Category Archives: IT

As an aspiring agent of chaos, I have always been in favour of chaos. There are two quotes from the movie The Dark knight (2008) that are important here. They seem meaningless, but they are not. Consider the events surrounding Brexit. The IMF, Wall Street, the ECB all desperate to scheme through fear mongering, and they are even at it today, all so eager to keep their status quo in place. So, the first quote is: “Y’know they’re schemers. Schemers trying to control their little worlds. I try to show the schemers how pathetic their attempts to control things really are“, that is only partially true. The evidence is all around us on how Wall Street is still largely in control. I am not giving you some conspiracy theory on how they did one or the other. The news as we read it in nearly every decent newspaper gives you that evidence and they call it ‘policy’. It is fun to make a second movie reference, especially as it also included Christian Bale. The movie the Big Short (2015) shows clearly the facts of the subprime mortgage issues that unfolded and became a reality. It was based on the book by Michael Lewis called The Big Short: Inside the Doomsday Machine. I was sceptic at first, not because of the actors involved. Yet the notion that it involved Steve Carell and Ryan Gosling made me a little wary. In the end, I saw a movie that showed a Steve Carell who shows us how brilliant he actually is, more than merely a really good comedian. Even as he had already worked together with his prospective son in law (a Crazy, Stupid, Love pun), as the narrator in part of the movie Ryan Gosling gives it that extra, that part that will make you remember the movie long after you have seen it. The movie ends up being not merely an entertainer, the movie becomes an educator almost to the degree that the book was. Together with Margin Call and Inside Job you get a real grasp of the economic wasteland that 2008 created.

This part is truly important, because when you consider those facts and the mere realisation that the US, EU and many other places still have no proper protective laws in place is just scary.

Part of this is seen in the McKinsey report on June 5^th 2018 where we see: “That the effects of Pillar 2 add-ons and capital buffers should result in two widely different assessments, of €56 billion and €2.2 billion, is notable, highlighting the room for national discretion during implementation. In Sweden and Norway, for example, supervisors are reflecting higher risk weights for mortgage loans in Pillar 2 capital requirements. Some analysts are therefore expecting that these add-ons will be removed, given that they are already captured by an internal model floor for mortgages under Pillar 1“, the part ‘expecting that these add-ons will be removed‘ is the danger here. You see, Bloomberg reported in January 2018 (at https://www.bloomberg.com/news/articles/2018-01-25/banks-prepare-for-battle-as-europe-readies-rules-to-cut-risk), “banks are uncertain about how Pillar 2 capital requirements — demands set over and above legal minimums — will be imposed“, the statement is odd as they were already there in Basel 2, so why is there now ‘miscommunication’? (Perhaps ‘ignorance through intentional non-comprehension‘ might be a better term).

When we look at those two pillars we see:

First Pillar: Minimum Capital Requirement
The first pillar Minimum Capital Requirement is mainly for total risk including the credit risk, market risk as well as Operational Risk.

Second Pillar: Supervisory Review Process
The second pillar i.e. Supervisory Review Process is basically intended to ensure that the banks have adequate capital to support all the risks associated in their businesses.

You see, we have seen the game of CDO’s, derivatives in many forms, sometimes being ‘diplomatically’ called Bespoke Tranche Opportunities nowadays, the Big Short mentions it at the very end. Consider that this was a 2015 movie, and Bloomberg gives us last August: “Pacific Investment Management Co., Goldman Sachs Asset Management, Columbia Threadneedle and others are snatching up bonds tied to subprime mortgages and other home loans made before the housing crisis, while selling speculative-grade company debt. They say junk yields are too low for the risk investors are taking, and securities backed by mortgages — which have already gained as much as 6.9 percent this year according to Bank of America Corp. data — offer higher potential returns given the risk“, it implies that some could get rich by taking risk on junk. So when that collapses, considering Basel 3 pillar one and two, what are the chances that pillar one, the operational side does not include such events as it is not ‘operational‘ but based on non-operational settings? Where is the risk then? In addition, when we see that now, the banks are expected to ‘expecting that these add-ons will be removed‘ from consideration, how dangerous is the balance at that point? Did we not learn enough in the years 2008-2011? Why are we allowing these gambles leaving us with nothing twice over? Why are there no clear laws banning credit swaps and BTO’s? It might sound nice and soundbyte nice when the pope makes such a claim, yet it is still legally an option, so why was this not halted? The fact that the book and movie mention this gives rise to the fact that Wall Street knew for many years, yet they let it slide. So what happens when the people DEMAND from their president that the banks will no longer bailout banks involved in that? What happens when Wall Street faces the rage of the people and there is no continuance or replay of the Emergency Economic Stabilization Act of 2008? What happens when the people have had enough and in honour of the American Civil War (1861 to 1865) decide on the American Wall Street Clambake of (20xx) where 150 million Americans decide to lynch the 63,779 bankers on Wall Street in public, would that change a few noses to be more morally inclined (of those still alive that is)?

