Wednesday, 27 April 2016
House Committee votes to extend draft registration to women
Today the House Armed Service Committee voted 32 to 30 to attach an amendment to the pending annual military spending authorization bill that would give the President the authority to order women as well as men to register for the draft.
What does this mean? What happens now? What can we do about it? Read on.Continue reading "House Committee votes to extend draft registration to women"
Saturday, 23 April 2016
My GnuPG/PGP public key
For those who want to encrypt their e-mail correspondence with me, I've posted a GnuPG/PGP public key (fingerprint: 0B0B 8F74 CEA3 83AB 97B3 F6AF BB7E F636 165C 22F5) and linked to it from my contact page. Friends who use GnuPG or PGP are invited to contact me to arrange to sign each others' keys.
My own choice has been to live a fairly public life, but I try to respect other people's confidences and protect their secrets as best I can. I've been meaning to set up support for GnuPG and/or PGP encrypted e-mail for years, but haven't gotten around to it until now.
In generating my encryption keys and setting up my e-mail, I've consulted friends (thank you all!) with more expertise in encryption. But I've made my own choices of tools, techniques, and implementation, to the best of my own ability and on the basis of my own threat assessment. I'm not an expert, my adversaries may not be the same as yours, and I can offer no promise that even encrypted communications with me won't be compromised.
The Gnu Privacy Guard (GnuPG) is a free, open-source, implementation of the OpenPGP standard for Linux, Windows, and MacOS. It's supposed to be fully compatible with commercial PGP, and seems to be gradually displacing PGP. At least in my initial tests, I have found it surprisingly easy (although not simple) to generate and manage GnuPG keys and install and configure e-mail encryption on Linux in combination with Thunderbird Mail through the Enigmail add-on to Thunderbird. GnuPG, Thunderbird, and Enigmail are all also available for Windows and MacOS.
My preferred e-mail client has been and remains Pegasus Mail. Pegasus Mail is a native Windows application but the latest version runs perfectly on Linux under Wine, making it possible to use Pegasus Mail as a portable app that can run, e.g. from an (encrypted) flash drive or other portable device, on either Linux or Windows systems without any modification whatsoever. There is a Pegasus Mail add-on, QDGPG, for GnuPG integration, but I can't tell if it would work with Wine. If anyone has tried Pegasus Mail and QDGPG with GnuPG on Linux under Wine, please let me know in the comments or privately how it went. I'll update this article if I learn more or get the time to test this combination myself.
I do not use Signal, WhatsApp, or any other "secure" messaging app that depends on a cellphone and sends all the phone numbers stored on the phone to its central servers, or that relies on Google or Apple servers to route all messages or calls. I eagerly await a fork of Signal that doesn't require a phone, makes any sharing of contacts optional with a default of "no", and allows truly peer-to-peer communication initiated by IP address or through a user-operated server rather than a central server. I do use Skype, which uses Microsoft servers to initiate all calls, but it doesn't require a phone or access to its contact list, and doesn't pretend to be particularly secure.
General guides to information security, especially "cookbooks" that recommend specific strategies, almost inevitably incorporate assumptions -- often unstated or unquestioned-- about which adversaries and what types of threats you are concerned about. The same is true of friends you might ask for advice. I've found all of the references below to be useful, but I've taken none of them as gospel. Even those that haven't been updated in a few years are still useful food for thought, especially if they make you aware of threats you hadn't considered:
- Surveillance Self-Defense (Electronic Frontier Foundation)
- Information Security for Journalists (Centre for Investigative Journalism, UK)
- Digital Security (Freedom of the Press Foundation)
- Journalist Security Guide (Committee to Protect Journalists)
- Security-In-A-Box (Tactical Technology Collective)
- Tor (anonymous Web browsing)
- Tails (portable live operating system)
- gpg4usb (GUI for GnuPG designed as a portable app distributed with both Linux and Windows versions)
- VeraCrypt (Open-source successor to TrueCrypt for disk, device, and file encryption)
Thursday, 21 April 2016
"The Limits of the US Judicial Redress Act"
I have an article in the latest issue of Privacy Laws & Business International Report on The Limits of the US Judicial Redress Act. It's a shorter version (without most of the references and links) of this article on PapersPlease.org.
The Judicial Redress Act was enacted in response to European complainst about the exceptionalism of the US Privacy Act, which treats privacy as privilege of US citizenship and not a human right. The Judicial Redress Act gives some (but not all) foreign citizens some (but not all) of the rights that US citizens have under the Privacy Act.
