Category Archives: IT

Evidence? Why?

I ignored the news initially, as I saw it, it was nothing more than some bash piece on Saudi Arabia. Yet something hot me, it was just a thought and it was: ‘What if I illuminate parts and let common sense people decide‘ (which takes out many journalists and mostly all politicians). As for me? The issue is that the media is all about bashing any royal part of Saudi Arabia, all whilst ignoring evidence (and debatable evidence to a much greater degree, their pursuit of circulation and agreeing to the beat of shareholders and stakeholders has gone to the heads of too many editors and I get a real rush to illuminate this part.

I have never ignored evidence, yet just like with Huawei, it is seemingly all about the big bully shouting, whilst the deciding world for the most ignores evidence and I think that it is a weird situation. Not merely in this blog, but on a few matters, we will get to hold them to account in a few years, at that point these people will make hastily formulated excuses whilst running to their mummies to get breastfeeding (I reckon).

So, lets begin. In the first we have ‘How the UN unearthed a possible Saudi Arabian link to Jeff Bezos hack‘ (the Guardian at https://www.theguardian.com/technology/2020/jan/22/how-the-un-unearthed-a-possible-saudi-arabian-link-to-jeff-bezos-hack) as well as ‘Did Saudi Arabia’s crown prince hack the Amazon king?’ (the Economist at https://www.economist.com/middle-east-and-africa/2020/01/25/did-saudi-arabias-crown-prince-hack-the-amazon-king), a nice side effect is that the Economist, is viewed and acted on on the 24th of January, whilst the article states that it is the Jan 25th 2020 edition, but enough about that. Let’s start with the Guardian who tells us “The UN’s demand for law enforcement authorities to conduct a proper investigation into the alleged hacking of Jeff Bezos’s mobile phone came after it reviewed the findings of a cybersecurity firm, FTI“, we might not see anything here, yet the UN, who is underfunded and strained has time for this? Is this another US Essay like the one by some French girl on the killing of Jamal Khashoggi? And what about ‘after it reviewed the findings of a cybersecurity firm, FTI‘? This implies that the United Nations called for the inspection, notified a cyber security firm (FTI) and investigated the phone of some so called billionaire (postage and shipping required). So why exactly is this not with the police or an official investigative body like the FBI Cyber division?

Following this we get the real beef with “concluded with “medium to high confidence” that it had been compromised because of actions attributable to a WhatsApp account used by the Saudi crown prince, Mohammed bin Salman“, first of all, if I want to investigate the corruption at an army base, I will not go in as the lawlordtobe, I would enter the situation as some poor schmuck who is from the city of Noonecares. It is almost like an assasination and the official in question uses his own service revolver instead of someone else’s. And what goes with ‘medium to high confidence‘, what evidence was uncovered? Then we get the part where is all falls to shambles. With “The UN was careful not to be definitive. Instead of pointing the finger, its statement said the apparent hack had been achieved using software “such as NSO Group’s Pegasus or, less likely, Hacking Team’s Galileo, that can hook into legitimate applications to bypass detection and obfuscate activity”“, just like the Khashoggi essay fiasco, the UN is all about being not definitive, as such we want to know how accusations can be made when you are not definitive. As such I would like to point the UN troll to a kids game called Clue, there in that games (for ages 8+) we are introduced to the concept of evidence, where you need to collect facts and state “I am accusing Colonel Mustard who killed Dr. Black (aka Mr. Boddy) in the Kitchen using the lead pipe” and then we look at the evidence and see if the claimant had his or her facts straight. None of that CIA BS where we see ‘medium to high confidence‘, I would offer that if the confidence is already medium, what was not looked at and what was discarded. The statement comes directly before “The NSO Group, an Israeli cyber-surveillance firm, strongly denied that its surveillance tools were responsible“, as such we are left with ‘less likely, Hacking Team’s Galileo‘. so there is a mountain of doubt on an article that throws the Crown Prince of Saudi Arabia in a bad light and there is seemingly an increasing lack of evidence. As we go on, we see the NSO giving the statement that offers direct opposition to some firm called FTI with “These types of abuses of surveillance systems blacken the eye of the cyber-intelligence community and put a strain on the ability to use legitimate tools to fight serious crime and terror. We expect that all actors in this arena put in place stringent procedures and technological controls, such as those that we have put in place, to assure that their systems are not used in an abusive manner“, as such there are larger questions not merely on the UN for setting the stage of something that is not on their plate, they apparently went to another small operation (who knows) and let them set up the stage of doubtful and debatable documentation, doubtful as we get one of the implied companies go directly into denial and setting a document based on evidence that is regarded as ‘medium to high confidence‘.

And then something beautiful happens. We see “The FTI report cited by the UN special rapporteurs, Agnes Callamard and David Kaye, noted that both NSO and Hacking Team, an Italian company, offered tools that could theoretically have performed the attack” where we are (again) introduced to that UN essay writer, the one that had given us the joke called some Khashoggi report (Agnes Callamard), as well hiding behind ‘tools that could theoretically have performed the attack‘, the idea that this joke from a building based at 760 United Nations Plaza, Manhattan, New York City, New York 10017 and hide behind the word ‘theoretically‘, as such pardon my French (oh, that was funny!) but how the fuck does she still have a job?

For several reasons I will not use the Economist (as I am not a subscriber), but the quotes in their magazine “which was soon used to steal large amounts of data—though the un did not say exactly what, or how it was used” as well as “It called for an “immediate investigation”. The Saudi embassy in Washington, dc, said the accusations were “absurd”.

As I see it, the UN is nothing more than an advertising paper tiger, adhering to the commands of some stakeholder (identity unknown), if this was a direct action by the UN, those people need to be investigated immediately, I feel decently certain I will get both China and Russia to sign off on this, as this has the distinct smell that comes from neither region, so they would score a win, in addition to that, the UN would have to submit data as to what exactly was taken and how it could be identified, which is also an issue that is unclear and optionally unclear to the UN people involved. 

The Verge had a lot more, they had (at https://www.theverge.com/2020/1/23/21078828/report-saudi-arabia-hack-jeff-bezos-phone-fti-consulting) the actual report, and there we see on page one we see the person we need to hackle for information, it is Anthony J. Ferrante who needs to give us the names of who this so called ‘Confidential Report’ was given to, because it seems that it was leaked. And there we see the originator (vice.com) giving us “The report, obtained by Motherboard, indicates that investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it. Instead, they only found a suspicious video file sent to Bezos on May 1, 2018 that “appears to be an Arabic language promotional film about telecommunications.”“, however, this is not the end. They also give us “Investigators determined the video or downloader were suspicious only because Bezos’ phone subsequently began transmitting large amounts of data. “[W]ithin hours of the encrypted downloader being received, a massive and unauthorized exfiltration of data from Bezos’ phone began, continuing and escalating for months thereafter,” the report states“. In this I state OK, let’s take an actual look.

And they do give us more, quotes like “The digital forensic results, combined with a larger investigation, interviews, research, and expert intelligence information, led the investigators “to assess Bezos’ phone was compromised via tools procured by Saud al Qahtani,” the report states“, as well as “A mobile forensic expert told Motherboard that the investigation as depicted in the report is significantly incomplete and would only have provided the investigators with about 50 percent of what they needed, especially if this is a nation-state attack“, ““They would need to use a tool like Graykey or Cellebrite Premium or do a jailbreak to get a look at the full file system. That’s where that state-sponsored malware is going to be found. Good state-sponsored malware should never show up in a backup,” said Sarah Edwards, an author and teacher of mobile forensics for the SANS Institute“, and “The investigators do note on the last page of their report that they need to jailbreak Bezos’s phone to examine the root file system. Edwards said this would indeed get them everything they would need to search for persistent spyware like the kind created and sold by the NSO Group. But the report doesn’t indicate if that did get done.“, which is as I personally see it the shallow political BS that some people go for. As such we see in the report “The following investigative steps are currently pending“, and more profound, on page 4 we see: “On May 1st, 2018, Bezos received a text from the WhatsApp account used by MBS“, my issue here is that this might have been the infected one, yet if I did that, I would use an originator that was real. And there we have it, the Dailymail gave us ‘New bug allows hackers to send fake messages pretending to be you – and there’s nothing you can do to stop them‘ (at https://www.dailymail.co.uk/sciencetech/article-6039533/WhatsApp-users-beware-Hackers-send-fake-messages-pretending-you.html) with the additional text: “First discovered by Israeli cybersecurity group CheckPoint Research, the flaw is incredibly complex and involves a gap within the app’s encryption algorithms. Writing on their website, the team said the vulnerability could make it possible for a hacker ‘to intercept and manipulate messages sent by those in a group or private conversation’ as well as ‘create and spread misinformation’. Hackers could use the bug to alter the text sent in someone else’s reply to a group chat, essentially ‘putting words in their mouth’, the group said.

