The Congressional Budget Office has released its analysis of the Senate GOP’s Better Care Reconciliation Act, and it’s a bloodbath. The bill is expected to lead to 15 million fewer people with health insurance by 2018 — and 22 million fewer by 2026.

...

A bit of background is helpful. A “silver plan” is an insurance plan that covers 70 percent of a person’s expected health care costs. Obamacare’s subsidies were designed to make silver plans affordable and to limit out-of-pocket costs. The BCRA cuts Obamacare’s subsidies and designs its own subsidies around plans that cover 58 percent of expected health care costs. Those plans, the CBO estimates, will come with deductibles of around $6,000 — which means they would bankrupt many poor people before they ever got through the deductible.

...

This, then, is what the BRCA actually does: It makes health insurance unaffordable for poor people in order to finance a massive tax cut for rich people.

Ransomware isn't new, but it's increasingly popular and profitable.

The concept is simple: Your computer gets infected with a virus that encrypts your files until you pay a ransom. It's extortion taken to its networked extreme. The criminals provide step-by-step instructions on how to pay, sometimes even offering a help line for victims unsure how to buy bitcoin. The price is designed to be cheap enough for people to pay instead of giving up: a few hundred dollars in many cases. Those who design these systems know their market, and it's a profitable one.

...

The lessons for users are obvious: Keep your system patches up to date and regularly backup your data. This isn't just good advice to defend against ransomware, but good advice in general. But it's becoming obsolete.

Everything is becoming a computer. Your microwave is a computer that makes things hot. Your refrigerator is a computer that keeps things cold. Your car and television, the traffic lights and signals in your city and our national power grid are all computers...

It's only a matter of time before people get messages on their car screens saying that the engine has been disabled and it will cost $200 in bitcoin to turn it back on. Or a similar message on their phones about their Internet-enabled door lock: Pay $100 if you want to get into your house tonight. Or pay far more if they want their embedded heart defibrillator to keep working.

This isn't just theoretical. Researchers have already demonstrated a ransomware attack against smart thermostats, which may sound like a nuisance at first but can cause serious property damage if it's cold enough outside. If the device under attack has no screen, you'll get the message on the smartphone app you control it from.

Hackers don't even have to come up with these ideas on their own; the government agencies whose code was stolen were already doing it. One of the leaked CIA attack tools targets Internet-enabled Samsung smart televisions.

...

These devices will be around for a long time. Unlike our phones and computers, which we replace every few years, cars are expected to last at least a decade. We want our appliances to run for 20 years or more, our thermostats even longer.

What happens when the company that made our smart washing machine -- or just the computer part -- goes out of business, or otherwise decides that they can no longer support older models? WannaCry affected Windows versions as far back as XP, a version that Microsoft no longer supports. The company broke with policy and released a patch for those older systems, but it has both the engineering talent and the money to do so.

That won't happen with low-cost IoT devices.

...

Solutions aren't easy and they're not pretty. The market is not going to fix this unaided. Security is a hard-to-evaluate feature against a possible future threat, and consumers have long rewarded companies that provide easy-to-compare features and a quick time-to-market at its expense. We need to assign liabilities to companies that write insecure software that harms people, and possibly even issue and enforce regulations that require companies to maintain software systems throughout their life cycle. We may need minimum security standards for critical IoT devices. And it would help if the NSA got more involved in securing our information infrastructure and less in keeping it vulnerable so the government can eavesdrop.

I know this all sounds politically impossible right now, but we simply cannot live in a future where everything -- from the things we own to our nation's infrastructure ­-- can be held for ransom by criminals again and again.

Russia’s cyberattack on the U.S. electoral system before Donald Trump’s election was far more widespread than has been publicly revealed, including incursions into voter databases and software systems in almost twice as many states as previously reported.

In Illinois, investigators found evidence that cyber intruders tried to delete or alter voter data. The hackers accessed software designed to be used by poll workers on Election Day, and in at least one state accessed a campaign finance database. Details of the wave of attacks, in the summer and fall of 2016, were provided by three people with direct knowledge of the U.S. investigation into the matter. In all, the Russian hackers hit systems in a total of 39 states, one of them said.

The scope and sophistication so concerned Obama administration officials that they took an unprecedented step -- complaining directly to Moscow over a modern-day “red phone.” In October, two of the people said, the White House contacted the Kremlin on the back channel to offer detailed documents of what it said was Russia’s role in election meddling and to warn that the attacks risked setting off a broader conflict.

