MySQL is the little engine that could. It powers sites like Facebook, YouTube, Twitter, and thousands of blogs, CMSes, and e-commerce sites. Its value to the world and to the development community could be measured in the hundreds of billions, and yet it’s free, and you can use it just by downloading it. Almost every programming language has drivers for it and it can run on so many operating systems and architectures, there’s really no limit on it.
Yet there’s a dark side. MySQL is full of gotchas and bugs, and it lacks features that sometimes call into question its status as a real database. The documentation is often open-ended and confusing, with gaps in key parts. If you want to run it, you have the option of using it on Linux, Mac, Solaris, or Windows and every hosting company or provider like Amazon AWS has their own managed service, each with its own quirks and limitations. The user community has also produced thousands of projects, with varying degrees of completeness and support.
A simple question like “how do I back my system up?” has at least 5 good answers, each with their own advocates, tutorials, and scripts. In short, the MySQL world is a crazy bazaar that is at times overwhelming.
I want to cut through confusion
I’m writing a book to help take away the confusion and provide an opinionated guide that cuts through the confusion and provides you knowledge you need to get back to your other job(s). Your boss, your team, and your customers don’t want to hear “I’m researching 5 possible solutions.” They want to hear, “I have a great solution and I’ve implemented it.” This book is your fast-track through the most common issues I’ve encountered in MySQL.
Every time I read about team giving up on MySQL because MongoDB is easier, I cry a little bit. MySQL is so simple and easy, it’s been tested and debugged over decades, and there’s so much community support from utilities, scripts, blogs, and tutorials. I want to convince you that with a little knowledge, MySQL is easier than Mongo, and it will help you and your company make money.
Another trouble is with proprietary databases. Many people are under the impression that Oracle or SQL Server have the corner on performance, that they are not bounded by the laws of computer science. While Oracle and SQL Server have pretty awesome technology that lets them sort out horrific queries, with good schema design and well-written queries, MySQL can churn out tens of thousands of requests a second (and some benchmarks put that up to hundreds of thousands), which for most workloads is plenty.
My background is that I’m a senior DBA who’s worked on MySQL with small teams. I came from a Microsoft background and decided I wanted to go over to Linux/MySQL side of the house. I’m now writing the book I wish I had when I first started. I want to empower MySQL users who like me are under pressure but who want to take those steps that will pay off in the end, like good schema design and a solid backup and recovery plan.
I started writing when I saw a pattern of confusion and lack of knowledge among my coworkers or people on StackOverflow, Reddit, and HackerNews. I’ve helped my team understand and use MySQL, and I think I can help you too.
Throughout my career, I’ve made mistakes that I want to give you a chance to avoid. I’ll also guide you through those mistakes that you can recover from (writing a badly performing query) to those that might be a career limiting move (forgetting to monitor a production server).
Audience
The first audience for this book is those who’ve used MySQL but want to get a solid foundation. There are some things that you must do if you’re developing on MySQL or if you’re in charge of a MySQL server, and I want to give you a simple guide to the essentials, as well as pointers to further research if you want to go deeper.
Another value I want to add is pep talks throughout urging you not to give into short-term laziness when it buys you long-term trouble. I won’t nag you, but I want to give you motivation to do those things that don’t have an immediate payout but in the long run are well worth it.
This guide was also meant for entrepreneurs who are focused on building a product. I created a blueprint for using MySQL effectively for you to read quickly, apply what you’ve learned, and get back to work. I want to save you time and sleepless nights.
The benefit
Why should you get this book? Two main reasons: it will reduce the risks of using MySQL while maximizing its power. Effective backups, scalable queries, and well-defined schema save you costs down the road. The end result is that you play less for your database (yes, even though MySQL is free, it still has a price). On the other hand, it will increase your revenue. I’m basing this off of a simple principle that the faster you can release a feature, the faster you can sell it to customers, and the more revenue you get. This book will show you those things you can do to complete your features faster. What’s faster than fast? How about no time at all. I want to show you the tools that are already complete, ready for your use.
I’m not going to claim I know everything about MySQL and this guide will be the end all, be all of MySQL books. I’m still learning, but I wanted to provide a way for others to benefit from what I’ve already learned. If you’ve read this far, sign-up below and get updates on the book.
Want to hear more about my book and what I’ve learned about MySQL? You can subscribe below and I’ll send you updates. I’ll also send out stuff on MySQL like tips and tutorials.
