Today's links
- Monopolies made America vulnerable to covid: Pharma, hospitals and other health industries were weak before the pandemic.
- The Ministry For the Future: Kim Stanley Robinson's final (?) novel.
- Graffitists hit dozens of NYC subway cars: Party like it's 1984.
- Breathtaking Iphone hack: Zero-click wireless worms.
- This day in history: 2010, 2015, 2019
- Colophon: Recent publications, upcoming appearances, current writing projects, current reading
Monopolies made America vulnerable to covid (permalink)
It's now well understood that covid is not an equal-opportunity butcher: it kills and maims poor and racialized people at a much higher rate than those further up the privilege gradient.
The precise reason for this is not known, but we have a general understanding of the underlying phenomenon. Poor and racialized people greeted the pandemic in worse shape than wealthier, whiter people.
People who lack health care and good jobs and good housing are more likely to get chronic illnesses and less likely to be able to control those illnesses. Inequality weakens, and covid delivers the coup de grace.
Poor and racialized people in America are a microcosm for America in the world. For America – despite its wealth and power – has fared worse than many other countries, large and small, populous and sparse, landlocked and islands.
More Americans have the disease, and those who have it die more. Much of this is down to the lack of federal coordination, chaos at the state and local levels, and the transformation of masking and distancing into a culture war issue.
But as Susie Cagle illustrates (literally) in her comic strip for The Nation, America has a chronic illness that weakened it and made it vulenerable to the virus: that illness is called "monopolies."
https://www.thenation.com/article/society/coronavirus-healthcare-consolidation/
America's health-care system isn't just overpriced and dysfunctional – it is also monopolized. Private equity-backed hospital chains like HCA, Providence and Ascension have gobbled up many hospitals across the country and converted them into wildly profitable slaughterhouses.
The pharma industry is also wildly profitable, has decreasing regard for human life, and is massively consolidated. Pharma giant Gilead monopolizes the distribution of the publicly funded covid treatment Remdesivir. Monoclonal antibody treatments are likewise monopolized.
The FTC has an official policy of not applying ANY merger scrutiny when a hospital with fewer than 100 beds is being acquired, leading to mass-scale consolidation of small rural and regional hospitals,
Runaway, ruthless capitalism does the same thing to America as a nation as it does to its poorest people: weakens it by sapping it of its productive capacity and its resilience.
The Ministry For the Future (permalink)
One of the very last events I attended before the lockdown was a thing in Silicon Valley attended by many old friends, but the best moment of all was the chance to hang out with Kim Stanley Robinson, a friend and inspiration.
That's when Stan told me he had just finished a book that might be his last-ever novel, The Ministry For the Future, and that his future work would be nonfiction, starting with his long-planned book about the Sierras.
I was stricken. Robinson's novels are a lifeline for me.
The first Robinson novel I read may just be my favorite: Pacific Edge, a green utopian novel about a successful transition to a post-climate-emergency, just and stable world. Re-reading it is a vacation from all my anxieties, still.
https://memex.craphound.com/2015/01/15/pacific-edge-the-most-uplifting-novel-in-my-library/
My first novel, DOWN AND OUT IN THE MAGIC KINGDOM, wouldn't exist without Pacific Edge. That was the book that taught me that small disputes over beloved local treasures could be as dramatic as (and microcosms for) global conflicts.
I have been both dreading and anticipating MINISTRY FOR THE FUTURE, not wanting to read my last KSR novel but also wanting so badly to read this one, because it's the book in which he imagines the end of capitalism.
You've heard the phrase, "It is easier to imagine the end of the world than the end of capitalism," variously attributed to Frederic Jameson and Slavoj Žižek. As the author of a couple of postcapitalist novels, I have a real appreciation for the details of that truism.
It's actually not all that hard to imagine a postcapitalist society – but imagining the actual end of capitalism, the euthanasia of the rentier, the reversal of the doctrine of virtuous selfishness, the abandonment of the idea that some are born to rule, that is damned hard.
And while PACIFIC EDGE is my favorite KSR novel, my favorite KSR series is the string of books that starts with 2012's 2312 – a string of books that really leans hard into imagining the actual end of capitalism.
2312 is set 300 years into postcapitalism. It's a novel of solar-system-scale civilization, riven by its own problems and contradictions, filled with tech marvels, a tale of natural wonders that showcase Robinson's incredible, John-Muir-grade genius for pastoral writing.