But as I learned when I sued under the Privacy Act to try to find out what records the US government has about my travels, even US citizens have, in most real-world cases, few if any rights under the Privacy Act. As my article concludes, "The Judicial Redress Act is a carefully constructed paper tiger.... The Privacy Act provides inadequate data protection for US citizens, and the Judicial Redress Act would provide even more inadequate protection for non-US citizens. Neither of these laws provides any basis for a finding that anyone's rights are adequately protected in the US, for approval of the proposed Privacy Shield, or for approval of the proposed EU-US umbrella agreement on data transfers."
Wednesday, 20 April 2016
How safe is airline passenger data? Not secure at all.
This week in the German IT news portal Golem and the German weekly news magazine Die Zeit, Hauke Gierow has a deep dive, based in substantial part on a long interview with me, into the security vulnerabilities that affect passenger name record data:
- Wer wo welche Daten über Passagiere sammelt und wie
- Wo also liegen die Informationen zu meinem Flug?
- Kein Rechtsschutz für EU-Bürger
- Video interview with German voiceover translation: Wie sicher sind Fluggastdaten
- Longer raw video of interview in English: How secure are airline passenger data?
- Alternate version in Zeit Online: "Rein in die Blackbox" (PDF)
Only a few of the many vulnerabilities and methods of attack I know about are discussed in the articles and interview. It would be moderately hard for an attacker to obtain PNR data in bulk, but easy to obtain PNR data about an individual targeted victim or small group of victims.
The published articles and video on Golem.de and Zeit.de are, of course, in German, but Golem has kindly made available a ten-minute excerpt from the original raw video of the interview with me in English that provides a good introduction to the issue.
I've been talking and writing about these vulnerabilities for at least 15 years. But few other journalists have reported on the (in)security of the commercial computerized reservation systems (CRSs) that host PNR data, even when I've highlighted it in interviews and articles. Although most of the CRSs are based in the USA, the best (although less detailed or technical) previous report on this issue in English was in the Brussels-based New Europe newsmagazine.
Most of the publicity and public debate about PNR data, including the debate and vote last week in the European Parliament has concerned the mirror copies of PNR data held by governments. Those government mirror copies are vulnerable to different types of abuse. But ironically, government mirror copies of PNRs are typically more securely held, and less widely distributed or easily accessible, than the original master copies of PNRs stored and retained -- even after copies are sent to governments -- in the commercial global cloud of CRSs.
The threats I'm most concerned about come from stalkers and perpetrators of domestic violence, although there are also threats of identity theft, industrial espionage, etc.
Any attempt to regulate or protect government copies of PNR data is built on a foundation of sand, and doomed to be ineffective, as long as the CRSs that store the master commercial copies of PNRs are fundamentally insecure, and as long as privacy and data protection authorities (in countries that have them, unlike the US) fail to sanction CRSs and the airlines, travel agencies, tour operators, and other travel companies that use them for their flagrant, systematic violations of privacy and security norms and laws.
Friday, 15 April 2016
The Amazing Race 28, Episode 8
Tbilisi (Georgia) - Dubai (U.A.E.)
Dubai is constantly under construction, as host Phil Keoghan noted at the start of this episode of The Amazing Race 28. As I pointed out when the reality-TV show first visited Dubai in 2009, that can make it hard to find an up-to-date map, recognize landmarks from an earlier visit, or find your own way around, even if you've been there a few years before.
This season's group of travellers did visit some of the same places in Dubai, and faced some of the same challenges, as their predecessors on The Amazing Race 15. Some of those challenges were quite realistic, and reminiscent of previous seasons of the race as well as of my own experiences in other Gulf states.
One team struggled to find anyone to ask for directions on desert roads where the rare pedestrians were manual laborers who didn't speak English. Eventually they pulled over and went into a crossroads strip-mall convenience store.
Another team managed to get their SUV stuck in the sand just pulling off the pavement far enough to park, without even trying to drive across the dunes. Local people with a little experience make digging a vehicle out of the sand look easy, but it requires a combination of digging and driving techniques that aren't necessarily intuitive. In a situation like this, it's best to put your embarrassment aside and ask for help sooner rather than later, if you can, before you dig your vehicle in deeper!
But this season, rather than having to drive themselves across open sand, the racers had to travel alongside camels, either on foot leading a pair of tethered camels through the dunes, or riding bicycles in a race with camels on a level track.
