Sad!

They'll be changing their rules PDQ.

...but hey, do what you want...you will anyway.

GOP resistance

I hope they're ready to be excoriated.

Abandon ship

Massachusetts Gov. Charlie Baker, one of President Trump’s most vocal Republican critics, said Wednesday that he will not support the president when it comes to the November election.

The governor demurred on the question earlier Wednesday when asked by reporters, saying, “I haven’t decided yet,” according to a Boston-area NBC affiliate. In a statement later in the day, communications director Lizzy Guyton said more definitively the governor would not support Trump.

“The governor cannot support Donald Trump for president and is focused on seeing Massachusetts through the pandemic," Guyton said. "He’ll leave the election analysis to the pundits.”

Baker previously criticized the president for refusing to commit to a peaceful transfer of power following the election, prompting Trump to attack him as a “RINO,” or Republican in name only.

The Massachusetts governor also joined Vermont Gov. Phil Scott (R) in urging Senate Republicans to wait until after the presidential election to appoint a replacement for the late Supreme Court Justice Ruth Bader Ginsburg.

  The Hill

I don't know if the Republican Party can reclaim itself from the Trumpists and Qanon nuts in its tent. It has only itself to blame. Actively absorbing the Tea Party back when George W was president started them on their swift decline into rabid whacko territory.

...but hey, do what you want...you will anyway.

Nasty man?

Prepare for nasty tweets about Vermont Governor Phil Scott

Vermont Gov. Phil Scott (R) has endorsed GOP presidential candidate William Weld ahead of the state's GOP primary next month, a move intended as a rebuke of President Trump.

“I’ve met with him before. I think a lot of him and his platform, so I would be supporting him,” Scott said of Weld, a long-shot Republican presidential candidate, at a press conference Saturday.

The endorsement comes less than three weeks before the March 3 primary in Vermont, where 16 pledged delegates will be at stake.

  The Hill

Good luck, Phil. (And Bill.)

The nuns of St. Joseph's

The horror stories from orphanages in days past are not new, but this article about St. Joseph's in Newport, Vermont, is. You may not want to read it.

Before 1980, [attorney Philip] White told me, social services typically steered child abuse victims away from court, because the process was thought to be too traumatic for the children and the cases were too hard to prove. White maintained that the fear of trauma had more to do with the adults’ discomfort than with the actual needs of the children. So he and some of his colleagues brought together social services, police, and probation officers and created a new set of protocols for how abuse should be addressed. White and his colleagues traveled around the state, and eventually the country, encouraging different agencies to work together, and educating mental health workers and teachers about how and why to report abuse. When prosecutors said they didn’t go after child sexual abuse because they couldn’t face the guilt of losing, White would reply, “If you don’t bring the case, how can you sleep?”

White’s team developed a way for children to testify on closed-circuit TV so they wouldn’t have to tell their story in front of their abuser. Whenever a young client testified, White threw a party, with cake and balloons and streamers. He told the children that regardless of how the case was decided, they had spoken their truth, and that was the victory.

When bearing witness to the most disturbing experiences of Vermont’s children became too much, White would find the steepest ski slope and fly down, screaming his head off all the way, until he felt calm enough to return to his work.

For all the cases he had worked on, however, he had never heard a story quite like Barquin’s.

  Buzzfeed

Continue reading.

I'll always remember the darling Irish ex-nun who lived next door to me in Galveston. More than once, she said, "Those nuns are bitches, honey."

Let's move to Vermont

It'll be easier to take this shithouse administration.

Vermont will become the latest state to allow the possession of marijuana for recreational purposes under a new measure signed into law Monday by Gov. Phil Scott (R).

The measure brings the number of states where recreational marijuana is legal to seven. But the Vermont bill is notable because it is the first time a state legislature has voted to legalize the drug.

The other six states where adults may legally possess and consume marijuana — Colorado, Washington, Oregon, Alaska, Nevada and California — all arrived at legalization through voter-approved ballot measures.

Massachusetts and Maine will legalize marijuana later this year after voters passed ballot initiatives in 2016. The Vermont law takes effect on July 1.

[...]

The Vermont law does not go as far with legalization measures in other states. It allows adults over the age of 21 to possess an ounce of marijuana and to grow up to two of their own plants at home.