Agustin Carstens gives us a more diplomatic view in the Financial Times (at https://www.ft.com/content/720efbe2-75fa-11e8-a8c4-408cfba4327c) where we see “the future is not pre-ordained. The right policies can help. While the path ahead is a narrow one, it can be taken. We should seize the day to rebalance the policy mix and sustain the current expansion. That means regaining room for policy manoeuvre and reviving the flagging efforts to implement structural policies. Let’s use macroprudential tools to strengthen resilience where financial vulnerabilities are building up. Let’s ensure that public finances are on a sound footing“, yet he phrases it better, but as I stated in the beginning, I am an aspiring agent of chaos after all. This gets me to the second quote in the Dark Knight. It is applicable in two settings, the one we saw and the one we are about to see. The quote: “You know what I noticed? Nobody panics when things go according to plan. Even when the plan is horrifying. If tomorrow I told the press that, like, a gang-banger would get shot, or a truckload of soldiers will be blown up, nobody panics. Because it’s all part of the plan. But when I say that one little old mayor will die, well then everybody loses their minds!”

This gets me to the situation where Israel made a choice to speak, but from where I am sitting, it seems like the wrong voice to raise and it is the setting of a dangerous strategy that could backfire in ways that we cannot perceive as yet.

You see, on Wednesday afternoon Netanyahu tweeted out a video praising the Iranian soccer team for its performance in the World Cup against Portugal with “The Iranian team just did the impossible. To the Iranian people I say: You showed courage on the playing field, and today you showed the same courage in the streets of Iran.”

For soccer fans it was a remarkable day, most of them did not give Iran any chance of winning, not against Morocco, who has a team that can stand up to the likes of Spain, a nation devoted to soccer, so for Iran to win, that was a really big thing. Now consider the words ‘today you showed the same courage in the streets of Iran‘. This is a reference to the Iranian currency plunging to the depths of the Mariana trench, having a massive impact on the Iranian people. ABC gave us (at http://www.abc.net.au/news/2018-06-26/thousands-protest-in-iran-over-failing-economy/9909184) ‘Thousands protest in Iran over failing economy, forcing closure of Tehran’s Grand Bazaar‘, now we can acknowledge the event, yet from the lips of PM Benjamin Netanyahu, or in this one particular case ‘PM Be not a Yahoo‘ it seems to give notification that revolution needs to be on their mind. The problems is even as they currently have a lame duck in place (President Hassan Rouhani), who is merely accepted as the temporary voice of the Clerical and Military power in Iran. Such a revolution would merely empower the military and give rise to the Clerical side to end up supporting the military

Yet the setting in the frame whilst the nuclear negotiations are still going on, Iran is under pressure. The danger we are now exposed to is that the Iranian clerics and military will not place another ‘liberal’ minded person for another 4 years, so the danger of having some short minded version of former president Ahmadinejad on steroids as the next president of Iran is not out of the question. No one can tell whether the clerics and military have prepared the next one, but to get one in their years early tends to push chaos to a level of devastation and this is not the time to make this happen. So basically we see the feeding towards ‘then everybody loses their minds!‘ Could I be wrong?

Off course I can, yet the data and events seeping towards a more extreme new president was always coming, the acceleration in Saudi Arabia and the Iranian acts in Yemen clearly point that way. We see in some sources phrases like “Iranian Foreign Ministry spokesman Bahram Qasemi told a news conference that the ongoing offensive on Hodeidah has put the country on the brink of famine“, from my point of view, the Iranians achieved that last year with the aid of a tool like Hezbollah and pointing the Houthi rebels to cause maximum damage to the people of Yemen. So when we see: “The international organizations and the UN should make an effort to end the aggression against the oppressed Yemeni people“, the UN knows perfectly well that delivered missiles firing from Houthi positions into civilian targets in Saudi Arabia made that a non-option right of the bat. Yet, we must not forget that Foreign Ministry Spokesman Bahram Qassemi played his part very well, the main players are not new to this game and merely waiving their options away is not something the UN is willing to do, in that regard we all need time to get anything proper in place and Israel just changed that instance to some degree. Chaos in Tehran can unfold in ways that cannot be predicted because several players behind the scenes cannot be identified. Yes, the top two (Ali Khamenei and Qasem Soleimani) are known, yet their inner circle is not completely known and now we are in an upcoming impasse where we could be forced to wait until their moves are done, that whilst Iran is nowhere near on the ropes, so they have what might be seen as the field advantage for a little while and that is where chaos can go unbridled and cause actual long term damage.

