Category Archives: Military

October 31, 2016 · 16:54

As messages pass by

There has been a lot of throwing regarding e-mails in the 11th hour of the campaign. As elections are officially about to start, the need to get them out in favour of the Republican side seems to be clear. Yet, in all this there is an equal worry why the Democrats have let this get so out of hand.

For those who do not keep up to date with the daily need of any Clinton e-mail, let’s mull this over, so that the sequential parts will be a lot easier to understand. For the most, part of the history (at http://www.cnbc.com/2016/10/29/the-history-of-the-clinton-email-controversy.html) will give you part of the goods, but it is still a little short.

You see, this all goes back to 2012, when the Islamic militant group Ansar al-Sharia started a coordinated attack against two US government facilities in Benghazi, Libya. It resulted in the deaths of U.S. Ambassador to Libya J. Christopher Stevens and U.S. Foreign Service Information Management Officer Sean Smith. It was the New York Daily News that reported on State Department officials who were criticized for denying requests for additional security at the consulate prior to the attack. In her role as Secretary of State, Hillary Clinton subsequently took responsibility for the security lapses. So, that should have been the end of it, should it not? The basic premise is that mistakes will happen, it is really not great when lives are lost, but it is a danger many foreign dignitaries in conflict places face.

Although, at this point, one valid question becomes debatable: ‘Should any elected official making such a lapse of security be regarded as a possible president of the United States?’

I am merely phrasing the question, it is not an answer pushing you into the direction of the Yes or No answer. What followed was a media rush towards the semantics of ‘Act of Terror‘ versus ‘Act of Terrorism‘. I am calling this an issue of semantics as in the end Ambassador J. Christopher Stevens ended up being equally dead, so in that regard there was no impact. Just as many have seen, but perhaps not realised that syndicated columnist Charles Krauthammer claimed that a State Department e-mail, which passed along a report from Embassy Tripoli that Ansar al-Sharia had claimed responsibility for the attack on Facebook and Twitter was evidence that the White House knew of terrorist connections to the attack almost immediately. Charles Krauthammer stated, “This is really a journalistic scandal. I mean, the fact there was not a word about any of this in the New York Times or the Washington Post today.” This comes from the 23rd October 2012. The issue now is that there are layers of issues not dealt with. Consider this part and also consider the Senate Hearing Response by Hillary Clinton “With all due respect, the fact is, we had four dead Americans! Was it because of a protest or was it because of guys out for a walk one night and decided they’d go kill some Americans?! What difference, at this point, does it make?!“, which is only part of the response, yet the response in the hours before the attack would have been important, especially as the movie linked to all this ‘Innocence of Muslims‘, a movie by an Egyptian born Coptic Christian, an anti-Islamic movie with the intent to denigrate Islam’s prophet, Muhammad. Was there really no clue that this would have repercussions? In addition, Anti-Islamic content had been added in post-production by dubbing, without the actors’ knowledge (source: Christian Science Monitor). What is interesting is that Sarah Abdurrahman states “If you watch closely, you can see that when the actors are reading parts of the script that do not contain Islam-specific language, the audio from the sound stage is used (the audio that was recorded as the actors were simultaneously being filmed). But anytime the actors are referring to something specific to the religion (the Prophet Muhammed, the Quran, etc.) the audio recorded during filming is replaced with a poorly executed post-production dub. And if you look EVEN closer, you can see that the actors’ mouths are saying something other than what the dub is saying.“, this is important because it clearly implies an attack on religious values, one that the Muslim community values above all others. Now we cannot expect that the internet is policed to a certain extent, yet in light of the trailer, was there really no one who asked ‘could this get out of hand?‘, whilst in the other direction, the fact that the trailer had been online for almost 50 days, were there no danger flags at all? So on a September 11th day, was there no perception at all that there could be a dangerous situation? In addition there was a PDF (at http://permanent.access.gpo.gov/gpo33519/Flashing%20Red-HSGAC%20Special%20Report%20final.pdf), where the Regional Security Officer in Libya compiled a list of 234 security incidents in Libya between June 2011 and July 2012, 50 of which took place in Benghazi.

  1. America and American interests were (regardless of reason) under direct terrorist attack.
  2. The State Department should have increased security on several levels
  3. It gives another view to the Senate hearing in light of certain facts (January 23rd 2013)
  4. The United States Senate Committee On Homeland Security And Governmental Affairs paper from December 2012 shows that additional security would have been essential.

Now, why is this so important during an election? For the most, we could call trivialise all this in regards to ‘administrative failure‘, which will happen, even as we all realise that lives were lost, it gives weight to the response that Hillary Clinton gave. As she stated “It is our job to figure out what happened and do everything we can to prevent it from ever happening again” as well as “The Intelligence Community has a process, I understand, going with the other committees to explain how these talking points came out”, which now makes the second one a killer to say the least.

This is now part of the problem!

You see, the email controversy is not just that mails were missing, it became publicly known that Hillary Clinton, as she served as the United States Secretary of State, had used her family’s private email server for official communications, instead of the State Department email accounts maintained on federal servers. So certain triggers could have been missed and an issue of reporting now exists. In addition, the mere notion that thousands of emails that would later be marked classified by the State Department retroactively had been on other servers is also a clear case for response. This now gets us to Bill O’Reilly (at https://www.youtube.com/watch?v=dCYma3zZf7U), who now informs us on two sides that matter. At 2:11 we see the ‘accountability of people in power‘, which is an issue at any given day, yet there might be a clear explanation, yet the implied issues as seen gives us that there has been a level of miscommunication going all the way to the Oval Office, which is now a really big issue. In that regard, the Clinton campaign is getting cut all over the place, in addition, at 4:16, there is now the implied issue that FBI director James Comey was either not aware or covered up the private email issues as they were missing from the summation of the case.

Now, after all the grief that FBI director James Comey is now receiving. In addition, Nevada Democrat Senator Harry Reid gives us ‘James Comey may have broken law‘, is that so Harry? The trouble with Harry is that he doesn’t seem to mention on how private email servers and not the State.gov servers were used. Can we all agree that this might be the bigger issue, for more than one reason? The fact that impeachment could be due to all or any crime that abuses office powers, we could surmise that there is an optional case of perjury. If proven, we can avoid the entire election. That is not, as Harry Reid states ‘interference in an election‘, but the investigation of possible criminal acts. On one side, if this goes up after the elections and should Hillary Clinton win, than it is a first in history that both members of a family, both in a position of presidential powers gets impeached for ‘Perjury and obstruction of justice’, which is at his mere age of 76 still an interesting event to personally witness. Harry gets enthusiastic in his speech as given on the Huffington Post. You see he states “letting her GOP opponent get away with breaking the law“, which is interesting as the system does not seem to make a criminal ineligible for running for office. It mentions that you need to be an American and once elected you cannot run a second time for president (re-election does not apply), so a one term president cannot be a president again. When we look at the Constitution, Article 2, we get an interesting side. Section 4 gives us: “The President, Vice President and all civil officers of the United States, shall be removed from office on impeachment for, and conviction of, treason, bribery, or other high crimes and misdemeanours“, this implies that a felon can legally become president of the United States, practically that is a lot less certain.

So here we get the trouble with Harry. You see, until the election it is the premise of conviction, if Hillary Clinton gets prosecuted and convicted regarding the Benghazi mails after a successful election, she would be impeached. It is a possible and practical solution, but it isn’t likely and in addition initially James Comey made a notification of events. In light of the Washington Post (as well as the Guardian) we see “Their decision partly reflected the institutional power of the FBI director, Comey’s personality and the political realities they were facing, according to current and former Justice Officials. In this case, officials said Comey put the department in an untenable position by informing them that he was sending a letter to Congress because he had an obligation to lawmakers or they would feel misled“, is this separation of powers at its finest, or is this a mere loophole? We need to see this in contrast to another quote in the same article. Here we see: “At the July news conference, Comey announced that the FBI had completed its investigation of Clinton’s private email server while she was secretary of state. Comey said he was recommending to the Justice Department that Clinton not be charged, but he added that Clinton and her colleagues had been “extremely careless” in their handling of classified information.”” So it was after July that things escalated. The part that we see ‘when Harry met Hillary’ is that the path that is taken is odd to say the least. The mention by James Comey ‘in an unrelated case‘ as well as the fact that when this all happened Hillary Clinton should have had a cleaning pass on a very high level. That never happened, for the most it is an actual consideration exactly HOW Anthony Weiner got these mails to say the least. Consider that he left congress in June 2011, a little more than two months before it all happened. So how and exactly why was he kept in the loop? If the facts are correct, we are now facing a case where Hillary Clinton mailed classified materials to an outsider. A part that leads to even more questions when we see “FBI director James Comey revealed the existence of the emails, which law-enforcement sources said were linked to Weiner’s estranged wife, top Clinton aide Huma Abedin“, which now gets the Clintons in even more hot water. It came from a private server, it went to the top aide and she was using the laptop of resigned congressman Anthony Weiner, now it seems that the mails were meant for his wife, did she not have her own laptop (at http://www.cnbc.com/2016/10/30/fbi-obtains-warrant-for-newly-discovered-emails-in-clinton-probe–as-reid-accuses-comey-of-hatch-act-violation.html)?

From my view, the fact that classified materials went via unqualified sources to a device owned by a person who’s is no longer in office. It seems that Harry is spinning his way through legal mentions whilst ignoring transgressions of classified communications. So, Harry needs to be careful on whacking the paint brush around. In the end, there is of course a chance that it will influence the election, but we could in equal margins consider that the Clintons, due to careless ignoring mails in the field, the entire mess ended up hurting themselves again.

It is because the clarity of what actually happened is out there is missing, is exactly why this is now coming to blows now. As for the mention of ‘Reid Accuses Comey of Hatch Act Violation‘, we should in equal measure consider that this is not an act where we see ‘political activity’, this is an FBI director who is now looking into possible criminal negligence and the fact that classified materials were on a laptop not owned for the person who the intended mail was, in addition, it belonged to a person no longer in office, so those conditions could well spell more mess as former Hillary Clinton chief of staff Cheryl Mills and another top aide had “some” classified material on laptops they turned over to the bureau in its probe of Clinton’s private server use as secretary of state. Through her own statements, we saw that she was unaware what classified meant, she did not use the proper protocols on sending classified, secret and more than 20 top secret emails. So as we see Senator Harry Reid go all up in arms, we need to consider one additional quote from the Washington Post (at https://www.washingtonpost.com/opinions/comey-gives-in-to-shameful-partisanship/2016/10/30/c31c714a-9ed8-11e6-8d63-3e0a660f1f04_story.html). “The evidence suggests that FBI Director James B. Comey is a decent man. The evidence also suggests that he has been intimidated by pressure from Republicans in Congress whose interest is not in justice but in destroying Hillary Clinton“, that seems to be the driving force here. It is my personal belief that this is what happened and this is why the initial mail was so vague. If I resort to calling a spade a spade then I would state: “Yo Harry, we know that you are stupid, but you are not stupid. You know what I am saying?” Instead of lashing out to the Republicans in congress, instead of looking why the massive level of ignorance from a former Secretary of State wasn’t properly cleaned up the moment it was a clear visibility issue, we will get to the direct consequence of dropping the ball on the bottom of the 9th when you are down 4 points and this is the last play. It could cost you the game and that is exactly what could happen at this point. When you trace all this information back you get to the clear understanding that WikiLeaks doesn’t need to find whistle-blowers, with the cyber negligence we see at present, Congress could in theory be supplying WikiLeaks with Top Secret information for decades to come (dramatically over-sized speculation). Perhaps Congress could take a moment to send an unclassified email to Maj Gen William T. Lord (you know the dude in charge of the Air Force Cyber Units) requesting a highly needed presentation on ‘Common Cyber Sense‘, it seems that a sizeable population on Capitol Hill is in dire need of one. #JustSaying

 

Leave a comment

Filed under Media, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , ,

October 17, 2016 · 18:39

A New Disney

There was an Italian, who has been famous for over 125 years, he is not the first or the only famous Italian. There was this guy who came up with Pizza, There was this other Italian who thought fast Ford cars were a joke and he created Ferrari, then there was this other Italian, who made tractors, disagreed with the previous Italian and created Lamborghini. It is actually none of those. It is Carlo Lorenzini who was born 190 years ago. You might not know the name, perhaps his alternative name? Carlo Collodi! If you are still in the dark, than remember the story of a wooden boy who wanted to become a real live boy. Steven Spielberg used the notion in AI, but the original remains the best, namely Pinocchio!