Email
Your Name
No spam
via Planet MySQL
MySQL Simplified
A Course on MySQL Backups
I’ve written a short course on MySQL backups. It’s really a MySQL backup starter kit, giving you the basics of what you need to make sure your system is protected. The real gem in this course is XtraBackup, which is a tool that allows you to backup your MySQL server without blocking other transactions. You see, MySQL doesn’t have that out of the box. You have to spend a bunch of money with Oracle to get that otherwise. Hot backups are pretty necessary if you care about uptime, so I’m excited about XtraBackup.
Here are the topics I cover:
Simple backups
Even though XtraBackup is a great tool, no MySQL user’s knowledge would be complete without knowing how to take a mysqldump. Simple backups are just useful for moving data from server to server, or perhaps migrating your data to, say, PostgreSQL.
Disaster Recovery Plans
Okay, so this isn’t the sexiest topic, but a plan for what to do during a disaster is a great investment. Trust me, you will have a disaster, even if you’re a small shop (Go here, Ctrl+f for MySQL). You need a plan and you need to try it out at least once. Give me twenty minutes and I’ll save you heartache.
XtraBackup
This is the big gun. Learn how to use the most powerful MySQL backup tool so you can have a site without any downtime. If you don’t know about this tool, you’re missing out. This is a lifesaver for MySQL users.
Testing backups
Although it’s almost as boring as a recovery plan, you must test your backups. Get tips on how to do that with speed and with confidence. I know that if something’s hard or it’s confusing, people will just avoid doing it. Let me clear that up and get you going.
Sign-up below!
Want to see how Facebook, Imgur, and Pinterest do their backups? Take my 4-week course on MySQL backups. You’ll learn backup basics and how to protect your system from the most dangerous threats. Then you’ll learn how the big boys do their backups.
In just a few lessons, you’ll know to backup your system like a pro.
Email
Your Name
No spam
via Planet MySQL
A Course on MySQL Backups
Civil Liberties Board Completely Destroys Arguments For Bulk Metadata Collection: Program Is Both Illegal And Unconstitutional
As expected, the Privacy and Civil Liberties Oversight Board (PCLOB) has come out with it’s quite scathing report concerning the federal government’s interpretation of Section 215 of the PATRIOT Act. The full report is quite readable and well worth reading, no matter how familiar you are with the program. If you’re not familiar, it lays out all the details. If you are familiar, it still may fill in a number of useful gaps as well. While the full recommendations and conclusions were not supported unanimously by the board, the majority did agree that not only is the program unconstitutional, but that it involves a gross misinterpretation of the law. The executive summary makes the point pretty clearly:
Section 215 is designed to enable the FBI to acquire records that a business has in its possession, as part of an FBI investigation, when those records are relevant to the investigation. Yet the operation of the NSA’s bulk telephone records program bears almost no resemblance to that description. While the Board believes that this program has been conducted in good faith to vigorously pursue the government’s counterterrorism mission and appreciates the government’s efforts to bring the program under the oversight of the FISA court, the Board concludes that Section 215 does not provide an adequate legal basis to support the program.
There are four grounds upon which we find that the telephone records program fails to comply with Section 215. First, the telephone records acquired under the program have no connection to any specific FBI investigation at the time of their collection. Second, because the records are collected in bulk — potentially encompassing all telephone calling records across the nation — they cannot be regarded as “relevant” to any FBI investigation as required by the statute without redefining the word relevant in a manner that is circular, unlimited in scope, and out of step with the case law from analogous legal contexts involving the production of records. Third, the program operates by putting telephone companies under an obligation to furnish new calling records on a daily basis as they are generated (instead of turning over records already in their possession) — an approach lacking foundation in the statute and one that is inconsistent with FISA as a whole. Fourth, the statute permits only the FBI to obtain items for use in its investigations; it does not authorize the NSA to collect anything.
In addition, we conclude that the program violates the Electronic Communications Privacy Act. That statute prohibits telephone companies from sharing customer records with the government except in response to specific enumerated circumstances, which do not include Section 215 orders.