A race between bicyclists and camels might seem like a made-for-TV stunt, and it is. So far as I can tell, this isn't an experience (yet) available to ordinary tourists -- although in Dubai, (almost) anything is possible for a price. But bicycling around a camel-racing track (without trying to compete with any camels) is actually a normal thing in Dubai, where one of the few safe places to ride a bicycle is a former camel racing track converted into a recreational velodrome.
Like Disneyland, Dubai is a city of dreams. Whether it's a real-estate developer's or U.A.E. citizen's wet dream or an ecological, social, political, economic, and human rights nightmare is a matter of perspective, which in Dubai depends on your position in a pyramid of privilege largely determined by what passport(s) you hold. Tour brochures and advertisements will give you plenty of Arabian fantasies. For the other side of the story, a good place to start is the essay by urban social geographer Mike Davis that anchors his anthology, Evil Paradises: Dreamworlds of Neoliberalism.
Dubai has plenty of well-paved roads, of course, but conditions on them aren't always welcoming for cyclists. Cycling is regarded as a recreational activity -- for which special facilities (which you can drive to with your bicycle) are provided -- and not as a way to get around.
Bicyclists are legally barred from any road in Dubai with a speed limit of 60 kph (37 mph) or more, which rules out most through roads and makes getting to or from many places impossible by bicycle. There are no "mixed-use" paths, as cyclists are also barred by Dubai law (the Emir's decree) from pedestrian and horse-riding trails. The only places in Dubai where it it is legal to ride a bike -- other than some low-speed local streets -- are on dedicated cycle tracks.
I suppose vehicular apartheid probably seems natural to authorities in an apartheid state like Dubai, but it's a textbook case of what's wrong which such a segregationist traffic regime in a place where separate is the opposite of equal.
Dubai has diversified its economy into tourism and real-estate development, but the wealth and modern lifestyle of the Arabian Peninsula was built on oil and automobiles. Aside from an occasional eccentric white expat, the only people who bicycle for transportation are people who can't afford motor vehicles, which by definition makes them members of the underclass whose lives are expendable and who can be run down with de facto impunity.
Dubai drivers may not be consciously hostile to cyclists, but accounts by local cyclists suggest that motorists aren't generally attentive to the possibility of encountering cyclists on most roads. Local recreational cycling clubs recommend that their members ride only in a group followed by a support car with flashing lights to warn overtaking motorists of the bicyclists ahead.
The teams on The Amazing Race 28 were provided with bikes to ride on one of the paved frontage roads just outside the rail on each side of the sand track used by the camels. Normally this road is used by trainers, race stewards, and commentators driving alongside the camels. If you thought those were Travelocity gnomes strapped to the backs of the racing camels, think again: those are gnome-sized robot camel jockeys with radio-controlled whips, as shown in this BBC video.
Both members of each team had to beat the fastest camel in the pack over 2 km (1.2 miles) from a standing start. In the desert, at mid-day, in full sun, on an unfamiliar bike, and against camels whose pace they would find it hard to anticipate.
The camels got up to speed much more quickly than any of the bicyclists, and tired more slowly than the humans. The only pair of racers who beat the camel pack (barely, in a photo finish) in their first heat were Kurt and Brodie, who were the only pair to ride single file, rather than side by side, with the rider in back close enough to the one in front to benefit from the leader breaking the wind for both.
On level ground, most of the work done by any bicyclist is in overcoming wind resistance. "Drafting" close behind another rider can substantially increase your speed. If you take turns, you can both go faster with less effort. Drafting isn't just for racers but for anyone who rides with a companion or a group and wants to get further and arrive at their destination less tired. It makes the biggest difference with a headwind.
You might think you don't want to ride that closely behind another cyclist, and it does takes both practice and concentration on the part of both leader and follower to draft safely. But if you ever find yourself riding into the wind all day, even on a lesiurely tour, you'll find yourself wishing you had learned to draft.
Never draft behind anyone without their permission, and don't let anyone draft behind you without warning you or if you aren't confident that you both have the skill to lead and follow safely. The more practice you have, the closer together you'll be able to ride, and the more it will reduce the effort required to keep up with your companion(s).
A road bike racer typically keeps their front wheel within a couple of inches of the rear wheel of the rider ahead, while an experienced club rider might follow at a distance of half a wheel diameter. But even a full bike length behind, which takes less practice and skill at bike-handing and pacing, you can usually get significant benefit from drafting another rider.