It took me 5 minutes and Google search to find this. I am not stating that this is true and that the Daily Mail is the source to use (they often are not), yet this is a larger failing, I expected this from the very beginning, the origins of the setting was not properly investigated. Then Vice.com gave us “the report is significantly incomplete and would only have provided the investigators with about 50 percent of what they needed“, which is what I expected before I read one word of the accusation, and with US Essay writer Callamard involved (yes again it is her) we see what this is, another mindless attack on a nation and one person. They did not even bother getting him properly smeared, and no one is asking questions, I reckon that the involved stakeholders are likely to go for the, if we create enough barbeques, someone will shout fire: ‘I ran’ for office! Anyone?

what is the most irritating part is that the UN is again used as the cheap tool that they are. In this there is also the involvement of the FTI and more interesting that a Cyber Security firm did not look past the simplest trappings, as as we consider the optional involvement of Anthony J. Ferrante we need to consider sending quota to all 49 of the Global 100 companies that are FTI clients. Even if it was merely to make a few people sweat. When a non Cyber adapt like me can see through this part they have a clear problem and whether Anony Mouse Bezos was part of this or not will not matter. There is one other part in the report that should be considered. On page 2 we see “More significantly. al Qahtani is known to have played a key and senior role in the killing of Washington Post columnist Jamal Khashoggi.” In the first, he was acquitted (in a Saudi trial) and there has been no other trials, as such the statement should be read as false, no clear evidence was ever presented. In the second, as this is part of the executive summary, it seems that this was a way to blatantly strike out against one individual and the evidence is not corroborating any of this, too many questions are left unanswered and the media is not asking them either, as such I wonder what is to be believed, especially in light of the Daily Mail ‘revelation’ last August, which implies long in advance of this report. The fact that this (optional) fact is ignored gives out a much larger issue, the work in incomplete, debatable and political, not factual, as such sending serious cyber letters to the 49 of the Global 100 companies that are FTI clients, as I personally see it, these players are all about facts and when their provider and be painted as open for considerations, we should entertain all kinds of questions. 

I would also look at the footnotes and take a larger look at that descriptive part, I wonder what is left once I have had the chance to take a red pencil through this report. Now, I am not stating that Crown Prince of Saudi Arabia Mohammad Bin Salman Al Saud is innocent, I am merely considering that his evidence is so shallow, that I would never accuse him of anything, not before a lot more work was done (and a lot more footnotes were properly weighed), in this consider on page 3 footnote 8. When we go there, we see that the article is Lorenzo Franceschi-Bicchierai a member of Motherboard (so why is there no Motherboard article that is the source), we see “An investor from Saudi  Arabia is apparently behind a company that bought a stake in the controversial spyware vendor” where ‘apparently‘ is the operative word. It is also where we see: “Hacking Team was thoroughly owned, with its once-secret list of customers, internal emails, and spyware source code leaked online for anyone to see“, were all these customers on a secret list investigated? There is also ‘spyware source code leaked online for anyone to see‘, a small fact that is apparently not investigated, additional players all optionally ready to give someone called Bezos the time of his on-line life. Then we get “this apparent recovery is in part thanks to the new investor, who appears to be from Saudi Arabia“, a line ruled by, you guessed it ‘apparent‘ and ‘who appears‘, so much filtering and doubt, and in this FTI used that as a footnote source? A program co-owned for 80% by none other then David Vincenzetti. That does NOT make HIM a guilty party and neither is there any convincing evidence of any kind towards the Crown Prince of Saudi Arabia Mohammad Bin Salman Al Saud.

When I see all this I wonder if the UN (or FTI) has any clue how much we should regard them as tools. I cannot tell at present what kind of tools they are, but my personal view is that if this is the debatable level of evidence that some employ, we all are in so much more trouble then we ever thought.

 

Leave a comment

Filed under IT, Law, Media, Military, Politics, Science

The thought counts

I am still in some level of debate on this, Alex Hearn published an article last August (at https://www.theguardian.com/games/2019/aug/20/from-cyberpunk-2077-to-the-outer-worlds-are-role-playing-games-getting-too-predictable) and I happened to re-read the story this morning. The main hitter was ‘are role-playing games getting too predictable?‘ I believe it is a valid train of thought to have, yet in this situation is it the game, or the gamer that bears the guilt? As we see the first paragraph we are confronted with: “Not only is it directed by Fallout creators Tim Cain and Leonard Boyarsky, it shares a lot of DNA with Obsidian’s Fallout: New Vegas – a spin-off with a reputation as the best in the series“, you see there are two trains of thought, the first (not the most embraced one) is that the game was designed by a ‘one pump chump‘, you see a one trick pony is too harsh here. The second is the one I embrace, it is set on two principles.

  1. Relation
  2. Online cheat guides

The relation factor is how you relate to it all, It is easy in the Elder Scrolls, or Fallout, these are plain drives concepts and for the longest time, we go along with it. Even as we are offered options, Fallout 3 and Fallout 4 still try to guide you, yet the reality is that you can go wherever you want ignoring the first stage altogether. The Elder Scrolls 4 (Oblivion) gave you a clear option after you get out of the sewers, The Elder scrolls 5 (Skyrim) did so a lot less, but left the door open to explore. In that beginning we get the option to grow and either you start staging the story, or the game leaves you a little in the dark. In a lot of cases you are a little in the dark, this is seen in Witcher 3, you can go in any direction, yet if you avoid all the missions in the first stage, your character tends to be too feeble to get around, and you die a lot. Until you grow skills you tend to be on your own, now we can see that the first village is an introduction (like the sewers of Oblivion), and yes after that you can explore and decide the way you want and that makes Witcher 3 an amazing game. In that same setting we see Horizon Zero Dawn, it is storydriven, but you can explore your heart out, merely consider that too far away, without proper upgrades your life does not tend to make it for a long time. Still, the origin story that Guerilla Games released is as awesome as any RPG that was EVER released.

It is in that stage we need to see a game like the Outer Worlds, there is a larger stage of introduction and it tends to make the gamer fumble a bit, that is the foundation of RPG, you have to feel your way into any RPG game. Yes, New Vegas was amazing and the stage is still among the very best, but there we get it, when we start exploring, we need to realise that the enemies a little further ahead can make short work of you really fast if the beginning is absent of exploring. Still, New Vegas did one thing better than all others, you have a good and a bad you and some cases can only begotten when you decide on the bad you. It gets to be even better as the third option (Caesar’s Legion) comes into play. It was an RPG founded on replayability, making it one of the very best.

The second stage is another matter, those who rely on online hint/cheat guides. They all go the same direction and it is clear that there are thousands of them (all claiming to have done the path without help), as such the foundation of ‘are role-playing games getting too predictable?‘ becomes slightly less reliable. And for the most, the story is partially that simple and partially not so simple. That part is revealed in Horizon Zero Dawn, the story is so overwhelming that it pushes you from stage to stage, it really was one hell of a trip. The cut movies over the entire game add up to almost 6 hours, almost 6 hours of story and information and some parts are not that small, the story truly is everything and it pushes the player in a direction and not on a path, Guerilla games really outdid most designers. In opposition we see Fallout 3, which had moment, not a story that pushes you and it pushes you more towards places. The article then gives you the Cyberpunk 2077 line with “But the fundamental skeleton the games are built on is so constricting that, given an hour to show off everything they could be, both developers independently converged on a near-identical script“, I personally am not convinced that this is so, in the first there was a quote “open world feature to their upcoming RPG. Players are given the freedom to explore the fictional Night City, take on the side quests that they want to, and be a part of the world that CD Projekt Red has developed“, in the second there is the option to be a Netrunner (hacker), techie (a badgetteer) or Solo (Assassin and direct action). The class you select will influence to some degree the way you play, or the way you play will push you into a class. It changes the way you overcome missions and locations and this changes the game (not the main story). As such did the game become too predictable? 

Well that is still out in the open, yet predictability is often depending on lack of choice, CD Projekt Red (Witcher series, Cyberpunk 2077) has never had that, and overall neither did Bethesda (Oblivion, Skyrim, Fallout). Yet it is the way WE play that gives the impression of lack of choice. In the Verge we are given “Obsidian Entertainment’s new role-playing shooter The Outer Worlds, I met a man miserably playing a corporate mascot, his head semi-permanently enclosed in a large, ghoulish moon mask. I spoke to him for several turns, hoping there was something I could do to help. But if there was a way to improve his life, he never suggested it, and I never found it“, as such I never met the man (or played the game) but if we consider that we can help, ignore or optionally kill him, is that a lack of the game, or a lack of the player? You see that is the foundation of RPG, the gamer decides and that is where I oppose Alex Hearn’s statement (not his point of view) ‘are role-playing games getting too predictable?

I believe that the statement is a little out in the open. The makers of New Vegas had an amazing setting (especially after Fallout 3), from one mission you decide whether you go to ‘The House Always Wins 1‘, ‘Render Unto Caesar‘, or ‘Wild Card: Change in Management‘, Obsidian created a phase where we are confronted with a level of brilliance and definitely an opposition of predictability. But Alex is not entirely incorrect, we might agree that there is a good and a bad choice (each with their options) but not much more. the Fable series tend to have them too, as did Mass Effect, but the last one is less RPG set. Yet how many genuinely found the 4th option in Mass Effect 3? I see all the people nod ‘yes’ but in the end, they learned of that options like me, in a YouTube video. Only a few actually found them by their own choices, it tends  to oppose ‘too predictable’. And then we get to a beautiful line in The Verge: “by the end of the game, you’re still one of the most important people in the world“, it shows the largest flaw in RPG, the truth of the matter is that you never mattered, that truth is often pushed out of the RPG, you are merely flock people, you either suck up to the needy as a newcomer, or you decide on what someone larger and more powerful needed and you are the fixer, you are almost never yourself, the person you want to become, the RPG left that out of the equation as it is close to impossible to program too and it does not make an RPG ‘Too Predictable’, it merely makes an RPG ‘less unpredictable’ those two are not the same, not by a long shot.

