It's not about local news

I groan anytime I see someone from the Australian government claim their battle against the tech giants about media royalty payments is to ‘protect local news.’ The largest beneficiary of this action is News Corporation, who demolished local news during its global expansion in the last century. Big tech did not kill local media, they just picked the cadaver’s pockets at the scene of the crime.

Facebook verses the Australian Government is a proxy for Facebook verses News Corporation. Google, hoping for one less regulatory problem, signed a global licensing deal with News Corporation earlier this week. This will be Google’s last deal of substance on this matter in English speaking countries. Any other companies hoping for a payment are now out of luck.

Facebook is going to be a tougher nut for News Corporation to crack as Mark Zuckerberg sees Rupert Murdoch as a relic. What remains of the Murdoch empire, after the sale of its content assets to Disney, is a collection of red ink bleeding newspapers and TV stations propped up by the river of money generated by Fox News.

Rupert was smart to sell off the important parts of Fox at a time he could get a premium for the assets. This tilt at Big Tech to collect fees is just an attempt to squeeze the last of the juice from his old media lemon. Zuckerberg knows that and he would rather go to war with Murdoch’s Australian government proxy rather than make a payment to what he sees as an irrelevant company.

Zuckerberg is just looking to do to Murdoch what Murdoch did to local news.

Orlando-gutierrez-49ha7YTMLkw-unsplash1Photo by Orlando Gutierrez on Unsplash


EU has health lessons to be learned

I’m not happy with the European Commission’s actions this week but I think the EU will now emerge from the pandemic with a better sense of what is important. A harsh set of lessons at a terrible price. 

The vaccine delivery issue is one of policy and research funding. The United States unleashed a torrent of money to manufacturers with Operation Warpspeed, $10B or more. The EU put up $3B with the idea that Europe, home to the largest vaccine manufacturers in the world, just had to prime the pump and the free market would do the rest.

When everyone is a buyer the market operates in one way, attention moves to those spending the most money. Both the US and the UK governments took a hands on approach to ensuring vaccine started moving and they spent the cash to make it happen. For a Union accused of being happy with statist intervention at a drop of a hat, the fact that EU members national governments were put on the sidelines, with the expectation the invisible hand of the market would take care of everything, is a surprising turn of events.

That said, Germany would probably be the only vaccinated nation in Europe were governments given free reign from the beginning. Angela Merkel’s vaccine summit with the German Pharma industry on Monday will be a return to hands on statist intervention but with a continental emergency focus. Macron has already leaned on Sanofi to assist in the finishing of hundreds of millions of doses of someone else’s vaccine later this year. France’s failure to develop their own vaccine has to sting. It should, France being the home of the Pasteur Institute. The organisation that used to be at the forefront of thought in biological and disease science. National pride demands a rethink on France’s anaemic funding of scientific research. It remains to be seen if any such rethink will happen.

How about Ireland, would Ireland been better off going it alone and buying its own vaccines on the open market? No. With a population of 4.49 million Ireland would have found itself at the back of a very expensive queue when it came to a vaccine purchase order. Buying as part of the Bloc means Ireland has seen constrained supplies but the deliveries do happen and see jabs being put into arms. Turbulence ahead for sure but the EU will come out the other side of the vaccine delivery fiasco, bruised, battered and hopefully a bit bowed as well.

Moments of learning require humility.

EU1

Photo by Markus Spiske on Unsplash


The Fall of the House of MAGA

I can see the tactical case in Big Tech looking to crush Trump and scatter his followers today, but strategically I think the timing is wrong. This would have been a finishing move were Trump a private citizen. When done to a sitting President of The United States it's nothing but an opening to long term grievance with his tens of millions of voters.

Anyone who loves the United States as much as the MAGA types say they do had to have looked at the footage from Wednesday and seen a country that looks fragile. Even amongst those I know who make my eyes roll when they tag their Instagram photos with #nomask or #liberaltears there were feelings of embarrassment about the Washington riots.

Wednesday night and Thursday, Trump was beaten and to his supporters he looked weak. There were a litany of excuses from MAGA believers, he was just one man fighting a rigged system, his advisors were terrible, but it was over when he conceded. Then Big Tech, which has been gutless throughout the Trump years, showed up on Friday with permabans and social media app delistings. In doing so they gave MAGA a new target and it is a perfect target as MAGA never has to concede to it.

