In a wonderful piece of service journalism, Defector’s Alberto Burneko reminds us to hold out a little longer for those caprese salads and BLTs:

But what of all these tomatoes, you are asking. This Safeway has tomatoes out the frickin’ wazoo. Surely this means Tomato Time is upon us. Do me, as well as yourself, a favor. Lift one of those so-called “tomatoes” to your face. Rotate it until you can find the produce sticker on it. Ah-HA! This “tomato” is from Canada (or Michigan)! Are you, at present, in Canada (or Michigan)? No, you are not. (Unless you are, in which case you can go to hell.) In fact you are several hundred miles away from those places. Do you know how a “tomato” from the vile frosted North came to appear at your local produce purveyor of choice, several hundred miles from the vile frosted North? Would you like for me to reveal this awful truth to you? Well I’m gonna, if you will chill out for one damn second.

Last month, a professional hacking syndicate known as DarkSide shut down one of the major oil pipelines that feeds the eastern United States, causing a small amount of chaos until they’d been paid roughly $4.4 million in bitcoin.

This week, the U.S. Department of Justice announced they’d recovered about $2.3 million of the paid ransom. If the ransom had been fiat currency, recovering the funds would’ve been straightforward, but in the world of crypto, it raises some questions:

The DOJ said law enforcement was able to track multiple transfers of bitcoin and identify that approximately 63.7 bitcoins ($3.77 million on May 8), “representing the proceeds of the victim’s ransom payment, had been transferred to a specific address, for which the FBI has the ‘private key,’ or the rough equivalent of a password needed to access assets accessible from the specific Bitcoin address.”

How it came to have that private key is the key question. Nicholas Weaver, a lecturer at the computer science department at University of California, Berkeley, said the most likely explanation is that law enforcements agent seized money from a specific DarkSide affiliate responsible for bringing the crime gang the initial access to Colonial’s systems.

“The ‘obtained the private key’ part of their statement is doing a lot of work,” Weaver said, point out that the amount the FBI recovered was less than the full amount Colonial paid.

“It is ONLY the Colonial Pipeline ransom, and it looks to be only the affiliate’s take.”

This question of how the DOJ managed to do this belies a certain misunderstanding about how cryptocurrencies actually work. The first is that crypto is inherently secret, when the reality is the exact opposite. Every transaction is published on the ledger defined by a cryptocurrency’s protocol, meaning it’s possible to view every single transaction ever made. If you know the address of a crypto wallet, you can identify all of the coins sent and received by that address. The DOJ was able to identify a single address that most of the ransom had been transferred to.

The second misunderstanding is that crypto is inherently secure, or can’t be stolen like, say, cash. Bitcoin wallets rely on public key cryptography, just like every other secure computer system, and the private key for accessing a wallet is secured with a passphrase. If you have the private key and the passphrase, you can make any transfer to and from that wallet, just like if you had the username and password to someone’s online bank account. Unlike an FDIC secured bank account, though, if someone empties your bitcoin wallet, it’s gone for good.

For obvious reasons, the DOJ is pretty mum on how they managed to secure the private key and passphrase. It seems like they had access to a DarkSide server where the keys were stored, so there was likely some good old fashioned spycraft or law enforcement involved.

Grubstreet’s Rachel Sugar sings the praises of one of the pandemic’s lingering effects on restaurants: decidedly smaller menus.

The best way to experience a restaurant, I have always felt, is by eating exactly what it wants to feed you. I do not want choices. I want the best thing. A restaurant might have five or ten best things, but it cannot have 45. There are many infuriating things about the world, but one of the more fixable is the sensation of acute regret from having ordered wrong. Why are there possibly wrong orders? Recently, I was at a fancy restaurant with great pastas and bad pizzas. So cut the pizzas! A kitchen that focuses on its strengths turns out consistently excellent things, even if that results in fewer total things. (The exceptions to this are 24-hour diners with phone-book menus; some institutions are worth preserving.)

I enthusiastically support this trend and the idea that a restaurant should know what it is. The best way to do that is to cut the bullshit and do what you do best.

Less than a month after his debut as a blogger, the forty-fifth president’s sad little site simply disappeared yesterday. His crack social media team, consisting mostly of a thumb with a beard sharpied on it, insisted it was part of a broader strategy and that the former president was not, in fact, owned.

A day after the unceremonious shitcanning, the Washington Post reveals what anyone could have guessed: the blog sucked, got basically no traffic, and was the one anathema Trump could not abide by. It was a loser. From Drew Harwell and Josh Dawsey’s reporting:

Launched last month with a grand unveiling replete with an action-movie-style trailer that proclaimed, “In a time of silence and lies, a beacon of freedom arises,” the blog never secured more than a sliver of the spotlight Trump held before he was banned from every major social media site in the wake of the Jan. 6 Capitol riot.