2312 was followed up by Aurora, one of the best space-exploration novels ever written, about the arrival of the first-ever generation ship at its destination world, and the hasty retreat it is required to stage.
https://memex.craphound.com/2015/11/02/kim-stanley-robinsons-aurora-space-is-bigger-than-you-think/
The book provoked a vitriolic reaction from science fiction's great reactionaries! I love a book that enrages the right people, and I was delighted to publish Robinson's rebuttal to their peevish complaints.
https://boingboing.net/2015/11/16/our-generation-ships-will-sink.html
From there, we move on to New York 2140, a novel of a pivotal moment in the transformation of capitalism and its relationship to the climate emergency.
These are like an artilleryman rangfinding a mortar, first overshooting his target and then walking his fire back, drawing closer to his bullseye. For Robinson, bullseye is the moment at which our society is transformed into one that can survive the coming emergencies.
It's telling that the 2312 books never got there. It is so fucking hard to imagine the end of capitalism.
But that is what The Ministry For the Future Does.
Sort of.
It's a novel about a specialized UN agency, chartered through the Paris Climate Agreement to represent unborn generations and the natural world in legal proceedings related to climate devastation.
Talking about this book, Robinson has described it as a kind of futuristic documentary, told in many voices, as a way of describing a phenomenon as vast as this global transformation.
https://pluralistic.net/2020/10/14/final_ver2/#ksr
Like many docs, it follows a couple of main characters, but weaves in dozens of other voices, some of whom we hear from only once or twice, recounting pivotal moments in which a moment calves away from our reality as we know it – moments of shear, giddy and terrifying.
Robinson is so good at this stuff. This is the book that he has been practicing for all his life. The vignettes are superb little jewels, mostly illuminating flashbulb moments in the lives of strangers met fleetingly.
But some of the most powerful moments don't even have characters: there's a transcript of the openng a fictional congress of global climate remediation groups after the crisis that is just an alphabetical list of countries and their associated projects.
This literally made me burst into tears of joy, bursting with hope at the thought that we could, as a species, spawn so many evocative and hopeful projects to save our world, our species, and our nonhuman cohabitants.
It's a real list, as it happens: Spherical Studio's Regen Earth, a collection of regenerative projects presented in short films, maintained by David McConville to "to help folks see the lived, active and diverse potential of ecological regeneration and the critical role that humans play in these systems. They are real projects, revealed through stories."
Robinson's versatility is on glorious display here: from long lists of hypothetical ecological projects, he veers into closely told moments of human endeavor in the natural world, showcasing his pastoralism with scenes so vivid you could reach out and touch them.
But all that said, the most interesting thing about this book is the stuff that Robinson couldn't or wouldn't put on the page. Robinson's hypothetical scenario for the end of capitalism is a baroque scheme of global cryptocurrency money-creation tied to carbon drawdown.
His technocrats trick capitalism into spending itself out of existence in a plan that is by turns brainy and daffy (as all blockchainism tends to be), with some pretty epic handwaving (especially when it comes to the breakup of tech monopolies).
But all of that would fail were it not for acts of absolutely brutal, ruthless terrorism. Robinson's transformation isn't merely about the carrots of double-bluff get-rich-quick schemes, it's heavily dependent on the stick of terror.
The aviation industry isn't (just) replaced by airships and rail because it's better and cleaner – but also because parties unknown use drones to bring down every private jet in the sky, and then commercial liners, until the aviation industry seizes up and dies.
And the world doesn't abandon beef because vegans win the moral argument or because greenies win the practical one – the decisive factor is drones that dart an unknowable plurality of the world's cattle with bovine spongiform encephalopathy.
There's more – pitiless, remorseless, anonymous. And while Robinson gets up close and personal with one traumatized individual who engages in an ecologically motivated, short-lived (and nonlethal) kidnapping, we never meet any of the terrorists or their victims.
The terror that begets the transition is recounted in the dry language of an encyclopedia entry, not dramatized like the pivotal moments of so many other characters.
It's a very telling omission.
My 2019 novella "Radicalized" is about an online community of men who, after watching their most treasured family members die slow, painful, preventable deaths because of insurance company fuckery, become suicide bombers who murder health execs.
