Good Monday morning. It’s August 26th.  Greta Thunberg, a 16-year-old climate activist, is due to arrive Tuesday in New York. She is traveling on a zero-emissions sailboat. You can read more about her trip at Moms Clean Air Force.

Reminder: next Monday is Labor Day in the U.S. and there won’t be a Spotlight.

Today’s Spotlight takes about 4 minutes to read. Want to chat about something you see here? Leave a reply.

2. News To Know Now

1.  Police increasingly use social media, we told you last week, and now we’re reading details of police discounts for Amazon’s Ring service, free training, and police recommending the product to citizens through official channels.  Ars Technica has a good overview.

2.  Open AI is releasing its 774 million parameter AI language program just six months after releasing the 124M model. The organization continues to advocate for more protections as models with 10 times the number of parameters are being tested now.

3. Knowing what is appropriate is vexing researchers. The University of Washington released a study that shows AI can incorrectly flag hate speech almost half the time and appears at times to be racially biased.

4. Human content moderation takes a painful toll. The Intercept reports that Facebook contractors view up to 800 pieces of “disturbing content” each hour and “routinely turn to on-site counselors to help cope”. Accenture, the employer that has the Facebook contract, has attempted to learn the content of therapy sessions according to a whistleblower’s letter.

3.  Old Passwords Still Being Used

Passwords are a pain. They seem unnecessary and everything would be great if digital systems could simply identify us. But since we live in this world, and this world still requires good passwords, please note some scary goings-on.

Data first.  We told you this winter about a Google Chrome extension that checks the password you are using against a database of hacked passwords. Google reported this week that the extension detected 315,000 compromised passwords being used. The good news is that 26% of those who were warned took the opportunity to get a new password which makes me question whether we want the other 74% to continue to have access to passwords.

Doing your best, like using VPN software to secure your communications isn’t a simple fix.  Ars is reporting that Fortigate and Pulse Secure have vulnerabilities that hackers are actively exploiting to steal passwords. In their words, “Now would be a good time to make sure they’re patched.”

Poor data hygiene has bedeviled government agencies for years. Three events this week underscore how much government relies on outdated equipment or the self-discipline of thousands of users.

Hackers coordinated an attack that breached 23 municipal networks in Texas. We’ve told you about ransomware in some small Florida cities and larger attacks in Atlanta and Baltimore, but security experts were surprised at the coordination and speed of these attacks. (Texas state government page)

Wisconsin election offices are also vulnerable according to the Elections Commission’s top cybersecurity official. Tony Bridges says that 527 local elections officials use Windows XP or Windows 7. XP has not received security updates since 2014. Those updates end in January for Windows 7. 

Maine is spending $1 million because of the same issues that affect 10,000 of their computers. The state’s CIO says that Maine is spending the money because Microsoft won’t continue free support of the software it released ten years ago. (Bangor Daily News)

Our take: Stay safe(r) by using multiple protection methods. Use a password manager (we like LastPass), a physical security key (Yubico is what we use), and allow your software, especially your operating system, to be regularly updated. Once that’s done, install a good antivirus program with malware scanning. Finally, use two-factor authentication (2FA) for everything you can, but especially your email, access to work networks, and social media. 

4.  SearchWeek: News about finding things online

You’re not the only one who sometimes can’t find a backup.

Google acknowledged this month that it “temporarily lost part of the Search index” in April. It was a computer engineering nightmare that they’ve helpfully documented the way your kid claimed that the paper was emailed to the teacher. It would be a weird issue but for the fact that they did it or something similar in July and then again on August 20th. Quoting Google’s Danny Sullivan in SEO Roundtable’s coverage, “Yes, I believe there might be some issues” in response to Roundtable’s editor posting that some sites were having trouble getting new content into Google’s index.

We also learned from SparkToro that less than half of Google searches now result in a click. We’ve been telling you about all the video, audio, and other rich media Google is publishing on its search pages. Google says that organizing the world’s information, not publicizing websites, remains its goal.

5. Debugged: Freshman Orientation

Snopes is out with a special article debunking college legends like the library sinking from the weight of its books.

How long must students wait for an absent professor?

6. Also in the Spotlight

Estee Lauder’s CEO says that half its marketing budget is going to influencers, reports Ad Week (and wow!)

Kohls is going the other way with a clothing collection influenced by Facebook data it receives. Don’t forget that Kohls also cut a deal with Amazon to accept returns. How ironic would it be if Kohls becomes a retail winner in the tech age?

