Croatian transparency activists publish enormous database of government procurements, pointing the way to detecting corruption and fraud


Marko Rakar, leader of a kind of Croatian version of Wikileaks, has once again made a stir in Croatia. Previously, Rakar published a database showing rampant voter-fraud (this triggered a constitutional crisis and reform effort).

Now, Rakar's latest project is a database of "All the public procurement data for government spending since July 1, 2009, in easily searchable form." Though the data is all from publicly accessible government sites, Rakar's structuring of it in searchable form allows Croatians to find interconnections between elected officials and the companies they give contracts to, revealing potential fraud and corruption in the system, which is widely believed to be mired in fraud

First it is easy to use the tool to understand how much money each agency spent and where (this site covers not only government and ministries, but also agencies, municipalities, public utility companies and basically all entities which are by law obliged to follow public procurement law). Furthermore, it is easy to track and identify "winners" in the public procurement field and it is really easy to spot highly unusual contractors; for example companies which do business with a single government entity, companies with a huge amount of their turnover that only do business with government, or companies which have unusually high profit rates.

We have found a number of companies which appear to be founded only to service a single government contract. Journalists have already found a number of companies which have a number of multimillion contracts and are at the same time huge donors to the ruling party. We have found a horse farm which bid on and won a contract to lay underground power cable, we have found a company which is related to the Speaker of the House which reports unusually high profit rates (50% and above) worth millions (both in Croatian and US currency) and which primarily deals with advertising in public spaces (schools, hospitals and similar). We have found one company which belonged to the Minister of Interior which also received multimillion security related contracts with the government (while he is still in the office).

Rakar and I had a chat a few months ago, and he had hilarious -- and frightening -- stories of police seizure of his equipment, and of having to give technical support to the police forensics team, who couldn't figure out his dual-boot setup. He was thinking of replacing his keyboards with Das Keyboards without any key-labels, just to watch the investigation team try to touch-type on them (Croatian forensic procedure prohibits connecting third-party equipment to seized computers, lest they taint the evidence).

Croatian Transparency Activist Marko Rakar Making Waves Again

(Image: Marko Rakar 2, a Creative Commons Attribution Share-Alike (2.0) image from 57152978@N08's photostream)

Aquarius Records t-shirt: "New Wave music is our specialty"

 Wp-Content Uploads 2011 11 Cat Aqnewwavetshirt-1  Wp-Content Uploads 2011 11 Cat Aqramones-1

My favorite local independent record store, aQuarius Records in San Francisco, has just reissued this excellent t-shirt design from the late 1970s! For the new run, they embellished the classic graphic with a slogan from an old advertisement for their shop from that same era: "New Wave music is our specialty." Indeed it is, even to this day. I stopped in this afternoon to order mine because I want to be as cool as Dee Dee Ramone, above. It's also available in gray. aQuarius Records t-shirt

Review of Burzynski Clinic's list of "published research" turns up thin, unconvincing gruel

A followup to Monday's story about a representative from the controversial Burzynski Clinic (a cancer clinic that is presently treating a British girl whose family raised £200,000 for her care) sending threatening letters to bloggers who questioned the science behind Burzynski's therapy:

First, the Burzynski clinic says it has severed its relationship with Marc Stephens, which seems like a good idea. Sending threatening, ungrammatical, frothing emails to scientists and skeptics who raise technical questions about medical therapy makes your therapy look like woo that can only be defended with intimidation rather than science.

Second, the clinic has released a list of Burzynski's "publications" on his therapy, prompting a scientist named Jen McCreight to dig through the list and determine how compelling these publications are.

McCreight's findings aren't good. Burzynski's publications are either review papers (which add no new findings to the literature), publications in zero-impact or low-impact journals (that is, journals that aren't cited by other oncologists), publications in "alternative medicine" journals (McCreight quotes Tim Minchin: "You know what they call alternative medicine that's been proved to work? Medicine."); unreviewed talk-proposals submitted without peer review to reputable journals; or unreviewed conference proceedings.

In McCreight's check of Burzynski's list of publications, not one publication met her standard for real, peer-reviewed, published research in a reputable journal.

The Burzynski clinic is claiming that it’s libelous to say “There are no scientific studies supporting antineoplason treatment since 2006.” But it’s not libelous because it is true. Results that lack peer review cannot be said to support something. Abstracts at conferences are not peer reviewed. Review papers do not include new, peer-reviewed data. The only published paper he has itself states that it is inconclusive without a larger study to confirm the results.

Plus, they don’t even understand what the phrase “since 2006″ means. It means published starting in 2007. From that alone we throw out the first two papers. You’re left with a review paper that cites conference abstracts, and conference abstracts.