A Post analysis of online data late last month found that the site was attracting fewer visitors than the pet-adoption service Petfinder and the recipe site Delish. The blog’s prospects hadn’t improved since, even though Trump had taken to writing on it more, a new analysis of online data shows.

And I love this little detail:

Trump dictated his messages to his aides, who would print them out so he could revise them with a Sharpie before manually posting them to the blog.

Maybe Trump should sell JPGs of his marked-up prototweets as NFTs. Don, Jr. could hawk them from his new Cameo account.

The whimper-not-a-bang ending of Trump’s blog demonstrates the deplatforming has certainly been effective, but as Judd Legum points out, the problem is actually the inverse. The incentives of social media are what help drive Trumpism:

Trump clearly expected that millions of people would flock to his website for this kind of wisdom. But the failure of Trump’s blog shows there is not an unquenchable thirst for Trump’s rants. Rather, Trump’s popularity was artificially boosted by Facebook and Twitter’s algorithms, which reward hatred, misinformation, and other divisive content. Outside of this artificial reality created by social networks, Trump’s diatribes have little organic appeal.

It underscores that the fundamental problems with Facebook and Twitter are baked into their algorithms and cannot be solved by banning Trump or any individual account.

I have no doubt Trump will be at it again, most likely via a takeover of one of the cesspools of bigotry that comprise alt-right social networks like Gab or Parler. A more pressing question is whether the mainstream social networks have learned anything at all from Trump and prepared for the next assault.

Usually when we talk about about climate these days, it’s followed by the word “crisis” or “catastrophe”. So here’s some genuinely great news: the price of renewable energy has dropped — shockingly — in a very small amount of time.

The Carbon Tracker Institute has a very straightforward, and hopeful, assessment of the current situation and trends:

With current technology and in a subset of available locations we can capture at least 6,700 PWh p.a. from solar and wind, which is more than 100 times global energy demand.

The collapse in renewable costs in the last three years means that half of this solar and wind technical potential now has economic potential, and by the end of the decade it will be over 90%.

The land required for solar panels alone to provide all global energy is 450,000 km2, 0.3% of the global land area of 149 million km2 – less than the current land footprint of fossil fuel infrastructure. This differs by country as highlighted below.

It’s mind-blowing to imagine the exponential growth of renewable energy in such a short period of time. Five years ago — five years! — there was basically no economically viable renewable energy on the planet, meaning none that was able to compete with fossil fuels on cost without government subsidies. Five years ago, if you wanted an electric care you were pretty much limited to a pricey Tesla or a Nissan Leaf; this year, there are over seventy models to choose from. The UK has more electric charge locations than gas — sorry petrol — stations.

Bill McKibben, writing about the Carbon Tracker Initiative report in The New Yorker, adds:

The numbers in the report are overwhelming—even if the analysts are too optimistic by half, we’ll still be swimming in cheap solar energy. “We have established that technical and economic barriers have been crossed by falling costs. It follows that the main remaining barrier to change is the ability of incumbents to manipulate political forces to stop change,” the report reads. Indeed. And the problem is that we need that change to happen right now, because the curves of damage from the climate crisis are as steep as the curves of falling solar prices. Given three or four decades, economics will clearly take care of the problem—the low price of solar power will keep pushing us to replace liquid fuels with electricity generated from the sun, and, eventually, no one will have a gas boiler in the basement or an internal-combustion engine in the car. But, if the transition takes three or four decades, no one will have an ice cap in the Arctic, either, and everyone who lives near a coast will be figuring out where on earth to go.

With so much progress on the science and engineering front, and the economics sorting itself out, the biggest obstacle remains the one we’ve always known: the politics.

Renewable energy, like everything, is firmly ensconced in the culture wars and is still seen by far too many people as an environmental fantasy of the left aimed mostly at increasing regulation on industry and taking jobs from coal miners. “Green jobs” are, of course, a huge part of President Biden’s infrastructure plans, which makes them a pariah to the half of the American political system committed to lib-owning anarchy.

I know it’s naive, but I look at this collapse of renewable energy pricing and see nothing but opportunity, everywhere. If we’re going to rewire America and electrify as many homes and buildings as possible, that seems like decades worth of jobs for contractors and laborers. Everything from installing solar panels to maintaining wind farms seems like the exact kind of work that millions of people need, without the black lung.

And our fragile infrastructure isn’t limited to ice storms that overwhelm the grid or cracked bridges but oil and gas pipelines that are vulnerable to cyberattacks. Replacing an aging power grid or pipeline with a network of smaller, self-sufficient localized mini-grids strikes me as a conservative, anti-globalist approach.

