Stay up to Date
Our daily roundup of San Diego’s most important stories (Monday-Friday)
This post has been updated.
The California Supreme Court decided that former Mayor Jerry Sanders played such an important role conceiving of and developing a ballot measure to eliminate pensions for city employees that it was his own proposal. Thus, he should have, as the city’s chief labor negotiator, met with labor unions first about it.
The court didn’t invalidate the law, though. It sent it back to the Court of Appeal to decide what to do.
With that, the court put the city of San Diego on notice that it could be in for an unimaginably complex series of negotiations and changes.
Scott Lewis took a look at what happened, what it means and how we got here.
For years, the city has been on a $67 million mission to install smart meters citywide to provide more accurate, real-time data on water use and it’s repeatedly tried to downplay problems with those meters.
But new emails obtained by Voice of San Diego and NBC 7 Responds reveal the city has known about problems with its smart meter program since at least 2016.
A representative from Atlanta-based distributor Mueller Water Products requested a meeting with city officials to talk about issues with the meters in April 2016, meaning the city has been aware of issues with the equipment for more than two years.
The city has spent about $7 million to buy 74,000 Hersey-brand water meters from Atlanta-based Mueller Water Products since 2010 and is behind on its schedule to complete the broader project.
Earlier this year, as complaints about high water bills spiked, an assistant director of the water department tried to thwart an audit of the smart meter program.
The city auditor is now digging into the smart meter program and is expected to release his review soon.
Flying the friendly skies is an ordeal, and now comes news that just sitting on the ground and connecting to airport Wi-Fi can put you in big jeopardy. A report released last month by an Internet security firm declared that San Diego International Airport is the nation’s worst when it comes to cybersecurity.
“These are the 10 airports where you’re most likely to be hacked,” declared CNBC. And there we are at No. 1, with the highest “threat score.”
The full report, by the security firm Coronet, said the airport was targeted by “an Evil Twin Wi-Fi access point with the name ‘#SANfreewifi.'”
I got in touch with Evan Goldberg, the firm’s vice president of client service, to get more details.
What makes Wi-Fi at the San Diego airport so risky?
It had the most vulnerabilities with the most severe potential impact on users. The risk is when users connect to Wi-Fi at the airport – not necessarily only the airport’s own Wi-Fi but the airlines, lounges, restaurants, etc., as well.
What’s an “Evil Twin Wi-Fi access point”?
An evil twin pretends to be a legitimate Wi-Fi network, luring users to connect to it.
The airport has one Wi-Fi network, but many nodes with the same name. The attacker creates a node with the same name. The device and the user can’t distinguish between the legitimate and the malicious nodes, which is exactly the crux of the vulnerability.
What is the hacker after?
In this case, he performed an ARP Poisoning attack, which means he changed the routing of the data from the devices connected to him and ensured they go through his servers so he would be able to steal that data.
Do you know if that fake network still exists at the airport?
As of this morning [July 31], it was still there.
What can passengers do to protect themselves other than use your service?
Using a personal hotspot reduces the risk significantly. VPN is a distant second, as we now know most VPNs leak and are not a very good solution.
The airport sent a statement to NBC 7 saying that “while we don’t fully understand the methodology used to generate the report, the protection of sensitive information is always a priority for the airport. … The airport employs tools to quickly identify, locate, and disable malicious rogue wireless access points.”
Has the airport gotten in touch with you about your findings regarding its security?
As far as I know nobody has reached out to us.
– Randy Dotinga
Update: After this post published, Rebecca Bloomfield, a spokeswoman for the airport, disputed Goldberg’s comments.
“Mr. Goldberg incorrectly states that a rogue wireless access point is still present at the airport. The rogue device, which first appeared and was found on May 31, was located and deactivated within three hours of its presence being detected. Law enforcement officials were engaged for appropriate follow-up. There is no rogue wireless access point present today,” she wrote.
But Coronet stands by its report and says it located a rogue access point long after the airport claims it was eradicated.
“We stand by our report, the data in it is correct, and the claim that the evil twin was disabled within 3 hours is not supported by our data,” CISO and co-founder Dror Liwer wrote in a statement. “At this time, that specific attack is no longer present, but it most certainly was present when we originally pulled our data a few weeks ago.”
Ocean temperatures at Scripps Pier in La Jolla on Wednesday hit their highest point since UC San Diego’s Scripps Institution of Oceanography first began taking readings there more than 100 years ago.
The Union-Tribune reports that sea surface temperature this week reached 78.6 degrees, higher than a previous record set in 1931.
Ocean temperatures have been above average long the coastline most of the summer and scientists aren’t certain why.
Times of San Diego warns us to expect a serious heat wave next week.
Another side effect of all this heat: 10News reports it’s leading coyotes to emerge in search of water and cooler spaces.
The Morning Report was written by Lisa Halverstadt and Kinsee Morlan, and edited by Sara Libby.