Writing that story was an intensely uncomfortable experience (and, judging from reader comments, it can be uncomfortable to read, too).
It's one thing to recognize that a systemic problem might not be solved without grotesque, mass violence, and another to put yourself in the shoes of either the perpetrators or the victims.
Robinson's end of capitalism is, superficially, a story of a transition, not a spasm, not a capital-T Terror. The lives we inhabit in this novel are people who are engaged in struggle, but not mass-murder.
But right there on the page is Robinson's uncomfortable and only partially elided conviction that we're not in for a transition, but rather a bloodletting, a reckoning commensurate with the ecocidal crimes that led up to this moment.
MINISTRY is a book that, on first consideration, feels like a utopia – not merely for the beautiful descriptions of people, animals and environments finding a way through the emergencies, but for the emergencies resolution.
But on closer examination, MINISTRY represents the dark fears of one of our brightest, most hopeful writers, that the world can only be saved by means that are literally too terrible to contemplate up close.
It's an uncomfortable read. It's a brilliant book. If it indeed turns out to be Stan's last novel (oh please don't let it be Stan's last novel), it will be a fitting capstone. But the subtext of this book is that we are past the point of no return.
Not only will rescuing our planet entail sacrifices of species, habitats, and coastlines – it will also entail sacrifices of the moral convictions that make vast spectacles of bloodletting unthinkable.
Graffitists hit dozens of NYC subway cars (permalink)
New York's subway trains were once highly contested, moving art galleries, completely skinned with overlapping coats of graffiti (think of the opening credits of Welcome Back, Kotter).
https://youtube.com/watch?v=Mmm3KTa601s
NYC declared war on graffiti in 1972, but it wasn't until 1984 that the Clean Trains movement took hold (previous attempts to erase graffiti with acid solutions literally started to dissolve the cars). Graffiti all but disappeared from the New York Subway.
https://en.wikipedia.org/wiki/History_of_the_New_York_City_Subway#Graffiti
Until last night. Graffiti crews covered two dozen MTA cars with top-to-bottom "burner" murals not seen since graffiti's glory days, spanning multiple, adjacent cars.
https://www.thecity.nyc/2020/12/2/22149612/two-dozen-subway-cars-struck-in-overnight-graffiti-storm
Writing in The City, Jose Martinez offers tantalyzing details of the feat – executed between 1 and 5AM in tunnels and out-of-service storage tracks, in areas that the NYPD nominally patrols.
The burners decorate cars on the 1, 6, M, G, Q and 42nd Shuttle. The scope really comes out in this video posted to the nycgraff.head Instagram account.
https://www.instagram.com/p/CIN8iJvpLMy/
Martinez's descriptions give a sense of the pieces: "…Its first five cars covered in spray-painted flames, mushrooms, tags and a bare-breasted pot-smoking character with a resemblance to Betty Boop."
Breathtaking Iphone hack (permalink)
AWDL is Apple's mesh networking protocol, a low-level, device-to-device wireless system that underpins tools like Airdrop. It is implemented in the Ios kernel, a high-privilege, high-risk zone in Iphone and Ipad internals.
A researcher at Google's Project Zero, Ian Beer, found a vulnerability in AWDL that allowed him to wirelessly infect Ios devices, then have them go on to spread the virus wirelessly to any Ios devices they came into contact with.
https://googleprojectzero.blogspot.com/2020/12/an-ios-zero-click-radio-proximity.html
The proof-of-concept attack undetectably grants "full access to the user's personal data, including emails, photos, messages, and passwords and crypto keys stored in the keychain."
Beer developed the exploit virtually single-handedly over six months and confidentially disclosed its details to Apple, which issued patches for it earlier this year. Now that the patch has had time to propagate, Beer has released a detailed, formal account of his work.
The 30,000 word technical paper is heavy reading, but if you want inspiration to delve into it, try the accompanying 14-second video, which is one of the most remarkable (and alarming) infosec clips I've ever seen.
https://www.youtube.com/watch?v=ikZTNSmbh00
As far as can be known, this was never exploited in the wild. In his Ars Technica coverage of the exploit, Dan Goodin drops the other shoe: "If a single person could do all of this in six months, just think what a better-resourced hacking team is capable of."