But it does not allow legal sales of marijuana.

  The Hill

That's foolish. They're cutting off a source of revenue.

...but hey, do what you want...you will anyway.

Russia Did It Flashback

October 2, 2012

[Congressional investigators] looked at problems in regional intelligence-gathering offices known as “fusion centers” that are financed by the Department of Homeland Security and created jointly with state and local law enforcement agencies.

The report found that the centers “forwarded intelligence of uneven quality — oftentimes shoddy, rarely timely, sometimes endangering citizens’ civil liberties and Privacy Act protections, occasionally taken from already published public sources, and more often than not unrelated to terrorism.”

[...]

Hundreds of draft reports sat for months, awaiting review by homeland security officials, making much of their information obsolete.

[...]

The investigators also discovered that federal officials cannot account for as much as $1.4 billion in taxpayer money earmarked for fusion centers and that some of the centers listed on paper by the Homeland Security Department do not even exist.

[...]

In a 2009 e-mail discovered by the Senate investigators, one department official warned that the fusion centers were collecting information on Americans “without proper vetting,” and were “improperly reporting this information through homeland information reporting channels.”

[...]

Homeland Security has not carved out a clear counterterror mission that does not overlap with those of other agencies.

[...]

Top officials of the Homeland Security Department have known about the problems for years, but hid an internal department report on the program’s flaws from Congress while continuing to tell lawmakers and the public that the fusion centers were highly valuable and that they formed the centerpiece of Homeland Security’s counter-terrorism efforts.

[...]

The fusion centers quickly became a black hole for taxpayer money, the Senate investigators found. The fusion centers were run by state and local officials, but were funded through grants to states from the Federal Emergency Management Agency with little oversight. That made it easy for state and local officials to divert the federal money earmarked for the centers to other things, including sport utility vehicles and dozens of flat-screen televisions for use by state and local agencies.

[...]

In the wake of the January 2011 shootings in Tucson that killed six and wounded others, including Representative Gabrielle Giffords, an Arizona center issued a report filled with inaccurate information about the gunman’s alleged connections to an anti-Semitic and antigovernment group.

[...]

Last November, for example, an Illinois center reported that Russian hackers had broken into the computer system of a local water district in Springfield and sent computer commands that triggered a water pump to burn out. But it turned out that a repair technician had remotely accessed the water district’s computer system while he was on vacation in Russia.

  NYT

Sometimes I wonder how we are not all blown up in a nuclear holocaust already.  Or are we, and this is Hell?

...but hey, do what you want...you will anyway.

Trying to Keep Up

Somebody (or somebodies) is trying very hard to create some real trouble between the US and the Russians. Who it is, I can't say. But the Democrats and the US media are certainly helping them along. Jeffrey Carr, who recently debunked some of the Russia-hacked-Vermont's-grid "fake" news, has now written another article debunking CrowdStrike's latest claim that led to widespread reporting in the US media that the same Russian group who supposedly hacked Vermont also hacked Ukrainian field artillery. (Crowdstrike, you will recall, is the company that made the claims of Russian hacking of the US presidential election.)

Crowdstrike’s latest report regarding Fancy Bear contains its most dramatic and controversial claim to date; that GRU-written mobile malware used by Ukrainian artillery soldiers contributed to massive artillery losses by the Ukrainian military. “It’s pretty high confidence that Fancy Bear had to be in touch with the Russian military,” Dmitri Alperovich told Forbes. “This is exactly what the mission is of the GRU.”

  Medium

Read the whole article if you like, but I'm going to jump straight to the conclusions:

Crowdstrike never contacted the app’s developer to inform him about their findings. Had they performed that simple courtesy, they might have learned from Jaroslav Sherstuk how improbable, if not impossible, their theory was. Instead, they worked inside of their own research bubble, performed no verification of infected applications or tablets used by Ukraine’s artillery corps, and extrapolated an effect of 80% losses based upon a self-proclaimed, pro-Russian propagandist and an imaginary number of infected applications.

Major media outlets including the The Washington Post, CNN, NBC News, and PBS Newshour ran the story without fact-checking a single detail. Motherboard, Forbes, SC Magazine, and other media did the same. Only VOA and Bloomberg took the time to question Crowdstrike’s claims and do some of their own investigating.

[...]