Necessity is the mother of invention, and many people learn to draft while touring. Maintaining a steady pace and straight-line track can actually be easier with a loaded touring bike that can't accelerate or decelerate too quickly. But the best way to learn to draft or ride in a paceline is to practice with an unloaded bike, before your tour, with skilled friends or with a well-organized riding club like one of those affiliated with the League of American Bicyclists.
Tuesday, 12 April 2016
What's at stake in the European PNR debate?
[Excerpt from a simple Passenger Name Record (PNR) from the file about me kept by the CBP division of DHS. Click image for larger version. Most PNRs have more information than this.]
This week the European Parliament is scheduled to debate and vote on a proposed directive "on the use of Passenger Name Record [PNR] data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime".
It's an issue I've been working on for years, travelling repeatedly to Brussels and Strasbourg to testify against this proposal and to explain to Members of the European Parliament and to other European officials and activists why the EU shouldn't follow the bad example of the USA.
What does this mean, why does it matter, and why should this proposal be rejected??
To answer this question requires understanding (1) what PNRs are, (2) how PNRs and other travel data are already being used by European governments, (3) how this would change if the proposed EU PNR directive is approved, and (4) why and how the provisions in the proposed directive that are supposed to protect individuals' rights would be ineffective.
Saturday, 9 April 2016
More news about blocking of money transfers
Hard on the heels of last month's report of the bank that blocked a request for a check to a dog-walker because the dog's name ("Dash") on the memo line of the check resembled the Arabic acronym "Daesh" for the Islamic State in Iraq and Syria (ISIS) comes a new report on a money transfer app that has been blocking requested payments if they are accompanied by payments mentioning Iran, Syria, or other keywords on some (secret) blacklist.
According to an article by Claes Bell on Bankrate.com, in which I'm quoted at some length, the Venmo app-based money transfer service has blocked numerous (entirely legal) payment requests that included memo lines like "for Persian New Year Celebration" or mentioning "Syria".
As with the bank whose transaction-screening robot blocked the check for the dog named Dash last month, and the bank that froze my entire account and rejected deposits as well as payments after I tried to check my balance from a Syrian IP address in 2008, money-transfer services are using automated profiling algorithms to pre-emptively block any transaction with even a slight chance of offending the Office of Foreign Assets Control (OFAC) -- the division of the US Department of the Treasury that enforces numerous diverse financial sanctions against alleged (but in most cases never accused or convicted) "narco-traffickers" and supporters of terrorism, governments like that of Cuba that have been deemed "enemies" of the USA despite the absence of a declaration of war, and so forth. The consolidated OFAC blacklist, as Bankrate.com notes, currently runs to 963 pages. And that's not all: It's a violation of OFAC regulation for any US person do do business with any entity in which any of the people, corporations, governments, or organizations on the blacklist has any "interest", no matter how small. And it's your legal duty, before any transaction with anyone, to make sure that the other party isn't on the blacklist and that no blacklisted entity has even the slightest share of ownership or other interest in the other party.
Needless to say, nobody complies with these rules, or could possibly do so. Imagine if, before you bought a quart of milk or a pack of chewing gum at the corner store, you insisted on examining the complete list of stockholders of the corporation that operates the store, and checking each of them against the OFAC blacklist. And each of their owners in turn, if that stockholder is itself a corporation, ad infinitum. So far as I can tell, it's illegal for any US citizen or resident to buy or sell anything or do any other business with any privately-held corporation, since you can't tell who its stockholders are and they might include blacklisted entities.
The madness begins with OFAC, not with the banks. But in this mad world, it makes crazy sense for banks and other businesses to take extreme and overreaching measures to avoid the heavy hand and of OFAC as enforced by crushing fines for even inadvertent transgressions. International money transfer apps are likely to be at especially high risk of being accused of allowing their services to be used for money laundering, drug dealing, or financing of terrorist or other international crimes. In response, the logical business decision is to err on the side of caution by scanning and scoring each requested transaction for its risk of being fraudulent, violating OFAC rules, etc., and declining to process any transaction that automated scanning flags as in any way "risky" or "suspicious", even if that means blocking many legitimate payment requests.
This matters to travellers because growing numbers of us are using apps and Web-based payment and money-transfer services, especially for advance payments or deposits to small local tour operators, private guides, or informal lodgings that don't have credit card merchant accounts. The fees for international money transfers through these apps can be less, and the exchange rates can be better, than those for international wire transfers made through banks or through services like Western Union.