It's a theme that Beer himself explores in a Twitter thread, in which he describes the tradeoffs in protocols like AWDL, whose ease of use was critical in private messaging by Hong Kong protesters last hear.
https://twitter.com/i41nbeer/status/1333884906515161089
But whose "large and complex attack surface [exposed] to everyone in radio proximity" creates a security nightmare if there are any bugs at all in the code…and unfortunately the quality of the AWDL code was at times fairly poor and seemingly untested."
It's a sobering reminder that companies can't fully audit their own products. Even companies with sterling security track-records like Apple slip up and miss really, really, REALLY important stuff.
It's really at the heart of understanding why independent security research must be protected – at a moment in which it is under assault, as out-dated laws like the Computer Fraud and Abuse Act are used to punish researchers who go public with their work.
Dominant companies – including Google and Apple – have taken the position that security disclosures should be subject to a corporate veto (in other words, that companies should be able to decide when their critics can make truthful disclosures about their mistakes).
When the W3C introduced EME, it created the first-ever standardized browser component whose security defects could be suppressed under laws like the CFAA and Sec 1201 of the DMCA.
W3C corporate members opposed measures to require participants to promise NOT to punish security researchers who warned browser users of ways they could be attacked through defects in EME.
https://www.eff.org/deeplinks/2017/09/open-letter-w3c-director-ceo-team-and-membership
And Google is presently using the DMCA to suppress code that reveals defects in its own EME implementation, Widevine, which has become the industry standard.
https://krebsonsecurity.com/2020/10/google-mending-another-crack-in-widevine/
In his thread, Beer rightfully praises both Apple and Google for having a bug bounty program that serves as a carrot to entice security researchers into disclosing to the company first and giving it time to patch before going public.
(And he calls on Apple to award him a bounty that he can donate to charity, which, with corporate charitable matching, would come out to $500K. This is a no-brainer that Apple should totally do).
But as laudable as the Bug Bounty carrot is, let us not forget that the companies still jealously guard the stick: the right to seek fines and even prison time for security researchers who decide that they don't trust the companies to act on disclosures.
That may sound reasonable to you – after all, it's reckless to just blurt out the truth about an exploitable bug before it's been patched. But companies are really good at convincing themselves that serious bugs aren't serious and just sitting on them.
When that happens, security researchers have to make a tough call: do they keep mum and hope that no one else replicates their findings and starts to attack users, or do they go public so that people can stop using dangerously defective products?
It's a call that Google's Project Zero has made repeatedly. In 2015, they went public with a serious, unpatched, widespread Windows bug when they got tired of waiting for Microsoft to fix it:
https://www.engadget.com/2015-01-02-google-posts-unpatched-microsoft-bug.html
And in October, Google disclosed another Windows 0-day that was being exploited in the wild, presumably reasoning that it was better to tell users they were at risk, even if it meant giving ammo to new waves of hackers.
Bug Bounties are great – essential, even. But for so long as companies get to decide who can tell the truth about the defects in their products, bug bounties won't be enough. The best, most diligent security teams can make dumb mistakes that create real risk.
Your right to know whether you are at risk should not be subject to a corporate whim. The First Amendment – and free speech protections encoded in many other legal systems – provides a high degree of protection for truthful utterances.
The novel and dangerous idea that corporations should have a veto over the truth about their mistakes is completely irreconcilable with these free speech norms and laws.