However, the words of Alex Hearn are still in me and we see that view emphasized in Forbes (at https://www.forbes.com/sites/erikkain/2019/10/23/the-outer-worlds-review-roundup-heres-what-critics-are-saying-about-obsidians-new-space-rpg/#2350c4927d34) where we see: “The Outer Worlds, we were promised the kind of RPG we know and love. And that’s exactly what we’re getting, a familiar experience in a new setting” it is the stage of ‘the kind of RPG we know and love‘, and ‘a familiar experience‘, which basically gives Alex the power of his words, an RPG might be many things, but when it is a new title, those two are the foundation of predictability, the question becomes, if that is what the gamer wants and searches, is it the game maker adjusting its view on commerce that is wrong? Is predictability a dangerous part? I believe it is, but is it any less an RPG? That part was not in debate, yet from my side, when I play a different RPG, I need a different stance. Put Elder Scrolls against Witcher and you get that, in either direction, put Elder Scrolls next to fallout and we see it less. Even as the story and the graphics change, we are not the in the stage of countering predictability, we are in a stage of gaming in a different hall, yet doing the same dance and that is where RPG’s tend to fall short (a little) and that is why I loved Horizon Zero Dawn. Even in my own design, as I drew up Elder Scrolls: Restoration and Watchdogs: Refuge, I continued on the franchise as they already had it, new elements, yes, but the setting remained in part the same, so as such am I enabling repetition and as such predictability? I believe that if we move away from “by the end of the game, you’re still one of the most important people in the world“, we can start that the premise, and predictability (to a certain extent) goes out the window. 

He also gives us “every now and again, a game comes along which shows that innovation can happen without putting people off and revives a genre in the process“, yes that is the part I can agree and align with, there were parts in Skyrim that went beyond Oblivion and id just that. Yet what is also a consideration is that both opened the field by allowing everything to be done and it took the replayability away to some extent, as such in Elder Scrolls: Restoration I went back (allegedly) to Morrowind (which I never played) and left a barricade in place, as such not all classes could be done at the same time, a student of one could not join another path. In addition, the end of the mission often would result in the loss of location and a transfer to other places. One cannot be in University all the time, you are replaced as you are merely a student in one. that path lowers predictability to certain levels, even more so as I set the stage where choices were abundant, but limits choices later on. Without going towards a Red wings match in a Blackhawks Jersey (which tends to get you killed). Yet these settings give a much larger joy towards replayability.

RPGs forgot about the stage of limitation. As we are set in a game, we want to do it all, we ourselves become predictable, not the game (although the game did allow for it).

In Watch Dogs: Refuge I decided to set gender and language as barriers, the stage of pushing for time to drink and eat (in Watch Dogs one and two) I merely did weeks of actions on one fruit drink, so how is it I survived? An RPG should take that into account and make food and sleep an essential. You could try to get through a week on red bull without sleep, but you end to look like the zombies in university (in the 3 weeks before final exam). We took options away as debilitating factors, yet when you consider that Okinawa is a cuisine haven (as is most of Japan) making that a factor as overlooked. I reintroduced the option with an optional achievement or two, considering that one should never go for the stressful places loaded on Cheesecake, you get the idea that a lack of food and sleep can be a debilitating factor, we merely programmed that part away, but is an RPG not about the stage of a whole day, not merely the part you crave for (battle and mayhem)?

So why Japan? Well most gamers of Watch Dogs are non-Japanese, so pushing you into a place where you cannot read or comprehend anything sets you in a much larger stage, when we  get everything in english, we see what we need to, yet what happens when language becomes an actual hurdle? We forget that, did we not? for those who are still in the dark, try watching Passion of the Christ without subtitles. When Aramaic and Latin are your only companions, you either get smart (real fast) or you tend to forfeit your life. Italians (Romans) were really not to be too discriminating to people who did not speak their language (they were all considered slaves).

To set the stage where we counter the RPG in ways we forgot, I still wonder if that is because of the hand holding that the RPG maker is willing to make, or the side where we are just too shabby a player of RPG. I am not certain where it goes, but there are plenty of indicators that both are factors, as such we might consider that RPG games are too predictable, yet I remain in a stage where the makers became too enabling. 

It is merely a point of view and whether it is gaming limitation or predictability, it is a setting that are two faces of the same coin. I am still unwilling to say that Alex Hearn right, but he makes a fair point, even though he seemingly forgets that part of the predictability is the gamer him or her self. 

 

Leave a comment

Filed under Gaming, IT

The time is now

Yesterday, an article in the BBC made me aware of a few items. Now, I was aware to a larger degree of most items, yet I kept it in the second drawer of the third desk of my brain, it was something I took for accepted and then shrug it off, so what changed? Nothing actually changed, but the article seems good enough to take a few items on view.

The article (at https://www.bbc.com/news/technology-51115315) gives us “Google has announced a timeline for implementing new privacy standards that will limit third-party use of a digital tool known as cookies“, now this is nothing new, it was always going to happen, yet we also see: “analysts say the move gives Google more control over the digital ad market where it is already a major player.  To make advertising more personal web browsers collect small bits of information that allow them to create a profile of the users likes and online habits“, the question becomes, is that actually true? And when we see “This presents a core problem from a competition perspective. It is yet another example of Google diminishing ad rivals’ access to data for the stated purpose of protecting users’ privacy“, a quote from Dina Srinivasan, a lawyer focused on competition issues is not really that truthful, is it? Apple made a similar move in 2017 and when we go back in time, we see Google Chrome, Mozilla Firefox, Internet Explorer, Safari, Microsoft Edge, and Opera. Most will have forgotten Netscape who became defunct in 2003, and basically stopped making a blip 2 years before that. We seemingly forgot about the exploitative market that Microsoft had in those days with Internet Explorer and all the crap it added to our HTML files (as did Word when we saved as an HTML file), in those days data in files was still an issue because there was a limit to what we could safe when we were not rich. Chrome was the first to keep our files clean, or at least lacking a lot of rubbish. Netscape was however on a different route, an employee of Netscape Communications, which was developing an e-commerce application for MCI. MCI did not want its servers to have to retain partial transaction states which was a killer for storage, as such they asked the people at Netscape to find a way to store partial options and methods of transactions where it mattered the most, at the side of the buyer, Cookies provided a solution to the problem of reliably implementing a virtual shopping cart, Google found a new way of using that idea and used cookies in the far reaching solution it currently has, they innovated, others merely took on board someone else’s solution and not they are all crying foul. Perhaps when these people had taken the time to innovate, they would have the choice, and the option of two years seems decent, so when I read “advertisers had hoped to have more time before it was implemented” is as I personally see a larger BS issue on timeframes and exploitation, if advertisers are in the now, they would be all about advanced implementation, yet they like their bonus and they seemingly do not like to spend money on investments to counter the timeline (an assumption from my side). 

Google’s director of Chrome engineering, Justin Schuh gives us “Users are demanding greater privacy – including transparency, choice and control over how their data is used – and it’s clear the web ecosystem needs to evolve to meet these increasing demands“, which seems slightly too political to my liking, but there we have it. Business Day gives us “But GDPR also made life harder for a cohort of second-tier adtech players trying to compete with the likes of Google and Facebook. The regulation’s provision to prevent data being shared wantonly with third parties seemed to give the tech giants an opportunity to tighten their control over user data” where we see that this was one of the foundations that led to the end of SizMek, some state that it was DSP Rocket Fuel that ended the heartbeat of SizMek, yet everyone ignores a simple truth, ‘an overcrowded ad tech market with independent vendors with an inability to face serious cost pressures to their pricing structures‘, they all arrogantly believed that THEIR solution was the real one and they all basically read cookies like the ones Google had distributed. You can all claim to have the magic potion that Asterix drinks, but when the truth comes out that he drinks Darjeeling tea from India, the playing field gets overcrowded and when the customer figures out what they get priced for the end is pretty much around the corner of the next door you face.