In the Appalachians, where I’m from and now live once again, people are famously (if sometimes dishonestly) cloistered and distrustful of outside influence, whether it’s from the government or anyone else. The towns and cities from Stone Mountain, Georgia to Scranton, Pennsylvania could now conceivably build completely self-sufficient local power grids, never have to rely on oil or gas again, and could even start to rebuild the beautiful local landscape that was cleared by rapacious capitalists during the last gilded age.

I’m so used to feeling just ground down by the climate issue, it’s genuinely wild to have some good news worth celebrating. I don’t want to sound pollyannish about any of this — again, we’ve always known the politics of solving this is going to be the hard part because it’s always the hard part — it just seems there are real opportunities ahead that didn’t even seem possible just a few years ago.

(In the time it took me to write this, wander off, then check Twitter, the subject of this piece is no longer working at Apple. I don’t think it changes the conclusion, though.)

In a small corner of Twitter, today’s main character was Antonio García Martínez. García Martínez, if you’ve never encountered him, is the kind of glib opportunist who migrated over to tech from finance a decade ago, built a cynical product the world absolutely did not need, and helped make it worse by scaling it to billions. He wrote about all of this in a memoir of sorts called Chaos Monkeys, which apparently chronicles a baroque kind of experience at the dawn of this new gilded age.

The reason García Martínez is “it” is because word started going round that he’d been hired by Apple to help them build their fledgling ad business. Outrage started to simmer on Twitter until it ended, naturally, with a petition from Apple employees asking their senior leadership why they’ve hired a misogynist and racist.

We are deeply concerned about the recent hiring of Antonio García Martínez. His misogynistic statements in his autobiography — such as “Most women in the Bay Area are soft and weak, cosseted and naive despite their claims of worldliness, and generally full of shit” (further quoted below this letter) — directly oppose Apple’s commitment to Inclusion & Diversity. We are profoundly distraught by what this hire means for Apple’s commitment to its inclusion goals, as well as its real and immediate impact on those working near Mr. García Martínez. It calls into question parts of our system of inclusion at Apple, including hiring panels, background checks, and our process to ensure our existing culture of inclusion is strong enough to withstand individuals who don’t share our inclusive values.

The letter contains a dozen or so quotes like this, mostly from the aforementioned memoir, asking (quite naturally) how someone who’d published this could come to work at a place with a very public dedication to diversity and inclusivity. Even taking into account García Martínez’s attempts at explaining away this crass take, it’s hard to square this rather boorish view of the world with a commitment to equality. Personally, I think it’s fine for churls like García Martínez to out themselves by publishing this dreck, but if I were an employee at Apple, I don’t think I’d want to work with them.

Generally, I’m someone who believes in redemption and in giving people the opportunity to prove that they are better than their worst day, or a resurfaced screenshot, if they are committed to changing and improving themselves. That’s true of García Martínez or James Damore or really anyone. I think culturally we struggle with a framework for true redemption, and polarization and online pile-ons have only made that worse. I’m also someone who believes that we should believe people when they show us who they are and García Martínez appears to be completely unrepentant about, well, any of this.

All of which obscures an altogether different issue: why on earth is Apple hiring the type of person who helped build the core of Facebook’s business, the business they’ve spent the past year very publicly decrying? It’s not as if García Martínez is a random UX designer who’d been whittling pixels at Instagram, he literally helped build Facebook’s retargeting platform.

If I’m an Apple employee, I might also want to know: what are we building that led us to hire this guy in the first place? Haven’t we spent years making a very public stand for consumer protection, privacy, and treating our users with respect? Why are we suddenly finding ourselves even recruiting someone who helped build the very business we hold ourselves in direct opposition to?

Can Apple now seriously argue that all the recent privacy moves aren’t a cynical plan to simply corner the mobile advertising market? How long before Mark Zuckerberg starts to ask “if Apple is so committed to user privacy, why are they hiring the people who built Facebook’s ad business”?

García Martínez likes to claim he writes in the mold of a Hunter S. Thompson, which is exactly the kind of excuse disingenuous vulgarians trot out when their odious behavior catches up with them. At my most generous, I might be willing to grant that García Martínez’s unapologetic pulp is a black light on the crime scene of Silicon Valley. Maybe he’s trying to pull off some Andy Kaufman-like reveal, showing the hypocrisy at the heart of all this money.

Apple should take their employees’ concerns seriously, and they should also ask what led them here to begin with.

Shocking no one, the answer is: Las Vegas. And, of course, Facebook.