Unlike Biden there is no final vote with Big Tech. You can fight it forever and never lose because the battle always continues. I think that moving on Trump and Parler at the same time, while Trump is the sitting US President, has reenergised part of Trump’s voter base and this energy will carry through even after he leaves office.

There's also the point that Trump's political opponents are looking at this and thinking that at another time Big Tech could move on them. Such thoughts lead to the conclusion that if Big Tech can challenge a sitting US President then it is beyond time that Big Tech gets regulated and broken up.

The Fall of the House of MAGA, so close in the middle of the week, has now become MAGA Forever. All because Big Tech couldn't wait until Trump was a private citizen before acting.

Jose-unsplash.1jpgPhoto by Jose M. on Unsplash


Wonder Woman 1984 is a dud [Spoilers]

Sitting in the cinema it did not take me long to realise the latest Wonder Woman was not for me. By the end of the movie I did question who exactly this movie was for? I was surprised by how dull the thing was to watch. With the action stripped back to the bare minimum I found myself wondering how much time was left on my parking during the movie’s crescendo.

Ditching the horrors of war covered in the first outing we find that Wonder Woman has become a deity level Peter Parker. Working one street level issue at a time. A bright smile, and a flick of her lustrous hair in place of a witty Spider-Man quip.  

Wonder Woman saves kids at the mall, she saves joggers from reckless drivers, and she beats up inept robbers. Her sword and shield sit in storage because the minor threats she faces in the 1980s means she no longer requires them. She is overpowered for the era she lives in and does not have to try as hard. Someone else not trying hard is the screenwriter. You can see where every re-written sequence was stitched together with the result that the finished product feels uneven and unsatisfactory.

The issue with putting Wonder Woman in such a low stakes story as the one she finds herself in is that nothing is ever a threat. It’s the Superman problem, and just like in Superman II to meet her opponents on an equal footing Diana begins losing her powers because she chooses her lover over a wider good. Richard Donner did this 40 years ago in Superman II and he did it better.

Superman II was also set in the 80s by nature of when it was filmed and did not trade on nostalgia. Wonder Woman 1984 puts its nostalgia in the title. I would have liked to have seen the second Wonder Woman movie set in the 70s, but the era of Disco, Quaaludes, and Bill Cosby would not have been as child friendly.

That said, during the movie the spirit of Steve Trevor possess another man’s body and we are led to believe that he and Diana have sex. We are shown it is okay though because we see this meat puppet again later and he appears to be doing just fine. He remembers none of the Amazonian lovemaking. Diana flashes him another bright smile and moves on with her life. No harm, no sexy time foul. Maybe they should have set this movie in the 70s after all.

The picture opens with the message that you cannot prosper by taking a shortcut. Neither of the antagonists learn that lesson and the protagonist already knew it. In the case of Barbara Minerva, a better message might have been “you do not need to be as powerful, graceful, or beautiful as Wonder Woman to feel like Wonder Woman.”

That message would have required a bit more work on the part of the producers though.

Wonder-woman-1984-1


Raised By Wolves [Spoilers]

I get why people don’t like Raised By Wolves but there was an episode early on where I could see the outline of the first season arc and it kept me watching. My suspicion was correct, and this is a set of bible stories where Satan is the author.

Sent away from an indoor garden of Eden by a creator who favoured one over the other, two androids escape a cataclysm onboard a small ark and have to scratch out an existence on a barren world.

Being barren themselves they do not go forth and multiply. All but one of their human charges, who were supposed to populate this new world, sicken and die. The Mother, a weapon of war that leaves nothing but death in her wake, has a miraculous pregnancy where she gives birth to something evil which will damn everything else on the planet. All the time voices are heard corrupting the characters and moving them as part of a larger design. This is the dark universe book of Genesis mixed with the dark universe New Testament.

There’s even a Cain and Able setup with the serpent and Campion. Mother’s biological Satanic child, the serpent, is probably going to eat anything it can get its fangs on. Mother’s chosen son, Campion, did not partake in eating any of the meat available on the planet and is therefore still pure.

Campion has to kill the serpent. Cain’s punishment for killing his brother was that he was sent into exile alone. Campion’s price of failing to kill the serpent would be the death of everyone else leaving him to wander alone.

Too much dependence on mystery box writing won't have me running to watch a new season but I may second screen it when it comes back on.

