From The Washington Post:
At one point in April, USPS leaders drafted a news release announcing plans to distribute 650 million masks nationwide, enough to offer five face coverings to every American household. The document, which includes quotations from top USPS officials and other specifics, was never sent.
Before the news release was sent, however, the White House nixed the plan, according to senior administration officials, who spoke on the condition of anonymity to share internal deliberations. Instead, HHS created Project America Strong, a $675 million effort to distribute “reusable cotton face masks to critical infrastructure sectors, companies, healthcare facilities, and faith-based and community organizations across the country.” About 600 million of the 650 million masks ordered have been distributed, according to an HHS spokesperson, including 125 million set aside for schools.
“There was concern from some in the White House Domestic Policy Council and the office of the vice president that households receiving masks might create concern or panic,” one administration official said in response to the scrapped mask plan.
It was killed because it might create panic. Sure, there was an alternative pursued instead. But panic may have been precisely what was needed to stem the initial mass spread of COVID-19!
Following in the footsteps of other Trump Administration behavior, the goal seems less about keeping people calm and more about hoping to avoid panic for political purposes.
Trump plainly admits this himself, framing his arguments about why things ain’t so bad in terms of red versus blue states:
President Donald Trump on Wednesday suggested that if you excluded blue states, America’s Covid-19 death numbers would look much better. “If you take the blue states out, we’re at a level that I don’t think anybody in the world would be at,” he said at a White House press conference.
A privacy bug in Democratic presidential candidate Joe Biden’s official campaign app allowed anyone to look up sensitive voter information on millions of Americans, a security researcher has found.
Come on, man! Stupidity just runs through all of politics.
It’s best not to threaten the people trying to help you:
- 07/09/2020: Reached out privately via Twitter DM
- 09/09/2020: Publicly reached out via Twitter
- 09/09/2020: Continued DM with giggle owner, Sall
- 09/09/2020: DI_Security Twitter account blocked
- 09/09/2020: JayHarris_Sec Twitter account blocked
- 09/09/2020: Saskia asked Sall to reconsider ignoring us
- 09/09/2020: ms__chief account blocked
- 09/09/2020: Journalist contacted. Ignored by giggle
- 10/09/2020: Giggle finally asked for more details
- 10/09/2020: Vulnerability fixed
Note: above dates are in UK format. Day/Month/Year.
Giggle is a social network targeting only girls / women. It’s advertised as a safe space. These security researchers discovered some glaring flaws in the security of the application, which could lead to a user’s full profile being exposed to anyone (including latitude and longitude of where their account was created). The sign-up process for Giggle involves taking a photo of yourself and submitting it to Giggle so that their artificial intelligence tools can determine if you are really a woman; it is promised that this photo is kept private and not stored by Giggle after the initial verification. Turns out that’s not accurate, either.
So this app is a dumpster fire, security-wise. It’s courting an audience of potentially vulnerable women. Excellent combo.
These folks from Digital Interruption reached out, several times, trying to let the company founder know about these problems. In the security industry, this sort of thing is called “responsible disclosure.” Inform the company there’s an issue, give 30-90 days to fix it, and then report on it once the problem is fixed. This benefits both the insecure party (free advice!) and the infosec researchers (another bullet on the resume).
What you should not do, if you are the recipient of such disclosure, is to threaten legal action and throw a temper tantrum. The above reads like a wonderful comedy of errors.
Perhaps the funniest bit (to me) is this follow-up tweet thanking “Bill from Giggle” for helping solve this issue. Company founder had to be cut out in order to resolve an issue? Top brass at a digital company not understanding how technology works?
A lot of the arguments coming out of the Republican Party recently have embraced this – what’s the best way to describe it…lack of common sense. I thought a big part of their schtick was to be the party of simple questions and straightforward answers?
From Fox News:
According to excerpts of Woodward’s new book, “Rage,” that were published Wednesday by the Washington Post, Trump told the journalist during a recorded telephone interview that the situation regarding the virus was much more dire than he was admitting publicly.
“You just breathe the air and that’s how it’s passed,” Trump told Woodward during a Feb. 7 call. “And so that’s a very tricky one. That’s a very delicate one. It’s also more deadly than even your strenuous flu.”
“This is deadly stuff,” the president said. Though this conversation happened in February, it was not reported until now.
At that time, Trump was saying that the contagion was no more virulent than the seasonal flu, that the government had the virus under control and that it would soon disappear.
“I wanted to always play it down,” the president told Woodward in a March conversation.
I wanted to always play it down.
Strong leadership right there.
Leg felt…ok. Lots of weird pins and needles in the groin area. A tad sore now that I’ve finished.
Will have to wait and see what tomorrow brings. Pain? Nothing? And then try to slowly, slowly pick this back up.
Apple‘s Review Guidelines: “Apps that use a third-party or social login service (such as Facebook Login, Google Sign-In, Sign in with Twitter, Sign In with LinkedIn, Login with Amazon, or WeChat Login) to set up or authenticate the user’s primary account with the app must also offer Sign in with Apple as an equivalent option.”
Also Apple: “we’re shutting down this thing we forced you to use, which will have a negative impact on your users, in order to punish you.”
In the latest development of the Epic vs Apple battle, the former is giving a heads up to customers who have used the Sign in with Apple feature to change their login credentials for Epic accounts. That’s because Apple will stop allowing the login option for Epic games accounts on September 11.
Yeah, this is all going great. No problem at all with Apple having such broad control over things.
When large companies fight, the ones who get hurt are their users.