Part of the evidence supporting Russian government involvement in the DNC and related hacks (including the German Bundestag and France’s TV5 Monde) stemmed from the assumption that X-Agent malware was exclusively developed and used by Fancy Bear. We now know that’s false, and that the source code has been obtained by others outside of Russia.

The GRU, according to Crowdstrike, developed a variant of X-Agent to infect an Android mobile app in order to geolocate and destroy Ukraine’s D-30 howitzers. To do this, they chose an artillery app which had no way to send or receive data, and wrote malware for it that didn’t ask for GPS position information? Bitch, please.

[...]

Crowdstrike invented a “devastating” cyber attack out of thin air and called it DNA evidence of Russian government involvement.

Maybe it's time to investigate Crowdstrike.  Maybe we should start with co-founder Dmitri Alperovitch, a Russian ex-pat?

....but hey, do what you want...you will anyway.

The Vermont "Hacking" Incident - Even Worse

Recall that the Washington Post recently published an article saying the state of Vermont's electric grid had been hacked by the Russians. They quickly had to retract, saying the offensive software was found on a laptop that wasn't even connected to the grid. Turns out, it wasn't even that big of a deal. This is not only highly unprofessional of the Post, it's extremely dangerous.

The Post has now (unironically and unapologetically) had to publish this article:

An employee at Burlington Electric Department was checking his Yahoo email account Friday and triggered an alert indicating that his computer had connected to a suspicious IP address associated by authorities with the Russian hacking operation that infiltrated the Democratic Party. Officials told the company that traffic with this particular address is found elsewhere in the country and is not unique to Burlington Electric, suggesting the company wasn’t being targeted by the Russians. Indeed, officials say it is possible that the traffic is benign, since this particular IP address is not always connected to malicious activity.

[...]

The Post initially reported incorrectly that the country’s electric grid had been penetrated through a Vermont utility. After Burlington Electric released its statement saying that the potentially compromised laptop had not been connected to the grid, The Post immediately corrected its article and later added an editor’s note explaining the change.

U.S. officials are continuing to investigate the laptop. In the course of their investigation, though, they have found on the device a package of software tools commonly used by online criminals to deliver malware. The package, known as Neutrino, does not appear to be connected with Grizzly Steppe, which U.S. officials have identified as the Russian hacking operation. The FBI, which declined to comment, is continuing to investigate how the malware got onto the laptop.

  WaPo

Christ. How does any malware get on anyone's laptop? Absolutely commonplace on insufficiently protected computers, and sometimes on highly protected ones. I'd like to see figures on what percent of computers in this country get infected by malware.

But, that doesn't even appear to be the case here. The computer in question simply connected to an IP address. For what duration, we aren't told, but from this latest information, it didn't necessarily download any malware during the connection.

Initially, company officials publicly said they had detected code that had been linked by the Department of Homeland Security to Grizzly Steppe.

Over the weekend, the company issued a statement, saying only that it had “detected suspicious Internet traffic” on the computer in question.

That can happen to anyone on any computer anywhere every single day. If your anti-virus software is good enough, it won't let your computer be infected. And by good enough, I mean able to keep up with the constant barrage of new code created by hackers round the clock. No mean feat.

Experts also said that because Yahoo’s mail servers are visited by millions of people each day, the fact that a Burlington Electric employee checking email touched off an alert is not an indication that the Russian government was targeting the utility.

[...]

Authorities also were leaking information about the utility without having all the facts and before law enforcement officials were able to investigate further.

[...]

“Federal officials have indicated that the specific type of Internet traffic, related to recent malicious cyber activity that was reported by us [on Friday], also has been observed elsewhere in the country and is not unique to Burlington Electric,” company spokesman Mike Kanarick said in a statement.

[...]

“It’s not descriptive of anything in particular,” said Robert M. Lee, chief executive of Dragos, a cybersecurity firm.

Bingo. The USG, rushing to react to the growing rabble of voices declaring Russia a bad actor in our election, and to appear to be doing something about it, sent out a report to companies like the Vermont utility provider listing a number of IP addresses to look for in their computer logs without any detail about what it meant or what they should do if they found any of them other than report it to the DHS. How could anything go wrong with that?

At least 30 percent of the IP addresses listed were commonly used sites such as public proxy servers used to mask a user’s location, and servers run by Amazon.com and Yahoo.