Raised-by-wolves


Saying goodbye to UK online shopping. (For now)

I’ve been doing my last bit of online shopping with UK retailers. I’m sorry to see this end. Every UK retailer I’ve dealt with has provided good service. That said, the new Brexit related customs charges and taxes will mean that buying from inside the EU is going to be more cost effective and EU consumer protection rules will still apply. 

The UK has run a trade surplus with Ireland since 1999. Ireland buying far more from UK businesses than it sells to UK consumers. 2019 was a high point, with £13.9B left in the UK till as a trade surplus. That’s uncommon for the UK, considering it runs trade deficits with many other nations. Nice growth too considering it started in 1999 as a £2.9B surplus in favour of the UK.

At every economic diverge between Ireland and the UK, Ireland has expanded its purchasing power and bought more stuff from the British. Be it breaking the link between the Irish Punt and Sterling in 1979, or trading in the Punt for the Deutsche Mark (The Euro) in 2002, it has led to Ireland spending more money with British businesses of all sizes.

We’re at another economic divergence now as the clock runs down on the Brexit transition. Deal or no deal, trade between both countries is going to be hard for years to come. Money, like water finds its level and things will adjust. In the future if those incredibly sharp trading edges can be sanded down I’d be happy to go back to buying from the small UK businesses that served me so well as a customer. Hoping to shop with you again soon, so long for now.

Tim-mossholder-C8jNJslQM3A-unsplash1Photo by Tim Mossholder on Unsplash


I claim Wednesday

I’ve been taking every Wednesday in November off work. I wanted to mix up the working week and this is doing it.

I now finish the week twice. There’s the last push on a Tuesday because I drop off the face of the working planet on Wednesday. Then there’s the last, last push on Friday before going into the weekend.

Is it as relaxing as a three day weekend? No. It’s more like hitting the pause button on the week and wandering off to do anything else. According to my day planner, Wednesday’s excitement will be exercise; checking out the low pressure alert on one of my car tires; doing some writing; and reading a book.

No calls, video or otherwise. No Slack messages. No blizzard of email.

I claim Wednesday.

Fabiola-penalba--kl_XvEOqMU-unsplash1Photo by Fabiola Peñalba on Unsplash


Covid vaccine? Sign me up.

It looks like Pfizer’s BNT162b2 and Moderna’s mRNA-1273 vaccines will receive approval for widescale deployment across the European Union and the United States before the end of this year. Both are built on cutting-edge RNA technology which has never been licensed for use in the treatment of an infectious disease.

AstraZeneca’s ChAdOx1 nCoV-19 and Johnson & Johnson’s Ad26.COV2-S are designed to use existing adenovector vaccination technology and therefore should be easier to manufacture, store, and distribute when they are available. Their time to availability is the question right now. The British had hoped that AstraZeneca’s Oxford vaccine would be the first to market but that has not been the case. Either could still make it across the line before the year closes out.

Russia and China have put their resources behind Sputnik V and CoronaVac respectively but neither the European Union nor the United States has ordered any doses. Hungary has taken it upon itself to secure supplies of Sputnik V so the EU will have a test bed right on its doorstep. I would be surprised if either vendor received orders from the EU and the US regardless of how effective those vaccines are. 

There are unknown risks with any new vaccine but, quite frankly, I will take any Covid vaccine that is widely available. I am convinced there are unknown risks over the long from contracting Covid. I do not believe this virus passes through your system and does not leave some form of long-term scarring that'll make itself felt years or decades later. I could be entirely wrong, but it will take study to reach a conclusion. We need that study to start now.

Any working vaccine is a milestone, but it means we have only reached the halfway point of the situation we find ourselves in. Even if vaccinated there is no guarantee you will not spread the virus to other people. After vaccination expect mask wearing and social distancing in public for a while to come yet as the world moves to the post Covid normal.

Vincent-ghilione-cVaTkeN_xqI-unsplash1Photo by Vincent Ghilione on Unsplash


Share files securely with Amazon S3 Pre-Signed URLs

In classical literature we are told the Titan, Prometheus, held one of the most important secrets in ancient mythology. He knew who would overthrow Zeus and bring an end the reign of the Olympian gods. 