So as we are told “third-party ad sellers will need to go through Google to get information about internet users. But critics say that is an advantage that makes the market less fair and safe“, in my view my question becomes: ‘Which critics, names please!‘, the problem is that third party ad sellers have no rights, none at all, the rights should be with the owner of the computer, Google (Apple also) are setting (not by their own accord) that stage, Microsoft is using their Azure Cloud to counter the Cookie option on PC and Microsoft Console, but the hard sight is already there, the people who are unable, unwilling and cannot afford to set the stage still want their freebee and they are now starting to complain as they are made aware that their time has ended, even though this was the direction we saw in US politics and EU politics well over three years ago. The EU had their General Data Protection Regulation (GDPR) and everyone shrugged their shoulders stating that it would not happen that fast, yet that was three years ago and now the time has been set back to merely two years to go and the ad sellers are feeling the pinch of the cost they will actually face. Moreover, they are seeing the red lights of career ends. The Verge gave us “an industry that’s used to collecting and sharing data with little to no restriction, that means rewriting the rules of how ads are targeted online“, they gave us that on May 25th 2018, so 1.5 years ago, why is this now a problem? The people wanted this, ad soon it will be here, Google has not been sitting still updating their systems accordingly, and as such we see that the flaccid and non-concerned rest is now looking at a deadline a mere two years away. When we look to the larger field we see Criteo, LiveRamp, Trade Desk, Rubicon, and Telaria, all losing value as ad-tech providers, yet the opposite could also be true when they offer to the customer a value, a value where most ad-tech companies never bothered going. Yet the power of any ad-tech was never the cookie, that was for the most merely the revenue. They had 5 years to consider the power of ad-tech and they didn’t. The power of this is basically engagement. Facebook showed this year after year and now it is out on the larger field, those who engage will survive, the rest will end up on a dog eat dog football field and a few will survive but only as long as they push to the next hurdle and make it, if not they will end up on the obituary page (just like Netscape, however Netscape ended there for other reasons). 

I wonder if that is why Google is so adamant about its stadia? It would get a massive tier of small time developers creating engagement content to be released on mobiles. That i me merely speculating. 

Still the words of Dina Srinivasan are not entirely without merit, she gives the Facebook issue (at https://www.wsj.com/articles/yale-law-grads-hipster-antitrust-argument-against-facebook-findsmainstream-support-11575987274), and she makes a good case, yet the history of certain players need to be taken into account. Even as she was her own misgivings about the evolution of the digital advertising market, history had been clear, some of them basically did not bother, they wanted it handed to them for free and in the beginning they got away with it. And she made a point with “How could a company with Facebook Inc.’s checkered privacy record have obtained so much of its users’ personal data?“, yet equally we need to weigh this with the words of U.S. Attorney General William Barr. He gives us “he is “open to that argument” that consumer harm can exist through the use of personal data, even if a service is free. “I am inclined to think there is no free lunch. Something that is free is actually getting paid for one way or the other”“, which is what I have been saying on my blog for around 4 years, so happy to see people wake up in January 2020. So when I see “Ms. Srinivasan would prefer that Facebook be forced to change certain business practices, including how it tracks users when they are off the company’s platforms“, I wonder when they give account to the small truth that Facebook is a free service for a reason and they are no longer alone in this, you are going after the large players when they are in the largest danger by losing slices of that revenue pie to contenders elsewhere in the world (EU and China). 

Whatever you want to do is fine, but realise that it will put a large group of people in the streets without a job, I am not against them losing their job, but that revenue and that data will also flow in other directions and that is the one part that all players (with political support) are trying to counter as much as possible. I wonder if they will succeed. The weird part is that if this group had been properly taxed 3 out of the 5 major issues would also fall away and in that view a workable solution could be pivoted to.

 

Leave a comment

Filed under Finance, IT, Media, Politics

Devil in the details

We all make mistakes at time, the issue is not that we make mistakes, the issue is on how to clear the error in question, that is always how I saw work, we (without question) try to work without error, the people that tell you that they never made a mistake are usually lying to you. Some hide it, some clean it up before it is noticed, these are merely two types, but in honesty, who would you prefer to be working for your company (or the company you work in)? So when I got wind of ‘UK concealed failure to alert EU over 75,000 criminal convictions‘, I had to take a step back, you see, this is not some failure, this is not some sall bungle, the quote we are give is “The police national computer error, revealed in the minutes of a meeting at the criminal records office, went undetected for five years, during which one in three alerts on offenders – potentially including murderers and rapists – were not sent to EU member states” and as I see it it is not some small mistake, a stem like this does not work sometimes, it does not work or it works always. This leaves me to think that issues were filtered, optionally on purpose giving out a larger concern when we see “It’s an ongoing glitch that we need to fix. We are working towards getting that done“, I personally refuse to believe that this was a glitch, this was orchestration set to pass as a glitch, the question is why and when we see “There is still uncertainty whether historical DAFs [daily activity file], received from the Home Office, are going to be sent out to counties (sic) as there is a reputational risk to the UK.

In this the Shadow home secretary Diane Abbott gives us “It is bad enough to have made serious errors in relation to sharing information on criminals, but it seems that there was also an attempt at a cover-up. Ministers need to come clean. When did they know about these failures, why did they not make them public, and how are they going to prevent any repetition? A full, urgent investigation is needed.” In this situations she is almost right, I believe that there was a ‘cover-up‘, I merely think it ended up on a ministers plate and that person reacted poorly to the situation. And with ‘how are they going to prevent any repetition‘ we see a much larger failing. From my point of view the system was designed or was set up to optionally hide certain elements, yet the reason behind this is unclear. For some reason I believe that at least part of the reason is ‘fear of damaging Britain’s reputation‘, yet not in the way that this is shown in the article. When you look at the statistical numbers all over the field, consider that the crime numbers were supposed to be 30% (the one in three) higher (if every conviction based on merely one crime), what then? 

The Labour party would blame it all on austerity, yet the truth is (as I personally see it) much more refined. We have been in denial of what any government needs to do and we in turn do not try the criminal path, and let’s face it, we saw other news that allows to take care of the shortage of police officers. 

As issues like we see with Netflix are not resolved, and as another article gives us “This research shows that Netflix is ripping off our public services by channelling profits through tax havens even though it appears to have employees, property, and a substantial customer base in the UK,” yet linked to this is “the Office for Budget Responsibility (OBR) forecasts will make just £30m each from the likes of Facebook, Amazon, Google and Netflix“, so basically 5 companies see the light of optional international passing their revenue, avoiding well over £1,000,000,000 in tax payments, do you not think that this would have lowered austerity (and improved police visibility)? So when we see a group of losers wrongfully blame a tennis player for the environment, what if we ask the people in the UK all to renounce their Netflix subscription? Let’s not forget we have Disney Plus now (as well as Stan and a few others), I wonder how that massive hit will go over with Netflix. After that we start taking care of Amazon, Facebook and Google, the other four will actually be much harder to deal with, but Netflix is not, there are alternatives and the people protecting Netflix (and others) better realise that we are all about redistributing that one billions and taking their £ 350,000,000 profit away from them without any hesitation. 

Yet I digress, it is the crime statistics that might go out of whack, optionally impacting tourism if they had been released. Now we need to consider that not all crimes are alike, yet the article gives us: “including murderers and rapists – were not sent to EU member states” and that statement surprised me, not because of those two, but because the number of armed robbery convictions would more than likely be much higher. We also do not know what happened to these people after their sentence, so there is the immigration and deportation part to consider as well. 

Yes, the article gives a certain lack (not judging), mainly because the start gives us ‘the Guardian can reveal‘, implying that this article had a pushed deadline to be first, as such the follow up in this matter would be interesting to read, I reckon that in the near future the Guardian would have a full page (or two) on this matter. So even if we had last may “There is a nervousness from Home Office around sending the historical notifications out dating back to 2012 due to the reputational impact this could have“, I personally believe that the Office for National Statistics (GOV.UK) has a much bigger problem in their near future, when the numbers going back to 2012, the interpretation of these numbers will suddenly get a very different story to content with. You might remember the sort of researchers that make a nice story when they get statistics and top line results. Their “when we look at these numbers, we can clearly see” and likeminded responses. When the results are a part of the 30% of convictions off, ‘we can clearly see‘ becomes an entirely different matter in this situation. 

It is the setting of “historical backlog of 75,000 notifications” and we see that, but not before we consider the National Crime Statistics site, which gave us a few parts we need to consider “4% decrease in police recorded homicide offences (from 728 to 701 offences)” for Homicide, “11% increase in police recorded robbery offences (to 85,736 offences)” for Robbery, and “According to the CSEW, there was no change in the proportion of adults who experienced sexual assaults in the year ending March 2019 (2.9%)” for sexual assaults which is up to March 2019. Now consider the fact that (optionally) there was no decrease in homicide, optionally a small increase, that the robbery numbers are higher than now and that sexual assaults did not stay the same, they went up. This would change the story for the Police department to some degree (not their fault) and the stage we see now that the investments required would change a whole lot because of the non registered foreigner effort. You see, I believe that the situation is less positive. I believe that “UK has failed to pass on the details of 75,000 convictions of foreign criminals to their home EU countries” has a much larger impact. In my mind there is no way that people will avoid looking at the statistics when 75,000 conviction cases are missing. I believe that there is a larger (speculated) play and it is not merely my point of view. When we look (at https://www.ons.gov.uk/peoplepopulationandcommunity/crimeandjustice/bulletins/focusonpropertycrime/yearendingmarch2016), we see again and again “theft from the person offences along with cash or foreign currency and mobile phones“, when we consider ‘foreign currency‘, yet why are these merely crimes by Brits? and why is it ‘cash or foreign currency‘? I believe that there has been a trend and even as 75,000 convictions do not add up against some of the numbers, but when we see “Crimes recorded by the police show a 7% rise (539,767 offences) in criminal damage and arson offences“, we see that 75,000 convicted criminals are more likely than not to be a much larger impact on the numbers and now we see correlation and optional co-variant impacts on some of the crime, yet even as a co-variant is not always a good thing, we optionally now see a larger impact and in this instance can the government give clear answers on whether these 75,000 criminal convictions are part of these numbers? I have reason to believe (I have no evidence) that this might not be the case. It is a larger setting and I personally believe that it was not merely a play to make the foreign governments not aware, it was merely a side effect. 