This day in history (permalink)
#10yrsago Bunnie explains the technical intricacies and legalities of Xbox hacking https://www.bunniestudios.com/blog/?p=1472
#5yrsago Wikileaks cables reveal that the US wrote Spain’s proposed copyright lawhttps://web.archive.org/web/20101211043008/https://elpais.com/articulo/espana/EE/UU/ejecuto/plan/conseguir/ley/antidescargas/elpepuesp/20101203elpepunac_52/Tes/
#5yrsago Urban Transport Without the Hot Air: confusing the issue with relevant facts! https://memex.craphound.com/2015/12/03/urban-transport-without-the-hot-air-confusing-the-issue-with-relevant-facts/
#1yrago White nationalists who got a $2.5m payout from UNC abuse the DMCA to censor lawyer’s trove of documents about it https://twitter.com/greg_doucette/status/1201635924158881792
#1yrago Reading the “victory letter” a white nationalist sent to his followers after getting $2.5m from UNC, it’s obvious why he tried to censor it https://twitter.com/greg_doucette/status/1201551612382195712
#1yrago Harry Shearer interviews Uber’s smartest critic: Hubert “Bezzle” Horan https://harryshearer.com/le-shows/december-01-2019/
#1yrago A sweeping new tech bill from Silicon Valley Democrats promises privacy, interoperability, and protection from algorithmic discrimination and manipulationhttps://web.archive.org/web/20191105215639/https://eshoo.house.gov/news-stories/press-releases/eshoo-lofgren-introduce-the-online-privacy-act/
#1yrago MMT: when does government deficit spending improve debt-to-GDP ratios? https://carnegieendowment.org/chinafinancialmarkets/80054
#1yrago UK Apostrophe Protection Society surrender’s, saying “ignorance and lazines’s have won” https://www.standard.co.uk/news/uk/apostrophe-society-shuts-down-because-ignorance-has-won-a4301391.html
#1yrago The Supreme Court just heard the State of Georgia’s argument for copyrighting the law and charging for access to it https://arstechnica.com/tech-policy/2019/12/justices-debate-allowing-state-law-to-be-hidden-behind-a-pay-wall/
#1yrago McKinsey designed ICE’s gulags, recommending minimal food, medical care and supervision https://www.propublica.org/article/how-mckinsey-helped-the-trump-administration-implement-its-immigration-policies
Colophon (permalink)
Today's top sources: Slashdot (https://slashdot.org/).
Currently writing: My next novel, "The Lost Cause," a post-GND novel about truth and reconciliation. Yesterday's progress: 525 words (89981 total).
Currently reading: The City We Became, NK Jemisin
Latest podcast: Someone Comes to Town, Someone Leaves Town (part 24) https://craphound.com/podcast/2020/11/23/someone-comes-to-town-someone-leaves-town-part-24/
Upcoming appearances:
- After the storm: A post-election analysis of UK-US digital trade, Dec 4, https://www.openrightsgroup.org/events/after-the-storm-a-post-election-analysis-of-uk-us-digital-trade/
- Monopoly, Not Mind Control: What's Really Happening With "Surveillance Capitalism," Dec 8, https://www.nuug.no/aktiviteter/20201208-doctorow//
-
Colloquium on Information Security, Dec 14 https://www.eventbrite.co.uk/e/the-31st-hphpe-virtual-colloquium-on-information-security-tickets-128859336745
-
Keynote, NISO Plus, Feb 22-25, https://niso.plus/cory-doctorow-to-keynote-at-niso-plus-2021/
Recent appearances:
- A More Competitive Web (Techdirt Podcast): https://www.techdirt.com/articles/20201201/10183045801/techdirt-podcast-episode-264-more-competitive-web-with-cory-doctorow-daphne-keller.shtml
-
Big Tech Podcast:
https://www.cigionline.org/big-tech/cory-doctorow-true-dangers-surveillance-capitalism -
Nerdcanon Podcast:
http://nerdcanon.com/episode-25-cory-doctorow-and-attack-surface/
Latest book:
- "Attack Surface": The third Little Brother novel, a standalone technothriller for adults. The Washington Post called it "a political cyberthriller, vigorous, bold and savvy about the limits of revolution and resistance." Order signed, personalized copies from Dark Delicacies https://www.darkdel.com/store/p1840/Available_Now%3A_Attack_Surface.html
-
"How to Destroy Surveillance Capitalism": an anti-monopoly pamphlet analyzing the true harms of surveillance capitalism and proposing a solution. https://onezero.medium.com/how-to-destroy-surveillance-capitalism-8135e6744d59
-
"Little Brother/Homeland": A reissue omnibus edition with a new introduction by Edward Snowden: https://us.macmillan.com/books/9781250774583; personalized/signed copies here: https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html
-
"Poesy the Monster Slayer" a picture book about monsters, bedtime, gender, and kicking ass. Order here: https://us.macmillan.com/books/9781626723627. Get a personalized, signed copy here: https://www.darkdel.com/store/p1562/_Poesy_the_Monster_Slayer.html.
This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.
How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
https://mamot.fr/web/accounts/303320
Twitter (mass-scale, unrestricted, third-party surveillance and advertising):
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
When life gives you SARS, you make sarsaparilla -Joey "Accordion Guy" DeVilla