Finally, we do not agree that the program can be considered statutorily authorized because Congress twice delayed the expiration of Section 215 during the operation of the program without amending the statute. The “reenactment doctrine,” under which Congress is presumed to have adopted settled administrative or judicial interpretations of a statute, does not trump the plain meaning of a law, and cannot save an administrative or judicial interpretation that contradicts the statute itself. Moreover, the circumstances presented here differ in pivotal ways from any in which the reenactment doctrine has ever been applied, and applying the doctrine would undermine the public’s ability to know what the law is and hold their elected representatives accountable for their legislative choices.
Basically, in those four short paragraphs, the PCLOB dismantles nearly all of the arguments that people have put forth to support the bulk collection of metadata, and make it clear that the DOJ, NSA and FISC are clearly twisting the plain language meaning of Section 215 to support what is ultimately an unconstitutional program.
On that front, the report notes clearly the Constitutional issues:
The NSA’s telephone records program also raises concerns under both the First and Fourth Amendments to the United States Constitution. We explore these concerns and explain that while government officials are entitled to rely on existing Supreme Court doctrine in formulating policy, the existing doctrine does not fully answer whether the Section 215 telephone records program is constitutionally sound. In particular, the scope and duration of the program are beyond anything ever before confronted by the courts, and as a result of technological developments, the government possesses capabilities to collect, store, and analyze data not available when existing Supreme Court doctrine was developed. Without seeking to predict the direction of changes in Supreme Court doctrine, the Board urges as a policy matter that the government consider how to preserve underlying constitutional guarantees in the face of modern communications technology and surveillance capabilities.
While the PCLOB repeatedly states it believes that the government acted in good faith, it nonetheless finds the program immensely troubling. The idea that collecting all phone metadata is okay simply is not supported by what the law itself actually says:
Notably, Section 215 requires that records sought be relevant to “an” authorized investigation. Elsewhere, the statute similarly describes the records that can be obtained under its auspices as those sought “for an investigation.” The use of the singular noun in these passages signals an expectation that the records are being sought for use in a specific, identified investigation. This interpretation is reinforced by the requirement that the FISA court make specific findings about the investigation for which the records are sought — that it is supported by a factual predicate, conducted according to guidelines approved by the Attorney General, and not based solely upon activities protected by the First Amendment when conducted of a U.S. person.
[….] The government’s approach, in short, has been to declare that the calling records being sought are relevant to all of the investigations cited in its applications. This approach, at minimum, is in deep tension with the statutory requirement that items obtained through a Section 215 order be sought for “an investigation,” not for the purpose of enhancing the government’s counterterrorism capabilities generally. Declaring that the calling records are relevant to every counterterrorism investigation cited by the government is little different, in practical terms, from simply declaring that they are relevant to counterterrorism in general.
That is particularly so when the number of calling records sought is not limited by reference to the facts of any specific investigation. At its core, the approach boils down to the proposition that essentially all telephone records are relevant to essentially all international terrorism investigations. The Board does not believe that this approach comports with a fair reading of the statute.
Moreover, this approach undermines the value of an important statutory limitation on the government’s collection of records under Section 215. The statute provides that records cannot be obtained for a “threat assessment,” meaning those FBI investigatory activities that “do not require a particular factual predicate.”201 By excluding threat assessments from the types of investigations that can justify an order, Congress directed that Section 215 not be used to facilitate the broad and comparatively untethered investigatory probing that is characteristic of such assessments. But by collecting the nation’s calling records en masse, under an expansive theory of their relevance to multiple investigations, the NSA’s program undercuts one of the functions of the “threat assessment” exclusion: ensuring that records are not acquired by the government without some reason to suspect a connection between those records and a specific, predicated terrorism investigation. While the rules governing the program limit the use of telephone records to searches that are prompted by a specific investigation, the relevance requirement in Section 215 restricts the acquisition of records by the government.
The PCLOB clearly sees through the feds’ ridiculous re-interpretation of the word "relevant" as well — calling it "untenable" and "dangerously overbroad."
The government has argued, and the FISA court has agreed, that essentially the entire nation’s calling records are “relevant” to every counterterrorism investigation cited in the government’s applications to the court. This position is untenable. Moreover, the interpretation of Section 215 adopted by the FISA court is dangerously overbroad, leading to the implication that virtually all information may be relevant to counterterrorism and therefore subject to collection by the government.
Later, the report argues that the government’s interpretation "is circular and deprives the word ‘relevant’ of any interpretive value."
