. She is devoted to transforming marketing into a data-driven organization through actionable insights and ensuring the voice of the customer. Prior to Akamai, she worked for eight years in Dell’s marketing department.

Annalisa recently led a massive overhaul of the Akamai website, which is available in nine different languages, with more than 1,200 pages in English covering 18 different products.  The site has tremendous customer engagement, with one million monthly visitors, and almost two-thirds of them become customers after visiting the site.

The diagram below shows some of the changes that Church implemented during her redesign to make it more effective and more relevant to visitors. These efforts have paid off in terms of more engagement, more conversions from visitors to customers, and wider impact.


Listen to our podcast here:

How one startup team has created five successful exits

It is an origin story that has been told numerous times: a group of computer nerds meets in college and goes on to build a software startup, eventually selling their company. But this is a story with a twist: four of the team members met more than 20 years ago when they were undergrad engineers at Carnegie Mellon University. Together with a fifth team member they would go on to have five different and successful exits at various tech startups.

The team includes Peter Pezaris (CEO and developer), David Hersh (product manager), James Price (devops), Michael Gersh (marketing/analytics) and latecomer Claudio Pinkus (who joined the others 13 years ago).

Their projects included:

  • Codestream, a devops collaboration platform which was founded in 2017. Earlier this summer, NewRelic announced they were acquiring the company this week.
  • Glip.com, a team collaboration platform acquired by RingCentral in 2015.
  • Multiply.com, a social commerce platform acquired by Naspers in 2010.
  • Commissioner.com, one of the first online fantasy sports platforms, which was acquired by CBS/Sportsline, and
  • Ask.com, acquired by IAC in 2005.

I wrote a story about the team — Hersh is married to my wife’s cousin — and hopefully can link to it here eventually. What is notable about Codestream is how they took an open source offering and parlayed this into a commercial success. Sure there are other stories about how major software vendors such as IBM, Oracle and others have acquired open source companies. This is just one that i knew about personally.

Avast blog: The importance of equitable and inclusive access to digital learning

Schools continue to remain closed around the world. A UNICEF analysis last summer found that close to half a million students remain cut off from their education, thanks to a lack of remote learning policies or lack of gear needed to do remote learning from their homes. And as UNICEF admits, this number is probably on the low side because of skill gaps with parents and teachers to help their kids learn effectively with online tools.

While the situation has improved since last year and more kids are back in their actual classrooms, there are still critical gaps in math and reading skills and a wide disparity when country-wide data is compared. The equity/inclusion problem isn’t exactly new, but the pandemic has focused awareness and foreshadowed the obstacles. I discuss this in my latest blog post for Avast here.

Telegram designs the ideal hate platform

Last week the Parler social network went back online, after several weeks of being offline. Its return got me thinking more about what the ideal hate platform is. I think there are two essential elements: the ability to recruit new followers to hate groups, and the ability to amplify their message. The two are related: you ideally need both. Parler, for all the talk about its hate-mongering, really isn’t the right technical solution, and I will explain why Telegram has succeeded.

This blog post comes out of email discussions that I have had with Megan Squire who studies these groups for a living as a security researcher and CS professor. She gave me the idea when we were discussing this report from the Southern Poverty Law Center on how Telegram has changed the nature of hate speech. It is a chilling document that tracks the rise of these groups over the past year. But the SPLC isn’t the only one paying attention: numerous other computer science researchers have tracked the explosive growth in these pro-hate groups since the Capitol January riots and other seminal events in the hate landscape.

Telegram’s rise in numbers doesn’t tell the complete story. Telegram has crafted a more complete social platform for distributing hate speech and recruiting new followers. Certainly, Facebook still has the largest user base, but their tech hate stack (if you want to give it a name) is nowhere near as well developed as Telegram’s, and Parler’s is a distant third. Compare the three networks below in terms of both amplification and recruitment elements:

Criteria Parler Facebook Telegram
Type of service Microblog Social network Messaging+
Coherent and transparent reporting process for hate speech No Mostly and improving No
Support email inbox No Yes No
Content moderation team It depends Yes It depends (see below)
Appeals process Yes Yes No
Encrypted messaging No Separate app Built-in
Corporate HQ location USA (for now) USA Dubai
Growth in English-speaking hate group followers Unknown Unknown Huge growth (SPLC report)
Group cloud-based file storage No No < 2 GB
Group-based sticker sets No No Yes
Bot infrastructure and in-group payment processing No No Yes

“Telegram is absolutely the platform of choice right now for the harder-edged groups. This is for technical reasons as well as access/moderation reasons,” says Squire. You can see the dichotomy in the table above: most of the moderation features that are (finally) part of Facebook are nowhere to be found or are implemented poorly on Telegram, and Parler is pretty much a no-show. Telegram’s file-sharing feature, for example, “allows hate groups to store and quickly disseminate e-books, podcasts, instruction manuals, and videos in easy-to-use propaganda libraries.” I have put links in the chart above to descriptions on why the bot infrastructure and sticker creation features are so useful to these hate groups.