You see, if that was not the case, the issue of ‘foreigners and crime‘ would have had a much larger hit and a lot sooner, a total of 75,000 might force the Home office to take a different stance, one that costs money. It is my personal believe that there are elements missing. Not due to the Guardian of course, because that would take a lot longer to investigate and it is more likely that not that the Guardian and the Independent will be all over this when the impact of damage is seen to a larger degree (the size of larger remains debatable). 

Consider these statements:

  • In contrast a much lower number of adults had been a victim of theft from the person (only 7 in 1,000 adults) or robbery (3 in 1,000 adults)
  • Around 3 in 50 children aged 10 to 15 had been a victim of personal theft and around 1 in 50 had been a victim of criminal damage to personal property

Now consider the (optional and speculated) impact of the statements after the 75,000 convictions are considered

  • In contrast a lower number of adults had been a victim of theft from the person (only 9 in 1,000 adults) or robbery (5 in 1,000 adults)
  • Around 4 in 50 children aged 10 to 15 had been a victim of personal theft and around 3 in 50 had been a victim of criminal damage to personal property

The shift seems small, yet still visible, the fact that the damage to children is now (mind you speculated) approaching 10% is an actual much larger setting then before, its impact would constitute the need for the government to change its position on crime and support a different stance on crime related issues from police to prison it would impact the government budget to a much larger degree. Now, we need to remember that this is speculated and the impact of data is not clear at present, yet I remain that ‘one in three alerts on offenders – potentially including murderers and rapists – were not sent to EU member states‘ feels wrong, a system fails or works, it does not filter, this all feels like orchestration, yet the stage is not clearly set. The Daily Mail was off course a little more colourful with “More than 2,000 foreign killers, paedophiles and rapists are waved into the UK without criminal records checks as police arrest TWO every day” yet there is still no (clear) information on how the numbers impact, as I am personally not convinced that this was merely one system, as the shift in the department of corrections would unbalance the system with numbers that did not match the Home office and as such the issue would have been seen well within the 5 years it took now.

Could I be wrong?

Of course, the issue of data is largely unseen which give optional strength to my speculation, and we need to be clear, I am speculating on the matter, yet the issue is based on a larger issue, a clear IT issue, until there is a clear open presentation on WHY one in three did not make it into the register, I feel that I am correct. However, when we consider the sources that the UK has, I truly believe that this could not be contained to merely one segment, and that is my personal view on the matter. As such I believe the 75,000 will have impacted numbers all over the stage, the foreign policy part being the one that (finally) exposed it finally after 5 years.

Leave a comment

Filed under Finance, IT, Media, Politics

The cornered bully

We all have these moments, when we have to speak out against dopey (the bully in the corner) but the boss we report to is a spineless sack of shit and he will not do anything, more importantly he seems to be heralding the voice of the bully like he has credibility. So there we are, the bully (America), the spineless boss (pretty much most nations in the EU and the Commonwealth) and the people ready to speak out, the IT experts who are muzzled by bosses, because they are afraid to start a fight.

That is the setting that the Guardian introduces us to with ‘Using Huawei in UK 5G networks would be ‘madness’, US says‘ (at https://www.theguardian.com/technology/2020/jan/13/using-huawei-in-uk-5g-networks-would-be-madness-us-says). We have seen it before, the US is now getting more and more afraid of the billions being missed out on and they are going full throttle with the fear mongering. Even as we see “Matt Pottinger, presented an incendiary dossier which they said featured new evidence of the security risks of relying on Huawei technology in future phone networks“, we get introduced to the Gerbil-in-the-groceries Matt Pottinger the new flagship for presenting ‘news’ just like Colin Powell with his Silver briefcase. You see, I am not afraid to face that music, neither are the hundreds of intrusion experts who have been unable to validate the wild fantasies of America, America took the VHS example and is trying to steer the ships of nations and now they are boasting an unwillingness to share intelligence. This is nice, but in the end, the Intelligence from the US is backdated and there is every chance that it is as false as any news they spread. The entire bully network comes to blows when we see “The intense and public lobbying presents an immediate headache for Boris Johnson“, I also do not disregard “having been repeatedly advised by the UK’s security establishment that any security risks can be contained“, this is equally important, because Alex Younger who is the official Big Boss at MI-6 stated that infrastructure this important should not leave British hands, this is not a case of Huawei being a danger, it is a national policy and that is fine, I would even state that this gives the UK and option to buy the Huawei technology, rip it apart, set it under a loop and optionally give BT a chance to become a contender, US firms will jump at that opportunity, to have Huawei technology without the Huawei fear. Let’s face it, Huawei offered that solution to the US last year, but there is a larger concern and for the US it is not really spying, it is the fear where data will end and there are several new players all non-American whilst the American data gatherers are tapped out (financially), so the US is bullying all others to wait hoping that Silicon Valley will come with an American solution that is actually real 5G, all whilst it is not coming and at present all those who delay are losing momentum and twice the amount of time on the 5G path, so any delay up to a year means a 2 year delay and they all know that you are either better (the US is not), you are first (the US can not) or you cheat (the only path the US has at present). 

This all gives us two distinct realities, the first is that for the first time the US is not the first at the top in technology, a shock they have a hard time surpassing and they are not the only 5G company, they are really not ready for real 5G, you see in my past blogs I showed that whatever they call 5G is really not 5G, nowhere near, not at those speeds. The Guardian also gives us “Ahead of the UK decision the head of MI5, Andrew Parker, said over the weekend that he saw “no reason to think” that using Huawei technology should threaten intelligence sharing with the US“, Mr Parker is right, but mainly because the quality of US intelligence is seemingly fading, they are losing sources all over the Middle East and they have too little in the Far East, as such we lose out on a source that is mostly redundant. Mr Parker’s assertion is in opposition to “a senior US official who was part of the delegation, who said: “Congress has made it clear they will want an evaluation of our intelligence sharing.”“, two parts are shown here, the fact that the bullying continue and the fact that this ‘senior US official‘ is left nameless, just like the fact that this matter is on the desk of a deputy national security advisor. In the age where America goes to vote next year, no one wants to burn their fingers and their career on this, and when the truth comes out (and it will) their careers are gone in the international field and the national field no longer has the juicy options it once had. 

When we get to “The officials, who had flown in specially from the US, would not spell out what the “relatively recent information” that they had shared with their UK counterparts was“, it is all a load of HogWash (American expression), you see, If there was any actual danger the US would spread it like a wildfire to EVERY security IT Consultant, but they did not and the news is flat on that. What we do get is ‘Facebook and Google are as much of a threat as Huawei‘ (source: Marketwatch) where we see “Facebook is already undermining the democratic process, including in the U.S. itself, where the platform has facilitated foreign interference in elections.

 