Joseph Tartaro bought a vanity license plate: NULL. That’s a condition computer programs often use when no data is present. The result is a madcap story of more than $12,000 owed in fines he didn’t actually get ticketed for.  Read more at Wired.

7. Food for Thought:  Email Jargon

From vacation, Shaun sent me this new data he was perusing in Statista as one does when they’re on vacation. These are the phrases your co-workers hate.

Not sure if you saw my last email, but per our conversation…

8. Protip: Spam in your Google Calendar

I started hearing some people complain about spam in their Google Calendar and figured they had copied the email link to the wrong place. Then a lot of people began complaining.  Yep, spammers figured it out.

How-To Geek has a remedy, but only if you’ve been hit

9. Great Data: A New Look at the Top 100 Websites

This is the best treatment I’ve ever seen for the top 100 websites. Traffic volume is included as is color-coding for the owners of the sites. Porn and scam websites are also included as are sites in China, Japan, Indonesia, and Russia. For example, MicrosoftOnline dot com is the 52nd largest site in terms of traffic, but is a phishing scam that is not affiliated with Microsoft.

In other words, this is the real world wide web that puts the porn sites in their actual places, including the top ten, and associates LinkedIn with Microsoft and #30 Twitch with Amazon.

Top 100 Websites by Visual Capitalist

10. Coffee Break:  Google Goes to Oz

On this 80th anniversary of the Wizard of Oz, Google has made a fun Easter Egg tribute to the beloved movie. Here’s how to activate it.

1. Search for The Wizard of Oz on Google.
2. Click the image of Dorothy’s slippers on the right side of the page.
3. Wheee… you’re back in black-and-white days in Kansas. 
4. To go back to color, click the tornado image now in the spot where you found the slippers. 
5. Whee again!

In This Email

Social media, China, Amazon Ring, ICE, Palantir, Pentagon, Instagram, WordPress, Tumblr, What3Words, Facebook, facial recognition, Calm, Amazon, YouTube, PayPal, Panda cheese

2. News To Know Now

1.  Facebook contractors listened to and transcribed recordings of Facebook Messenger and Chat audio. The company said it used the transcriptions to improve voice recognition services “much like Google and Amazon”. Bloomberg broke the story.

2.  WordPress’ parent company Automattic bought Tumblr from Verizon for $3 million. Tumblr had been purchased by Verizon acquiree Yahoo just six years ago for more than $1 billion.  Yahoo famously turned down buying Google twice and Facebook once. They also turned down a $44 billion offer from Microsoft in 2008 and were acquired by Verizon nine years later for only $4.5 billion.

3. What3Words is a UK-based app whose developers have divided the world into 57 trillion discrete areas measuring 3 square meters. The app was the subject of a glowing BBC story about pinpointing locations for meetups or emergencies and spent the weekend going viral on Facebook. Read the article.

4. ctrl shift face has been wowing people with deep fakes of movie scenes and interviews for months. Their latest is a sequence featuring a Bill Hader interview where he quotes and his face morphs into Tom Cruise and Seth Rogen’s appearances.  Check it out below.

3.  How Police Use Social Media

Law enforcement organizations continue making news by using consumer technology to buttress enforcement and analysis. 

Cozy relationships between Amazon and more than 200 U.S. agencies are under attack. We’ve told you before that Amazon asks for access to live emergency dispatch feeds for the Ring network. We’re also learning via an explosive Vice expose that Amazon has exerted control over online police statements regarding Ring data.

Amazon distributes 46 standardized responses including some in which police officers advocate the purchase of a Ring system according to heavily sourced reporting from Vice regarding police in Topeka and northern New Jersey.

New York City Police, meanwhile, are under fire for uploading mugshots of juveniles as young as eleven years old into facial recognition databases despite facial recognition algorithms not performing as well with younger faces.

Technology companies and law enforcement can also be on opposite sides of an issue. Apple famously refused to cooperate with the FBI in unlocking a mass shooter’s iPhone. And police in Hong Kong are reportedly “prying open protestors’ shut eyes” to unlock their phones according to MIT Technology Review. Experts say that the issue of unlocking phones via biometrics instead of a passcode is not adequately addressed by case law, which makes the exposure of over one million fingerprint records in Europe two weeks ago especially problematic.

Federal agencies are also involved in high tech monitoring. A Mijente study reported by TNW showed that the military, Border Patrol, ICE, and Homeland Security are spending $1.5 billion with Palantir to create vast databases combining local government records like fishing license applications, bank information, and social media.