But more important than any of this, we need to better secure our election systems going forward. We have significant vulnerabilities in our voting machines, our voter rolls and registration process, and the vote tabulation systems after the polls close. In January, DHS designated our voting systems as critical national infrastructure, but so far that has been entirely for show. In the United States, we don't have a single integrated election. We have 50-plus individual elections, each with its own rules and its own regulatory authorities. Federal standards that mandate voter-verified paper ballots and post-election auditing would go a long way to secure our voting system. These attacks demonstrate that we need to secure the voter rolls, as well.

Democratic elections serve two purposes. The first is to elect the winner. But the second is to convince the loser. After the votes are all counted, everyone needs to trust that the election was fair and the results accurate. Attacks against our election system, even if they are ultimately ineffective, undermine that trust and ­-- by extension ­-- our democracy. Yes, fixing this will be expensive. Yes, it will require federal action in what's historically been state-run systems. But as a country, we have no other option.

The world is filled with information in various shades or right and wrong. I highly recommend reading through the list of techniques for evaluating it. The first couple:

Recognize that bullshitters are different from liars, and be alert for both. To paraphrase the philosopher Harry Frankfurt, the liar knows the truth and leads others away from it; the bullshitter either doesn’t know the truth or doesn’t care about it, and is most interested in showing off his or her advantages.

Upon encountering a piece of information, in any form, ask, “Who is telling me this? How does he or she know it? What is he or she trying to sell me?” (Journalists have their own versions of these questions.) If you’d ask it at a car dealership, West suggested to the students, you should ask it online, too.

And one of my favorite:

Remember that if a data-based claim seems too good to be true, it probably is. Conclusions that dramatically confirm your personal opinions or experiences should be especially suspect...

We are moving toward a world where privacy may not exist, and security will be incredibly difficult. More of us need to be involved in the debate on how technology may be changing society, and what we should do about it. Bruce Schneier, quoted in full:

LyreBird is a system that can accurately reproduce the voice of someone, given a large amount of sample inputs. It's pretty good -- listen to the demo here -- and will only get better over time.

The applications for recorded-voice forgeries are obvious, but I think the larger security risk will be real-time forgery. Imagine the social engineering implications of an attacker on the telephone being able to impersonate someone the victim knows.

I don't think we're ready for this. We use people's voices to authenticate them all the time, in all sorts of different ways.

We've always been subject to propaganda from state and private powers, but now it's faster, in some ways more subtle... and potentially easier to study and counteract, because of the kinds and amount of data which big social networking companies now own. The author argues for Facebook to become more involved in countering other countries' interference, which is an admirable goal, though difficult to see how that might work for a company which wants to be friendly with every country in the world.

And it raises another issue we should all be watching very carefully: every change Facebook makes to what we see in our feeds significantly impacts what our society talks about. In fact, Facebook's released studies of how it can change people's moods. So what's Facebook's (and other social networks') responsibilities to the rest of society, and how do we ensure they're not abusing their power?

Be skeptical of everything, especially when it closely aligns with your biases. If you have the time, do a little digging.

President Donald Trump is about to resign as a result of the Russia scandal. Bernie Sandersand Sean Hannity are Russian agents. The Russians have paid off House Oversight Chair Jason Chaffetz to the tune of $10 million, using Trump as a go-between. Paul Ryan is a traitorfor refusing to investigate Trump’s Russia ties. Libertarian heroine Ayn Rand was a secret Russian agent charged with discrediting the American conservative movement.

These are all claims you can find made on a new and growing sector of the internet that functions as a fake news bubble for liberals, something I’ve dubbed the Russiasphere. The mirror image of Breitbart and InfoWars on the right, it focuses nearly exclusively on real and imagined connections between Trump and Russia. The tone is breathless: full of unnamed intelligence sources, certainty that Trump will soon be imprisoned, and fever dream factual assertions that no reputable media outlet has managed to confirm.

...

The fear is that this pollutes the party itself, derailing and discrediting the legitimate investigation into Russia investigation. It also risks degrading the Democratic Party — helping elevate shameless hucksters who know nothing about policy but are willing to spread misinformation in the service of gaining power. We’ve already seen this story play out on the right, a story that ended in Trump’s election.

“One of the failures of the Republican Party is the way they let the birther movement metastasize — and that ultimately helped Donald Trump make it to the White House,” says Brendan Nyhan, a professor at Dartmouth who studies the spread of false political beliefs. “We should worry about kind of pattern being repeated.”

...

There are, of course, legitimate issues relating to Trump’s ties to Russia — I’ve written about them personally over and over again. There are even legitimate reasons to believe that Trump’s campaign worked with Russian hackers to undermine Hillary Clinton. That may or may not turn out to be true, but it is least plausible and somewhat supported by the available evidence.

The Russiasphere’s assertions go way beyond that...