Tangent: This is a mathematically muddled discussion that turns out to be about right anyway.
If profits went from $5 per year to 10, they increased by 100%, but that doesn't mean that you have room for a 100% increase in everybody's salaries.
A much better way to have this discussion would be to look at the dollar value increase in profits versus salaries.
Profits are forecast to be about $32b in 2023, up from about $19b in 2013. At about 240k total employees, and an average union pay of about $30/hr - call that about $90k year fully burdened per employee - a 40% increase would cost the company about $8.6B, or about 2/3 of the growth in profits. That may be overestimating the costs, as there are only 146k workers in the union, in which case the $5.2b increase in employee costs is... 40% of the profit growth, which seems like an entirely reasonable split of employee vs shareholder gains.
Balloons are treated differently under the Chicago convention. There’s a little bit more leeway for balloons when it comes to overflights on sovereign territory.
Yes! In our newsroom (which isn't perfect by any means) - I have been testing using Qubes for really sensitive/untrusted documents. We also open un-trusted documents (from e.g. FOIA responses) on a machine live-booting from a CD.
However, it adds enough friction (especially with remote work) that it's hard to get it right 100% of the time.
If you want to share really sensitive documents, one way to ensure proper handling of your documents is to use a service like SecureDrop [0] which for e.g. only accepts submissions over Tor and requires the use of a secure viewing station [1] (air-gapped machine live-booting Tails w coreboot rom + webcam/networking card physically removed) to decrypt/access leaks.
That being said, I don't think there's a perfect tech-only solution because nothing is stopping folks handling it carelessly after they access the file.
You could also use Dangerzone [0]. It opens a document in two docker containers and converts it into a safe version. It was created by the director of infosec at The Intercept.
I see your point, however, having worked in newsrooms - it really is about their beat and their threat-model. My organization covers a wide range of beats and folks covering national security or other sensitive topics have an entirely different workflow compared to those covering, e.g. housing.
I think being responsive to their needs and building trust will go much further. Also, designing a one-size fits all model will just mean that your reporters will either ignore the guidance or find a way to work around it.
For instance, the most recent credible threat we have had against one of our reporters wasn't a state-level actor, but rather folks on the internet (trivially) finding their address and doxing/harassing them and their family. No amount of technology hygiene will change the fact that voter registrations are public records.
If someone gets access to the housing reporter's systems, that seems a great way to move horizontally or vertically to get access to the other reporter or to the entire organization.
I don't envy your challenge. Security must make it more expensive to the attacker than it's worth. Even the housing reporter's data could be highly valuable; with inside knowledge, someone could make a killing on real estate. The value of the national security beat information is astronomical.
I don't grasp why, with all the news about breaches, reporters still don't care.
Well, she wrote about scary stuff. Murderers, etc. Feature stories for one of the few fact checked Canadian magazines left. Some stuff in The Atlantic about politics.
Was she getting leaks from NSA staffers? No. But it does feel kinda silly to me that journalists, generally speaking, have insecure setups by default. But I get it, it's a hard industry to squeeze a living out of these days.
The searches that even a U.S. Citizen could be subject to (without a warrant) are extremely broad[1].
> Legal precedents grant federal officers at ports of entry the power, without warrants, to require people to strip for a “visual inspection” of genitals and rectums, and to submit to a “monitored bowel movement” to check for secreted drugs.[1]
We did a deep-dive on court settlements by CBP for invasive searches and found quite a few extremely disturbing cases.[1]
> Some women were also handcuffed and transported to hospitals where, against their will, they underwent pelvic exams, X-rays and in one case, drugging via IV, according to suits. Invasive medical procedures require a detainee’s consent or a warrant. In two cases, women were billed for procedures
A woman was detained at Philadelphia International Airport on her return from Punta Cana. After a few hours (~7hrs) of questioning she is pressured to sign a consent form, denied a consultation with an attorney and forcefully shackled and transferred to a hospital for a "monitored bowel movement" (This involves defecating in the presence of a CBP officer; No warrant needed).
She was then involuntarily committed to the hospital for "elevated heart rate" where she was forcefully stripped, underwent a "close visual inspection", administered lorazepam and olanzapine through IV, underwent an X-Ray, CT Scan along with a urine and blood workup - all of which came back negative for drugs or other contraband.
This entire ordeal lasted nearly 24 hours. After which, she was taken back to the airport and released to drive home. During her drive from the airport, she crashes into a highway median. She alleges that the she wasn't advised about the adverse effects of the medications being used to sedate her and that the medication was responsible for the accident.
All of this happened to a U.S. Citizen; without a warrant and without permission to call a lawyer.
This incident is discussed in further detail in the 4th section of the story mentioned earlier [1] "Invasive Searches: A woman's 24-hour ordeal"
But they are hardly the only player, we were interested in not only identifying how far these known model bills are going but also surface bills from groups we don't know about!
Also, not all model bills are necessarily malicious - we found hundreds of bills that were almost identical but were just trying to standardize things like how we license nurses or other healthcare practitioners.
Hi everyone! I'm a news developer at the Center for Public Integrity. I worked on this project. Happy to answer any questions.
This project was basically an all-pairs text similarity problem. We were able to identify a lot of copycat legislation addressing a wide range of issues from e-cigarettes and prescription opiods to online sports betting, "religious freedom" and undocumented immigration. Some from previously known groups like ALEC and others from previously unknown interest groups.
We also have a public facing tool in the works that would allow anyone to track such measures in near real-time. We will be launching the tool and open sourcing the code in the coming weeks!
Also, do check out our launch story in this series about one such model bill that would allow car dealers to resell cars with active recalls. And keep an eye out for more stories about model legislation!