All records become relevant to an investigation, under this reasoning, because the government has developed an investigative tool that functions by collecting all records to enable later searching. The implication of this reasoning is that if the government develops an effective means of searching through everything in order to find something, then everything becomes relevant to its investigations. The word “relevant” becomes limited only by the government’s technological capacity to ingest information and sift through it efficiently.
The PCLOB also totally debunks the line trotted out by numerous NSA defenders that this program is no different than a grand jury subpoena. Not so, says the board:
To determine what might be the outer limits of a grand jury subpoena, we have examined both the cases cited by the government and others. There has never been a grand jury subpoena as broad as the FISA court’s Section 215 orders. And contrary to the government’s suggestion, the case law does not hold that the breadth of a grand jury subpoena is unlimited, but rather that a subpoena must be designed to address the circumstances of a specific investigation.
One decision, In re Grand Jury Proceedings, merely explains that district courts assessing the relevance of subpoenaed materials should not proceed “document-by-document,” but should instead evaluate whether each “broad category” of requested materials could contain possibly relevant documents. The former approach would “unduly disrupt the grand jury’s broad investigatory powers” and force the government “to justify the relevancy of hundreds or thousands (or more) of individual documents, which it has not yet even seen[.]” Often the government “is not in a position to establish the relevancy with respect to specific documents,” because “it may not know the precise content of the requested documents” and “it may not know precisely what information is or is not relevant at the grand jury investigative stage.” Accepting the “incidental” production of irrelevant documents, when measured by the hundreds or thousands, does not support the legitimacy of the Section 215 calling records program, in which the NSA potentially collects billions of records per day with full knowledge that virtually all of them are irrelevant.
It goes on to point to a number of other cases and how the government’s interpretation of them is simply bogus.
It also points out that screaming "but… but… terrorism!" is no excuse either:
Finally, the heightened importance of counterterrorism investigations, as compared with typical law enforcement matters, does not alter the equation. Items either are relevant to an investigation or they are not — the significance of that investigation is a separate matter. No matter how critical national security investigations are, therefore, some articulable principle must connect the items sought to those investigations, or else the word “relevant” is robbed of meaning. Congress added a relevance requirement to Section 215 in 2006 knowing full well that the statute governs national security investigations. It cannot, therefore, have meant for the importance of such investigations to efface that requirement entirely.
There’s also an interesting tidbit, noting that Section 215 was designed specifically and solely for the FBI, not the NSA — yet it is used here by the NSA (who then may share the info with lots of other agencies):
Section 215 expressly allows only the FBI to acquire records and other tangible things that are relevant to its foreign intelligence and counterterrorism investigations. Its text makes unmistakably clear the connection between this limitation and the overall design of the statute. Applications to the FISA court must be made by the director of the FBI or a subordinate. The records sought must be relevant to an authorized FBI investigation. Records produced in response to an order are to be “made available to,” “obtained” by, and “received by” the FBI.
[….] Under the bulk telephone records program, however, the FBI does not receive any records in response to the FISA court’s orders. While FBI officials sign every application seeking to renew the program, the calling records produced in response to the court’s orders are never “made available to the Federal Bureau of Investigation” or “received by the Federal Bureau of Investigation,” as called for by the statute.335 Instead, the FISA court’s orders specifically direct telephone companies to “produce to NSA” their calling records — thwarting congressional intentions regarding the role each agency is to play in counterterrorism efforts that involve the collection of information within the United States about Americans.
In compliance with the FISA court’s orders, telephone companies that are subject to this program transmit their calling records to the NSA. The records are not delivered to the FBI and are never passed on to the FBI by the NSA. Instead, the NSA stores the records in its own databases, conducts its own analysis of them, and provides reports to various federal agencies — including but not limited to the FBI — with information about telephone communications that “the NSA concludes have counterterrorism value.”
In fact, the PCLOB notes, the FISC orders on this program actually prohibit the NSA from giving much of the information to the FBI, despite the fact that the law is only designed to be used by the FBI.
There’s another section detailing how the FISA Court more or less ignores ECPA (the Electronic Communications Privacy Act) which the bulk metadata collection program clearly violates. The report notes that the FISC more or less admits this, and then says that Congress couldn’t really have meant to say what the ECPA law says.