[...]

The IP address information alone is not useful, experts noted. Moreover, a server that is used by Russian spies one year might be used by “granny’s bake shop” the next, Lee said.

Or, the same year. At the same exact time.

And, you know what's especially ironic?

Amazon’s founder and chief executive, Jeffrey P. Bezos, owns The Washington Post.

He needs to have a talk with them.

“No one should be making any attribution conclusions purely from the indicators in the [government] report,” tweeted Dmitri Alperovitch, chief technology officer of CrowdStrike, which investigated the DNC hack and attributed it to the Russian government. “It was all a jumbled mess.’’

Nice talk from someone who provided the questionable information that started the jumbled mess.

A senior DHS official, speaking on the condition of anonymity to discuss a sensitive security matter, defended the report.

“We know the Russians are a highly capable adversary who conduct technical operations in a manner intended to blend into legitimate traffic,” the official said. The indicators of compromise contained in the report, he said, “are indicative of that. That’s why it’s so important for net defenders to leverage the recommended mitigations contained in the [report], implement best practices, and analyze their logs for traffic emanating from those IPs, because the Russians are going to try and hide evidence of their intrusion and presence in the network.”

And here's the key: the Russians are quite capable of doing just that. Hiding it. Not having it out there where you can simply run down a list of IP addresses and find it. But hey, thanks for reflexively doing the government's bidding by reporting to it information that you have no freaking idea what it really means, without any kind of court order or legal assurance. You'll be very useful to Big Brother.

...but hey, do what you want...you will anyway.

This Isn't Going to Go Away

The Democratic Party is in double-down mode, and all its supporters are going along.

The Washington Post on Friday reported an genuinely alarming event: Russian hackers have penetrated the U.S. power system through an electrical grid in Vermont. The Post headline conveyed the seriousness of the threat.

[...]

The first sentence of the article directly linked this cyber-attack to alleged Russian hacking of the email accounts of the DNC and John Podesta – what is now routinely referred to as “Russian hacking of our election.”

  Glenn Greenwald

Which hasn't even been proven, and seems at this point unlikely.

This is an extremely serious allegation and threat. If true, we're in serious shit. And, if not true, we're still in serious shit, because it means our government is now willing to fuck with our own democracy in the way it fucks with the rest of the world. A real threat of this magnitude could allow our government to claim a state of emergency and lock us down even tighter. In fact, why not refuse to allow Trump (or whoever comes after Trump) to take office when the country is under such a threat? I'm afraid I don't have any confidence that the Democratic Party of today wouldn't stoop to such levels. With their total screw up running Hillary for president and losing, they have become completely unhinged.

[Vermont]’s Democratic Governor, Peter Shumlin, said:

Vermonters and all Americans should be both alarmed and outraged that one of the world’s leading thugs, Vladimir Putin, has been attempting to hack our electric grid, which we rely upon to support our quality-of-life, economy, health, and safety. This episode should highlight the urgent need for our federal government to vigorously pursue and put an end to this sort of Russian meddling.

Vermont Senator Patrick Leahy issued a statement warning: “This is beyond hackers having electronic joy rides – this is now about trying to access utilities to potentially manipulate the grid and shut it down in the middle of winter. That is a direct threat to Vermont and we do not take it lightly.”

Nor should you take it lightly. But you damned sure ought to have incontrovertible proof of what you're saying. And you don't.

The media reactions, as Alex Pfeiffer documents, were exactly what one would expect: hysterical, alarmist proclamations of Putin’s menacing evil.

What’s the problem here? It did not happen.

There was no “penetration of the U.S. electricity grid.” The truth was undramatic and banal. Burlington Electric, after receiving a Homeland Security notice sent to all U.S. utility companies about the malware code found in the DNC system, searched all their computers and found the code in a single laptop that was not connected to the electric grid.

Apparently, the Post did not even bother to contact the company before running its wildly sensationalistic claims, so they had to issue their own statement to the Burlington Free Press which debunked the Post’s central claim (emphasis in original): “We detected the malware in a single Burlington Electric Department laptop NOT connected to our organization’s grid systems.”

[...]