What about moderating content? Here we have conflicting information. I labeled the boxes for Parler and Telegram as “it depends.” Telegram has said that their users do content moderation. In their FAQ they claim to have a team of moderators. For Parler, their community guidelines document says in one place that they don’t moderate or remove content, and in another that they do. My guess is that they both do very little moderation.

The picture for Parler is pretty bleak. If they do succeed in keeping their site up and running (which isn’t a foregone conclusion), they have almost none of the elements that I call out for Facebook and Telegram. Using the Twitter micro-blogging model doesn’t make them very effective at amplification of their messages (at least, not until some of their personalities can bring over huge crowds of followers) or in recruitment, especially now that their mobile apps have been neutered.

There are two technical items that are both useful for Telegram: its encrypted messaging feature and the difference between its mobile app and web interfaces. Much has been written about the messaging features between the different social networks (including my own blog post for Avast here). But Telegram does a better job both at protecting its users’ privacy (than Facebook Messenger) and has much better integration into its main social network code.

The second item is how content can be viewed by Telegram users. To get approval for its app on the iTunes and Google Play app stores, Telegram has put in place self-censorship “flags” so that mobile users can’t view the most heinous posts. But all of this content is easily viewed in a web browser. Parler could choose to go this route, if they can get their site consistently running.

As you can see, defining the tech hate stack isn’t a simple process, and evolving as hate groups figure out how to attract viewership.

N.B.: If you want to read more blogs about the intersection with tech and hate, there is this post where I examine the evolution of holocaust deniers and this post on fighting online disinformation and hate speech.

Network Solutions blog: How to Recognize and Prevent Homograph Attacks

I have written a few times about ways to prevent brandjacking. In this blog post for Network Solutions, I discuss the use of homoglyph or homograph attacks by cybercriminals. These attacks involve exploiting international domain names and the idea is simple to explain once you know a bit of Internet history.

When the Internet was first created, it was based on using Roman alphabet characters in domain names. This is the character set that is used by many of the world’s languages, but not all of them. As the Internet expanded across the globe, it connected countries where other alphabets were in use, such as Arabic or Mandarin. 

Several years ago, researchers discovered the homograph ploy, and since then all modern browsers have been updated to recognize the homograph attack methods of using “xn–80ak6aa92e.com” instead of “apple.com.” I go into the details in my blog post and you can see an example of how a browser responds above.

There is an important lesson here for IT professionals: watch out for injection-style attacks across your web infrastructure. Every element of your web pages can be compromised, even rarely-used tiny icon files. By paying attention to all possible threats today, you’ll save yourself and your organization a lot of trouble tomorrow.

Internet Protocol Journal: Selling my IPv4 block

If your company owns a block of IPv4 addresses and is interested in selling it, or if your company wants to purchase additional addresses, now may be the best time to do so. For sellers, a good reason to sell address blocks is to make money and get some use out of an old corporate asset. If your company has acquired other businesses, particularly ones that have assets from the early Internet pioneers, chances are you might already have at least one range that is gathering dust, or is underused.

So began an interesting journey for me and my range of class C addresses. It took months to figure out the right broker to list my block and to work through the many issues to prove that I actually was assigned it back in the mid 1990s. Thus began my own journey to correct this information and get it ready for resale. The process involved spending a lot of time studying the various transfer webpages at ARIN, calling their transfer hotline several times for clarifications on their process, and paying a $300 transfer fee to start things off. ARIN staff promises a 48-hour turnaround to answer e-mails, and that can stretch out the time to prepare your block if you have a lot of back-and-forth interactions, as I did.

You can read my report in the current issue of the Internet Protocol Journal here. I review some of the historical context about IPv4 address depletion, the evolution of the used address marketplace, the role of the block brokers and the steps that I took to transfer and sell my block.

I remember c|net: a look back on computing in the mid-1990s

The news this week is that c|net (and ZDnet) have been sold to a private equity firm. I remember when c|net was just starting out, because I wrote one of the first hands-on reviews of web server software back in 1996. To test these products, I worked with a new company at the time called Keylabs. They were the team that built one of the first huge, 1000-PC testing labs at Novell and were spun out as a separate company, eventually spinning off their own endpoint automation software company called Altiris that was acquired by Symantec and now is part of Broadcom. They were eager to show their bona fides and worked with me to run multiple PC tests involving hundreds of computers trying to bang away on each web server product. “1996 was an exciting time for computing,” said Jan Newman who is now a partner at the VC firm SageCreek and was one of the Keylabs founders. “The internet was gathering steam and focus was changing from file and print servers to the web. I believe this project with David was the very first of its kind in the industry. It was exciting to watch new platforms rise to prominence.” Now we have virtual machines and other ways to stress test products. The review shows how the web was won back in the early days.