In addition, Facebook has fueled division and fear, and refused to remove hate speech, Holocaust denial and anti-Semitic posts. The platform has been described as a “megaphone for hate” against Muslims, and it is accused of facilitating a genocide against the Rohingya in Myanmar. For these reasons, the British actor and comedian Sacha Baron Cohen recently called Facebook “the greatest propaganda machine in history.”” This is true but it is only he side effect of the matter, the real issue is not there it is seen in “these threats already exist, because Facebook (which also owns Instagram and WhatsApp) and Google (which owns YouTube) have an astonishingly comprehensive range of data about their users — their location, contacts, messages, photos, downloads, searches, preferences, purchases, and much else” It is not the porridge, it is the spoon, the data is everything and as the data no longer merely flow to America, but it will flow to China as well (via aps and so on) in a larger growing slice it will no longer flow to the US, that is the real fear, it will impact all firms relying on data and that is the real ticket and it will have an impact sizing up to billions of dollars every year, it is a larger impact as data becomes the new currency. I will go as far as setting the stage that the IP I had designed will impact it even further for the globally based 400 million small business firms. Even as America sneers at the little guy, they are the foundation of data, not Google and not Facebook, they are merely the facilitators not the creators. That reality is now up for grabs in more than one way. If it was really all about security, the news would have picked up to a much larger degree to ‘Cisco critical bugs: Nexus data center switch software needs patching now‘ with the added text “Cisco has disclosed a dozen bugs affecting its Data Center Network Manager (DCNM) software, including three critical authentication-bypass bugs that expose enterprise customers to remote attacks” (source: ZDNet), this is not the first time, I gave more info months ago when at least one such an issue woke up and whilst all are screaming about 5G security and feigned Chinese values, they all ignore the Elephant in the room (Cisco), I do believe that it was an honest mistake, there was no ill practice at work (from the side of Cisco), but there is a larger concern and those security advisors connected to the Oval office do not seem to care (or optionally merely not comprehend), it is a larger issue that is impacting the Fortune 500, but the press is blind to it. In support there is also ‘A Cisco Router Bug Has Massive Global Implications‘ (source: Wired) with the added information “The devices play a pivotal role at institutions, in other words, including some that deal with hypersensitive information. Now, researchers are disclosing a remote attack that would potentially allow a hacker to take over any 1001-X router and compromise all the data and commands that flow through it. And it only gets worse from there“, which was given to us last May, with the almost complete rundown by researchers from the security firm Red Balloon. And the added information “Once the researchers gain root access, they can bypass the router’s most fundamental security protection. Known as the Trust Anchor, this Cisco security feature has been implemented in almost all of the company’s enterprise devices since 2013“, this is the setting, an impact that is global and the US is keeping it quiet, yet the unproven stage without any real evidence is heralded to the max, which gives the larger implication that this is about data and about the financial security of the US, and why should we pay for that? They were flaccid for years, they refused to innovate and China started to innovate, even as we see in the Guardian article that the kit from Huawei “cheaper and more advanced than rivals“, we see one part, the fact that the US has nothing to counter what Huawei offers is the larger concern (for America), they are 2-3 years behind and that implies that they have nothing to enter the field with until 2025 and become a real contender, at which point Huawei is the new standard and as such data will flow via Huawei and not via American solutions, the data loss for America will be to some degree crippling. their revenue from advertisement, their revenue from data sale and other revenues liked to that are all impacted, it could cost the US 50-150 billion in the foreseeable future and that is where the US fear kicks in, their debt is out of control and that amount would have a much larger impact on the infrastructure that can no longer be paid for, one system after another will fail, a cascade of systems all collapsing because the US has no reserves left, the EU is also out of reserves and they see the 5G part as essential to surpass American firms and most need to contend with spineless politicians and long winded ‘talks’ by the EU gravy train, the are all in it for the money and commercial EU is seeing it all come apart, they can hold on if they get the 5G edge, an option that the US dreads. 

As such the cornered bully is getting more brazen, relying on past tactics that exploded in everyone’s face and they are still doing it, hoping that they can get away with it the second time around, optionally they will rely on other technologies, as long as they are not Chinese, it is not the hardware, it is the data. Ericsson gives us “5G is designed for industrial applications. This means that falling behind on 5G as a platform for innovation will jeopardize the European industrial base. With two global vendors based in Europe, the continent has the prerequisite to lead” (they merely fail to inform us (for valid reasons) that the two players are Ericsson and Nokia, but their solutions are almost two full generations behind Huawei, they would need two years to upgrade and that is what they face, they were all asleep at the wheel and now that the ferryman wants to get paid for all the time they were asleep, they are no longer willing to foot the bill, 4G is almost at a break even point and that is stopping most to go forward, even as they see that 5G is going to take over, they are all afraid that the next iteration of hardware is just beyond the horizon. And they are still setting larger foundations for themselves, because the real cash is the data, not the hardware and that is the stage where they all need to select an optional new provider, the devil you know beats the devil you know not and they want their coins. 

In all this the bully in the corner is getting more and more aggravated and we see that, but they did this to themselves, when I can surpass the US in IP (something I never thought possible) that is the point you need to realise where the US failed, their IP is just not there and they have no real counters other than the Silver Briefcase scenario hoping it will buy them enough time.  You see, when we accept the foundation of one quote: ‘5G Antenna Market was estimated to be US$ 9,835.0 Mn in 2018 and is expected to reach US$ 34,720.1 Mn by 2027 growing at a CAGR of 15.5% over the Forecast Period Owing to the Evolution of Smart Antennas‘, we see what the US is missing out of, the antennas alone are setting the stage of 9-15 billion each year surpassing my estimation of 50 billion value by 2022, yet that is merely the antenna’s, Huawei launched their 5G routers last week and that is where the money becomes a serious setting. When we combine the stage offered “The power of the chipset enables the router to be the first to support commercial application of 4G and 5G dual-modes. It is the first to have the capacity to perform to industry benchmarks of peak 1.65Gbps@100MHz download speeds” with “LTE Advanced has been available for several years now and some carriers (notably AT&T in the US) are calling it 5Ge, or 5G Evolution, even though it is most definitely not an official 5G standard, but rather the latest iteration of 4G” (source: Forbes) you get to see how dire the US situation is for the US, they claim to be 5G and they are not, they claim that Huawei is a danger and they cannot prove that it is, the data is everything and they are at an ever growing risk to lose large chunks of it. Now that Huawei is forced towards their Harmony OS, we will see a growing non US population switching, meaning that the data is no longer going to the US in a readable format. That is the larger loss for the US and they are getting close to desperate. 

In my view, that is the consideration of dumping the brains that they needed and that is the consequence of a flaccid business path, down the track it tends to cost and the US is scared of that moment, hoping to scare all others, we see that the EU is considering their options and as the US loses nation after nation we see  larger stage, when the data surpasses into national hands again, they will not care about US substandard intelligence, most will have their own and a new generation of apps will be adopted by its users on a global scale.

 

Leave a comment

Filed under Finance, IT, Media, Politics

Travel by Ransomware

On Tuesday an interesting article was given by the guardian (at https://www.theguardian.com/technology/2020/jan/07/travelex-being-held-ransom-hackers-said-demanding-3m#maincontent), the title ‘Travelex ‘being held to ransom’ by hackers said to be demanding $3m‘ almost said it all and then I noticed something. First we get “Criminals are thought to be demanding about $3m (£2.3m) – to give the firm access to its computer systems after they attacked using the Sodinokibi ransomware on 31 December“, the price is not set without quarter, this we get from “They are reportedly threatening to release 5GB of customers’ personal data – including social security numbers, dates of birth and payment card information – into the public domain unless the company pays up” as well as “banks who use Travelex’s foreign exchange services to stop taking online orders for currency, affecting Sainsbury’s Bank, Tesco Bank, Virgin Money and First Direct.” You see Travelex, based in London, has a presence in more than 70 countries with more than 1,200 branches and 1,000 ATMs worldwide. It processes more than 5,000 currency transactions every hour yet, even as we see that it is on the London Stock Exchange, however the group is based in the United Arab Emirates. As for the actions we see “On Thursday 2 January, the Met’s cyber crime team were contacted with regards to a reported ransomware attack involving a foreign currency exchange. Inquiries into the circumstances are ongoing” here is the snag, what are the chances that US actions are impeded as it impacts 70 countries? Is there a reason why the FBI is not equally involved? You see, Sodinokibi is a spin off from Gandcrab and as we see (at https://www.bleepingcomputer.com/news/security/fbi-releases-master-decryption-keys-for-gandcrab-ransomware/) the FBI got those keys. Now the keys will not be compatible, but if they get one solution, they might get another solution. The fact that corporations are hit and we see “the developers behind the wildly successful GandCrab Ransomware announced that they were closing shop after allegedly amassing $2 billion in ransom payments and personally earning $150 million“, we would want to think that the FBI is on top of this and get some pay-back (I had to use that pun).

We also learn from Acronis “Sodinokibi ransomware exploits an Oracle WebLogic vulnerability (CVE-2019-2725) to gain access to the victim’s machine“, and when we go to the Oracle page we see that there had been a solution from last May onwards. there is also the part “Product releases that are not under Premier Support or Extended Support are not tested for the presence of vulnerabilities addressed by this Security Alert. However, it is likely that earlier versions of affected releases are also affected by these vulnerabilities. As a result, Oracle recommends that customers upgrade to supported versions” the question becomes did Travelex forget to do a few things? the article does not pan out on that.

Yet in all this IT News (at https://www.itnews.com.au/news/ransomware-shuts-down-travelex-systems-536191) gives us ‘Unpatched systems could be attack vector, say researchers‘, and they also give us “No evidence has surfaced so far that structured personal customer data has been encrypted, or exfiltrated. This is in contrast with a report in Computer Weekly that alleged the criminals deploying the Revil/Sodinokibi ransomware had attacked servers storing sensitive, confidential information that included customer names and their bank account and transaction details” and it does not stop there. They also give us “Troy Mursch, chief research officer at security vendor Bad Packets said it notified the forex multinational in September of a serious vulnerability in its Pulse Virtual Private Networking servers. The vulnerability went unpatched until November” which sets a much larger question mark on the entire issue as the news give us that the attack came almost a month after that. They curtiously also give us “Prior to that, security researcher Kevin Beaumont noted that Travelex was operating cloud instances of Windows Server on Amazon Web Services that had Remote Desktop Protocol (RDP) enabled and exposed to the internet, but with Network Level Access (NLA) control disabled. An RDP flaw, known as BlueKeep, allows for full remote compromise of Windows without user interaction” and these issues are not asked about? At least the Guardian article does not stop on them. 