The electronic payment industry is still evolving, but in addition to Venmo these services currently include Square Cash, Skrill (formerly Moneybookers), Payoneer, Xoom (bought by Paypal in 2015 but still being operated as a separate service, at least for now) and of course Paypal itself -- each with its own pros and cons depending on how you plan to use it. Different services have become better known and more widely used in different countries and virtual communities. Skrill appears to be especially (although not exclusively) popular for online gambling, for example, and Payoneer with freelance contractors working for clients in other countries. Xoom can be used to transfer money to yourself from your bank account back home while you are abroad, to be picked up in cash from a local Xoom-affiliated office, sometimes at a much better exchange rate than if you withdrew cash from an ATM. All of the services I've just mentioned have pretty broad (although in no case universal) international coverage. Some other services, including as of now Google Wallet, only work in the USA or a small number of countries.
As should be clear from the description of the process above and in my previous article about the dog named Dash, there's no way to guarantee that any particular payment request will be approved by any one of these services. These services aren't public utilities or common carriers that are required to accept all customers or transaction requests. Each of them reserves the right to refuse service to anyone, at any time, for any reason. (Another reminder of why the universal service obligations of common carriers and public utilities are such essential consumer protections.) It's been common for years for people to have their Paypal accounts closed without warning, for reasons known only to Paypal or for no reason at all. Each of the others of these services works the same way.
There is nothing you can really do -- short of the political solution of fundamental reform of the OFAC-enforced sanctions regime -- to protect yourself against any of your bank accounts, credit cards, or other financial services turning into a pumpkin in the middle of your trip. What you can do to mitigate the risk to you that results from banks' and payment processors' efforts to reduce the risks to themselves is not to rely on any one account, service, or form of payment, no matter how convenient it is and how favorable its terms. Always assume that any account could be closed or frozen at any time, without warning or notice.
Have a plan B, and maybe plans C and D. Keep enough money to tide you over for a month or two in a separate account at a separate bank or credit union, accessible with a separate credit, debit, or ATM card issued by a different bank and associated with a different network. Carry enough cash for at least a week's expenses: Local banks could be closed throughout a country where you are travelling by government order (it's happened in the USA), or a moratorium imposed on cash withdrawals, even if your bank back home and your account are still open. If you are afraid to carry too much cash, consider carrying some travellers checks for emergency money. Travellers checks have become less and less common, and harder and harder to cash. But in a pinch, you can probably find a black-market money changer to cash them, or a hotel or other business that will accept them, even during a government-imposed bank shutdown.
Friday, 8 April 2016
The Amazing Race 28, Episode 7
Garni (Armenia) - Yerevan (Armenia) - Tbilisi (Georgia) - Mtskheta (Georgia) - Tbilisi (Georgia)
When you hear, "Georgia", do you think, "wine"? If not, why not?
Georgia is about to host the UN World Tourism Organization's First Global Conference on Wine Tourism later this year. Perhaps that's one of the reasons the national ministry for the promotion of tourism persuaded The Amazing Race to visit. Georgia is one of the countries that claims to have had the world's first wineries -- in 6000 BC. Georgia is not just a major wine producer but a major wine exporter: Wines from Georgia and Moldova were considered the best of "Soviet" wines, and continue to be bring premium prices over domestic wines in Russia, Ukraine, and most of the rest of the former USSR.
The most distinctive and traditional Georgian wines are those fermented and aged in "qvevri" -- giant clay jugs buried up their necks underground to maintain constant temperature. This method of wine-making has been included of the on UNESCO's list of the "Intangible Cultural Heritage of Humanity". ('Fess up: You didn't know that list existed, did you? Neither did I. It's an interesting list to browse.) Some qvevri are large enough for a person to climb into, down a ladder lowered through the neck, in order to clean out the grape seeds, stems, skins, and other fermentation residue between batches. Each team on The Amazing Race 28 had to clean a qvevri to the satisfaction of the winemaker before they could continue to the next checkpoint in the race.
So why have so few people outside the "Second World" of the former USSR and its neighbors and allies heard of Georgian wine? And why haven't you seen Georgia on more wine connoisseurs' "bucket lists" of wine-producing regions to visit around the world?
The Second World remains a parallel universe in many aspects of technology and culture, for reasons including -- as I discussed in relation to the previous episode of The Amazing Race 28 in Armenia -- the inertia of infrastructure and language. Despite major shifts in trading partnerships, it also remains a largely self-contained economic world, at least in some industries including agriculture. Russia, with its wealth of fossil fuel, minerals, and other natural resources, remains the economic superpower of the region, and the dominant agricultural export market (like it or not, mostly not) for most of the rest of the former USSR. Russia has used restrictions on exports of Georgian wine as a tool of trade war, but that only goes to show the importance to Georgia of wine exports in general and of wine drinkers and buyers in Russia (and the rest of Russian sphere of influence) in particular.