Christian-paul-stobbe-FcCIRZHMg1w-unsplash1In the Greek tragedy, Prometheus Bound, Zeus has Prometheus chained to a rock due to Prometheus’s patronage of humanity. Though having information Prometheus could use to barter for his freedom he refuses to reveal what he knows to the cast of characters who visit to offer him sympathy or scorn. Prometheus’s secret was so important he chose torment rather than reveal it to others and risk that knowledge changing the future. 

The story of Prometheus is myth and while none of your secrets might have cosmic implications keeping those secrets secure is important. A secret might not be something you would use to barter for your freedom, but it could be the intellectual property underpinning your business or the personally identifiable information of your customers.

In this blog, I discuss securely sharing files using Amazon S3 pre-signed URLs. I discuss the presign command and will go through the process of generating a pre-signed URL. Having shown how you generate a link for distribution I finish on how you might automate the creation of pre-signed URLs after you upload objects to an S3 bucket.

Overview

Accidental disclosure of intellectual property or customer personally identifiable information could damage the market position of your organisation or be financially ruinous if legal penalties are involved. Nonetheless there may be times where you are required to share information securely. When sharing information stored on Amazon S3 with someone outside of your organisation it is inefficient to generate unique AWS credentials for that person. What you can do, provided you have permissions yourself to access an S3 object, is you can generate a pre-signed URL that provides short term access to that object.

In this case a user with permissions to access the object would use their programmatic access to login to their AWS account and use the S3 presign command to generate a time limited URL. This URL could then be shared with those outside of the organisation who have a need to access that data. At no point is the S3 bucket open to the public and when the expiry time set on the URL lapses the URL is rendered unusable.

The S3 presign command

To examine the pre-signed URL feature of S3, in the following example Prometheus’s secret has been uploaded to an S3 bucket as an inbox punishing 19MB PowerPoint presentation. If I were sharing this with one person, or a hundred people, each could be provided with the same URL to download the presentation.

Here I will use the AWS CLI to login to my AWS account, list what buckets are accessible, list their contents, and then generate a pre-signed URL to enable external parties to download an object of my choosing.

aws configure

AWS Access Key ID [None]: <keyid>

AWS Secret Access Key [None]: <secretaccesskey>

Default region name [None]: us-east-2

Default output format [None]:

Listing the buckets available we see the S3 bucket where the presentation is located and can then list the bucket contents.

aws s3 ls

2020-07-30 14:18:29 bucketofbigsecrets

aws s3 ls s3://bucketofbigsecrets

2020-07-30 14:18:58   20622958 Prometheus.pptx

Having identified the bucket and the name of the presentation to be shared I can then generate a pre-signed URL. By default, all pre-signed URLs expire in one hour (3600 seconds) unless specified otherwise.

aws s3 presign s3://bucketofbigsecrets/Prometheus.pptx

https://bucketofbigsecrets.s3.us-east-2.amazonaws.com/Prometheus.pptx?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIA44VY4PBGN427ZUG7%2F20200730%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20200730T132253Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEGYaCXVzLWVhc3QtMSJGMEQCICcRKN0s%2BJwdEBRCgKfdWvEtECVFavMosaqDa30zNa4%2FAiAHPRB5o26vJkQPdAFBE2eQtiUaLxLK%2F2u%2Bu9u4mN%2BHASqeAgguEAEaDDg4NjIyNDc0NjU3MiIMo0jv1qSaG0%2BJHWiEKvsBiIs468kc56%2F8Jop71abvDQku34%2BVkAGQnHoYokowXEjVhfWlPEP80HdK9y78eUfYJBoX8CGATvajBbhmvrquNgxeUDImWDKsBYUu7VnhibK03vr9npDo44AOfqOUbL1Ulf%2BThnzMfpQzWIiL29XknuvInD7Qvi8C2fjyZ2sLSY3pSI8hyAJXP5RCDQlXYWrG5SD6vsNxpyJd2ErkK8575ONBWZXqCoNlSOsYEMvdWr%2FtURC2CiG6Bh0FLnx98vrI1aSBm2bXCjyFOHenbEjxgY2uAjuFPKPHVGnbNf9edoNiCwBnp4h3ZGgYa9w044%2BSZXTklTxap3cxGDwwz4%2BL%2BQU6ngGY6jOxtjwJSwQS5JmQ8%2BY%2BLKCixFXv3P37KbyswnAjRMcRbFEGllz4HXyEomLBWZKjJuAlO1r44YL5HV4ItcPfvYEU778s6BVuoHNSwGFJyQXNfrDnhdf1bQqKt2KGQhpExdBhFr4RHJSsPAxmkQvNA3wKZ5%2F%2F2dHxnW76o5vTQb9XY52sUeIZyX9iZwMstREkV9xxNfwQFDo7Jhrsrw%3D%3D&X-Amz-Signature=5f11113908741d8a2a81a639e593f4ea28b9d7a9354faf1790f2ab93d6b3a5ab

Using a web browser to access this link I can now download the file.