The most hilarious response is seen at the very end of the IT News article with “Despite the attack closing down online systems, Travelex said it does not currently anticipate any material financial impact for its parent Finablr” Travelex might have numerous issues to consider, but the customer does not make the high point of that, or as I would mildly put it, who cares about Finablr? Well I reckon that the London Stock Exchange cares as the value of Finablr made a crashing 17% loss, that is almost one in five pounds that is lost too those bright young lads (ladies also). They advertise (on their website) ‘Finablr is a global platform for Payments and Foreign Exchange solutions underpinned by modern and proprietary technology‘ instead of ‘Finablr is a global platform for Payments and Foreign Exchange solutions underpinned by modern and proprietary hackable technology‘. It is a small difference, but a distinct one, especially as Oracle had placed a solution for months and the second message by Kevion Beaumont does not help any I reckon. In support a source gave the BBC that they feel let down, complaining that their travel money is “in limbo”, which is interesting, as the Guardian article gives us “Travelex first revealed the New Year’s Eve attack on 2 January, when it sought to assure that no customer data had yet been compromised” and as the article came 5 days after, the absence of victim mentioning is an interesting one, it seems that Travelex is not handling this situation well on a few levels, optionally also in arrear of making mantion towards the customers, all in opposition to the text on Travelex.com, which gives (among more data) “Tony D’Souza, Chief Executive of Travelex, said “Our focus is on communicating directly with our partners and customers to protect them and their information from any further compromise. We take very seriously our responsibility to protect the privacy and security of our partner and customer’s data as well as provide an excellent service to our customers and we sincerely apologise for the inconvenience caused. Travelex continues to offer services to its customers on a manual basis and is continuing to provide alternative customer solutions in the interim. We are working tirelessly to bring our systems back online.”” 

As such we get Travelex giving us one part and the BBC giving quite the opposite, and at this point my question becomes, exactly how much money is ‘in limbo‘?

That and a few more parts all rise to the surface when I look into this matter, the entire time gap on the side of Travelex being the most prevalent one. The one part that Acronis made me wonder about was the exemption list, the fact that It will try not to infect computers from countries based on the locale setting of the computer, which gives us “Romania, Russia, Ukraine, Belarus, Estonia, Latvia, Lithuanian, Tajikistan, Iran, Armenia, Azerbaijan, Georgia, Kazakhstan, Kyrgyzstan, Turkmenistan, Uzbekistan, Tatarstan“, the reason is unknown to me, perhaps they fear those countries and their ‘justice system’?

By the way, the entire Finablr website mention was essential, they are so for the ‘future’ yet security is seemingly not among it. That part is seen when we consider “In April 2019, the Cybereason Nocturnus team analyzed a new type of evasive ransomware dubbed Sodinokibi“, as such it took the Oracle team months to get a solution made (which makes perfect sense) yet the lack of implementation by Travelex is less normal. From all information it seems to me that Travelex should have made larger steps to be secure no later than Halloween, so the issue is a little larger than we consider, and the fact that Sodinokibi is a much larger field that goes back a few billion dollars. This is a contemplated speculation when we look at CSO Online where we get “While Sodinokibi is not necessarily a direct continuation of GandCrab, researchers have found code and other similarities between the two, indicating a likely connection” implying that for at least one person $150 million was not enough. 

As such, the entire Travelex issue will be around much longer than the ransomware will be, there will need to be a larger amount of questions to its mother organisation Finablr as well. From my speculative side it seems that some players are lacking certain IT skills, or/and a larger shortage of it, that is the initial feeling I got when I saw the information that Troy Mursch and Kevin Beaumont handed over to the press, and so far the information as seen supports a larger failing in Travelex and optionally Finablr as well. There is support for my way of thinking, no matter who is on the board of directors, none of them are IT experts and that is fine, yet by not having a visionary IT expert leading the charge we see a larger failing coming their way. It is not merely having an IT department and a security department, someone needs to spearhead and protect IT issues in the Board of Directors and there is no evidence that this is happening, actually the Travelex issue gives rise that it is not happening at all. More important, the issue with the website is that it is highly sales oriented, and when I had a look there (I reckon the Sodinokibi members as well), I wondered how secure are Unimoni, Xpress Money, Remit2India, Ditto and Swych? When one of these points get attacked, will the board of directors act appropriately? It is optionally a little ironic that they are hit whilst they advertised a paper on their site on November 20th (a month before the attack) ‘Why data protection is your new strategic priority‘, my initial thought? ‘Sarcasm, when it backfires it becomes irony!‘ Yes it seems like a cheap ride from my side, but we forget that Common Cyber Sense is a real thing and corporations need a much larger vested interest in being safe than ever before, GandCrab showed that part months before this event took place and I reckon that Financial corporations need to take a much larger vested interest in that matter, or so I am led to believe, I could (of course) be wrong.

What do you think?

 

Leave a comment

Filed under Finance, IT, Law, Media

Needs of the public

This started last Friday for me, I had taken notice before and I even wrote about it earlier, yet the shift of the view also implied and made it a shift of priorities. In this age and the age of needing to matter, we see a shift in priorities of all the players. Keri Paul the writer has a clear view and that view matters and is on point, yet the dangers are not his view, it is the other side of the coin. Weirdly enough it is a card game that is similar to this, it is Androids: Netrunner that gives us the view that we can explore and dig into the depths we need to. It is Hacker (user) versus Corporations and Government.

When we consider “Servers are created, net security is hooked into place and agendas are advanced, with the runner having to take a blind guess at what these cards might be. Does that server contain the game-winning agenda, or is it a “cerebral overwriter”, which will leave them damaged if they touch it?” (source: the Guardian) And that is the setting in real life too, we cannot rely on an actual whistleblower at the Google Board of directors (I also oppose such actions) we need to consider what the priorities of Google are. In my view its priorities are set around data and China has endangered their market to the largest degree, it does not matter why it happened, because the value of data has always been without question, the entire Trump-China matter merely advanced the time-line, this was however always going to happen and it is Apple (Microsoft too) and Google that are rich enough to counter it to some degree. I myself would have thrown myself onto the growth sector in the Middle East as it is will be the new powerhouse for China (and particularly Huawei), a fact too many are ignoring. This gets us to the first quote in the Guardian article (at https://www.theguardian.com/technology/2020/jan/03/google-executive-human-rights-activism) “Ross LaJeunesse, the former head of international relations at Google and now a Democratic candidate for US Senate in Maine, said he was forced to leave the company after reporting discriminatory practices, and that his work to combat censorship was at odds with Google’s desires to expand into a growing market in China“, it is not the wildcard ‘reporting discriminatory practices‘ that matters here, it is ‘desires to expand into a growing market in China‘, Huawei is merely the most visible path, and their new Operating System Harmony is merely the start of a much larger concern for the US. China has 1.3 billion people, let’s say that only 700 million users, that is still well over twice the amount of US people, as Harmony gets traction in China for certain, it will be able to grow in other regions too, the Middle East is a first where the threshold is the lowest with close to 160 million optional users, Egypt really makes a hit there, and as China applies its customer service to the Middle East we will see that within 5 years parts of Europe will consider switching, this is the 90’s in reverse. As the 90’s saw marketing of Microsoft push people to another level (Windows 95 did help), we see the roles reverse, now we see the exploitative tactics of Microsoft and Apple backfire as those tactics come under fire, there will be too much documentation showing these actions. 

Now that data comes into view, we see another economy, this economy that is set around data and IP, more important WHAT ELSE can be done and this is where quote two comes into play ““In reality, I don’t think we can trust Google,” he told the Guardian. “It has been shown time and time again, whether in how it handles personal data to when it’s asked to address violent content online, that we cannot take Google at its word any more.”“, in China it leaves data concern to the Chinese governments, as long as they can come in. Democrats and Human rights are all about the rights of the people and their personal data, yet governments do not care about those rights, they never did (if you think they did, you are nuts). Yes that hurts, but it is the truth. If America embraced Human Rights so profoundly, insurance and other players would not have the data they do and Cambridge Analytica would merely be a nightmare of the paranoid brain, but it is not, is it? within the law the setting of data is too large a sif and both China and the Middle East have their own settings for what data is and what rights are and like in the 80’s companies tried to accommodate whatever they need to to turn a dollar, that path is more profound now than it ever was. We see this path in “LaJeunesse spearheaded a 2010 decision to stop censoring Google search results in China and worked to establish a company-wide human rights program – efforts that were challenged when Google returned to the Chinese market with a censored search product code-named Dragonfly in 2017” it is a reality that many face and now that there is a larger concern for wat is affordable, players like Apple will see their profits shortened. 

It is the last quote ““When I started at Google, there was a sense that we really believed in the power of technology to make the world a better place,” LaJeunesse said. “It’s not like that any more”” that hits home, you see, the world changed, the needs for margins increased and the need to get more sold at the Google margins than ever before, that is the game we all see played when stockholders and shareholders are involved. I remember a conversation with a commercial manager in the 90’s who stated that this is not true, I was proven correct within 14 months after that, and that is the other path, even as margins are low the profits need to come from someplace and data is the next hurdle, a large economic hurdle, you can own it all, but that path is not economically viable, yet accommodating government needs is and they will pay through the nose to get a good handle on it and stream that data to their analytics. The Chinese know this and the people in the Middle East are figuring it out, in that setting Google has two options, be a player in that field or leave it to others. What do you think they will choose? Did you really think that Page and Brin departing was such a big deal? I reckon that it sped things up, they needed other people to voice needs and I personally think that they got that done by changing their board of Directors (merely my personal view). 