Georgian wines are available in the USA, but not in most wine shops or liquor stores, even ones with relatively diverse stock. The parallel distribution chain extends all the way to the retail level, where Georgian wines are sold in "Russian" specialty grocery stores, delicatessens, and other "ethnic" shops.
The "heavy lifting" is in sourcing these wines and importing them to the USA. Mainstream stores and dealers could buy Georgian wines from their US wholesale importers and distributors to the Russian ethnic market. But they don't. They don't see demand for them from mainstream customers.
Tastes and preferences are culturally determined. In Russia and the rest of the ex-USSR, and to people around the world whose tastes in wine are shaped by Russian and ex-Soviet norms, Georgian wine is (a) a known quantity, not a novelty, and (b) viewed as premium wine, just as Moldovan champagne is viewed as "premium" champagne compared to other "Soviet" varieties.
I've often said that one of my goals for my first trip around the world was to get a better sense of my ignorance. As I continue to travel to new places, I continue to be reminded that the world is larger and more diverse than I can imagine. There are universals -- everybody everywhere needs to eat and drink something -- but there are important places, important ideas, and, yes, superlative foods and beverages and complex cuisines with rich traditions that I had never heard of until I tasted them.
It's hard to remember that lesson, however, when we are surrounded by a Eurocentric culture that takes for granted that French cookery is the epitome of "haute cuisine", while relegating entire universes of world food (Chinese, Indian, etc.) to a ghetto category of "ethnic" if it acknowledges them at all. Chinese culture, of course, views European or European-American cooking in about the same way: exotic and sometimes fun, but barbarian and not to be taken too seriously.
The same goes for beverages. Why are single-malt Scotch whiskeys (of all alcoholic beverages distilled from fermented grain) available in bars, restaurants, and liquor stores -- and advertised on billboards -- around the world, but their equally distinctive counterparts among drinks distilled from fermented sugar cane, artisanal cachaças, are essentially unheard-of and unobtainable at any price outside Brazil? Even Brazilian-American specialty stores generally sell only mass-market cachaça for use as a mixer, as during The Amazing Race 18, not the premium small-batch pot-still sipping varieties aged in barrels made from an extraordinary variety of tropical hardwoods that impart fruit, spice, and other indescribable flavors and aromas.
Rankings are possible only if those doing the ranking agree on the rubric. If one team is playing baseball, and the other is playing cricket, how can you say which is the "better" team, or pick a single list of the "best" players from leagues in different sports? Even similar seeming details ("Who's the better batsman?") can be hard to compare if the tools, techniques, and goals are different.
I prefer sweet Moldovan or "Soviet-style" champagne to dry French-style champagne. Does that mean I'm a cretin, by some "objective" standard? Or is that a matter of taste?
Georgian wines are made not only with different techniques but from different varieties of grapes than are grown in most other countries. That's what makes them interesting and worth trying, but that's also what makes them hard to rank according to the criteria for other wines.
The reality-TV travellers took an overnight train from Yerevan to Tbilisi. It looked like none of them had been on a train with sleeping cars before, but they appeared to find it quite comfortable. It's certainly a safer option than a night bus.
Many people like the idea of an overnight train, but don't know how to find information about routes, schedules, frequencies, journey times, accommodations and services onboard, or ticket prices.
The last time I reported on train travel in the former USSR in 2009 when The Amazing Race 14 was in Russia, summary information on the most important passenger trains throughout the region was still available in English in the venerable "Thomas Cook Overseas Timetable".
Unfortunately, Thomas Cook suspended publication of the Overseas Timetable in 2010, and of the companion European Timetable in 2013. Some former Thomas Cook staff members started a separate new company that has resumed publication of a European Rail Timetable and Rail Map of Europe (extending as far east as Moscow and Ankara) similar to the former Thomas Cook versions. But the new European Rail Timetable has only a cursory section on selected trains "Beyond Europe", and the publishers have given no indication of any intent to resurrect the undoubtedly less-profitable Overseas Timetable.
That leaves The Man in Seat Sixty-One as the closest thing to a global passenger rail information portal in English, supplemented by whatever country-specific information you can find on other English-language Web sites, guidebooks, or anecdotes from other travellers. The key thing to keep in mind is that none of this information can be relied on as authoritative.