Eater tracked down some of the white women losing their minds pouring nacho cheese over their kitchen island or filling pre-made pie crusts with Spaghetti-O’s. What connects them is a Vegas magician named Rick Lax. And the reason they keep showing up in your feed is an algorithm left unattended:

It is, at this point, statistically impossible to not half-recognize magician Rick Lax. He is essentially the face of Facebook’s Watch program. Launched in the U.S. in 2017, Watch was meant to be Facebook’s Netflix or YouTube competitor. It hired the former news anchor Campbell Brown as head of news partnerships and convinced outlets like Vox, BuzzFeed, and Fox News to create Facebook-exclusive shows. Watch shows still live on a separate tab called Watch, but in the years since, it has sort of blended back in with the rest of the video content on the app. The only Watch show to really break out has been Jada Pinkett Smith’s Red Table Talk. But Lax has continued to dominate the Newsfeed, even if you didn’t notice.

It’s obviously far from the worst of Facebook’s many, many, many crimes but it does show how their negligence twists culture and rewards humanity at its most base.

Viewed within the context of Lax’s main Facebook page, these videos sort of make sense. Videos that do well on Facebook tend to have some kind of payoff. Which plays off why we watch cooking videos to begin with. There’s a recipe that’s easy to follow, and you know that at the end you’ll see whatever’s been cooked. Prank videos work the same way. The prank is established, and then you wait to see what happens when it’s finally triggered. Lax and his collaborators have combined a prank video and a cooking video into something that people really can’t look away from, the culinary equivalent of a zit extraction.

It’s worth remembering Facebook’s infamous “pivot to video” was a disastrous move for actual news organizations, but at least there’s a lifetime of food porn by way of Jackass now.

Apple blogger Kirk McElhearn decided to see what would happen if he dropped an Airtag in an envelope and sent it on a 100-mile or so journey across England.

Turns out, it does pretty much what you’d expect, periodically updating its location whenever it was in range of an iPhone with FindMy enabled:

AirTags aren’t designed to track something in movement; this isn’t like a Tom Cruise movie, where spies track a car in a city, seeing exactly where it is in real time. They are meant to be used to find lost keys, luggage, or other objects. But my experiment shows that you can track these devices to a certain extent.

The reason for this is the sheer size of the network of iOS devices that can locate AirTags. Apple says that there are nearly one billion iOS devices around the world that participate in this network, and that ensures that you can locate AirTags in most situations.

I don’t know if any of the truck drivers carrying the mail didn’t have iPhones. Even if they didn’t, it’s possible that if someone in a car driving next to the truck has an iPhone, then it would be spotted. Since AirTags use Bluetooth 5, the range is around 100m, but that depends on such things as interference, walls, and other obstacles, and testing would need to be done to find how efficient they are in motion.

Unfortunately, it didn’t all go according to plan. Airtags are supposed to have a privacy feature built-in that alerts anyone with an iPhone in range that there is an Airtag far from home, in order to prevent them from being used as surreptitious tracking devices. Apparently, the notification never came, no jailbreaking required.

The network of iPhones effect has a bit of a Dark Knight kind of utility/creepiness. I like the idea of Airtags a lot and, once I’m leaving the house more than once a week and traveling again, can see myself using them. That the built-in privacy protection seemed to fail here doesn’t bode well when millions of these are out in the wild.

Earlier today, my dad texted to ask if I’d filled up my car recently. As luck would have it, I filled up yesterday on the way home from a Mother’s Day hike.

Lines were forming at gas stations this afternoon as the Colonial Pipeline, which carries millions of refined fuel between the Gulf Coast and northeastern United States, was shut down due to a cyberattack.

DarkSide, the group that cybersecurity pros believe is behind the ransomware attack, is apparently a pretty sophisticated group:

DarkSide is one of a number of increasingly professionalized groups of digital extortionists, with a mailing list, a press center, a victim hotline and even a supposed code of conduct intended to spin the group as reliable, if ruthless, business partners.

Experts like Div said DarkSide was likely composed of ransomware veterans and that it came out of nowhere in the middle of last year and immediately unleashed a digital crimewave.

A code of conduct for your cybercrimes gang.

Given how much of our infrastructure is susceptible to these kinds of attacks, and how easy it is to completely disrupt billion-dollar businesses with fairly straightforward tools, this is clearly going to become the kind of story that ends up being mundane.

Securing these systems is obviously important and could easily be the work of a government funded, civilian cyber-corps (or something less awfully named). But more importantly, we need to do the work of decoupling the hyperconnected systems we built over the past century. Power grids that are local and regionalized and run on a combination of solar, hydro, geothermal, and nuclear energy could be built today and would prove much more resilient than a single pipeline that powers half of the country.