The FISA court concluded that its orders authorizing the NSA’s program were consistent with ECPA. In reaching this conclusion, the court first determined that the terms of Section 215 and ECPA were in tension. Both statutes could not both be given “their full, literal effect,” wrote the court, because Section 215 authorizes the production of “any tangible things,” and applying the prohibitions of ECPA would limit the meaning of the word “any.”
Instead, the PCLOB gives a fairly compelling argument for why the FISC is just wrong on this:
As the FISA court acknowledged, the very statute that created Section 215, the Patriot Act, also amended ECPA “in ways that seemingly re-affirmed that communications service providers could divulge records to the government only in specified circumstances” — without including FISA court orders issued under Section 215. The fact that the same statute both created Section 215 and amended ECPA, but without adding an exception to ECPA for Section 215 orders, undermines the notion that ECPA and Section 215 are in conflict, and provides an additional basis for strictly adhering to ECPA’s prohibitions by not inferring unwritten exceptions to those prohibitions. It also demonstrates that another fundamental canon of statutory construction applies here — that the inclusion of some implies the exclusion of others not mentioned. “Where there is an express exception, it comprises the only limitation on the operation of the statute and no other exceptions will be implied.” Congress did not add an exception to ECPA for Section 215 orders, even though it amended ECPA in other ways at the same time that it created Section 215. That omission should be respected.
As for the claim that because Congress re-enacted Section 215, it clearly approves of the bizarre reinterpretation of it by the FISC and the executive branch, the PCLOB rejects this, claiming it, too, is a "novel proposition" reinterpreting the "reenactment doctrine" beyond its intended purpose. And part of that, of course, is the fact that the FISA and NSA/DOJ interpretations were all kept really secret from Congress:
The “reenactment doctrine” does not trump the plain meaning of a law, but rather is one of many interpretive tools that come into play when statutory ambiguity demands an inquiry into congressional intent. Reenactment, in other words, “cannot save” an administrative or judicial interpretation that contradicts the requirements of the statute itself. And for the many reasons explained above, any interpretation of Section 215 that would authorize the NSA’s telephone records program is irreconcilable with the plain words of the statute, its manifest purpose, and its role within FISA as a whole.
Even if Section 215 were sufficiently ambiguous to justify an inquiry into congressional intent, the circumstances presented here are unlike any in which the reenactment doctrine has ever been applied — and the differences are pivotal. First, there was no judicial interpretation of Section 215 of which Congress could have been aware in 2010 or 2011: at that time the FISA court had never issued any opinion explaining the legal rationale for the NSA’s program under Section 215, but had merely signed orders authorizing the program. Second, even if the FISA court’s orders, combined with the government’s applications to the court, are viewed as an “interpretation” of Section 215, members of Congress may have been prohibited from reading those orders and those applications (except for members of the intelligence and judiciary committees) by operation of committee rules. Thus, to apply the reenactment doctrine here, Senators and Congressmen must be presumed to have adopted an “interpretation” that they had no ability to read for themselves. Third, even if being apprised of the NSA’s program were equivalent to being made aware of a judicial interpretation of a statute, applying the reenactment doctrine is improper where members of Congress must try to comprehend a secret legal interpretation without the aid of their staffs or outside experts and advocates. That scenario robs lawmakers of a meaningful opportunity to gauge the legitimacy and implications of the legal interpretation in question. Fourth, Congress did not reenact Section 215 at all in 2010 and 2011, but merely delayed its expiration. To our knowledge, no court has applied the reenactment doctrine under a combination of circumstances remotely like this.
Oh, and then there’s this:
Finally, even if Section 215 were ambiguous about whether it authorizes the NSA’s bulk collection of telephone records, and even if the reenactment doctrine could be extended to the novel circumstances presented here, doing so would undermine the ability of the American public to know what the law is, and to hold their elected representatives accountable for their legislative choices. Applying the reenactment doctrine to legitimize the government’s interpretation of Section 215, therefore, is both unsupported by legal precedent and unacceptable as a matter of democratic accountability.
In other words, no, you can’t have secret laws and secret interpretations.