The FBI is also building a social media database according to a Wall Street Journal story last week. Facebook is obviously an important part of that database which sets up an interesting issue for regulators: how much does the government want to rein in Facebook’s algorithmic probing of people when federal law enforcement wants the data?

The Pentagon is at least planning some unique surveillance. A Guardian story quotes from documents filed with the FCC and claims that the Pentagon launched 25 unmanned balloons traveling at 65,000 feet over the Midwest. The “persistent surveillance” includes tracking radar that can monitor individual vehicles including boats during any time and through any weather. The mesh networking technology linking the balloons is similar to what your home wifi uses.

4.  SearchWeek: News about finding things online

Back-to-school time is in full swing all over the country which means that new upperclassmen are turning their thoughts to colleges. Google announced that it has expanded college search features to include two year schools. The search engine is also using data from the Department of Education to provide grids comparing costs, graduation rates, and similar data between schools.

Beware of Instagram image embedding on websites, said Googler John Mueller  during his weekly SEO chat. The way Instagram images are shared on websites can cause the sites to lose visibility. Don’t just add a plugin and start embedding images without understanding this issue.

5. Debugged: Dorothy Didn’t Tweet from the Fridge.

Sorry, Ferris Bueller fans. The tech world got together to puncture several huge holes in the story of Dorothy, a teen supposedly in trouble with her mother and tweeting from the family’s smart refrigerator.

Sorry, Dorothy, debunked here

6. Also in the Spotlight

YouTube is testing paid online meet-and-greets with its influencers, according to Engadget.

A hacker took $40,000 from a company and was caught after he verified his PayPal account for the money transfer, reports Quartz.

Amazon has prevailed in an appeal by the government over a $1.5 billion tax liability per Reuters.

7. Food for Thought:  Strategic Acquisitions

Yahoo is not the only organization to make multiple poor acquisition decisions although they did manage to make three world changing ones in the space of ten years. 

AOL is also owned now by Verizon and one of its former CEOs spilled to CNBC last week that AOL held talks to buy Facebook and YouTube in 2006 as well as Chinese tech holding company Tencent in 2004.

Read about those potential acquisitions and consider a tech landscape where AOL bought YouTube instead of Google or managed to combine its massive chat rooms with a nascent Facebook.

8. Protip: Free Calm for Teachers

Calm makes a fantastic mindfulness app in a freemium model. They’ve announced a plan to give “every teacher in the world free access to Calm”.  They describe the requirements as having a K-12 classroom.

Their announcement.

9. Great Data: Pain Pills at the Local Drugstore Level

The Washington Post continued its cutting edge data journalism by creating a feature last month show the movement of opioid pain pills to different towns. Now comes an even bigger graphical interface that shows the number of pills dispensed per pharmacy for every pharmacy.

The local data is remarkable. At the shopping center closest to my house, the Giant Food pharmacy received 432,360 narcotic pills. That’s less than 1 pill for the people who live within 5 miles of the pharmacy. But the CVS Pharmacy next to it received 2.9 million pills during the same time. You can even download the individual data for each. 

Pain pill database

10. Coffee Break: Panda Cheese

Egyptian cheese maker Panda came out with a set of unique television spots back in 2010. After law enforcement and pain pill stories today, you need this.

Never say no to Panda.

Good Monday morning. It’s August 12th.  Eid Mubarak to our readers celebrating Eid Al-Adha!

2. News To Know Now

1.  Amazon robots called Scouts are now delivering in Irvine, California, a well-to-do city in Orange County. The program started in suburban Seattle. Testing continues in both places during weekday daylight hours. Amazon’s announcement.

2.  Image recognition by smart programs from Google, Amazon, and Microsoft still mostly lags human identification of images except when the program is 90% or more confident in its response. That’s when Google’s machine learning programs beat even human results. Read Perficent Digital’s study.

3. Biometric technology is now creating accurate maps of a person’s face from a short audio sample. Identifying deep fakes, helping solve crimes, and using voice prints to identify legitimate callers to banks like Chase and HSBC are some legit use cases. Here’s a great ten minute video.

3.  Security Update as Black Hat, Def Con End

The Def Con and Black Hat hacking conferences held each summer in Las Vegas combine a curious mix of hackers (ethical or otherwise), computer security pros, journalists, and law enforcement. The NSA Director has keynoted Def Con, a broadcast journalist tried to conceal a recording device one year, and usually one presentation is scheduled that causes organizations (Massachusetts Bay Transport Authority, Cisco, and ManTech) to file suit to block their information from being shared. That’s apart from the usual antics like Black Hat attendees hacking everything in their hotels including the ATM and hotel TV systems.