So no, Burzynski clinic. There aren’t any scientific studies supporting antineoplason treatment since 2006. But there are plenty falsifying it.

A look at the Burzynski clinic’s publications

More damning revelations about Burzynski’s “research”

Allow me to take this opportunity, once again, to remind the Burzynski clinic of Boing Boing's tradition of vigorously defending ourselves against legal threats, and the frankly titanic sums that our opponents have had to pay to our lawyers when we beat them like tin drums. And allow me to remind them that in US law, recipients of legal threats can ask courts to rule on those threats, even if the person who made the threat withdraws it or fails to bring suit, and that in those cases, courts can award costs to the victors.

Stand With Science: A Call to Congress


[Video Link] John Edgar Park says:

You might have heard that congressional debt supercommittee has officially failed its mandate to reduce the federal deficit. As things currently stand, mandatory budget cuts going into effect in 2013 will slash 9% of all federal R&D funding (about $13 billion).

The US can't afford to stop investing in science. A group of grad students at MIT has launched a Stand With Science campaign to ask Congress to protect federal funding for innovation. They've gathered almost 10,000 signatures via university listservs and word of mouth, but we need your voice. Congress still has time to enact other deficit reduction measures instead. We must make sure every last Representative and Senator realizes the value of research, and realizes the public supports it.

Stand With Science: A Call to Congress

Sprint loaded spyware on its Android phones

Alan sez, "TechCrunch and others are reporting that a program called "Carrier IQ" that comes pre-installed on Sprint phones has some pretty amazing spyware capabilities, right down to keylogging everything you do on the phone."

Note the careful use of the words “record,” “provide,” “inspect,” and “report.” It’s obvious from this video that the application has access to the information in question, and whether it records, provides, inspects, or reports it is simply a setting they can choose. The purposes for which CIQ says their software is installed — identifying trending problems in the fleet, for instance — don’t seem to me to require the level of access the software has granted itself. Add this to the fact that users are not informed at any step of the fact that their information is passing through “quality assurance” layer (sometimes before the user layer itself is aware of it), and their indignant denial begins to ring hollow.

Furthermore, as many developers have pointed out, the mere presence of the software is detrimental. Removing the software has reportedly improved performance and battery life. Furthermore, secure handshake information over wifi is passed through the software unencrypted, something that has little to do with carrier quality assurance. And if that information is cached even temporarily, that’s a security risk.

CarrierIQ, makers of the rootkit/spyware, threatened legal action against Trevor Eckhart, the researcher who reported on this, and backed down after EFF took up his case.

Carrier IQ Video Shows Alarming Capabilities Of Mobile Tracking Software (Thanks, Alan!)

Underground Toy Emporium and Spaceship Parking: Incredible art by Randy Regier

The Fire Fly has landed! On November 10, “Randy Regier: H. Maxwell Fisher’s Underground Toy Emporium and Spaceship Parking” opened at Jim Kempner Fine Art, 501 West 23rd Street, NYC, where it remains on view through December 23.

Read the rest

Denial of service attacks used to cover up fraudulent bank transfers

Brian Krebs documents a sophisticated offline/online attack on banks. Thieves combine a fraudulent wire-transfer to an innocent jewelry store with a denial-of-service attack on the bank that ties up the IT and other staff. The jeweler has been told that the money is to buy expensive jewels and watches, which are given to a stooge recruited as a courier and reshipper.

The bureau says the attacks coincide with corporate account takeovers perpetrated by thieves who are using a modified version of the ZeuS Trojan called “Gameover.” The rash of thefts come after a series of heavy spam campaigns aimed at deploying the malware, which arrives disguised as an email from the National Automated Clearing House Association (NACHA), a not-for-profit group that develops operating rules for organizations that handle electronic payments. The ZeuS variant steals passwords and gives attackers direct access to the victim’s PC and network.

In several recent attacks, as soon as thieves wired money out of a victim organization’s account, the victim’s public-facing Internet address was targeted by a network attack, leaving employees at the organization unable to browse the Web.

A few of the attacks have included an odd twist that appears to indicate the perpetrators are using money mules in the United States for at least a portion of the heists. According to an FBI advisory, some of the unauthorized wire transfers from victim organizations have been transmitted directly to high-end jewelry stores, “wherein the money mule comes to the actual store to pick up his $100K in jewels (or whatever dollar amount was wired).”

DDoS Attacks Spell ‘Gameover’ for Banks, Victims in Cyber Heists

Heavily gendered Dutch toy advertising


Mataklap sends in this picture from a Dutch toy brochure. For girls, there's a "washing the dishes" playset. For boys, a microscope.