Here are some observations from re-reading that piece.

  1. The demise of NetWare as a server platform. Back in the mid 1990s, NetWare — and its associated IPX protocol — was everywhere, until Microsoft and the Internet happened. Now it is about as hard to find as a COBOL developer. One advantage that NetWare had was it was efficient: you could run a web server on a 486 box at about the same performance as any of the Windows servers running on a faster Pentium CPU.
  2. Remember Windows NT? That was the main Microsoft server platform at the time. It came in four different versions: running on Intel, DEC Alpha, MIPS and PowerPC processors. Those latter two were RISC processors that mostly have disappeared, although Apple Macs and Microsoft Xbox’s  ran on PowerPCs for years.
  3. Remember Netscape? In addition to their web browser that made Mark Andreesen rich, they also had their own web server, called FastTrack, that was in beta at the time of my review. Despite being a solid performer, it never caught on. It did support both Java and JavaScript, something that the NT-only web servers didn’t initially offer.
  4. The web wasn’t the only data server game. Back in the mid-1990s, we had FTP, and Gopher as popular precursors. While you can still find FTP (I mainly use to transfer files to my web server and to get content to cloud images), Gopher (which got its name from the University of Minnesota team mascot) is gone into a deep, dark hole.
  5. Microsoft’s web server, IIS, was underwhelming when first was released. It didn’t support Java, didn’t do server-side includes (an early way to use dynamic content), didn’t have a web-based management tool, didn’t support hosting multiple domains unless you used separate network adapters, didn’t have any proxy server support and made use of an unsecured user accounts. Of course, now it is one of the top web server platforms with Apache.
  6. You think your computer is slow? How about a 200 MHz Pentium. That was about as fast as you could expect back then. And installing 16 MB of RAM and using 10/100 Ethernet networks were the norm.

Getting my kicks on the old Route 66

Like many of you this past Labor Day weekend, my wife and I took a drive to get out of our pandemic bubble. And as the NY Times ran this piece, we also got our kicks on Route 66. Their photographer went to the portion through Arizona and New Mexico; we stayed a lot closer to home, about an hour’s drive from St. Louis. This wasn’t our first time visiting this area, but we wanted to see a few sights from a safe distance, and also for my wife to visit an ancestral home not far off the Mother Road, as it is called.

St. Louis has a complicated relationship with Route 66: there are many different paths that the road took through the city to cross the Mississippi River at various bridges over the years the road was active. And for those of you that want to discover the road in other parts of the country, you will quickly find that patience is perhaps the biggest skill you’ll need. Different parts were decommissioned or rerouted after the freeways were constructed that brought about its demise. In our part of the country, that is I-44, which goes between St. Louis and Oklahoma City, where it connects up with I-40.

My favorite Route 66 memory spot within city limits has to be the old Chain of Rocks Bridge, which was opened in the 1930s and was featured in that now classic film “Escape From New York.” The bridge is now a bike/pedestrian path and it is one of the few bridges that is deliberately bent in the middle. It lies on the riverfront bike trail that I have been on often.

Once you leave the city and head west you need to be a determined tracker. Many parts of it are on the map as the I-44 service road, but that doesn’t tell the entire story about the actual original roadbed that in many cases no longer exists. Speaking of which, one of the places that you might have heard of is Times Beach. The beach refers to the Meramec River and the reason for its memory is this is the town that became contaminated with Dioxin. Now the streets remain but not much else, and the state has turned it into a state park. The visitor center is a former roadhouse that was built in 1936. Speaking of other bygone inns, in a few miles you’ll pass the Gardenway Motel near Gray’s Summit. The motel had 40 rooms and was built in 1945 and eventually closed in 2014. It was owned by the same family during its entire run. A separate advertising sign still stands down the road.

There are a lot of other classic signs nearby too, but like I said you have to spend some time exploring to find them. If you are looking to stay in one of the period motels that is still operating, you might try the Wagon Wheel in Cuba, a few miles further west.

Another example of the bygone era that Route 66 spanned was captured by this National Park Service webpage on the Green Book. This was a guide for Black motorists who couldn’t stay at the then-segregated lodgings mentioned above. Mrs. Hilliard’s Motel in St. Clair, which is in the area, operated briefly in the 1960s. The guide (which was published annually from 1936 to 1964 by Victor Green) had other recommended and safe places for Black travelers such as dining and gas stations. Our history museum has an excellent explanation of its use and some sample pages here, which you can contrast with what was portrayed in the 2018 film.

One of the things that I learned when traveling in Poland is that history is often what you don’t see, sometimes painfully removed, other times left to rot and decay. That will require some investigation. Route 66 is a real time capsule to be sure.