Both the Armenian South Caucasus Railway (operated by the Russian Railway under a privatization concession) and the Georgian Railway have Yerevan-Tbilisi schedules on their Web sites in English. That's useful, but there's no guarantee -- even if people tell you that the schedules posted online in Armenian, Georgian, or for both countries in Russian are reliable -- that someone remembers to update the translated English summaries whenever the underlying information in local languages changes. It almost certainly doesn't happen automatically.
Trying to buy tickets on Web sites like these is risky, and my advice remains to buy tickets at the departure station, or through a local hostel or travel agency. Navigating a site like this which has been translated (not necessarily completely) from a language in a different alphabet has many pitfalls, such as finding that the name of the city or station you want has been transliterated differently than you expected, places are listed by station name rather than city name, or names in English are listed in alphabetical order as they are spelled in a different language or alphabet. A credit card with a foreign billing address may or may not be accepted. Error messages are among the elements of Web content that, in my experience, are least likely to be translated, which can leave you uncertain whether your card has been charged or a ticket has been issued.
Friday, 1 April 2016
The Amazing Race 28, Episode 6
Chamonix (France) - Yerevan (Armenia) - Hatsavan (Armenia) - Garni (Armenia)
Armenia threw the teams of travellers on The Amazing Race 28 for a loop. None of the racers had been there before, and some of them seemed quite uncertain where "Armenia" is located.
Armenia is a landlocked country in the southern Caucasus bordered by Turkey, Iran, Azerbaijan, and Georgia and including part of Kurdistan as well as several more or less "autonomous" and/or contested regions. There is little foreign tourism to Russia and, except for the Baltic states which have become part of the European Union, much less to any of the other former Soviet republics such as Armenia and its neighbors. Most foreign visitors to Armenia are from elsewhere in the former USSR and/or from the Armenian diaspora. The region hasn't gotten much good press in recent years, and many foreign tourists probably write off the entire Caucasus, rightly or wrongly and without more detailed research, as presumptively a war zone.
The Armenian language is quite different from any other language, and is written in its own unique (although generally phonetic) alphabet, with many "ligatures" (joined letters)which make it more like a running script (such as Arabic, Urdu, or Persian) in which it is harder to distinguish the individual letters than in the Latin typography with fully separated letters used in English.
How does a visitor navigate in a place like this where you can't even recognize or sound out signs in the local language?
I was somewhat surprised by how many of the signs on streets, buildings, and businesses visible in the background in this episode of The Amazing Race were in English -- and not Russian -- as well as Armenian. There appeared to be at least as much signage in Yerevan in the Latin alphabet (all of it that we saw in English rather than in, say, German or French) as in Cyrillic (presumably Russian, although perhaps including some transliterated Armenian name). These are signs of the extent to which Armenians see, or at least seek, a future aligned more with Europe and less with Russia.
Until Armenia became independent in 1990-1991, the "national" language of the USSR was, of course, Russian. Many ethnic Russians and other non-Armenians lived their whole lives in Armenia without learning any Armenian. The situation was similar in most of the other Soviet republics. Today, Armenian is the sole official language of Armenia. But some of the linguistic realities can be inferred from the fact that this law on language is published on the government's official Web site in Russian and English as well as Armenian.
As a practical matter, Armenia -- like other former Soviet republics and some other countries -- continues to depend on Soviet machinery for which all of the technical documentation is in Russian.
The racers had to change the oil and oil filter in Lada taxis, for example, as one of their tasks. Like Volkswagen Beetles, Ladas are often the butt of jokes and insults but were made in large numbers in multiple countries and are sturdy and user serviceable if underpowered and unstylish. Like VW Beetles, Ladas are likely to remain on the roads for years, albeit in dwindling numbers, and mechanics who service them will continue to need a reading knowledge of Russian. In the same vein, as long as Armenia and other former Soviet republics, "satellites", and economic allies and aid recipients continue to rely on an installed base of Soviet power plants, water pumps, and other infrastructure and equipment, they will continue to need technicians and engineers who are literate in Russian, regardless of the preferences of politicians or young people who would rather learn English than Russian.
For tourists, that means that it will continue to be possible to find local speakers of Russian in countries like Armenia, and that Russian will continue to be among the most useful languages for world travel -- even if there comes a time when the way to find someone who speaks Russian in a non-Russian country is to look for a maintenance engineer or repair shop. That's not a totally novel concept: I've been told that my grand-father, who died in 1962 before the Catholic mass began to be said in the vernacular, was able to get around anywhere in Europe by relying, in a pinch, on being able to find a priest in any town with whom he could communicate in Latin.