Yes, the story of a wooden boy going into the world, yet as a wooden boy he was not alone, there was a little Cricket accompanying him and he would be a lot more important than your average Cricket, Jiminy was his name. Today the story is even more relevant, you see, the name Yemini Cricket might be ringing bells, but the truth of the wooden boy is there. The question becomes, who is the wooden boy?

So when I read ‘US, Britain and UN demand Yemen ceasefire within days‘ (at http://www.sbs.com.au/news/article/2016/10/16/us-britain-and-un-demand-yemen-ceasefire-within-days),

Yet when I read “The United Nations envoy, Ismail Ould Cheikh Ahmed, said: “We are here to call for an immediate cessation of hostilities, which will be declared in the next few hours.” Cheikh Ahmed said he had been in contact with the rebel Huthi militia’s lead negotiator and with Yemeni President Abedrabbo Mansour Hadi’s government“, my recollection does not go towards the classical story, it goes to a reference a little closer to the present (at https://www.youtube.com/watch?v=ZFZrKOCdHFs), the laughter applies to both the sketch and reality. Aleppo is a great example, how 5 years and 400,000-450,000 fatalities later, no solution is there, but they are still flying to places like Switzerland to talk. I wonder when we add up all the costs, how much did the taxpayer pay for this play?

A number of civilian casualties that have now surpassed the total US Military casualties, of those who died during WW2. Doesn’t that look like a clear message that massive change was required a few years ago? I reckon all the players know that, yet, having long conversations with Russian Foreign Minister Sergei Lavrov, whose only concern is to stall so that the population can be made extinct before the resolution passes, reads a lot more like the Friends edition of Pinocchio, than the original by Carlo Collodi, where we see the conscience that is Jiminy Cricket.

So as we see the beginning of the same slow train in Yemen, I have to wonder if creating a new version of Pinocchio with Yemini Cricket is the way to go. It educates politicians as well as bring some hard needed cash towards Hollywood (or Bollywood).

So why is this different?

To one degree it is not, towards the other degree it is very much so. The problem is that both Syria and Yemen could be on the same page, no degrees of separation. In this case there are two at least. You see, Yemen has limited ties to Russia, making it less complicated, what is the issue is that the Houthi’s are actively shooting missiles at the US Navy complicating matters a lot more. It only takes one direct hit, and Yemen would technically be in a state of war with the US. Now, normally, a bankrupt nation is not that much a bother, but Yemen is not an economic or military superpower, so going against America sounds like a PR approach to get them ‘involved’. What is an issue is that Yemen, the neighbour of Saudi Arabia could get lucky at some point, what happens after the hit will be an issue, because Americans tend to get cranky when you successfully blow up something American. Interesting is that there are now multiple sources claiming that Iran is now moving towards the Red sea. An interesting story as the Red sea is on the other side of the Persian Gulf and Iranian war ships have no actual business there (which could also apply to the Americans). The question becomes how is Saudi placed into all this? Here there are issues too. There is no stating if there is even any link but the changes and the Attention that members of the Saudi government are drawing attention to themselves become a factor (speculation from my side).

One part is from the Australian Financial Review (at http://www.afr.com/news/world/middle-east/saudi-prince-mohammed-bin-salmans-shatters-decades-of-tradition-20161017-gs3yt5), where we see the title ‘Saudi Prince Mohammed bin Salman’s shatters decades of tradition‘, is not giving us the ‘goods’. The first quote is “He has slashed the state budget, frozen government contracts and reduced the pay of civil employees, all part of drastic austerity measures as the Kingdom of Saudi Arabia is buffeted by low oil prices“, which would be quite acceptable in one view, at least it appears that one government in this world is dealing with its budget issues, although not in the most ‘desirable’ way, when a nation is so dependent on oil, there might not be too many options. The second quote is “While vacationing in the south of France, Prince Mohammed spotted a 134-metre yacht. He dispatched an aide to buy the ship, the Serene, then owned by Russian vodka tycoon Yuri Shefler. The deal was done within hours, at a price of approximately €500 million (roughly $720 million today)“, which implies the opposite. The question is not the cut-backs or spending spree, the issue is neither quote, it is the quote I will give now “Many young Saudis admire him as an energetic representative of their generation who has addressed some of the country’s problems with uncommon bluntness. The kingdom’s media have built his image as a hardworking, businesslike leader less concerned than his predecessors with the trappings of royalty” as well as “Others see him as a power-hungry upstart who is risking instability by changing too much, too fast“. So is the prince a go-getter or power-hungry? I cannot tell as this is all based on third degree of information, what matters is how the view and the actions will reflect the counteractions of the US and Iran in regard to Yemen. The moment the conflict results in a direct attack on Saudi grounds, what then? Iranian warships in the Red Sea would only complicate that, making a harsh response from the Saudi Military even more destabilising.

In my view there are two sides within Saudi Arabia, yet how they should be seen is another matter. I do not claim to have a proper view. I have questions. You see Mecca is an Islamic Holy city (the most important one) and it is part of Saudi Arabia, so as Saudi Arabia is the caretaker of this holy site, the involvement if Iran is more than just a small issue. Whatever they decide to escalate could have large repercussions all over the Middle East. The Sovereign State of Saudi Arabia has every right to defend it in every way possible, so Saudi Prince Mohammed bin Salman is also Minister of Defence and the youngest one in the world, which as a stat sounds nice, yet it also means that in light of other decisions, he is ready to do that what the US has been unable to do, declare war on its enemy by actually acting against them! Not that the US needed to declare war, but in light of Syria, doing anything actively would have been nice, an absence of resolution that His Royal Highness Mohammad bin Salman Al Saud is less likely to show.

What is a problem is the fact that the complications are more and more likely as days go by and that is the one spark that this powder keg does not need. Iran cannot be denied access to international waters, which will not lessen the impact. One of the elements in all this is seen in the second quote regarding the ‘power hungry’ side of it. You see, the AFR article is also mentioning “Mohammed bin Nayef, the interior minister and longtime counter-terrorism czar“, which is now an element in all this. You see, whatever happens next is all surrounding the need for intelligence. So whatever issues there are between His Royal Highness Muhammad bin Nayef bin Abdulaziz Al Saud and His Royal Highness Mohammad bin Salman Al Saud gives wake to the Disney sequel, a tale of two princes. A new approach to the classic Dickens story where the plight of two members of the Royal family of Al Saud are protecting the Sovereign state of Saudi Arabia as well as the safety and security of all Muslims that are in and nearby Mecca. Even as the papers are expecting a ceasefire, the issue is that stalling is equally a tactic here. There is no way of telling why Iran is involving its warships in that region, other than trying to complicate matters and demanding a seat at the table of decision, which would only change the time table in the worst of ways. What the Deutsche Welle did give was the quote “the Saudi-led coalition has blamed an airstrike that killed over 140 people at a funeral ceremony in Yemen on “erroneous information” received from a “party” affiliated with the country’s embattled government“, it matters, because it gives light to the essential issue that the two princes need to rely on quality intelligence, sources that can be scrutinised. And in this matter, mentioning the yacht was to iterate that spending that money on a satellite over the area might not have been the worst personal idea I am having. And let’s face it, any prince that can claim that he has his own satellite wins the discussion with any other prince relying on yacht and status. So many have a yacht, but how many of these rich individuals (very wealthy people in general) would own their own satellite? Especially if it becomes a source of intelligence.

Of course there is a lot more to owning one’s own satellite, but I hope we can all agree that intelligence will be key in whatever escalates over the next week. My issue is that too many players have their own agenda, yet would those agenda’s be truly 100% be focussed on whatever is best for Yemen and/or Saudi Arabia? You see, oil prices are down now, but why and for how long? What happens when prices go through the roof again? What happens then? Suddenly all these political issues are all linked to the price of Oil and the profit it brings?

I do not claim to have these answers, but the fact that too many sources are not asking the questions that require asking is troubling, yet the AFR article gives us a lot more, even more than I bargained for, which is comforting to say the least. What becomes a matter of discussion is the one quote that shows the elements “People who have met Mohammed bin Salman said he insisted that Saudi Arabia must be more assertive in shaping events in the Middle East and confronting Iran’s influence in the region – whether in Yemen, Syria, Iraq or Lebanon“, giving the links that require addressing and the prince is not afraid to do just that, however it take two to dance rings around Iran and taking away its influence in the Middle East. As I see it, Riyadh will have to make changes to some degree. Counter-Intelligence will be key in dealing with Iran and the impression I get when I see a quote like “has deep ties to Washington and the support of many of the older royals” shows the speculative possibility of the older ‘let us see how this plays out‘ against the younger ‘let us get this party started through action‘. It is not about the balance, but about what works best. In that regard both princes might have to make changes a lot faster than they are comfortable with, because if the news is correct, the Iranian ships and submarines will soon be active in the Red Sea, but active to what extent is something that remains speculative, whatever they do, the fact that it includes Iranian submarine presence (as reported but not confirmed), will also raise tensions with Israel.

As I see it, the biggest issue is Iran and what they are trying to get out of it. Putting themselves in the middle of a conflict where they are now trying to imply that it is all about them (especially as they are in the Red Sea), yet is their presence less valid than that of the US? It seems to me that we are creating a new Vietnam, just not with the Russians involved (like Syria). So there are two solutions to consider. One is that the US is replaced by for example the Commonwealth, or France, which takes away the Iranian-US issues. That is, if Saudi Arabia would be willing to consider that move. No matter what, the navy that does that, could find themselves in an armed conflict with Iran, so it better be a competent and modern Navy which leaves not that many options. The Netherlands, the UK, France, South Korea and India. Giving the option to either South Korea or India would benefit, as Iran cannot spin some NATO link story. In addition Iran cannot afford to piss of too many additional nations as either could make short work of the ego of Iran as these navies decide to sink Iranian war vessels like rubber dinghies, because they pushed one button too many.

No matter what happens, Saudi Arabia must do what it can to keep safe and the Yemeni issue is one that tests many sides of those who see and witness it, because there is a dilemma in conscience. A revolution that got out of hand, a set government overthrown with its own agenda. When we see the Houthi’s slogan “God is great, death to the US, death to Israel, curse the Jews, and victory for Islam“, can we really show any kind of support or sympathy?

The most important part to realise is that we need to set aside our version of what is acceptable, we have seen the US and Europe at large impose their version of ‘civility’, whilst bending over, grabbing their ankles and let the financial industry quite literally get away with murder in many ways. We impose rules and expectations, whilst having no clue how to manage a budget or how to stem greed to the point of strangulation. In all this, we have given up the high ground in several fronts, so we are no lecturer with any level of confidence. It is my opinion, that the Middle East can only be decently governed by someone in the Middle East. I personally believe that Saudi Arabia should be at the centre of it, there is no doubt that it would beneficial that a coalition that would include Egypt, Jordan and the United Arab Emirates, but I am not knowledgeable enough to see whether it is just them, or that other players should be seriously considered. What does matter is that both General Intelligence Directorate (GID, aka Mukhabarat) and Jordanian General Intelligence Directorate would be important in ascertaining Iran’s hostile actions and if need be counter them. From my academic point of view is the challenge that the SIGNT of the three would pose to get one coherent reporting and analytical solution on Iranian intelligence. One that would definitely benefit all three nations. Yet perhaps that will evolve into a third Disney project, which could be the next big thing. It’s all just a thought, but think it over for yourself and ask yourself the question you did not hear voiced, this is important, because this stage could get ugly in a hurry and possibly before Christmas this year.

 

1 Comment

Filed under Media, Military, Politics, Religion

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

October 8, 2016 · 14:26

What did I say?