Pepper-spray inventor: "It's fashionable to use chemical agents on people who have an opinion"

Amy Goodman interviews Kamran Loghman, inventor of modern pepper spray and developer of police procedures for its use. Loghman regrets his work today, and says it's "fashionable" to use chemical agents on "people who have an opinion":

It is becoming more and more fashionable right now, this day and age, to use chemical on people who have an opinion. And that to me is a complete lack of leadership both in the police department and other people who cannot really deal with the root of the problem and they want to spray people to quiet them down. And it’s really not supposed to be that. It’s not a thing that solves any problem nor is it something that quiets people down.”

Pepper Spray Developer: It Has Become Fashionable to Use Chemicals on People with Opinions (via Naked Capitalism)

How Mark Zuckerberg apologizes: "stuff happened, and it's unfortunate" (not that it's any of my doing)

Facebook has an established pattern: they obliterate privacy defaults in their system, wipe out their users' stated privacy preferences, and then, after a hue and cry, Mark Zuckerberg emerges and apologizes, and the system is reset to a level that is slightly less private than before. At All Things D, Liz Gannes runs through a retrospective of Zuck's last 25 (!) apologies, and finds a common thread.

Zuckerberg almost always tells users that change is hard, often referring back to the early days of Facebook when it had barely any of the features people know and love today. He says sharing and a more open and connected world are good, and often he says he appreciates all the feedback.

Most of all, Zuckerberg seems to take pride in offering an explicit, earnest apology, but doesn’t actually admit he was wrong, just that he’s sorry for how things were rolled out or perceived...

“Sometimes we move too fast” seemed more of a brushoff than a real apology. “It’s a comment on the execution of a policy, not on the policy itself,” John Paczkowski wrote.

That brings us to the present day, where we have what turns out to be a textbook Zuckerberg apology acknowledging the FTC privacy settlement. This time, Zuckerberg tries to argue that Facebook has done more good than harm on privacy throughout its existence.

The Apologies of Zuckerberg: A Retrospective (via JWZ)

Shiny orange floor


Holy crap that's a shiny floor.

Congoleum

20 minute documentary of Steve Jobs' NeXT years


[Video Link] Mel Marton of TUAW says:

The NeXT episode was filmed by John Nathan for a TV series called Entrepreneurs produced by WETA in Washington D.C.

Some of the most interesting sections are Jobs pressing Joanna Hoffman at the 11 minute mark. Hoffman was one of the original members of the Mac team. His interaction with staff about delays in shipping at 15:33 is also a peek into the Steve Jobs worldview. You can watch the video clip below.

Jobs introduced the NeXT computer in 1988 after he left Apple. In 1996 Apple bought NeXT, Jobs returned to Apple, and the rest, as they say, is history.

Inside NeXT: Steve Jobs documentary video

MAFIAAFire team's latest browser plugin beats the national firewalls of Britain, USA, and China

The creators of the MAFIAAFire browser plugin (which allows you to reach websites whose DNS has been shut down without trial by the US State Department at the behest of entertainment conglomerates) have released a sequel: ThePirateBay Dancing, a plugin that anonymizes your connections to thepiratebay.org and other blocked sites by using randomly picked proxies for each connection.

Attentive readers will remember that the DHS's ICE unit asked Mozilla to remove the MAFIAAFire plugin from its repository, and that Mozilla told them to get bent.

“DNS and IP blocking is probably the most dangerous part of SOPA/PIPA in terms of ‘breaking the Internet,’ so we tackled that first. We will be going after the other parts of SOPA in later releases but probably not in ‘our usual plugin form’ – the other parts require different solutions that we have already started work on,” we were told.

Although the add-on carries The Pirate Bay in its name it also works with other sites such as Newsbin2 and BTJunkie which are blocked in the UK and Italy respectively. In a broader sense it can also be used to bypass national “firewalls” such as in China, and soon perhaps the US.

Putting the add-on to work only requires two clicks and is completely free.

‘The Pirate Bay Dancing’ Add-On Killls DNS and IP Blockades

Galaxy Nexus teardown reveals a repair-friendly, tinkerable phone


iFixIt tears down the Galaxy Nexus, the latest "Google Experience" phone (a phone that ships with a stock Android installation and no telco/manufacturer crapware installed) and finds it to be admirably tinkerer/repair-friendly. The device is held together with standard screws, and very few of the components are glued together, meaning that it will be fairly straightforward to repair.

The phone is meant to ship next week, and I've already pre-ordered mine (I'll let you know how it works out). I've owned two other Google Experience phones (the Nexus One and the Galaxy S) and been very happy with them.

Samsung Galaxy Nexus Teardown (via Wired)

Lego minifig display case

201111301310
Lish Dorset of CRAFT made this nice display case to show off her collection of Lego mini figures. She also wrote complete step-by-step instructions for making one of your own.

Project: Lego Display Case