The entire setting changes a little when we look at places like CES2020, when you think of it it is a lot about data and that makes sense, but the handling of data is now a larger issue than ever before, even as we consider the impact, we overlook it. The quote “interpreter mode allows an Assistant-powered smart display to translate a conversation between two people, each speaking a different language. Google says more businesses have committed to using it this year, including American Airlines, HSBC banks and a handful of hotels around Vegas, San Francisco, LA, Japan and Qatar“, we see the technology on the spoken word and that has a much larger impact than you thought it would. Even though we get “Google Assistant isn’t supposed to record anything you say unless you start the sentence with “Hey Google”“, we also get “that doesn’t always work. Sometimes things on TV will cause Assistant to perk up its ears; other times you might be mid-conversation and only realize you somehow caught Assistant’s attention when it responds “Sorry, I can’t help with that.” With that in mind, you’ll now be able to say “Hey Google, that wasn’t for you” to have it wipe its history of the last thing you said“, yet how many considered the leap from when it started until you stated the correction and it “wipes its history of the last thing you said“, here we see it, what is ‘the last thing you said‘, there is your margin and it will affect its use nation by nation, they all have to file for corrections and of course, some nations like the margins they have and optionally want to widen it. An automated secret police, right in your very own home.

This is not some paranoid consideration, it is reality and it is coming this year, all whilst Harmony is on the heels of Google being in the same setting of life and data. It is the setting where it changes, the IP and who owns it makes the larger strides in two areas where it matters and at present Huawei has more IP, they merely have an advantage and that is the area where it matters, because whoever has the IP has the battle turned to their favour. Did you think there was no hindsight from me when I offered my IP to China? The entire setting of the US changing its mind like bad second hand car dealers is the controlling stage, a stage where the people in the American Administration cannot make up their minds leaving the inventor in the air whilst the corporation make headway. There is a larger issue especially when we look at the US, UK and China in jointly owning IP, it is becoming a lot more murky in recent years and that stage is almost literally fraught with dangers for the maker of the IP, in that stage trusting your company to be fair to you is now open to discussion. 

This is not nearly the end, especially when we consider the IP side, this part was given to all by Sophos when we are treated to “Google has temporarily disconnected Xiaomi’s IP cameras from its Home Hub service after a user reported that he was seeing images from other people’s devices” a mere 10 hours ago. Did you think that this was only happening 10 hours ago? This has clearly been going on for a longer time and we are merely informed on it now, as we see that part and consider that other phones have optional weaknesses on this side and we add the consideration of user rights from one to another and the ‘excuse’ “The Chinese manufacturer admitted the mistake and explained that it was down to a caching issue on its server“, did you think it was that easy? Why was it even cached on a server? What other data is cached? A lot more questions become open to interpretation when one mistake merely opens the can of worms that was there and the issues are only increasing, global marketing is making sure of that path. Oh and this is not just Google, there are a number of questions that rise when you consider the weird choices that Microsoft made with their Azure cloud, that part becomes visible when you switch on any Xbox made after 2014, yet it is buried by them by stating that this is the responsibility of your telecom provider, even when you are trying to explain to them that it is about the upload, not download. it is a global problem and that is a bad thing, but that is quite literally the game we are signing up for.

Google is only one of many and they are not evil, they are trying to stay afloat in a world of providers and data capture solutions. When (not if) data becomes a viable currency those who are in charge of the data will decide what comes next and that is a game that is now being played between governments and corporations, and where are we? If we are the Android: Netrunner players we are the hackers and we need to set the hardware up for what leaves our hands and we get to say less and less in that regard. The problem becomes, there are 4 billion people (read users) and a lot of them do not have the skills to install any backdrop and the information on the internet is not to be trusted in many cases (they always want you to install THEIR solution) which negates the entire issue as data is siphoned. And as you realise that someone owns your data, the question becomes: ‘Who will you trust?‘ all whilst they merely want the same thing, my personal idea is not to trust anyone and for the most I do not care where the information ends up being, it merely ends up somewhere and it is for that reason that I NEVER link any social media. It is merely a good idea to hand over as little as possible.

In the end this is coming, Harmony will be available to smartphones this year, so the battle will soon intensify and we will start to get weird fear mongering stories from the US on how Harmony will crash your mobile and other things, yet in the end JHarmony will merely start at the Huawei users and as they get no issues (other than US blocks) we will see a technology polarisation in mobiles, it is the stage that Google is desperate to avoid at all cost. And as Harmony gets rolled out beyond China Google will get more and more willing to be flexible, no matter what the US government states, that is the part the US administrations are intentionally blind to, the US has 325 million people, in a world with 8,700 million people, the US does not add up to much on population numbers, corporations see that.

All whilst Google needs to content against numbers like “the company’s inability to work with companies like Google, Huawei’s business has been thriving. The company’s fiscal third-quarter revenue increased by 24.4% year-over-year, and smartphone sales jumped 26% year-over-year in the first three quarters of 2019” (source: Business Insider), all whilst Apple phone sales went down and by a scary amount, and at present it seems that the 5G market is decided out of US hands, making Google even less happy, as mobile markets are their eggs and bacon, they need to do whatever they can to be part of that and for Google this is decently easy, for players like Microsoft less so. The issue is harder for the US, we see all the news and information on heralding 5G in New York giving the user 36Mbps (in one 5G movie), yet when we look at the 5G specs we see: “5G speeds will range from ~50 Mbit/s to over 2 gigabit at the start“, so we see 5G marketing and 5G pricing at below 5G speeds and the people are not catching on, you might see this as a separate issue, but the net runs on speed (quote literally) and the US hiding behind marketing is not catching on, that is the stage where Google wants to get ahead of the curve and therefore it needs to be in a Huawei environment, it needs to be in China for several reasons, the US and its administration is all about misdirecting the people whilst corporations know better and the ardware people want to get ahead of that curve so that they do not fall behind, Google has too much to lose. We might see it as the need of the public, but that need is fuelled by corporations and Huawei is at the top of that chain (at present) so other players like Google need to set a larger stage where they are players and no longer mere service facilitators. 

In all this China and the Middle East are surpassing the US and that is a stage we have never seen before. Wired Magazine gave us “AT&T launches its new next-generation wireless network, but breadth of 5G coverage in the US still lags South Korea and China“, which is the issue, at present the US is in third position in a market they used to rule, and they are in danger of reverting to fifth place by the end of 2020, for the first time in history the US will be trailing others, Google wants to get out of that cursed position as fast as it can. The US (via Wired) gives us “so far, the fastest 5G download speeds in the US top out at around 1.8 Gbps, according to tests conducted by data analysis firm OpenSignal. Those are the fastest speeds in the world, but they’re rare“, I myself did not see any video or evidence showing anything over 200Mbps, making the statement more debatable (like testing setup versus actual connection), yet that is my personal view whilst I am not in the US. The Verizon options are in 24 cities (the US apparently has a lot more places), so that is lacking, it also gives for New York that ‘5G Ultra Wideband near these city landmarks‘ in Midtown, Hell’s Kitchen, Harlem and Downtown Brooklyn, so there is a lot missing and you need to check this for all the regions you plan to be in in 2020, even as you ‘scale back’ to 4G LTE, did you pay for that? Well apparently you did at Verizon, and they are one of a small amount of providers and none of them are national, that is the back push that you see in the US. I am not stating that China is better, they are not, but they have the advantage of Huawei and so will other regions in the world soon enough. 

This setting is important, because Google needs itself to be heading that wave, not following it and in that regard it needs to be in China (and the Middle East), as such the second statement I gave (from the Guardian) is the most important one and Google is all over it, plenty are not (read: most cannot afford the cost) and in this stage where Data is currency, we see that this war may leave the US crippled because of the limitations it pushes onto itself, even whilst the claims were never supported by any evidence and that is not merely my view, it is also the view by a large amount of cyber specialists that are a lot more knowledgeable in that field.

All these issues are linked to the movement of Google and from there the needs of the public are addressed, from an American perspective it will be Google or nothing, yet the non US part is looking at another setting where it is Google versus Harmony and at present I cannot tell whether Harmony will be a bad choice. That is the scary part for Google, as the public tries Harmony and nothing sets them back in the use of their mobiles, we will see a larger and a quicker curve towards other solutions (or away from Google). 

That is the fight that will be in the up and coming this year, as Harmony gets released we will get governments making huffs and puffs away from Harmony, yet let there be no mistake, it will not be towards your data privacy, it will be the currency that pushes them and data is the current they need. We will be ‘lied to’ whilst they will stop at giving out evidence as much as possible. That is what we get to look forward to in 2020, the needs of the public, our needs are what governments and corporations make it to be, not what we decide and that is for a lot of people the largest issue at present, even as it is about data, is it not interesting how they all circumvent that part of the equation?

 

Leave a comment

Filed under IT, Media, Politics, Science