Last night I got a news push from the Washington Post. It took me more than a second to let the news sink in. You see, I have been advocating Common Cyber Sense for a while and apart from the odd General being ignorant beyond belief, I expected for the most that certain players in the SIGINT game would have their ducks in a row. Yet, the opposite seems to be true when we see ‘NSA contractor charged with stealing top secret data‘ (at https://www.washingtonpost.com/world/national-security/government-contractor-arrested-for-stealing-top-secret-data/2016/10/05/99eeb62a-8b19-11e6-875e-2c1bfe943b66_story.html), the evidence becomes blatantly obvious that matters in the SIGINT industry are nowhere near as acceptable as we think they are. The quote “Harold Thomas Martin III, 51, who did technology work for Booz Allen Hamilton, was charged with theft of government property and unauthorized removal and retention of classified materials, authorities said. According to two U.S. officials familiar with the case, he is suspected of “hoarding” classified materials going back as far as a decade in his house and car, and the recent leak of the hacking tools tipped investigators to what he was doing“, so between the lines we read that it took a mistake after a decade for the investigators to find out? No wonder the NSA is now afraid of the PLA Cyber Division!

In this light, not only do I get to tell you ‘I told you so‘, I need to show you a quote from July 1st 2013, where I wrote “So if we consider the digital version, and consider that most intelligence organisations use Security Enhanced Unix servers, then just accessing these documents without others knowing this is pretty much a ‘no no’. EVEN if he had access, there would be a log, and as such there is also a mention if that document was copied in any way. It is not impossible to get a hold of this, but with each document, his chance of getting caught grows quicker and quicker“, so I questioned elements of the Edward Snowden case, because my knowledge of Security Enhanced Unix servers, which is actually an NSA ‘invention’, now it seems to become more and more obvious that the NSA has no flipping clue what is going on their servers. They seem to be unaware of what gets moved and more important, if the NSA has any cloud coverage, there is with this new case enough doubt to voice the concern that the NSA has no quality control on its systems or who gets to see data, and with the involvement of a second Booz Allen Hamilton employee, the issue becomes, have they opened up the NSA systems for their opponents (the PLA Cyber division being the most likely candidate) to currently be in possession of a copy of all their data?

If you think I am exaggerating, then realise that two people syphoned off terabytes of data for the term of a decade, and even after Snowden became visible, Harold Thomas Martin III was able to continue this for an additional 3 years, giving ample worry that the NSA needs to be thoroughly sanitised. More important, the unique position the NSA had should now be considered a clear and present danger to the security of the United States. I think it is sad and not irony that the NSA became its own worst enemy.

This is seen not in just the fact that Harold Thomas Martin III moved top secret data home, whilst he was at work a mere FSB or PLA intern could just jimmy the front door and copy all the USB devices. So basically he was potentially giving away data on Extremely Low Frequency (ELF) systems, which would be nice for the PLA Cyber Unit(s), as they did not have the capacity to create this themselves. So whilst they were accused for allegedly trying to get a hold of data on the laptop of Commerce Secretary Carlos Gutierrez (2008), they possibly laughed as they were just climbing into a window and taking all day to copy all the sweet classified data in the land (presumption, not a given fact). So he in equal measure pissed off the US, India and Russia. What a lovely day that must have been. In that regard, the Affidavit of Special Agent Jeremy Bucalo almost reads like a ‘love story’. With statements like “knowingly converted to his own use, or the use of another, property of the United States valued in excess of $1,000“. Can we all agree that although essential and correct, the affidavit reads like a joke? I mean that with no disrespect to the FBI, or the Special agent. I meant that in regard to the required personal viewed text: “Harold Thomas Martin III, has knowingly and intentionally endangered the safety and security of the United States, by placing top secret information and its multi-billion dollar value in unmonitored locations“, I do feel that there is a truth in the quote “The FBI’s Behavioural Analysis Unit is working on a psychological assessment, officials said. “This definitely is different” from other leak cases, one U.S. official said. “That’s why it’s taking us awhile to figure it out.”“. It is my personal view that I agree with this, I agree because I think I speculatively figured out the puzzle. He was a reservist, Reserve Navy and a Lieutenant at 51. So the Navy might not see him as ‘full’ or ‘equal’, this might have been his way, to read these documents at night, knowing that they will never have this level of clearance for such an amount of Top Secret information. With every additional document he would feel more in par with Naval Captains and Admirals, he would feel above all the others and if there was ever a conversation with people who did know, he had the option to leave the slightest hint that he was on that level, perhaps stating that he was also an NSA contractor. He star would suddenly be high with Commanders and higher. It is a personal speculation into the mind of Harold Thomas Martin III.

When we look at 18 U.S. Code Chapter 115 – TREASON, SEDITION, AND SUBVERSIVE ACTIVITIES. We see at paragraph 2381 “Whoever, owing allegiance to the United States, levies war against them or adheres to their enemies, giving them aid and comfort within the United States or elsewhere, is guilty of treason and shall suffer death, or shall be imprisoned not less than five years and fined under this title but not less than $10,000; and shall be incapable of holding any office under the United States“, now if we see the following elements ‘giving them aid and comfort within the United States‘ and the other elements are clearly stated as ‘or’ a case of treason could be made. In my view a person like that was guilty of treason the moment Top Secret materials were removed or copied from there assigned location and without proper clearance moved to an unsecure location. As an IT person Harold Thomas Martin III should have known better, there is no case of presumption of innocence. The fact that I made a case that he might have a mental issues does not mitigate it in any way, to do this in excess of a decade and even more insidious to do this for years after Edward Snowden got found out is also matter of concern.

The NSA has a sizeable problem, not just because of these two individuals, but because their servers should have has a massive upgrade years ago, in addition, the fact that contractors got away with all this is in equal measure even more insulting to a failing NSA. I can only hope that GCHQ has its ducks properly in a row, because they have had 3 years to overhaul their system (so tempted to put an exclamation mark here). You see, we have all known that for pretty much all of us, our value is now data. No longer people, or technologies, but data and to see 2 cases at the NSA, what was once so secret that even the KGB remained clueless is now, what we should regard as a debatable place. This should really hurt in the hearts of those who have faithfully served its corridors in the past and even today. In addition, the issues raised around 2005 by the CIA and other agencies regarding the reliability of contractors is now a wide open field, because those opposing it and those blocking data integration are proven correctly.

This now gets us to a linked matter. You see, it is not just the fact that the government is trailing in this field, because that has been an eternal issue. The issue is that these systems, due to the likes of Harold Thomas Martin III and Edward Snowden could be in danger of intrusions by organised crime.

For those thinking that I am nuts (on the road to becoming a Mars bar), to them I need to raise the issue of USB security, an issue raised by Wired Magazine in 2014. The fact that the USB is not just used to get data out, if malware was added to the stick, if it was custom enough, many malware systems might not pick up on it and that means that whomever got into the house, they could have added software, so that on the next run to copy a project, the system might have been opened up to other events. There is no way to prove that this happened, yet the fact remains that this is possible and the additional fact that this was happening for over 10 years is equally disturbing, because it means that the NSA monitoring systems are inadequate to spot unauthorised activities. These elements have at present all been proven, so there.

I think it is time for TRUSIX to convene again and consider another path, a path where USB sticks get a very different formatting and that its embedded encryption require the user, the location and the hardware id to be encrypted within the stick, in addition the stocks need to work with a native encryption mode that does not allow off site usage. Perhaps this is already happening, yet it was possible for Judas tainted Highwayman Harold to walk away with the goods, so something is not working at present. I am amazed that a system like that was not in place for the longest of times. I certainly hope that Director Robert Hannigan at GCHQ has been convening with his technology directors. In addition that there are some from Oxford and some from Cambridge, so that their natural aversion to the other, will bring a more competitive product with higher quality, which would serve all of GCHQ. #JustSaying

The one part where this will have an impact is the election, because this has been happening during an entire Democratic administration, so that will look massively sloppy in the eyes of pretty much every one, too bad Benghazi emails were not left that much under the radar, because that could have helped the Clinton election campaign immensely. Still, there are technology and resource issues. The fact that Booz Allen Hamilton gets mentioned again is unfortunate, yet this should only be a partial focus as they have 22,000 employees, so statistically speaking the number of transgressions is in that regard insignificant. What is significant is how these two got vetted and passed all their clearances. In addition to this there is the issue of operation centres. You see, if there has been data breaches, have there been system breaches? The question derives directly from the fact that data was taken off site and there were no flags or alerts for a decade. So at this point the valid question becomes whether NSOC and NTOC have similar flaws, which now places US Homeland Security in speculated direct data dangers. My consideration in this regard came from earlier mentions in this article. If any US opponent has a clue in this regard, what would be the repercussions, in addition, the question (due to my admitted ignorance) would be, did Edward Snowden have any knowledge of Harold Thomas Martin III, if so, was this revealed in any conversation Snowden would have had with a member of the FSB (there is absolutely no doubt that they had a ‘conversation’ with Edward Snowden whilst he was in sunny Moscow. If so, what data dangers is Homeland Security facing? If data was copied, it is not impossible that data was moved. If that has happened, any data event with any specific flag?

Now the next example is purely fictional!

What if conditionally an <!important> (or whatever flag the NSA uses in their data sets) was added or removed? If it was used to give weight to certain data observations, like a cleaning pass, the pass would either be useless, or misdirecting. All possible just because Harold Thomas Martin III had to ‘satisfy’ his ego. This is not whether it happened or not, this is about whether it was possible, which would give added voice to the NSA issues in play and the reliability of data. This is a clear issue when we consider that false journalistic stories give way to doubt anything the journalist has written, any issue with a prosecutor and all those cases need reviewing, so do you think it is any different for IT people who have blatantly disregarded data security issues? This is not some Market Researcher who faked response data, this is collected data which would have been intervened with, endangering the people these systems should protect. As stated, this is speculative, but there is a reality in all this, so the NSA will need to sanitise data and sources from the last 10 years. There is no telling what they will dig up. For me it is interesting to see this regarding Snowden, because I had my issues with him and how he just got data away from there. Now there is a chance that the NSA gets to rename their servers to NSA_Siff_01 to NSA_Siff_nn, wouldn’t that be the rudest wake up call for them? I reckon they forgot the old rules, the one being that technology moves at the speed of your fastest employee + 1 and the human ego remain the most dangerous opponent when it involves security procedures.

 

 

Leave a comment

Filed under IT, Law, Media, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , ,

October 5, 2016 · 14:32

Viewpoint to a point of view

It all started at 04:00, Google started their announcement of Google Home (which blew me away and that is a rare thing) and Google Pixel, which instantly proved my telecom issues of mobile phones and memory. Shortly after that George Monbiot gave me ‘Lies, fearmongering and fables: that’s our democracy‘ (at https://www.theguardian.com/commentisfree/2016/oct/04/democracy-people-power-governments-policy). It is an excellent piece, because it made me ask questions of myself and how I saw things. I have never proclaimed to have all the answers, I give insights and I oppose other views without personally attacking them. You see, many disagreements are not always on the facts, but on the points of view, usually that view is laced in a perceived (non-)factual interpretation of what we observe. So let’s take a look.

You see, when we get to “Democracy for Realists, published earlier this year by the social science professors Christopher Achen and Larry Bartels, argues that the “folk theory of democracy” – the idea that citizens make coherent and intelligible policy decisions, on which governments then act – bears no relationship to how it really works. Or could ever work“, now, we can accept that, or we can consider another option without stating that this view was wrong, because it isn’t.

You see, this is what happens ‘citizens make coherent and intelligible policy decisions‘, which leads to ‘on which governments then act‘, yet the reality is that ‘coherent and intelligible policy decisions‘ tend to be made through the information given to us by the news and by the newspapers, yet too often they do not completely inform, they voice too often the point of view that a government (or benefiting party) wants us to see (or obscure). For example, the previous government of the Netherlands with their approach to ‘managed bad news‘. I wrote about those events in 2013 and 2014. Why what this happening? Well, I was clearly aware of a non-reality of their overly positive news on how commerce would improve, pretty much all the Dutch shared that sentiment and a real revelation would have meant harsh cutbacks, yet that government did not want to do that, so the Dutch were informed of overly positive news, and after the spending date, the NOS started to ‘release’ (read: voice) news regarding setbacks. Not all at once, but step by step by step. So what we perceive to be ‘intelligible’ is nothing more but a reaction to what should be regarded as ‘misinformation’. My defence here was that I foresaw the not so good economy. I (with no economic education) was off by 0.4% (too negative) and the economic experts on high incomes were off by 0.9% (too positive). I’ll let you decide this one!