Moving on to the constitutional questions, the PCLOB takes a look at the 4th Amendment and the third party doctrine. Unlike many knee jerk NSA defenders, the PCLOB notes that there are significant problems with applying the infamous Smith v. Maryland ruling to the bulk metadata collection program:
[Smith v. Maryland] does not provide a good fit for the telephone records program, particularly in light of rapid technological changes and in light of the nationwide, ongoing nature of the program. The NSA’s Section 215 program gathers significantly more information about each telephone call and about far more people than did the pen register surveillance approved in Smith (essentially everyone in the country who uses a phone) and it has collected that data now for nearly eight years without interruption.441 In contrast, the pen register approved in Smith v. Maryland compiled only a list of the numbers dialed from Michael Lee Smith’s telephone. It did not show whether any of his attempted calls were actually completed — thus it did not reveal whether he engaged in any telephone conversations at all. Naturally, therefore, the device also did not indicate the duration of any conversations. Furthermore, the pen register provided no information about incoming telephone calls placed to Smith’s home, only the outbound calls dialed from his telephone.
The pen register was in operation for no more than two days. And finally, the device recorded only the dialing information of one person: Smith himself. The police had no computerized ability to aggregate Smith’s dialing records with those of other individuals and gain additional insight from that analysis.
In contrast, for each of the millions of telephone numbers covered by the NSA’s Section 215 program, the agency obtains a record of all incoming and outgoing calls, the duration of those calls, and the precise time of day when they occurred. When the agency targets a telephone number for analysis, the same information for every telephone number with which the original number has had contact, and every telephone number in contact with any of those numbers. And, subject to regular program renewal by the FISA court, it collects these records every day, without interruption, and retains them for a five year time period. Sweeping up this vast swath of information, the government has explained, allows the NSA to use “sophisticated analytic tools” to “discover connections between individuals” and reveal “chains of communication” — a broader power than simply learning the telephone numbers dialed by a single targeted individual.
To illustrate the greater scope of the NSA’s program, the pen register discussed in Smith might have shown that, during the time that Michael Lee Smith’s telephone was monitored, he dialed another number three times in a single day. That information could have simply evinced three failed attempts to reach the other number. The NSA’s collection program, however, would show not only whether each attempted call connected but also the precise duration and time of each call. It also would reveal whether and when the other telephone number called Smith and the length and time of any such calls. Because the NSA collects records continuously and stores them for five years, it would be in a position to see how frequently those two numbers contacted each other during the preceding five years and the pattern of their contact. And because the agency would have full access to the calling records of the other telephone number as well, it could examine the activity of that other number and see, for instance, whether it ever communicated with any of the same numbers as Smith over a five-year period, or what numbers it communicated with around the time of its calls with Smith. The agency could then do the same thing for every other number that Smith had communicated with in the past five years, employing what it calls contact-chaining analysis. It could then go further and analyze the complete calling records of every number that was called by any of the numbers that ever communicated with Smith — going three “hops” from the original number.
But, that’s not all. The report (like many others) slams the Supreme Court’s reasoning in Smith, quotes "the leading academic treatise" and even third party doctrine supporter Orin Kerr, highlighting how almost no serious scholar thinks the Supreme Court’s reasoning in Smith v. Maryland makes much sense. It quotes numerous other Supreme Court justices and other courts who find the majority ruling in Smith to be profoundly nonsense, and a dangerous attack on the 4th Amendment. And then points out why all of those critics were right:
The implications of this all-or-nothing approach to privacy have grown since the 1970s, as Americans increasingly must share personal information with companies in order to avail themselves of services and products that have become typical features of modern living. Another major criticism of the third-party doctrine, which has gained increased salience in light of these developments, challenges the notion that a customer of such companies, simply by “revealing his affairs to another,” truly chooses to risk “that the information will be conveyed by that person to the Government.” This criticism rejects the idea that conducting business that is essential to contemporary life represents a voluntary decision to lay bare the details of one’s habits to governmental scrutiny.
“For all practical purposes,” Justice Brennan observed in his Miller dissent, “the disclosure by individuals or business firms of their financial affairs to a bank is not entirely volitional, since it is impossible to participate in the economic life of contemporary society without maintaining a bank account.”
Moving on to the First Amendment, the PCLOB also notes serious questions about whether or not the bulk metadata collection violates the prohibition on Congress not to pass laws that infringe on free speech and free association. Citing the NAACP v. Alabama case that clearly stated that having a government reveal groups and associations would violate the First Amendment, the PCLOB takes issue with the collection of so much metadata, that clearly reveals who people associate with:
Although the NSA’s telephone records program does not include an overt disclosure requirement of the type evaluated in such cases as NAACP v. Alabama, its operation similarly results in the compulsory disclosure of information about individuals’ associations to the government. Like the government’s collection of membership lists, its bulk collection of telephone records makes that information available for government analysis and can create a chilling effect on those whose records are being collected.