[T]here is zero evidence that Russian hackers were responsible even for the implanting of this malware on this single laptop. [...] [A]s Jeffrey Carr has pointed out in the DNC hacking context, assuming that Russian-made malware must have been used by Russians is as irrational as finding a Russian-made Kalishnikov AKM rifle at a crime scene and assuming the killer must be Russian.

A lot of us would absolutely do that, too, though.

All the alarmist tough-guy statements issued by political officials who believed the Post’s claim were based on fiction.

Meaning we could be in deeper shit than we realize. And that's saying a lot.

The Post had to walk back it's first claims when called out on them, but the damage, dare I say, is done.

Moreover, nobody knows when this malware was put on this laptop, how, or by whom. But whatever else is true, the key claim – “Russian hackers penetrated U.S. electricity grid” – has now been replaced by the claim that this all shows “risk to U.S. electrical grid.”

Then fix the bloody system. That risk didn't just arise yesterday.  Electronic security has been a big issue ever since the Snowden affair and we still have powerful people, agencies and systems in the dark ages when it comes to internet security.

[This] level of group-think, fear-mongering, coercive peer-pressure, and über-nationalism has not been seen since the halcyon days of 2002 and 2003.

[...]

Indeed, the more unhinged it is, the greater the benefits [for social media] are (see some of the most extreme examples here). That’s how otherwise rational people keep getting tricked into posting and re-tweeting and sharing extremely dubious stories that turn out to be false.

[...]

[A]ny denunciation or accusation toward Trump or Russia, no matter how divorced from reason or devoid of facts, generates instant praise, while any questioning of it prompts instant peer-group denunciation, or worse.

Perfectly mirroring what happened when the Bush administration painted Saddam Hussein as the mastermind behind 9/11. And look where that got us. Look where that has gotten the entire world. And that wasn't even a fight picked with a nation powerful enough to actually rain down a nuclear holocaust.

In this case, the effect is a constant ratcheting up of tensions between two nuclear-armed powers whose nuclear systems are still on hair-trigger alert and capable of catastrophic responses based on misunderstanding and misperception. Democrats and their media allies are rightly alarmed about the potential dangers of Trump’s bellicose posture toward China, but remarkably and recklessly indifferent to the dangers of what they themselves are doing here.

[...]

Since it is so often distorted, permit me to once again to underscore my own view on the broader Russia issue: of course it is possible that Russia is responsible for these hacks, as this is perfectly consistent with (and far more mild than) what both Russia and the U.S. have done repeatedly for decades.

But given the stakes involved, along with the incentives for error and/or deceit, no rational person should be willing to embrace these accusations as Truth unless and until convincing evidence has been publicly presented for review, which most certainly has not yet happened.

If you're still buying the propaganda, please read scroll down in Greenwald's article to the end where he links several articles that counter all this dangerous red-baiting.  Or if you're keeping up with the insanity, you might bookmark and save the page for when you need to calm down your friends and neighbors.

...but hey, do what you want...you will anyway.

Democrat Shuffle

Sen. Patrick Leahy, D-Vt., has chosen to be the ranking member on the Senate Appropriations Committee, rather than the senior Democrat on the Judiciary Committee, he announced Wednesday.

[...]

His decision, he said, arose from his belief that he will best be able to represent Vermonters on Appropriations.

[...]

The Senate Appropriations Committee shapes all discretionary spending legislation in the Senate. While running for his eighth term this year, Leahy often pointed to the amount of federal money he's been able to bring to one of the country's smallest states.

[...]

Trump's proposals to make deep tax cuts and to remove the cap on military spending could lead to cuts in domestic programs that feed federal money to Vermont.

  Burlington Free Press

Gee, I thought the various Senate committees were to address issues for all Americans.

In 2012, Leahy had the opportunity to take on the chairmanship of Appropriations after the death of Sen. Daniel Inouye, D-Hawaii, but chose to keep helming Judiciary instead. [Luke Albee, who served as Leahy's chief of staff from 1993 to 2004] said Leahy's decision to shift his focus to Appropriations was a close call, but the recent federal election tipped the scales.

[...]

Leahy will continue to serve on the Judiciary Committee, which plays a large role in confirming Supreme Court justices. His former role as the top Democrat on the committee will be taken by Sen. Dianne Feinstein of California.

[...]

Leahy also will continue to serve on the Senate Agriculture Committee.

...but hey, do what you want...you will anyway.