The next quote is even better “In reality, the research summarised by Achen and Bartels suggests, most people possess almost no useful information about policies and their implications, have little desire to improve their state of knowledge, and have a deep aversion to political disagreement“, now, there is one part that is an absolute given in most occasions ‘most people possess almost no useful information about the implications of policies‘, that is one truth that is undeniable, even the more alert and aware people tend to miss things there, because, unless you are not part of it, you tend not to be fully in the know. It is almost a non-issue, yet the other part of policies is because getting a politician to sit down and explain it all is usually and equally a non-option, the more relevant info the politician has, the less likely it will be to find him available to explain it all. The best example would be the global collection of ministers of defence. Now, I am not talking about the hush hush stuff, because it would be a low and simple blow to get towards the classified stuff. No, I am talking about the large open things. So let’s state a NATO member, its Minister of Defence and Raytheon agreements. Some news now only 14 hours old (at http://www.army-technology.com/news/newsraytheon-to-upgrade-antpy-2-radars-with-gan-technology-5021950), seems to give NATO (initially just the US) with an advantage. So the quote from Dave Gulla who said: “GaN components have significant, proven advantages when compared to the previous generation GaAs technology“. Yet, when we take a look Patent US 6586778 B2, (at https://www.google.ch/patents/US6586778), we see “A gallium nitride layer is pendeoepitaxially grown on weak posts on a substrate that are configured to crack due to a thermal expansion coefficient mismatch between the substrate and the gallium nitride layer on the weak posts. Thus, upon cooling, at least some of the weak posts crack, to thereby relieve stress in the gallium nitride semiconductor layer. Accordingly, low defect density gallium nitride semiconductor layers may be produced. Moreover, the weak posts can allow relatively easy separation of the substrate from the gallium nitride semiconductor layer to provide a freestanding gallium nitride layer“. At this point I would initially state ‘Oops!’, yet that is not the issue, because there is a patent, means that there is a solution. The issue is not the fact that there is a solution, but that the solution is patented, in addition, we see an august article (at https://www.sciencedaily.com/releases/2016/08/160801093236.htm), which gives us the summary of “From 2020 the 5G mobile standard is aiming to transmit data rapidly and energy-efficiently. For that purpose researchers are developing new power amplifiers based on the semiconductor gallium nitride“. So now we have an old fashioned horse race, because did that Minister of Defence realise that Raytheon is relying on parts that will drive the costs through 5G needs sky high? So, we are a looking at something that has an optional growth opportunity of close to 50,000% (blatantly extremely speculative by yours truly), so how will that drive the prices? In the UK who will get the sharp component deal, those servicing 68 million mobile users, or that one ministry of Defence? #JustAsking

So here you see information in action. Moreover, from my point of view, it is speculative as well. My speculation is that the Gallium Nitride (GaN) will grow so fast in demand that it will drive up prices fast and near exponentially (and with that the margins they had). Is that speculation so far out of bounds? You only need to remember the 4G rush to know that I am right. And if the patent has any real impact until 2023 as conditional initial end date, then North Carolina State University could end up with both the Angels share and the Devils Cut, which is a nice deal to begin with (for them that is), yet for the rest, it will drive prices up fast and by a large amount. Was this considered and is my view right or wrong?

So this technology war is not over, not by a long shot.

Now this is just one instance, for one nation. And when we ignore classified materials, how many issues play in this alone and where have we not looked? Now, we cannot expect that all issues were dealt with in the initial approach, but when we see that these issues are now undertaken and there is no direct solution, how much higher will the cost be in the end? So, without these facts, would the other NATO members dump the Raytheon upgrade? Is the upgrade mandatory, or even perhaps, my point of view is wrong. The last one is still valid, yet in my defence, what happens when there is suddenly a shortage of something? Show me one instance when the price of the goods were not spiralling upwards. I remember the chip war and the memory bank war. In those days, those critters were on a day price, it was like buying a lobster for Pete’s sake (not the other Pete, because he is a Vegan).

Yet part of my views are seen in “Direct democracy – referendums and citizens’ initiatives – seems to produce even worse results. In the US initiatives are repeatedly used by multimillion-dollar lobby groups to achieve results that state legislatures won’t grant them. They tend to replace taxes with user fees, stymie the redistribution of wealth and degrade public services. Whether representative or direct, democracy comes to be owned by the elites“, Geoff deals with lobby groups, which is what I raised too, yet in my view, I looked at the (miss)-presented side and in the past, just a few days ago, I raised the incapability of tax reforms, all over Europe for that matter. It seems that taxation is a pox on both houses, this whilst both sides know it is essential, yet from 2013 onwards the US has done so much to utterly stop the essential overhaul from happening.

So, I loved the article because it showed for the most my point of view (as I have stated it for many months), from another viewpoint, which is always nice. An article that should wake us up not to the lack of Democracy, but to the realisation how democracy is shaping us all to no longer seek it and spearhead the presented needs straight into the direction that helps big business the most (for now). So did we elect the wrong politicians, or were we only given the media that made us choose the individual currently in charge? Here I now look towards the dozens of morning shows that ‘do’ the news on a local level, but sugar coat a massive part outside of those few minutes on the whole and half hour to push opinions and interpretation of events, ‘guiding’ us towards a choice we could have avoided. As media changed so fast, whilst we did not keep up, we saw our fenced pasture change into a maze of fences and no way to see where the exit is.

This democratic world reminds me of the wisdom seen on a card: “and God promised men that good and obedient wives would be found in all corners of the world…then he made the Earth round…and he laughed and laughed“, which reverberates here too, ‘as democracy reached all corners of the earth’, you get the idea!

 

Leave a comment

Filed under Finance, IT, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , ,

September 26, 2016 · 13:14

The name of the sponsor

The article that was in the Guardian on Friday, gives us a few issues. You see, I have been looking at several issues in the tech world and I overlooked this one (there is only so much reading that can be done in a 24 hour range and it is a big planet). You see the article ‘Yahoo faces questions after hack of half a billion accounts’ (at https://www.theguardian.com/technology/2016/sep/23/yahoo-questinos-hack-researchers) gives us the goods from the very beginning. The quote “Yahoo’s admission that the personal data of half a billion users has been stolen by “state-sponsored” hackers leaves pressing questions unanswered, according to security researchers“, is one I would go with ‘and the evidence?‘, which gives us all kinds of related connections. The quote “Jeremiah Grossman, head of security strategy at infosec firm SentinelOne, said: “While we know the information was stolen in late 2014, we don’t have any indication as to when Yahoo first learned about this breach. This is an important detail in the story.”” is only one of a few issues at the heart of the matter. You see, when we look at the issues that are the plague of these start-up firms (Yahoo and Sony), we should think that they are start-up firms or they are massively negligent. In both cases their routers allowed for the transfer of massive amounts of data. As they are the same size in start-up (sorry, sarcasm prevails), we need to wonder how a few hundred million packages fall between the cracks of vision of whatever security element their IT has. We could wait until someone states that there is no security on that level and the race is truly on then!

This whilst additional support as seen stated by Chris Hodson, EMEA chief information security officer at enterprise security firm Zscaler, when we read: ““With no technical details included in Yahoo’s report about how the data was exfiltrated, just that it was, it’s impossible to assess credibility of the ‘state sponsored’ claim“, a statement I agree, but in addition, I also wonder why we aren’t seeing any reference or initial response from the FBI that this was from North Korea. It fits the time frame doesn’t it? First a dry run on Yahoo and the actual heist was Sony. Or perhaps some players are figuring out that North Korea was never an element and that someone clever enough found a flaw and hit both Yahoo and Sony. The quote “both from the date of the hack, almost two years ago, and from the first appearance of the dumped data on the dark web almost two months ago where it was being sold by a user named “Peace of Mind””, the speculation comes to mind: ‘perhaps this person is the second owner and this person is reselling acquired data’, which would make sense in several capitalisic ways. The article also enlightens what I believe to be a callous approach to security: “The breach also highlights a strong problem with “security questions”, the common practice of letting users reset passwords by answering questions about their first house or mother’s maiden name. Yahoo did not encrypt all the security questions it stored, and so some are readable in plaintext. While it may be irritating to have to change a stolen password, it is somewhat worse to have to change a stolen mother’s maiden name.” The insensitive disregard is clear when the security question is not encrypted and mum’s maiden name is given in plain text, adding to the personal data the thieves borrowed (long-term). Now, we know that there are in these situations several questions, and not all are really about privacy sensitive based data (like a favourite pet), but consider the 2013 movie ‘Now You See Me‘ Consider the dialogue in the New Orleans Show scene:

Jack Wilder: How could we, Art? We don’t have your password.
Henley Reeves: We’d need access to information we could never get our hands on.
Daniel Atlas: Yes, security questions, for instance, like, I don’t know, your mother’s maiden name or the name of your first pet.
Merritt McKinney: Where would we get that information, Art? You certainly would never tell us.

A movie gives us the danger to our goods a year before this data is stolen and nobody presses the alarm bell? The only part that would be even funnier if this was a Sony movie, but no, it was Summit Entertainment who brought this gemstone! Now, we know that life is not a movie, yet the fact that this part is stored as plain text, perhaps not the best solution! In addition as IT developers tend to be lazy, how many other firms, especially those who are a lot smaller, how are they storing this data? Also in plain text?

You see, I have seen parts of this issue too often. Too many firms have no real grasp of non-repudiation and go through the motions so that they seem (read: present themselves) to be about security, yet not really security driven. Because if the client doesn’t want it (many are too lazy), they have opted for it and they are in the clear. Yet when we see that the security questions are in plain text, questions should be asked, very serious questions I might add!

There is one more side to all this, the Guardian raises it with: “what happens to the company’s multi-billion dollar merger with Verizon now? Kevin Cunningham, president and founder at identity company SailPoint, argues that the breach should already be priced in“, we then see the issues of thoroughness raised from Verizon, but in all this, the data theft does not makes sense. You see, if my speculation is true and “Peace of Mind” is the first sales iteration, was this ID the only customer? If so, how come that the sale took this long, the timeout between the event in 2014 and the optional sale a few months ago is weird, as accounts change so quickly, the power and value is in quick sales. To put it in perspective, selling the data to 10 people for a total of 5% of the value is safer then awaiting for one person getting 70% of the value 90 days later. This is a movers and shakers world, the 90 day person is a perhaps and these people are about the ‘cash now’. The market stall people! So in this an 800 day customer implies that there might have been ulterior reasons. Which one(s) I can only speculate on, and I prefer not to do that at present. Now, in that side, it is of course possible that this was ‘state-sponsored’ and it was sold on to keep the wolves at bay, but that too is speculation with absolutely no data to back the speculation up.

Verizon might have taken a calculated level of risk in acquiring Yahoo, yet if the data transgression was never divulged, would this be a case of fraud? The US has the “benefit of bargain” rule, so there could be a decent case of represented and actual value. In addition if we allow for Special damages from a legally recognizable injury to be held to be the cause of that injury, with the damage amounts to specificity. If the data theft would have been known, the value of the firm would have been a lot lower.

Unless this was clearly disclosed to Verizon (I actually do not know), Verizon might have a case, which would be disastrous for Yahoo.

If we consider the news from July at NBC (at http://www.cnbc.com/2016/07/25/verizon-to-acquire-yahoo.html), the setting is not just “Microsoft, Yahoo and AOL lag far behind and have lost market share“, there is no guarantee that those hit by the hack will remain in their Yahoo setting. Google has made it far too easy for people to switch over. The effort made in the past to transfer towards Google could inspire those people to switch to Google, import their mails and start with little or no loss at all. Which means that it is not impossible that Verizon after the merger remains a one digit digital marketing group, something I feel certain Verizon never counted on.

So where is this going?

There are two sides to this, not only is this about cyber security, or the lack thereof. The fact that Verizon has no unlimited data and those with Yahoo accounts who had them will now see their prices go up by a lot (when is this not about money?). Verizon has a 100GB shared option at $450 a month, which is beyond ridiculous. In Australia, iiNet (an excellent provider) offers 250GB for $60 a month and in the UK British Telecom offers a similar plan for no more than £21 a month (which is about $35), considering that BT is not the cheapest on the block, I have to wonder how Verizon will continue, when people have to switch, because their music apps (radio and so on) drain their data account at 6-8GB per day (a harsh lesson a friend of mine learned). Meaning that Verizon is actually a disservice to open internet and free speech. As I see it, free speech is only free if the listener isn’t charged for listening, or better stated, when certain solutions are locked to be not via Wi-Fi, meaning charged via bandwidth. So the accounts were one side, the amount of data breeches that we are seeing now (on both the Verizon and Yahoo side) imply that not only are they too expensive, they aren’t as secure as they are supposed to be and in addition, cyber laws are blatantly failing its victims. Having your data in plain text at $450 a month seems a little too unacceptable, merely because the odds to keep your fortune in Las Vegas tend to be better than this.