There is enough evidence of that in Syria, Libya, Egypt and Yemen, none coming with short term solutions to get some actual productive. the Egyptian $500 million education reform bill is only two months old and took some time to get it all in the right shape. This is long term thinking, a true working strategy where the next generation will be more educated giving additional options for long term dialogues and giving a nation options to grow economically. Now consider that any prospective improvement is now optionally off the table for Iran until 2027. This gives a long term danger to sparks evolving in a very different form of chaos, one that no one can predict how it will unfold in the end. That is the game at present. Now consider such an event happening whilst Europe and the US go through another 2008 event, something that several predict and most seem to agree that it is pretty much unavoidable.

Almost like some used to say that the Great War (1914-1918) was the war to end all wars and we were treated to a very different reality in 1938. In that year we got the very first issue of Superman and Time magazine elected Adolf Hitler as ‘Man of the Year‘, do you remember how that ended, apparently all remaining 9 million Israeli’s definitely do!

Chaos can be good, it allows for true change. In this the quote: “It’s like knocking over an ant-hill. Every new generation gets stronger, the ant-hill gets redesigned, made better” is appropriate, yet the danger is that those ants have access to an arsenal of ‘solutions’ that can make a real dent ensuring long term chaos, that is why the Israeli push is not the beneficial push that the PM thought it could be, so tweeting that video was slightly too rash (for more than one reason). In that the earlier setting where we let the banks completely collapse might be the better options (if we had to choose between the two). In the second part, the Iranian debacle is also set on how China will react. Some are speculating that Iran wants to offer an oil solution if China is the saviour that they hope it will be. I cannot tell, I never looked at any data or papers giving real light to one path towards the other path. For china it might be an option, especially after the vitriolic actions against Huawei and ZTE, yet in the end that market is for now not large enough to cause truest concern, not whilst they have plenty of options to grow 5G in Europe with a population twice the size of the US and an overwhelming desire of the local populations in western Europe and Scandinavia to adopt it, there is enough for China to focus on, they might love to help out Iran, just to spite the US and to get under-priced oil, yet that is a separate play from what is on offer.

Scandinavia is also interesting as it allows Huawei to reach the bulk of Swedes through their three cities (Stockholm, Goteborg and Malmo). As Malmo is merely a bridge crossing away from Denmark’s capital Copenhagen a growth path for Huawei could show others soon thereafter what the rest is missing out on and with Swedish Telia on board, the setting for both Denmark and Norway becomes a reality. Even as the US is all up in arms, Reuters gave us merely 4 months ago on Huawei being “the company in prime position to lead the global race for next-generation 5G networks despite U.S. allegations it poses a security threat“. So even as we see newscasts like ‘Sprint, T-Mobile merger will generate 5G powerhouse, cut costs for users‘, that setting is definitely not a given. You see the chaos is not in getting the 5G, the chaos comes from 5G as governments and large telecom companies are nowhere near dealing with the setting that cyber threats can become. this is not merely phishing, scamming or abducting accounts, this is the realistic danger that for the first two years 5G facilitators become start points of all kinds of chaos though the facilitation of non-calibrated systems, architecture lacking equilibrium. the difference between ‘a holistic approach towards DDoS attacks and 5G networks, rather than relying on outdated defence tactics‘ (source: Wireless Week). Non-repudiation would have been a quality first step in that, in a time when too many are relying on authentication, we seem to forget that it remains relatively easy to get a ‘false positive’. Please do not take my word for that, merely visit 675 N Randolph St, Arlington, VA USA (address of DARPA) and ask Dr. Steven H. Walker if you can take a look at a massive archive of false positives that their previous research gave in all kinds of fields, it is an impressive read to get your fingers on and you’ll die of old age before you even get through 30% of the materials, even if you start as a teenager.

That was the ball game from the start. A mere setting of order versus chaos; a simple setting where order could have prevailed, if not for the economic setting of greed and speed over quality. In that 5G does not open up the super highway of data, it merely opened `15 highways next to the one we cannot even properly control now and we end getting 16 highways flooding us with false positives, chaos on a new level and not chaos of the good kind. It will be the wet dream of organised crime for close to a decade to come and the larger players remain is presented denial.