[….] By indefinitely collecting information about all Americans’ telephone calls, the NSA’s telephone records program clearly implicates the First Amendment freedoms of speech and association. The connections revealed by the extensive database of telephone records gathered under the program will necessarily include relationships established among individuals and groups for political, religious, and other expressive purposes. Compelled disclosure to the government of information revealing these associations can have a chilling effect on the exercise of First Amendment rights.
There’s much more in the report worth reading, but those are many of the highlights. Honestly, much of it could be turned into the legal briefs that could eventually be used in court against the program.
Next up, the PCLOB will be releasing a report looking at Section 702 of the FISA Amendments Act and programs like PRISM that fit under it. I imagine that will be equally interesting.
Permalink | Comments | Email This Story
via Techdirt.
Civil Liberties Board Completely Destroys Arguments For Bulk Metadata Collection: Program Is Both Illegal And Unconstitutional
Five Steps to Take Immediately If You’re the Victim of Identity Theft
Identity theft has topped the list of consumer complaints filed with the FTC for 13 consecutive years and there’s no evidence that this year it won’t make the list for the 14th. Just how many victims of identity theft are there each year? While we don’t yet have the figures for 2013, a Javeline report puts the numbers from 2012 at 12.6 million.
This post originally appeared on Credit Sesame.
Factor in the more than 70 million Americans impacted by the recent Target and Niemen Marcus data breaches, and it’s clear why identity theft is a major concern for many Americans.
Identity theft takes many forms. Some of the most common include:
- Credit card fraud
- False applications for new credit
- Fraudulent withdrawals from a bank account
- Fraudulent use of telephone calling cards
- Fraudulent use of an IP address in order to engage in illegal acts online
- Fraudulent use of medical care
- Social security fraud (for tax and employment fraud)
If you know or suspect that you are the victim of identity theft, there are steps you should take immediately to stop the theft and minimize the damage.
Put a Security Freeze on Your Credit Report
Be sure to request a copy of your credit report from each agency (Experian, Equifax and TransUnion). If you find fraudulent items on your credit report(s), the simplest way to begin the dispute process is to click the item while viewing your credit report online. The agency will tell you what steps to take next.
With a security freeze in place, no one can obtain new credit in your name. New applications will be automatically denied. Each agency has a procedure for temporarily "thawing" your file in order to allow a legitimate application to be processed.
Contact Any Institution Directly Affected
For example, if you know your credit card was stolen, report the theft to the credit card issuer. If your checkbook was stolen, contact your bank.
For this step it’s really helpful if you’ve prepared a list of institutions and phone numbers in advance. You don’t have to write account numbers down on the list–that would be just one more way for a thief to gain access to your personal information. But do keep a list of what’s in your wallet, along with the contact information for each item.
Contact the Federal Trade Commission (FTC)
File an Identity Theft Affidavit and create an Identity Theft Report. You can file your report online, by phone (toll-free): 1-877-ID THEFT (877-438-4338); TDD (toll-free): 1-866-653-4261, or by mail—600 Pennsylvania Ave., Washington DC 20580.
The FTC will provide you with information about what to do next, depending on what type of fraud was (or may have been) committed.
File a Police Report
To complete the Identity Theft Report, you’ll need to contact your local law enforcement office and report the theft. Be sure to get a copy of the police report and/or the report number. Both your police report and the FTC Identity Theft Affidavit combine to create your Identity Theft Report. Your Identity Theft Report will help you when working with the credit reporting agencies or any other companies the identity their may have used to open accounts in your name.
Protect Your Social Security Number
If your social security number was or may have been compromised, contact the Social Security Administration (800-269-0271) and the Internal Revenue Service(800-829-0433).
It’s important to talk to the SSA if you have reason to believe your social security number has been compromised, even if you don’t yet see any evidence of financial fraud. A thief could be planning to swipe your tax refund, or to obtain employment in your name.
In addition to these five steps, if you have reason to believe the identity thief may have submitted a fraudulent change-of-address to the post office or has used the U.S. mail to commit the fraud against you, contact the Postal Inspection Service, which is the law enforcement and security branch of the post office. Fill out the online form.