So now consider the sponsor, the people behind the screens on both the corporate and hacking side. So let’s take a look

Corporate

Here the need for security is essential, yet there is clear indication that those aware of spreadsheets (read: Board of Directors) are in equal measure naive and blatantly unaware that data security is essential and not the $99 version in this case. The cost of secure data is ignored and in many cases blatantly disregarded. The Yahoo case is inferior to the Verizon data transgressions that have been reported in this year alone. It is so nice to read on how the health industry is hit by organised crime, yet the amount of theft from their own systems is a lot less reported on. I find most amusing the text that the Verizon Data Breach Investigation Report shows: “Yes. Our vulnerability management solutions identify and fix architectural flaws in POS and other patientfacing systems“, “Yes. Our identity and access management solutions prevent the use of weak passwords, the main cause of data breaches in the healthcare industry” and “Yes. Our intrusion detection and threat-management solutions help detect and mitigate breaches more quickly, limiting the damage caused” (at http://www.verizonenterprise.com/resources/factsheet/fs_organized-crime-drives-data-theft-in-the-healthcare-industry_en_xg2.pdf), I reckon that a massive overhaul of their own systems has a slightly higher priority at present. In addition there is no information on how secure the Verizon Data Cloud is. It doesn’t matter who provides it (as I see it), and I reckon we see that iteration hit the news the moment we learn that the UK Ministry of Defence Cloud gets tweaked to another server that is not under their control. It is important to realise that I am NOT scaremongering, the issue is that too many players have kept the people and corporations in the dark regarding monitoring options, intrusion detection and countermeasures, with the cloud, any successful intrusion has the real danger that the data hack is more complete and a lot larger in data loss. Moreover, Microsoft and Microsoft employees have one priority, Microsoft! Consider that any Microsoft employee might not be as forthcoming with Cyber transgressions, no matter what agreed upon. After the agreement, any internal memo could sidestep a reportable transgression. It is a reality of corporate life. In this, until the proper military staff members get trained, the Ministry of Defence (read: as well as GCHQ to some extent) will be catching up through near inhumane levels of required training, which gets the Ministry burnout issues soon enough.

Hackers

No matter how small, these attacks (yes plural) required serious hardware and access to tools that are not readily available. So whomever involved, they are either organised crime, or people connected to people with serious cash. This all gets us a different picture. I am not stating that some hackers work for reasons other than ideological. The rent in mum’s basement and hardware needs to be paid for, if not that, than the electricity bill that will be in excess of $130 a month. It might be trivial to mention, yet these little things add up. Hardware, electricity, storage, it gives the rising need of a sponsor for these hackers. There is no way to tell whether this is ideological (to show it can be done), technological (selling the flaws back to the makers of the solution), or criminal (to sell the acquired data to a competitor or exploiter). We can assume or speculate, but in reality, without additional evidence it is merely a waste of words.

So even if we know the name of the sponsor, this hopefully shows that the need to divulging information on data transgression has been way too light. In the past there was a ‘clarity’ that it was onto the firm to give out, but as they seemingly see it as a hazard to their wealth, too many victims are kept in the dark and as such, the financial danger to those victims is rising in an unbalanced way. If you would doubt my words, consider the article at http://www.geek.com/games/sony-psn-hack-is-only-the-4th-largest-data-breach-of-all-time-1390855/, which was set in June 2009. Geek is not the news cycle you might desire, but the summary is fine and confirmable. The hack to the Heartland Payment Systems January 20th, 2009 might be one of the more serious ones, the 130 million records was more complete and could have a more devastating effect on the US population then most others. From my point of view, a massive shift to proactive data security should have been law no later than 2010, I think that we can safely say that this never happened to the extent required, which is another nice failure of the political parties at large and as such, this could get a lot uglier soon enough. The article also shows a massive Sony failing as there have been 6 large breaches in 2011 alone, so the Sony hack of 2012 shows to be a continuing story of a digital firm who cannot get their act together. That was never in question, in combination with the latest revelations, there is the added pressures that this cannot be allowed to continue and these firms need to start being held criminally negligible for transgressions on their systems. Just like in torts regarding trespass, it should be actionable perse. In addition, the hackers should be held in that same way, with the bounty changed to no less than double digit jail with no option for parole. The mere realisation that there is a high price for these transgressions might be the only way to stop this and in this age should not be a distinguishing factor, so any teenager hoping for an adventure with a nice pay package could end up not getting laid until they turn 30. The last part is unlikely to be a reality ever, but the fact that this is where we should have been going needs to be stated, for the mere reason that a shown failure of nearly a decade is no longer an option to ignore, not when the stakes are getting to be this high.

Leave a comment

Filed under IT, Law, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , ,

September 24, 2016 · 14:51

Room for Requirement

I looked at a few issues 3 days ago. I voiced them in my blog ‘The Right Tone‘ (at https://lawlordtobe.com/2016/09/21/the-right-tone/), one day later we see ‘MI6 to recruit hundreds more staff in response to digital technology‘ (at https://www.theguardian.com/uk-news/2016/sep/21/mi6-recruit-digital-internet-social-media), what is interesting here is the quote “The information revolution fundamentally changes our operating environment. In five years’ time there will be two sorts of intelligence services: those that understand this fact and have prospered, and those that don’t and haven’t. And I’m determined that MI6 will be in the former category“, now compare it to the statement I had made one day earlier “The intelligence community needs a new kind of technological solution that is set on a different premise. Not just who is possibly guilty, but the ability of aggregation of data flags, where not to waste resources“, which is just one of many sides needed. Alex Younger also said: “Our opponents, who are unconstrained by conditions of lawfulness or proportionality, can use these capabilities to gain increasing visibility of our activities which means that we have to completely change the way that we do stuff”, I reckon the American expression: ‘He ain’t whistling Dixie‘ applies.

You see, the issue goes deeper than mere approach, the issue at hand is technology. The technology needs to change and the way data is handled requires evolution. I have been in the data field since the late 80’s and this field hasn’t changed too much. Let’s face it, parsing data is not a field that has seen too much evolving, for the mere reason that parsing is parsing and that is all about speed. So to put it on a different vehicle. We are entering an age where the intelligence community is about the haulage of data, yet in all this, it is the container itself that grows whilst the haulage is on route. So we need to find alternative matters to deal with the container content whilst on route.

Consider the data premise: ‘If data that needs processing grows by 500 man years of work on a daily basis‘, we have to either process smarter, create a more solutions to process, be smarter on what and how to process, or change the premise of time. Now let’s take another look. For this let’s take a look at a game, the game ‘No Man’s Sky’. This is not about gaming, but about the design. For decades games were drawn and loaded. A map, with its data map (quite literally so). Usually the largest part of the entire game. 11 people decided to use a formula to procedurally generate 18 quintillion planets. They created a formula to map the universe with planets, planet sized. This has never been done before! This is an important part. He turned it all around and moreover, he is sitting on a solution that is worth millions, it could even be worth billions. The reason to use this example is because games are usually the first field where the edge of hardware options are surpassed, broken and redesigned (and there is more at the end of this article). Issues that require addressing in the data field too.

Yet what approach would work?

That is pretty much the ‎£1 billion question. Consider the following situation: Data is being collected non-stop, minute by minute. Set into all kinds of data repositories. Now let’s have a fictive case. The chatter gives that in 72 hours an attack will take place, somewhere in the UK. It gives us the premise:

  1. Who
  2. Where
  3. How

Now consider the data. If we have all the phone records, who has been contacting who, through what methods and when? You see, it isn’t about the data, it is about linking collections from different sources and finding the right needle, that whilst the location, shape and size of the haystack are an unknown. Now, let’s say that the terrorist was really stupid and that number is known. So now we have to get a list of all the numbers that this phone had dialled. Then we get the task of linking the information on these people (when they are not pre-paid or burner phones). Next is the task of getting a profile, contacts, places, and other information. The list goes on and the complexity isn’t just the data, the fact that actual terrorists are not dumb and usually massively paranoid, so there is a limit to the data available.

Now what if this was not reactive, but proactive?

What if the data from all the sources could be linked? Social media, e-mail, connections, forums and that is just the directly stored data. When we add mobile devices, Smartphones, tablets and laptops, there is a massive amount of additional data that becomes available and the amount of data from those sources are growing at an alarming rate. The challenge is to correctly link the data from sources, with added data sources that contain aggregated data. So, how do you connect these different sources? I am not talking about the usage, it is about the impaired data on different foundations with no way to tell whether pairing leads to anything. For this I need to head towards a 2012 article by Hsinchun Chen (attached at end), Apart from the clarity that we see in the BI&A overview (Evolution, Application and Emerging Research), the interesting part that even when we just look at it from a BI point of view, we see two paths missing. That is, they seem to be missing now, if we look back to 2010-2011, the fact that Google and Apple grew a market in excess of 100% quarter on quarter was not to be anticipated to that degree. The image on page 1167 has Big Data Analytics and Mobile Analytics, yet Predictive Interactivity and Mobile Predictive Analytics were not part of the map, even though the growth of Predictive Analytics have been part of BI from 2005 onwards. Just in case you were wondering, I did not change subject, the software need that part of the Intelligence world uses comes from the business part. A company usually sees a lot more business from 23 million global companies than it gets from 23 intelligence agencies. The BI part is often much easier to see and track whilst both needs are served. We see a shift of it all when we look at the table on page 1169. BI&A 3.0 now gets us the Gartner Hype Cycle with the Key Characteristics:

  1. Location-aware analysis
  2. Person-centred analysis
  3. Context-relevant analysis
  4. Mobile visualization & HCI

This is where we see the jump when we relate to places like Palantir that is now in the weeds prepping for war. Tech Crunch (at https://techcrunch.com/2016/06/24/why-a-palantir-ipo-might-not-be-far-off/) mentioned in June that it had taken certain steps and had been preparing for an IPO. I cannot say how deep that part was, yet when we line up a few parts we see an incomplete story. The headline in July was: ‘Palantir sues investor Marc Abramowitz for allegedly stealing company secrets‘, I think the story goes a little further than that. It is my personal belief that Palantir has figured something out. That part was seen 3 days ago (at http://www.defensenews.com/articles/dcgs-commentary), the two quotes that matter are “The Army’s Distributed Common Ground System (DCGS) is proof of this fact. For the better part of the last decade, the Army has struggled to build DCGS from the ground up as the primary intelligence tool for soldiers on the battlefield. As an overarching enterprise, DCGS is a legitimate and worthwhile endeavour, intended to compute and store massive amounts of data and deliver information in real time“, which gives us (actually just you the reader) the background, whilst “What the Army has created, although well-intentioned, is a sluggish system that is difficult to use, layered with complications and unable to sustain the constant demands of intelligence analysts and soldiers in combat. The cost to taxpayers has been approximated at $4 billion“, gives us the realistic scope and that all links back to the Intelligence Community. I think that someone at Palantir has worked out a few complications making their product the one winning solution. When I started to look into the matter, some parts did not make sense, even if we take the third statement (which I was already aware of long before this year “In legal testimony, an Army official acknowledged giving a reporter a “negative” and “not scientific” document about Palantir’s capabilities that was written by a staff member but formatted to appear like a report from the International Security Assistance Force. That same official stated that the document was not based on scientific data“, it would not have added up. What does add up (remember, the next part is speculative), the data links required in the beginning of the article, have to a larger extent been resolved by the Palantir engineers. In its foundation, what the journal refers to as BI&A 3.0 has been resolved by Palantir (top some extent). If true, we will get a massive market shift. To make a comparison, Google Analytics might be regarded as MSDOS and this new solution makes Palantir the new SE-Linux edition, the difference on this element could be that big. The difference would be that great. And I can tell you that Google Analytics is big. Palantir got the puzzle piece making its value go up with billions. They could raise their value from 20 billion to 60-80 billion, because IBM has never worked out that part of analytics (whatever they claim to have is utterly inferior) and Google does have a mobile analytics part, but limited merely as it is for a very different market. There have always been issues with the DCGS-A system (apart from it being as cumbersome as a 1990 SAS mainframe edition), so it seems to me that Palantir could not make the deeper jump into government contracts until it got the proper references and showing it was intentionally kept out of the loop is also evidence that could help. That part was recently confirmed by US Defense News.