For that you merely have to search Google and use the search term “Telstra non-repudiation“, you get ‘Mobile Authenticator’, which states to be ‘Enhanced non-repudiation’. These two are not the same! Now, important that this is not anti-Telstra, the bulk of all systems on a global level have these issues. My issue in this particular case is “reduce the costs associated with robust user authentication for large populations of staff or customers accessing your online service” Non-repudiation is never cheaper (for now) and in the end the flaws are not obvious, yet they are there and it takes one sloppy moment to give access. Computer world gave us last year the article by Evan Schuman involved here is Steven Sprague is the CEO of Rivetz, this project that comes the from National Institute of Standards and Technology’s National Cybersecurity Center of Excellence (yes, it’s a mouth full) is giving us: ““Software code is easily altered, and memory can be copied,” he said. “The [whole] software process can be observed. You simply cannot hide a secret in the operating system. It’s time to finally do it correctly, with hardened keys within the device.”“. It is one step stronger, yet this is still not non-repudiation, where the setting is that you and only you could have done the deed. Some go for the ‘Dual biometrics may just be the authentication answer we need‘, yet that is still ways away and in the end on the mobile path not really a good solution. One player called Sensory is making positive headway, yet they are not there yet and time ran out close to two years ago to get something really good on the roadmap. So even as we see that authentication solutions are there, in the immediate setting where mobiles can now move billions, the game is now and has always been non-repudiation. At present we move over a billion dollars a day via mobiles and ecommerce, when we consider that this push is going to fivefold in the next decade, do you really think that authentication is going to get the job done securely and on time before the big bank download begins?

Is there a connection?

Consider Bank Melli Iran: $45.5 billion, Bank Mellat: $39.7 billion and Bank Saderat Iran: $39.3 billion. Merely three banks with a few billions. Now consider the following settings. In the first we get “While the standards of the Bahrain-based Accounting and Auditing Organization for Islamic Financial Institutions (AAOIFI) are widely followed around the world, they are not enforced in Iran“, a mere setting of rules. Now we consider the resetting of Basel 3 pillars one and two, with the support from several financial sources giving us “The Central Bank of Iran has played a significant and effective role in implementing Basel II and III standards in the banking system“. Now we take those elements and add 5G, whilst non-repudiation is non-existent and some devious entrepreneurs help themselves to the $125 billion of cream. This fat cat, can we call them ‘organised cats’, could potentially use the 5G debacle to remain anonymous and sail away on their new yacht (by the way, if you guys pull that off, please remember my AU$20,000,000 consultancy fee through Riyadh, so I can use the legally available tax avoidance rules).

Do you still think I am joking?

We have heard all kinds of noise concerning security, so in addition to that, one source (Internet of business dot com) gives us “5G will enable IoT applications such as autonomous vehicles, healthcare solutions, and robotics. But the technology also poses a much larger security risk than the 2G, 3G, and 4G networks that came before it. Why is this?
Significantly, 5G represents an overhaul in the way that networks are run and managed. In contrast to the hardware-based networks of the past, the technology takes advantage of virtualisation and cloud systems, leaving it more vulnerable to breaches if not properly secured.” There we see the connection, proclamation of proper security are at the foundation of it, whilst the systems are all about Authentication and not about clear non-repudiation, in an age where mobile hi-jacking is a reality of life, the authentications in place are often too easily avoided. In the time a person walks to the bathroom a highly jacked phone can now set up the vibe of 25 million transactions, all completed in 52 seconds, most likely at that point, the person going to the toilet barely sat down for the event to release, that’s what it took to set the Iranian coffers to ’empty’. Now, many will not react that it happens to Iran, yet the newly elected extremist will not let that slide; and what happens when it is not Iran, but another nation? What happens when we realise too late that our own banks are not up to scrap?

Only this month did we see: “Security breaches continue to be an ever-present threat for financial institutions. Defending against attacks and authenticating customers without creating undue friction is something financial institutions have not yet completely solved. Consumers seem to be willing to use more secure methods to access their accounts, but not necessarily give up on ease and speed of transacting“, and in addition ““Attacks haven’t died down,” said Will Lasala, director of security solutions at OneSpan, a cybersecurity firm. “The amount of loss is through the roof. Stopping losses and the need to analyze what’s happening in those transactions is important.”“. That was this month, whilst the FDIC (Federal Deposit Insurance Corporation) treated all willing to learn to “Internet connections establish a pathway for hackers and thieves to access and steal sensitive personal information, including the banking records that many customers store on their home computers. Phishing, pharming, spyware, malware, worms, nimdas, viruses, buffer overflows, and spam—all relatively recent entries to our vocabulary—have raised electronic/Internet banking risk levels to new highs, and financial institutions have had to increase security measures to address those risks“, that was in 2005, thirteen years ago. Welcome to the age of ‘if it costs too much, sit on the solution for now‘, you see, not much headway was made (clearly nowhere near enough) and in that result we are now on the edge of 5G where the speed and issues are driven upwards at least tenfold, so that is where non-repudiation was a solution, if only someone had gotten us there. It was a risk covered in my University IT classes in 2010, so it is not like there was no awareness, merely a path that was seen by too many decision makers as too unprofitable to consider.

Now we see chaos in its proper light. Chaos could have set the stage properly, if they only allowed the banks to collapse in 2008, yet that did not happen and some players are up to their ‘old’ tricks in a new jacket whilst the people are more likely than not having to pay for it all again.