Prom1

The default expiry time can be modified by appending the option --expires-in to the command. For example, if I wanted the pre-signed URL to expire after two hours, I would state that as 7200 seconds.

aws s3 presign s3://bucketofbigsecrets/Prometheus.pptx --expires-in 7200

When the pre-signed URL expires any attempt to access the object will be denied with a “Request has expired” string returned as part of the error message. I can check that from a web browser.

Prom2

In this way using pre-signed URLs you can distribute information to other people without providing public access to the S3 bucket or having to grant end-user credentials to people who should not have them. As the access token tied to the pre-signed URL has an expiry time you do not have to worry about revoking access later.

Pre-signed URL uploads with Lambda automation

Were someone to share data with us and would like to place an object in our S3 bucket the process is more involved and requires writing code using a supported AWS SDK. As the receiver it would involve us creating a user with programmatic access in IAM. Attaching the correct IAM policies to that user, ensuring that GET object and PUT object permissions have been selected.

Having provided the credentials to the party uploading the data they would then use one of the AWS SDKs to generate a URL for the item to be uploaded and put that object into our S3 bucket. While beyond the scope of this blog post Lambda could be used to generate pre-signed upload URLs for distribution to those looking to upload data to a specific S3 bucket. You can find further information about uploading objects using pre-signed URLs here.

Conclusion

By default when you create a bucket all public access is blocked unless you choose to disable that. AWS identity and access management (IAM) policies can be used to enforce who has read/write access to an S3 bucket, allowing you to control who can access your data. S3 access control lists (ACLs) are attached to every bucket and object, they specify which AWS accounts groups are granted access and what type of access they have.

Combined these constitute the multi-layered security model for S3, and pre-signed URLs allow that model to be kept intact while facilitating data sharing with people outside of your organisation.

As I discussed earlier, in antiquity a secret was a privilege of power and a sign of access to that power. Today, our secrets can be how we run our businesses and serve our customers. In this post, I looked at using S3 pre-signed URLs as a facilitator for information sharing in a secure manner between people. I then used the Amazon S3 pre-signed to show how you can generate a temporary credential which you can distribute as an expiring URL.

With pre-signed URLs there is no need to open buckets to the public. You can share data with whomever you choose without compromising the multi-layered S3 security model.

To learn more about sharing S3 objects, visit the Amazon S3 documentation here.

Photo by Christian Paul Stobbe on Unsplash


For Every Tomorrow

I believe there should be a political party that only represents future generations. While every mainstream party will claim they have the interest of future generations at heart, they cannot. The reality is that governments today provide services and have customers in the form of citizens. It is present oriented, transactional, and is about getting to the next election.

While it is true all of us have no time but now, I would like to see a political party with a manifesto that spells out in detail what type of world we could leave for our successor generations to be born into. The manifesto should contain the difficult decisions and sacrifices to be made today, to make that world a reality later. No gloss, spin, or ideological taint. Just decisions to be made, the sacrifice involved, and the compounding positive effect over time.

People should be able to vote for this manifesto in elections where the governance of a nation is decided. It should be an ever-present voting option and an ongoing competitor to established political parties. If other political parties want to take a position on the decisions to be made in order to win any future generations voters they should go ahead. You should however always be able to vote just for the interests of future generations.

This of course has a knock-on effect where you will need a political party and a detailed manifesto that represents the people of the past. Historians in the future would interpret the meaning behind the tough decisions we took now and explain what we intended. This option should also be present in elections where the governance of a nation is decided. A continuous reminder that sacrifices were made to deliver a world for people who were not born yet. So keep going and try not to screw things up.

Balkouras-nicos-s7SvkAyjEXo-unsplash1

Photo by Balkouras Nicos on Unsplash