In addition there is the acceptance of Palantir Gotham, which offered 30% more work with the same staff levels and Palantir apparantly delivered, which is a massive point that the Intelligence groups are dealing with, the lack of resources. The job has allowed NY City to crack down on illegal AirBnB rentals. A task that requires to connect multiple systems and data that was never designed to link together. This now gets us to the part that matters, the implication is that the Gotham Core would allow for dealing with the Digital data groups like Tablet, mobile and streaming data from internet sites.

When we combine the information (still making it highly speculative) the fact that one Congressman crossed the bridge (Duncan Hunter R-CA), many could follow. That part matters as Palantir can only grow the solution if it is seen as the serious solution within the US government. The alleged false statements the army made (as seen in Defence News at http://www.defensenews.com/articles/dcgs-commentary) with I personally believe was done to keep in the shadows that DCGS-A was not the big success some claimed it to be, will impact it all.

And this now links to the mentions I made with the Academic paper when we look at page 1174, regarding the Emerging Research for Mobile Analytics. The options:

  1. Mobile Pervasive Apps
  2. Mobile Sensing Apps
  3. Mobile Social Networking
  4. Mobile Visualization/HCI
  5. Personalization and Behavioural Modelling

Parts that are a given, and the big players have some sort of top line reporting, but if I am correct and it is indeed the case that Palantir has figured a few things out, they are now sitting on the mother lode, because there is currently nothing that can do any of it anywhere close to real-time. Should this be true, Palantir would end being the only player in town in that field, an advantage corporations haven’t had to this extent since the late 80’s. The approach SPSS used to have before they decided to cater to the smallest iteration of ‘acceptable’ and now as IBM Statistics, they really haven’t moved forward that much.

Now let’s face it, these are all consumer solutions, yet Palantir has a finance option which is now interesting as Intelligence Online reported a little over a week ago: “The joint venture between Palantir and Credit Suisse has hired a number of former interception and financial intelligence officials“, meaning that the financial intelligence industry is getting its own hunters to deal with, if any of those greedy jackals have been getting there deals via their iPhone, they will be lighting up like a Christmas tree on those data sets. So in 2017, the finance/business section of newspapers should be fun to watch!

The fact that those other players are now getting a new threat with actual working solutions should hurt plenty too, especially in the lost revenue section of their spreadsheet.

In final part, why did I make the No Man’s Sky reference? You see, that is part of it all. As stated earlier, it used a formula to create a planet sized planet. Which is one side of the equation. Yet, the algorithm could be reversed. There is nothing stopping the makers to scan a map and get us a formula that creates that map. For the gaming industry it would be forth a fortune. However, that application could go a lot further. What if the Geospatial Data is not a fictive map, but an actual one? What if one of the trees are not trees but mobile users and the other type of trees are networking nodes? It would be the first move of setting Geospatial Data in a framework of personalised behavioural modelling against a predictive framework. Now, there is no way that we know where the person would go, yet this would be a massive first step in answering ‘who not to look for‘ and ‘where not to look‘, diminishing a resource drain to say the least.

It would be a game changer for non-gamers!

special_issue_business_intelligence_rese

 

Leave a comment

Filed under Finance, IT, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , ,

September 22, 2016 · 12:18

Targeting the FBI

Do not worry, the FBI is not under attack from any hostile force, in this particular case it is me who will be on the offensive regarding statements made in 2014. Let me explain why. To get to the start of this event, we need to take a step back, to be a little more precise we need to turn to the moment 645 days ago when we read that Sony got hacked, it got hacked by none other than North Korea. It took me around an hour to stop laughing, the stomach cramps from laughter are still on my mind when I think back to that day. By the way, apart from me having degrees in this field. People a lot more trustworthy in this field, like Kim Zetter for Wired Magazine and Kurt Stammberger from cyber security firm Norse. The list of sceptics as well as prominent names from the actual hacking world, they all had issues with the statements.

We had quotes from FBI Director James Comey on how tightly internet access is controlled there (which is actually true), and (at https://www.fbi.gov/news/pressrel/press-releases/update-on-sony-investigation) we see “the FBI now has enough information to conclude that the North Korean government is responsible for these actions“. I am pretty sure that the FBI did not expect that this would bite them down the track. This all whilst they rejected the alternate hack theory that Cyber Intelligence firm Norse gave (at http://www.politico.com/story/2014/12/fbi-rejects-alternate-sony-hack-theory-113893). Weirdly enough, the alternative option was no less than ten times more possible then the claim that some made. Another claim to have a giggle at came from Homeland Security, the quote was “The cyber-attack against Sony Pictures Entertainment was not just an attack against a company and its employees. It was also an attack on our freedom of expression and way of life“, which is a political statement that actually does not say much. The person making it at the time was Jeh Johnson.

You see, this is all coming to light now for the weirdest of reasons. The Guardian (at https://www.theguardian.com/world/2016/sep/21/north-korea-only-28-websites-leak-official-data). The subtitle gives us “Apparent error by a regime tech worker gave the world a rare glimpse into the few online sources of information available“, so one of these high profile worldly infamous hackers got a setting wrong and we get “But its own contribution to the world wide web is tiny, according to a leak that revealed the country has just 28 registered domains. The revelation came after one of North Korea’s top-level name servers was incorrectly configured to reveal a list of all the domain names under the domain .kp“, you see, here we see part of the fun that will now escalate.

In this I invite NSA director Admiral Michael Rogers and FBI Director James Comey to read this, take note, because it is a free lesson in IT (to some extent). It is also a note for these two to investigate what talents their agencies actually have and to get rid of those who are kissing your sitting area for political reasons (which is always good policy). When  the accused nation has 28 websites, it is, I agree not an indication of other internet elements, but let me add to this.

The need to prototype and test any kind of malware and the infrastructure that could actually be used against the likes of Sony might be routed via North-Korea, but could never originate there. The fact that your boffins can’t tell the difference is a clear given that the cyber branch of your organisations are not up to scrap. In that case it is now imperative that you both contact Major General Christopher P. Weggeman, who is the Commander, 24th Air Force and Commander, Air Forces Cyber (AFCYBER). He should most likely be at Lackland Air Force Base, and the phone number of the base is (210) 671-1110. I reckon setting up a lunch meeting and learn a thing or two is not entirely unneeded. This is not me being sarcastic, this is me telling you two that the case was mishandled, got botched and now that due to North Korean ‘expertise’, plenty of people will be asking questions. The time requirement to get the data that got taken was not something that happened overnight. For the simple reason that that much data would have lit up an internet backbone and ever log alarm would have been ringing. The statement that the FBI made “it was unlikely that a third party had hijacked these addresses without allowance from the North Korean government” was laughable because of those pictures where we saw the Korean high-command behind a desktop system with a North Korean President sitting behind what is a mere desktop that has the computation equivalent of a Cuisena Egg Beater ($19.95 at Kitchen Warehouse).

Now, in opposition, I sit myself against me. You see, this might just be a rant, especially without clarification. All those North Korean images could just be misdirection. You see, to pull of the Sony caper you need stimulation, like a student would get at places like MIT, Stanford, or UTS. Peers challenging his solutions and blocking success, making that person come up with smarter solutions. Plenty of nations have hardware and challenging people and equipment that could offer it, but North Korea does not have any of that. The entire visibility as you would see from those 28 domains would have required to be of much higher sophistication. You see, for a hacker, there needs to be a level of sophistication that is begotten from challenge and experience. North Korea has none of that. Evidence of that was seen a few years ago when in 2012 in Pyongyang I believe, a press bus took a wrong turn. When some reporters mentioned on how a North Korean (military I believe) had no clue on smartphones. I remember seeing it on the Dutch NOS News program. The level of interaction and ignorance within a military structure could not be maintained as such the military would have had a clue to a better extent. The ignorance shown was not feigned or played, meaning that a technological level was missing, the fact that a domain setting was missed also means that certain monitoring solutions were not in place, alerting those who needed to on the wrongful domain settings, which is essential in regards to the entire hacking side. The fact that Reddit and several others have screenshots to the degree they have is another question mark in all this last but not least to those who prototype hacking solutions, as they need serious bandwidth to test how invisible they are (especially regarding streaming of Terabytes of Sony data), all these issues are surfacing from this mere article that the Guardian might have placed for entertainment value to news, but it shows that December 2014 is a very different story. Not only does it have the ability to exonerate the

We see a final quote from Martyn Williams, who runs the North Korea Tech blog ““It’s important to note this isn’t the domain name system for the internal intranet,” Williams wrote. “That isn’t accessible from the internet in any way.”” which is true to some extent. In that case take a look to the PDF (at https://www.blackhat.com/presentations/bh-usa-07/Grossman/Whitepaper/bh-usa-07-grossman-WP.pdf) from WhiteHat security. On page 4 we get “By simply selecting common net-block, scans of an entire Class-C range can be completed in less than 60 seconds“, yes, I agree you do not get that much info from that, but it gives us to some extent usage, you see, if something as simple as a domain setting is wrong, there is a massive chance that more obscure essential settings on intranet level have been missed, giving the ‘visitor’ options to a lot more information than most would expect. Another matter that the press missed (a few times), no matter how Time stated that the world was watching (at http://time.com/3660757/nsa-michael-rogers-sony-hack/), data needs to get from point to point, usually via a router, so the routers before it gets to North Korea, what were those addresses, how much data got ported through?

You see, the overreaction from the FBI, Homeland Security, NSA et al was overly visible. The political statements were so out in the open, so strong, that I always wondered: what else? You see, as I see it, Sony was either not the only one who got hacked, or Sony lost something else. The fact that in January 2015 Sony gave the following statement “Sony Entertainment is unable to confirm that hackers have been eradicated from its computer systems more than a month after the film studio was hit by a debilitating cyber-attack, a report says“, I mentioned it in my article ‘Slander versus Speculation‘ (at https://lawlordtobe.com/2015/01/03/slander-versus-speculation/). I thought it was the weirdest of statements. Basically, they had almost 3 weeks to set up a new server, to monitor all data traffic, giving indication that not only a weird way was used to get to the data (I speculated on an option that required it to be an inside job), yet more important, the fact that access had not been identified, meaning it was secured gave way to the issue that the hackers could have had access to more than just what was published. That requires a little bit more explanation. You see, as I personally see it, to know a transgressor we need to look at an oversimplified equation: ‘access = valid people + valid systems + threats‘ if threats cannot be identified, the issue could be that more than one element is missing, so either you know all the access, you know all the people and you know the identity of valid systems. Now at a place like Sony it is not that simple, but the elements remain the same. Only when more than one element cannot be measured do you get the threats to be a true unknown. That is at play then and it is still now. So if servers were compromised, Sony would need a better monitoring system. It’s my personal belief (and highly speculative) that Sony, like many other large companies have been cutting corners so certain checks and balances are not there, which makes a little sense in case of Sony with all those new expansions corners were possibly cut and at that point it had an IT department missing a roadmap, meaning the issue is really more complex (especially for Sony) because systems are not aligned. Perhaps that is the issue Sony had (again this is me speculating on it)?

What is now an issue is that North Korea is showing exactly as incapable as I thought it was and there is a score of Cyber specialists, many of them a lot bigger then I will ever become stating the same. I am not convinced it was that simple to begin with, for one, the amount of questions the press and others should have been asking regarding cloud security is one that I missed reading about and certain governmental parts in the US and other nations have been pushing for this cheaper solution, the issue being that it was not as secure as it needed to be, yet the expert levels were not on par so plenty of data would have been in danger of breaching. The question I had then and have now a lot louder is: “Perhaps Sony showed that cloud server data is even less secure than imagined and the level required to get to it is not as high as important stakeholders would need it to be“. That is now truly a question that matters! Because if there is any truth to that speculation, than the question becomes how secure is your personal data an how unaware are the system controllers of those cloud servers? The question not asked and it might have been resolved over the last 645 days, yet if data was in danger, who has had access and should the people have been allowed to remain unaware, especially if it is not the government who gained access?