Aside from navigation and communication, the most difficult task for the racers in this episode was knotting a very small section (a single row) of a hand-made rug.
Many people assume that traditional "Oriental" carpets are woven, but they aren't. Each strand of yarn that stands up as part of the "pile" is individually tied onto the array of parallel "warp" threads. A finely-knotted carpet has more than a hundred hand-tied knots per square inch. I first saw a rug being knotted by hand at the Iranian pavilion -- a vast propaganda showpiece for the Shah -- at the Expo '67 world's fair in Montréal. I was amazed at the slow pace of the work, even for a master craftsman.
Tourists might put less effort into haggling down the prices of hand-made carpets if they realized how many months of labor even a small "prayer rug" or similar throw rug requires. Rug-making is attractive for nomads and people who live in remote places precisely because it can be done at home or in shepherds' camps and allows months or years of work to be converted into a compact and easily transported article of trade. Farmers choose to produce coca in the Andes, opium in the mountains of Central and Southeast Asia, and whiskey in the Appalachian hill country and the highlands and islands of Scotland for similar reasons: these crops can be processed into products that are dense, high-value, and relatively easily transported to high-paying but distant markets. Rug-making is also one of relatively few trades that can be carried out in refugee camps and crowded slums, by workers with little or no mobility or access to arable land.
Unfortunately, rug-knotting also puts a premium on manual dexterity, making it (like traditional lace-making) especially attractive to exploiters of child labor. Many of the hand-knotted carpets sold in North America and Europe today are made by enslaved children in India and Pakistan. Even if you buy a rug at what you are told is the factory where it was made, it may actually have been made elsewhere under much worse conditions. It's easy to say, "caveat emptor", but harder to say how any carpet buyer, anywhere in the world, can be sure who made the rug they are buying, or -- as with any souvenir -- how much of the retail price went to the worker(s) and how much to the trader(s). "Fair trade" and "not made by slave labor or child labor" certifications and labels for rugs exist, but they are easily faked or forged.
Wednesday, 30 March 2016
How does your bank know your dog's not a terrorist?
I was interviewed by Monte Francis of KTVU (Channel 2) News last week to help make sense out of what happened to Bruce Francis, a disabled San Francisco man whose online request to send a check to pay the person who walks his service dog was refused by Chase Bank.
The memo line on the check read, "for Dash", Dash being the name of Mr. Francis' dog. Apparently the robots used by Chase to profile and score each transaction and decide whether to allow customers to make payments flagged the name of his dog as vaguely similar to "Daesh", one of several English transliterations of a crude phonetic rendering of an Arabic acronym for a name sometimes applied to -- although rejected and denounced by -- one grouping of the Islamic State in Iraq and Syria (ISIS).
As Mr. Francis told KTVU, stopping payment of any check identified on the memo line as being "for ISIS" would amount to, "Stopping the world's stupidest terrorist."
But who knew that banks had such things as "robots used to profile and score each transaction and decide whether to allow customers to make payments"?
Mr. Francis' rejected attempt to pay his dog-walker is only the tip of the iceberg of a larger problem of overreach and injustice by OFAC -- one of the largest and least transparent or accountable Federal law enforcement agencies that most people in the USA have never heard of -- and a yet larger problem of outsourced surveillance, algorithmic profiling, and control (like that of airline reservations and travel, but affecting other aspects of our lives) by what the ACLU has aptly labeled the "Surveillance-Industrial Complex" of private and commercial actors conscripted by government carrots and sticks.
What happened with Dash the dog was part of a familiar and problematic pattern. The only thing really unusual was that neither Mr. Francis not his dog-walker (nor Dash the dog, so far as I know) are Muslims. I've had to deal with OFAC myself, including when my bank account was (wrongly, and possibly illegally) frozen, and I couldn't deposit my paychecks or pay my bills, after I tried to check my Schwab Bank balance for an IP address in Ssyria where I was (legally) travelling, and when OFAC prohibited customers of the travel agency where I was working from either using or obtaining refunds for tickets they had purchased on an airline in Peru, one of whose owners was later designated a "drug kingpin, thus effectively forcing these would-be travellers (who were never accused of any wrongdoing themselves) to forfeit the value of their tickets and allowing the alleged "drug kingpin" to keep their money as an OFAC windfall, without having to provide them with transportation.