Highlights from this year:

  • 2019’s model medical village at Def Con was a simulated hospital room with involvement and sometimes ambivalent participation by the FDA and industry manufacturers. Remember that we told you three weeks ago that hackers had to prove to Medtronic that they could take over an insulin pump and administer a lethal dose. 
  • A now 18-year-old Bill Demirkapi showed attendees that he was able to access millions of records containing grades, passwords, immunizations, and other sensitive data for millions of K-12 students in school districts using Blackboard and Follett software. The companies had worked with him pre-disclosure to plug vulnerabilities. Wired has coverage.
  • The Voting Village featured a voting booth prototype developed by DARPA, the government agency whose early 1970s “Internetting project” became pretty popular. None of the teams had access until the last day so the results were inconclusive although some teams appear to have made good progress cracking the $10 million prototypes.  Read more at CNET.
  • A Whatsapp vulnerability disclosed this spring led to a Google security team discovering that they can break into an iPhone by sending a text. For years, we’ve told people that they need to open an attachment or click something to trigger malicious software. But there are increasing instances when a phone can be compromised without the user taking action. Details at Google’s Project Zero blog. Unless you code, the part you care about is that they found ten problems and all have been fixed.

Before the Black Hat and Def Con conferences started we learned from the field that McAfee researchers found that a 10 year old Avaya phone problem had been patched, but not removed. We also heard from Microsoft that Russian GRU initiatives are targeting organizations that have not changed default passwords for devices like printers or VOIP phones. Why Microsoft? They have a unique view of American offices thanks to the number of Windows machines installed.  More at MIT Technology Review.

4.  SearchWeek: News about finding things online

Sue wrote a sweet Mother’s Day column for her movie website years ago about movies to share on Mother’s Day. And Sue’s really good at search engine optimization so her very sweet article brought in scads of sick people who shouldn’t think that way about mothers. 

Terms like lesbian and “school girl” typed into Google had similar problems. Online activism led by @SEO_lesbienne noted that search results for those terms disproportionately featured pronography. Searches for those terms will now yield news and research articles like, I dunno, all the other words you could search. In other words, Google will stop treating the word “lesbian” like a porn term. (The Next Web)

We told you last week that video results will soon play directly in Google search results. Podcasts are also going to receive their own section on search pages based on what Google says is “[our] understanding of what’s being talked about on a podcast, so you can find even more relevant information about a topic in audio form. Soon, you won’t necessarily need the term “podcast” in your search to see episodes, making podcast discovery simpler across Search.”

Google also announced that hotel owners can now edit their services and amenities in a special section of Google My Business. Here is info on how to do that

5. Debugged: 3 Misinformation Findings After Mass Shootings

The Poynter Institute is out with three things learned about misinformation after the El Paso and Dayton shootings. 

  1. False flag conspiracies are now routine.
  2. Misinformation spreads on messaging apps.
  3. Classic hoaxes still thrive online.

Their short, thorough analysis.

6. Also in the Spotlight

Google is quietly testing a premium Google Play subscription for mobile apps according to Android Police.

Facebook is doing the same for premium video subscriptions from BBC and CollegeHumor among others according to Variety.

Only 17% of the biographies on Wikipedia are about women and the sciences are especially underrepresented according to TNW.

7. Food for Thought: Internet Language

As I said to the doggo before, “OMG, do you even canine?”

Gretchen McCullough, author of Because Internet, would not be surprised. She’s writing about how online communications are making our language even more dynamic.  That’s great, but remember how you can’t understand some 19th century writing? 

What are you and your organization doing to ensure that your communications are understood by multiple audiences scattered at different points along this language spectrum?  

Here’s a Time review of Because Internet to prime the pump.

8. Protip: AR in Google Maps directions

More Google announcements: “Live View” is a new Google Maps beta that uses Augmented Reality (AR) to superimpose huge honking arrows and street signs over a live view of your surroundings.  It’s going to help walking directions SO much.

Have a look here.

9. Great Data: Impossible Burger Live Tracking

Red Robin and Burger King have made it clear that they are selling plant-based burgers, but Steve in Accounting said BK was out so you’ll stick to your usual. 

Or not if you use the whimsical (and super smart use of free consumer generated data) Burger Stalker from Bloomberg. I know, Bloomberg. That blew me away too.

There’s one only 20 minutes away. Crazy.

10. Coffee Break: Last Chance for the Perseid

The Perseid meteor showers peak today but viewing them can sometimes be difficult because of light pollution. Here is how to stream them via Space.com,