Questions all worthy of answers, but in light of ‘statements made’ who can be trusted to get the people properly informed? Over the next days as we see how one element (the 28 sites) give more and more credible views on how North Korea was never the culprit, the question then becomes: who was? I reckon that if the likely candidates (China, Russia, UK and France) are considered there might not be an issue at all, apart from the fact that Sony needs to up their Cyber game, but if organised crime got access, what else have they gotten access to?

It is a speculative question and a valid one, for the mere reason that there is at present no valid indication that the FBI cyber unit had a decent idea, especially in light of the official response towards cyber security firm Norse what was going on.

Could I be wrong?

That remains a valid question. Even when we accept that the number of websites are no indication of Intranet or cybersecurity skills, they are indicative, when a nation has less websites than some third world villages, or their schools have. It is time to ask a few very serious questions, because skills only remain so through training and the infrastructure to test and to train incursions on a WAN of a Fortune 500 company is not an option, even if that person has his or her own Cray system to crunch codes. It didn’t make sense then and with yesterday’s revelation, it makes even less sense.

Finally one more speculation for the giggle within us all. This entire exercise could have been done to prevent ‘the Interview’ to become a complete flop. You know that movie that ran in the US in 581 theatres and made globally $11,305,175 (source: Box Office Mojo), basically about 10% of what Wolf of Wall Street made domestically.

What do you think?

 

Leave a comment

Filed under IT, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

September 21, 2016 · 11:17

The Right Tone

Today we do not look at Ahmad Khan Rahami, we look at the engine behind it. First of all, let’s get ugly for a second. If you are an American, if you think that Edward Snowden was a ‘righteous dude’, than you are just as guilty as Ahmad Khan Rahami injuring 29 people. Let’s explain that to those who did not get through life through logic. You see, the US (read: NSA) needed to find ways to find extremists. This is because 9/11 taught them the hard way that certain support mechanisms were already in place for these people in the United States. The US government needed a much better warning system. PRISM might have been one of these systems. You see, that part is seen in the Guardian (at https://www.theguardian.com/us-news/2016/sep/20/ahmad-khan-rahami-father-fbi-terrorism-bombing), the quote that is important here is “Some investigators believe the bombs resemble designs released on to the internet by al-Qaida’s Yemeni affiliate through its Inspire publication“, PRISM would be the expert tool to scan for anyone opening or accessing those files. Those who get certain messages and attachments from the uploading locations. To state it differently “the NSA can use these PRISM requests to target communications that were encrypted when they travelled across the internet backbone, to focus on stored data that telecommunication filtering systems discarded earlier“, so when a package is send through the internet and delivered, it gets ‘dropped’, meaning the file is no longer required. The important part is that it is not deleted, it is, if we use the old terms ‘erased’, this is not the same! When it is deleted it is removed, when it is erased, that space is set as ‘available’ and until something else gets placed there it is still there. An example you will understand is: ‘temporary internet files’. When you use your browser things get saved on your computer, smartphone, you name it. Until this is cleaned out, the system has that history and it can be recalled with the right tool at any given moment. PRISM allows to find the paths and the access, so this now relates to the bomber, because if correct, PRISM could see if he had actually gotten the information from Inspire magazine. If so, a possible lone wolf would have been found. Now, the system is more complex than that, so there are other path, but with PRISM in the open, criminals (especially terrorists) have gotten smarter and because PRISM is less effective, other means need to be found to find these people, which is a problem all by itself! This is why Edward Snowden is a traitor plain and simple! And every casualty is blood on his hands and on the hands of his supporters!

The right tone is about more than this, it is also about Ahmad Khan Rahami. You see, he would be a likely recruit for Islamic State and Al-Qaida, but the issue is that his profile is not clean, it is not the target recruit. You see, apart from his dad dobbing him in in 2014, he stands out too much. Lone wolves are like cutthroats. Until the deed is done, they tend to remain invisible (often remain invisible after the deed too). There is still a chance he allowed himself to be used as a tool, but the man could be in effect a slightly radicalised mental health case. You see, this person resembles the Australian Martin Place extremist more than the actual terrorists like we saw in Paris. I reckon that this is why he was not charged at present. For now he is charges with attempted murder (3 hours ago), yet not all answers have been found. You see, the quote “they had linked Rahami to Saturday’s bombing in Chelsea, another unexploded device found nearby, both constructed in pressure cookers packed with metallic fragmentation material. They also said he was believed to be linked to a pipe bomb that blew up in Seaside Park, New Jersey, on Saturday and explosive devices found in the town of Elizabeth on Sunday“, the proper people need to ascertain whether he is just the set-up, or a loser with two left hands. The FBI cannot work from the premise that they got lucky with a possible radicalised person with a 60% fail rate. If he is the start of actual lone wolves, PRISM should have been at the centre of finding these people that is if Snowden had not betrayed his nation. Now there is the real danger of additional casualties. I have always and still belief that a lot of Snowden did not add up, in many ways, most people with actual SE-LINUX knowledge would know that the amount of data did not make sense, unless the NSA totally screwed up its own security (on multiple levels), and that is just the server and monitoring architecture, yet I digress (again).

The big picture is not just the US, it is a global problem as France found out the hard way and new methods are needed to find people like that. The right tone is about keeping the innocent safe and optional victims protected from harm. The truth here is that eggs will be broken, because an omelette like this needs a multitude of ingredients and not to mention a fair amount of eggs. The right tone is however a lot harder than many would guess. You see, even if Man Haron Monis (Martin Place Sydney) and Ahmad Khan Rahami both could be regarded as mental health cases (Man more than Ahmad), the issue of lone wolf support does not go away. Ahmad got to Inspire magazine in some way. Can that be tracked by the FBI cyber division? It might be a little easier after the fact, so it becomes about backtracking, but wouldn’t it have been great to do this proactively? It will be a while until this is resolved to the satisfaction of law enforcement and then still the question becomes, was he alone? Did he have support? You see a lone wolf, a radicalised person does not grow from within. Such a person requires coaching and ‘guidance’. Answers need to be found and a multitude of people will need to play the right tune, to the right rhythm. The right tone is not just a mere consideration, in matters like these it is like a red wire through it all. It is about interconnectivity and it is always messy. There is no clear package of events, with cash receipts and fingerprints. It is not even a legal question regarding what was more likely than not. The right tone is also in growing concern an issue of resources. It isn’t just prioritisation, it is the danger that mental health cases drain the resources required to go after the actual direct threats. With the pressures of Russia and the US growing, the stalemate of a new cold war front works in favour of Islamic state and the lone wolves who are linked to someone, but not usually know who. The workload on this surpasses the power of a google centre and those peanut places tend to be really expensive, so resource requirements cannot be meet, so it becomes for us about a commonwealth partnership of availability which now brings local culture in play. The intelligence community needs a new kind of technological solution that is set on a different premise. Not just who is possibly guilty, but the ability of aggregation of data flags, where not to waste resources. For example, I have seen a copy of Inspire in the past, I have seen radicalised video (for the articles). I don’t mind being looked at, yet I hope they do not waste their time on me. I am not alone. There are thousands who through no intentional act become a person of investigative interest. You see, that is where pro-activity always had to be, who is possibly a threat to the lives of others? The technical ability to scrap possible threats at the earliest opportunity. Consider something like Missing Value Analyses. It is a technique to consider patterns. SPSS (now IBM Statistics) wrote this in its manual “The Missing Value Analysis option extends this power by giving you tools for discovering patterns of missing data that occur frequently in survey and other types of data and for dealing with data that contain missing values. Often in survey data, patterns become evident that will affect analysis. For example, you might find that people living in certain areas are reluctant to give their annual incomes, thus creating missing values in your data. If you leave these values out, are your statistical conclusions valid?” (Source: M.A. Hill, ‘SPSS Missing Value Analysis 7.5’, 1997). This is more to the point then you think. consider that premise, that we replace ‘people living in certain areas are reluctant to give their annual incomes’ with ‘people reading certain magazines are reluctant to admit they read it’. It sounds innocent enough when it is Playboy or penthouse (denied to have been read by roughly 87.4% of the male teenage population), but what happens when it is a magazine like Inspire, or Stormfront? It is not just about the radicalised, long term it must be about the facilitators and the guides to that. Because the flock is in the long term not the problem, the herder is and data and intelligence will get us to that person. The method of getting us there is however a lot less clear and due to a few people not comprehending what they were doing with their short sightedness, the image only became more complex. You see, the complexity is not just the ‘missing data’, it is that this is data that is set in a path, this entire equation becomes a lot more unclear (not complex) when the data is the result of omission and evasion. How the data became missing is a core attribute here. Statisticians like Hackman and Allison might have looked at it for the method of Business Intelligence, yet consider the following: “What if our data is missing but not at random? We must specify a model for the probability of missing data, which can be pretty challenging as it requires a good understanding of the data generating process. The Sample Selection Bias Model, by James Heckman, is a widely used method that you can apply in SAS using PROC QLIM (Heckman et al., 1998)“, this is not a regression where we look at missing income. We need to find the people who are tiptoeing on the net in ways to not get logged, or to get logged as someone else. That is the tough cookie that requires solutions that are currently incomplete or no longer working. And yes, all these issues would require to be addressed for lone wolves and mental cases alike. A massive task that is growing at a speculated 500 work years each day, so as you can imagine, a guaranteed billion dollar future for whomever gets to solve it, I reckon massive wealth would be there for the person who could design the solution that shrinks the resource requirements by a mere 20%, so the market is still lucrative to say the least.

The right tone is an issue that can be achieved when the right people are handed the right tools for the job.

1 Comment

Filed under IT, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , ,

September 19, 2016 · 15:20

The Syrian Fuck Up

There are a few things playing, for one the Bremain group is trying to push again in some way to scare people and set uncertainty all over the place. To be quite honest, at what point are such people regarded as traitors? I know the term is much to harsh, yet the fact is that the vote has been passed, there is a direction and those people are actively trying to mislead left right and centre, like the roaches of the old ways of profit, profit for the few! How come that side is not placed into the limelight? The second issue is seen in NY and a few other places where bombs are exploding. We can speculate in several ways, but that is not my way and until solid intelligence is seen, only then can we form a view. The most likely being that the US is now seeing the direct consequence from lone wolf attacks. There is no likely answer immediately, it will take time, yet the numbers are on terrorism. Confirmation is outstanding for now, but the most likely scenario. We will see later, no matter what the answer is, for the US their issues have now become a lot more complex. It is my personal view that I still believe that Edward Snowden is to some extent a joke at best and a traitor at worst. By illuminating actual parts of projects like PRISM, the lone wolves are now taking other measures and what might have been prevented will now only be prevented after many casualties, so feel free to send him a card with the text “شكرا لمساعدتك” (source: Google Translate).