For more information about how to prevent or recover from identity theft, the U.S. Department of Justice and the Federal Trade Commission offer a wealth of information and will walk you through the steps.
5 Steps to Take Immediately If You’ve Been the Victim of Identity Theft | Credit Sesame
Kimberly Rotter is a writer, businesswoman, and mother in San Diego, CA. She holds a Bachelor’s degree in English, a Master’s degree in Business Administration, and a Graduate Certificate in Distance Education. Kim and her husband own two homes, a couple of vehicles, and a few investments, and they live with minimal debt. Both are successfully self-employed, each in their own field. Learn more at RotterWrites.com.
Want to see your work on Lifehacker? Email Tessa.
via Lifehacker
Five Steps to Take Immediately If You’re the Victim of Identity Theft
10 MySQL settings to tune after installation
Configuring MySQL may look challenging as hundreds of settings are available. However you can get a MySQL server with good performance by adjusting a few settings only. Peter already gave some recommendations, but things have changed a lot in the MySQL world since then! Considerations to keep in mind Even experienced people can make mistakes […]
The post 10 MySQL settings to tune after installation appeared first on MySQL Performance Blog.
via MySQL Performance Blog
10 MySQL settings to tune after installation
4 Not-so-Secret Tricks to Speed up Your Lightroom Workflow
Do you want to speed up your Lightroom workflow? You’re not alone – I get countless requests from people to help them optimize their photo processing workflow. However, because it is so commonly asked, it is also frequently answered and this makes it difficult to add a fresh spin on a topic that hasn’t changed much […]
The post 4 Not-so-Secret Tricks to Speed up Your Lightroom Workflow by John Davenport appeared first on Digital Photography School.
via Digital Photography School
4 Not-so-Secret Tricks to Speed up Your Lightroom Workflow
Clean the Grime Between Your Oven’s Window with a Hanger
When you clean your oven, chances are one area will still be neglected and dirty: the oven window glass. That’s because stains can get caught between the glass window. Anna Moseley shows us how to finally clean it, using a hanger and a glass cleaning wipe.
Essentially, you wrap the cleaning wipe around a straightened hanger and secure it with a rubber band. Then, slide the cleaning "contraption" through the slot between the door and the glass (found on the bottom of the oven door). Anna lay on the floor to do this, but you should be able to take the door off the oven instead. (Try lifting the door up when it’s opened slightly or checking your oven manual.)
After this, you’ll have a pristine oven door which you can actually see through.
How to Clean Between Oven Window Glass | Ask Anna
via Lifehacker
Clean the Grime Between Your Oven’s Window with a Hanger
20 Inspiring Free WordPress Themes To Start Anew in 2014
Christmas and New Year have been and gone. If reshaping your WordPress site is one of your New Year’s resolutions, the following article is for you. The following themes have all been created between December 2013 and today, thus can be called the freshest there are. 17 of our 20 newcomers work fully responsive, a trend that has been on the rise for quite a while now. Also growing is the amount of themes which are based on Bootstrap, retina-ready or working with Google Fonts. We are sure you’ll find your next blog layout among the following. All these themes are free, though some have commercial variants available. We stated that where applicable…
via noupe
20 Inspiring Free WordPress Themes To Start Anew in 2014
Meet The Malware That Took Down Target
The inimitable Brian Krebs has found some interesting details about the massive Target credit card breach that exposed millions of pieces of customer data over the holidays. The hackers used a specific form of malware dedicated to grabbing sensitive data out of hardened point of sale terminals.
via TechCrunch
Meet The Malware That Took Down Target
Previously-Unseen Photos of Challenger Disaster Appear Online
Nerval’s Lobster writes "Twenty-six photos of the space shuttle Challenger disaster have appeared online. According to io9, "Michael Hindes of West Springfield, MA, was sorting through boxes of his grandparents’ old photographs when he happened upon 26 harrowing photos of the Space Shuttle Challenger Disaster of 1986. To his knowledge, these photos have never been publicly released." Hindes told the Website that the photographer was "a friend of his grandfather, who worked for NASA as an electrician on the Agency’s hulking, spacecraft-schlepping crawler transporters." Someone at Reddit (which also has a lengthy thread devoted to the images) also threw together a GIF of the liftoff and subsequent explosion."
Read more of this story at Slashdot.
via Slashdot
Previously-Unseen Photos of Challenger Disaster Appear Online