Where we are actually going is Syria. You see, there has been an issue for a long time, we can go with the idea that people have been lucky for too long and there is the idea that a truce was never an option in Syria. Yet when we read ‘Syria ceasefire on brink of collapse after raids on Aleppo, Syrian troops’ (at http://www.abc.net.au/news/2016-09-19/syria-ceasefire-teeters-after-raids-on-aleppo/7856670). You see, my view comes from the initial issue I had when President Obama claimed ‘No boots on the ground in Syria‘ (at http://www.usatoday.com/story/news/politics/onpolitics/2015/10/30/16-times-obama-said-there-would-no-boots-ground-syria/74869884/), shows that this statements goes back as far as ‘meeting with Baltic State leaders, August 30th, 2013‘. Here we see the quote “In no event are we considering any kind of military action that would involve boots on the ground that would involve a long-term campaign. But we are looking at the possibility of a limited, narrow act that would help make sure that not only Syria, but others around the world, understand that the international community cares about maintaining this chemical weapons ban and norm. So again, I repeat, we’re not considering any open-ended commitment. We’re not considering any boots-on-the-ground approach“. You see, my issue is that any air force strike needs quality intelligence. You see, as I personally see it, the Air force is meant to be force in support of the Army! That’s how it is supposed to be! This is not negativity, because the Air force is its own power in the sky, but when it is required to go after ground forces, it needs eyes on the ground, which implies boots on the ground. It is that simple. Of course they can try to rely on the INTEL that they get from third parties, but that tends to lead to wrong tagging, inaccurate intelligence and not to mention the wrong coordinates get to be transmitted. I reckon that this latest issue could be either one of those failures. And when we get to see this “Russia said the situation in Aleppo city was “especially tense” on Sunday, blaming the instability on rebels.” The amount of shelling by rebel groups against positions of the Syrian Government troops and of residential areas is increasing,” Defence Ministry spokesman Igor Konashenkov said“, so what ceasefire? If a ceasefire is one-sided, there is no ceasefire. It seems to me that the issues shown on the news is that there is inaccuracies on all sides, not just the military parts. That can be construed from the quote “Also on Sunday, a senior adviser to President Bashar al-Assad said Damascus believes Saturday’s strike that killed the Syrian soldiers was “intentional”.” None of the facts on the ground show that what happened was a mistake or a coincidence,” Buthaina Shaaban said.” This could be the case on one side, if there was no ceasefire. So what is the case? Al Jazeera gives us ‘Ceasefire terms pose major risks for Syrian rebels‘ (at http://www.aljazeera.com/indepth/opinion/2016/09/ceasefire-terms-pose-major-risks-syrian-rebels-160915092126740.html), there we see the agreement painted as a one-sided solution for the Syrian government. Sharif Nashashibi writes in this article “This is a clear indication that, to him, such ceasefires are stepping stones to achieving that aim, not to a negotiated political solution. Indeed, pro-Assad forces continue to besiege rebel-held areas during the current ceasefire“, so from all this we can speculate that that fingers can be pointed on more than one issue. When we look at the BBC (at http://www.bbc.com/news/world-middle-east-37398721) we see “The US said its planes had halted the attack in Deir al-Zour when informed of the Syrian presence. A spokesman for the US administration expressed “regret” for the “unintentional loss of life”.“, as I remember it, a meeting at the United Nations Security Council under these conditions tends to be not too boring, so my advice to the Honourable Matthew Rycroft and the Honourable Gerard van Bohemen would be to bring tea and cucumber sandwiches to the next meeting, it should be fun to watch the US and Russian incriminate back and forth!

Now, I am not going to give you the goods on those two, the upcoming cold war will be a fun job soon enough. What is essential is to realise that the Air force could possibly have acted on incorrect, inaccurate or incomplete data soon enough. This is however an issue on more than one level. If you recall the initial chemical attacks, the US was unable to give clear evidence on who did what, meaning that either the satellite lag is too great or lacking too much details. You see, this is not TV, this is not an episode of NCIS where we see that the satellite could be used to watch a topless girl sucking the sunshine. This is real life and even as we know that it can give clear mechanical movements, troop movements, especially in an urban environment like Aleppo could be an issue to some extent, this is corroborated in this event. There will be conspiracy minds giving the notion that the US is trying to win by striking Assad forces ‘accidently’, a scenario that is not impossible, but likely a lot more improbable. Without clear deniability President Obama would not got near this issue now, so close to the election with the possibility of wrecking the election chances of the Democratic Party. In addition, with minus 18 trillion and no exit strategy there, increasing actions and requirements in Syria is one part he cannot afford in any way shape or form. That leads back to the attacks on the US, if there is any possibility that this is indeed a lone wolf wave, the US will have dire need for many more resources soon. No matter how it looks in the news and how it is played. Syria has been an issue for too long and as politicians and ambassadors seem to try and find a solution that will make everyone winners, I have to look back at 1939 when the UK decided that Hitler had to be stopped. It would take 2 years and a large sacrifice of part of the US Navy until the US took that stance openly. The issue is that too many politicians are taking the Charlie Brown approach (Walk softly and carry a Beagle). I think that with so many political fires stating that you are the fireman and you are here to chop away flammable constructs is not the worst position to take. In all this there is a genuine issue of missing trust. The BBC stated “Russia’s defence ministry earlier said that if the US air strikes did turn out to be an error, it would be because of Washington’s refusal to co-ordinate military action with Moscow“, it is not that Russia has any level of record in creating trust. The Ukraine and the Crimea region both have visible scars regarding that issue, there is of course the MH-117 so I reckon that Sergey Shoygu should review his options and find a third solution all parties can work with. The simple truth is that during these election the US side (for now) will be flaccid and useless unless a clear and distinct order is given by the Obama administration. Russia might gain trust all over the field if an actual solution for Syrian battle intelligence is found.

The worst issue in all this is that this is a serious fuck up, because the intelligence as given, is now sitting on the premise of two sides. From the initial part we can go with the two possibly oversimplified sides. US Air force was either unable or unwilling to see the intel. This path is taken because it is a simple truth, when we cut away the sides these two give rise to the actions. If actions were taken whilst unable to see, they would be rash actions, showing that boots on the ground were essential to recon data. If they were unwilling to see the Intel, it becomes a very different discussion, one with large implications on the US military actions. This path is taken to show you that for the most the path was not that complex. The only complexity is the accountability of actions. Sometimes, especially in armed conflict the issue tends to remain simple, or better stated ‘lacking complexity’. So why was it a ‘fuck up’? Again, in my personal view, and standing aside human error, the air force relies on levels of quality intelligence. Whenever we add just one level of impurity, we see that actions become a risk or rash to say the least, the fact that there was no supporting recon team means that someone let US pilots enter a blind stage where identification is hard at best. That is not the fault of the pilot or his commander. In this arena where uniforms are very much alike, telling one party from another becomes nearly impossible. This explains why ‘no boots on the ground’ was close to idiotic from day zero. This would always happen and it is a near miracle that it did not happen more often. One could argue that the entire mission as set out as it was doomed to fail from the very beginning, which now makes us wonder if the current administration wanted a clear victory to begin with. If not, we have ample evidence that this American administrations wasted billions on posturing, which sounds odd too.

In the end, the reality around this will take years to clarify and even then messages, mails and documents will have been ‘accidently’ destroyed or classified for 2 generations at least. In the end, for the most it is easy to agree that the Syrian events were a fuck up, but to what extent and until which person and function (read: who’s desk) is a question not easily (if ever) answered.

 

Leave a comment

Filed under Media, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , ,

September 8, 2016 · 13:13

Brilliance or Donkey mode?

The Guardian gives us two stories. One is of course all about the iPhone 7. At https://www.theguardian.com/technology/2016/sep/07/apple-iphone-no-headphone-jack-second-generation-watch we see the revolution of another iteration by Apple. The interesting side is that the head jack is no more, so no headset plugging into your phone. The quote “one that tech pundits predict could have consumers staying away in droves” is one that I find debatable. You see, the article goes on (via two sides) on how head jacks need to remain. Yet Apple decided on a model that is more waterproof. A statement that I find slightly debatable as there is still a lightning connector and speaker holes. Yet that could be an error on my side. What is striking is the quote “Apple announced another new product on Wednesday – AirPods, a pair of barely-larger-than-earplugs headphones that Schiller said use a new kind of chip to deliver a “magical experience” without the usual hassle of Bluetooth pairing and un-pairing“, which means a new era of listening technology. I will not go deeper into that side, especially as I have no idea on the Airpods, yet one side unmentioned is that these ways of transmitting ‘audio’ means that the battery will see a new level of draining. Whether this is better or worse than the head jack is one I can only speculate on. What is a given is that these moves are usually paired with the gravitas of cajones that tends to change the technological battlefield by a fair bit, so it might not be a donkey idea but a brilliant one. Time will tell which one it is. So far Apple remained quiet on the field of true technical innovation so the bar is open on the gamble, but the fallout could be one worth watching.

The other side gives us the consoles. The lacking brilliance of Sony has been evident for a little while and now that they have released batch 1 of the PlayStation Pro for this November, pre-orders are off the hook. Yet in my view, this is more definitely going to be the Donkey idea for a long time. Apart from the price which is not too bad, the massive issue now is that they are offering 4K gaming. Now apart from it not actually being 4K gaming (for now), those in charge of this were blatantly lacking brainpower when setting together this package. You see 1TB just does not cut it. Consider 4K.com (at http://4k.com/news/unsexy-hard-drive-technology-needs-to-keep-up-with-4k-4872/) gives us “Given that a single minute of full ultra HD 4K video in native resolution takes up a full 2 GB of storage memory, large amounts of drive space become more crucial than ever before“. Now, games and movies are not the same, but consider that cut scenes are still going to be large and the average game has at least 30 minutes of cut scenes. That’s 60GB, which exceeds the Blu-Ray disc, which is not an issue for 4K Blu-ray’s, but how about your storage? What happens when you run out of space? I warned about this with the initial PS4 and 500 GB, so I updated to 2TB immediately. Now, that does not worry me, because I am not the average player, yet let’s not forget that after 10 games, the 500 GB edition had run out of space, what do you think 4K gaming will do with a 1TB drive? To equip that system with anything less than 2TB was sheer stupidity!

Even Microsoft saw that one coming and gave all these new versions a 2TB drive. It is likely that the Scorpion will have more than 2TB, but we will have to see. So not only did Sony drop the ball on hardware, they did it TWICE in a row, the same mistake. It seems that someone there is not thinking things through!

By the way, do not take my word for it, Sony themselves announced the new Blu-ray standard with a 1TB disc in March 2014, so I reckon that they are creating their own slippery slope all by themselves. Microsoft only needs to release the original Mass Effect trilogy on 4K within 6 months of releasing Andromeda and Sony could lose a massive stake in the gaming population. EA has clearly said that this would not happen, yet Microsoft has an option it did not have ever before, it has a title both gaming sides revere and desire. If that becomes a XB1 exclusive, Sony would end up crying a river of losses.

 

Still there is now a given we have not seen until these new systems, Sony botched the ball a second time and this time, the Sony fans might not be as forgiving as before, not only because of the initial PS4 launch fiasco (most day one games were not ready and the big title was delayed by well over 40 weeks). The issues that some faced with HD space, an issue most had not experienced on the PS3 gave more stress than people bargained for and the clarity of drive space is a lot more obvious on the PSPro than it was on the PS4.

So even if we see Sony to be in the ‘not so bright mode’, where should we see Apple? As stated before, I am not certain as there is no way to expect how the people will react to the new requirement of Airpods, the fact that the phone will now be waterproof could be the quality band aid the iPhone fans will accept as a trade-off. However, at $229 they are not the cheapest solution, so that also counts against them. Anyway, with the lightning adapter the old solution remains operational and if that cable is included with the iPhone 7 (yea right!) Phone owners would not have anything to complain about. Time will tell how Apple is seen. I think that they took a bold step in another direction and that might not be a bad thing.

Another part I found debatable was the quote Julie Ask, VP and principal analyst at Forrester Research made. When we see “They’re not trying to win the race to the bottom like [competitors] Samsung or Huawei; they tend to go after the middle-class consumer that can afford the products“, we have to wonder what her data proves. Not unlike the claims she made on Bloomberg, there are a few sides that are actively ignored. For one, Huawei is NOT a bottom competitor (the quote was very peculiarly phrased), Huawei has shown to be an Android top runner and has been giving a stronger bang for the buck than the iPhone has been giving for the longest of time. My issue with Huawei is not the quality of hardware, but the limiting of availability of the higher models is an issue, one that seems to be due through agreements with the telecom companies, which is a big no no in my view. Which now also reflects back to the iPhone, which is now standard have larger sized phones, making Huawei trail. This is what the show from Apple revealed. Now for the fun part, I mentioned on my blog on July 28th 2016 how stupid this move was in the article ‘What we waste away‘ (at https://lawlordtobe.com/2016/07/28/what-we-waste-away/), so less than 8 weeks later I am proven correct in more than one way. So not only is Huawei not offering a decent storage driven system, it is likely to lose a lot of market share as the 32GB Huawei P9 is pretty much the same price as the iPhone 7 128 GB Jet Black. How did Huawei not see this coming? Let’s not forget that (rumour) their CEO would be able to ask PLA Unit 61398 (Chinese Cyber warfare) what Apple was planning to do, nobody in charge there considered calling the honourable Ren Zhengfei informing him on the actions that ‘Imperialistic America’ was planning (read: Apple CEO)?

Brilliance can be found in all levels of technology, yet many of the players here seem to have been asleep these last 8 weeks.

Anybody for pancakes?

 

Leave a comment

Filed under IT, Media, Military

Tagged as , , , , , , , , , , , , , , , , , , , ,