Tag Archives: authentication

Historic view versus reality

We all seem to have views, it is not wrong, it is not bad it is not evil, it merely is. I saw in 1998-2002 how governments sat on their hands, how lawmakers sat on their hands (and optionally on their mistresses) and they all vocally agreed that hackers were nothing more than a nuisance, and as I see it the traitor Bradley Edward Manning (aka Chelsea Elizabeth Manning) gave up secrets that it was not allowed to reveal and gave it to the world. There is no doubt on guilt, there was no doubt on treason, there merely was the act and that was that, it was the first moment where governments got the first clear hint that hackers were a much larger danger. After that came Julian Assange and Edward Snowden. Julian might be many things, but technically he was not a traitor. Edward Snowden was one, and the law again disregarded the steps that were taken, he went intentionally to a place where he might get the most value out of his deeds, Russia picked him up, just to piss of the US, which they were speculatively allowed to do, yet the stage is rather large, more hackers, all under the guise that the law saw them as a mere nuisance, we all got introduced to ransomware, now we see governments hacked through a sunny breeze (Solarwinds), and the voyage does not end. Now we see less than a day ago ‘Hackers threaten to leak plastic surgery pictures’, as well as ‘National Security Agency warns hackers are forging cloud authentication information’, now I do not care for the plastic surgery part, but it is another case where personal and person inclined data is no longer free, the two elements also give a rather large stage for us to place a new premise. One could now argue that hackers are the clear and present danger to personal and corporate needs and as such they can be hunted down and put t death. So from nuisance to global danger, as such when all these mommies cry that their little boys did not know what they were doing, I have no issues putting a HK model 23 to their foreheads and executing them (optionally with silencer as to not scare the neighbours). 

I think it is time for lawmakers and government administrative types to wake up and smell the situation, and in this, perhaps some remember the words of Martin C. Libicki in Newsweek (2015) where he pushed the view ‘Cyberattacks Are a Nuisance, Not Terrorism’, well that is not really true, is it? When we see the definition of terrorism we see “The unlawful use of violence and intimidation, especially against civilians, in the pursuit of political aims”, there we see two parts up for debate, the fist is that ‘mental violence’ is still violence and the setting of intimidation is already achieved, the stage we still need to address ‘the pursuit of political aims’, not all terrorism is set to political aims, unless if you call self-enrichment the pursuit of political aims. 

And with ‘National Security Agency warns hackers are forging cloud authentication information’ we see an initial stage where commerce will come to a screeching halt. My IP does not cover for that, darn. But there is the old way (1981-1991), just kill them, be done with it. 

Now some (especially in law) will state that I am overreacting, yet am I? It is the lawmakers that could optionally be seen as cowards, hiding behind their golden calf called jurpisprudence. The law, for the most does a good job, it is not perfect, so be it, but for the most, it is OK. This covers the never trespassers and the limited trespassers, they make up for 75% of all people, then there are the criminals, 24.99%, the law takes care of them, they are repeat offenders, career criminals and as such the law was designed to deal with them, then there is the remaining 0.01%, these criminals are in it for the kill, to create a maximum amount of cadavers physically, mentally and financially, to make life for nearly all impossible, and that golden calf, the law cannot deal with them and we accept that, so we remove them in other ways. We hunt them down and put them to death, and when it is some 16 year old claiming he didn’t know what he was doing, we know, he did it to seem cool, he was willing to make all others suffer, just to look cool, to get the tits, to rub the vagina, his friends never could, as such there is a 9mm solution that solves it, if only his parents had raised him right. 

You think I am kidding?
You forget the poverty line is shifting massively because of COVID-19 and soon the insurances will not cover the impact, the media will merely snigger and cash in on all those clicks they got from the $x donation to an unnamed source, and it is now time to make the long overdue change, before governments are pushed to take away more and more of our freedoms, which will push us into the dark-web, a situation these criminals would love. And it is close to 15 years too late, but in this case it is better to be late to the party than not get there at all. 

Am I overreacting?
That would remain a fair question, I do not believe so as this step is well over a decade overdue, it is not something that was pushed to the top in the last few days, and it is partially due to governments and lawmakers not acting when they could have and especially when they should have, now the dike is levied and people are soon to be drowning and something must be done. From my point of view, to hit terrorists, you hit them harder, so the more extreme you hit these hackers, the clearer the message becomes. And a clear message is years overdue.

In this there is a two step setting, there are the “cool wannabe’s” who are mot likely teenagers, some of them are easy to find and after the first examples a lot of them will hide like cockroaches, but the second tier, the one the media and governments intentionally ignore are those in organised crime, they will be the real challenge and as most governments have nothing on stopping them, at best they can limit the damage, which is basically no solution, that gap will take time, but with ‘hackers are forging cloud authentication information’ less than a week old, there is now a chance that the NSA and other intelligence networks will realise that compromised clouds will have global commercial implications, as such governments must now act, the moment any cloud is openly seen compromised, it will be too late for well over a decade. It becomes a clearer situation  when you consider that global e-commerce was set to ‘Global e-Commerce hits $25.6 trillion’, by the United Nations Conference on Trade and Development (UNCTAD), s how much losses must global commerce endure before we act? Oh and if you think that this is the end? How much more powerful will organised crime become if they only get their fingers on 0.1% ($25,600,000,000)? It will become a sliding scale that goes from bad to worse, and governments knew that, they knew for well over a decade, but their delusions saw other non-solution, like perhaps, it will go away on its own, so tell me when was that ever a solution?

Leave a comment

Filed under Finance, IT, Law, Media, Military

Clueless to the end

That is quite the statement is it not? The question that follows is is the writer clueless (aka me) or the presenter of certain statements (aka Peter Dutton, current Home Affairs Minister). I will leave that to you as I am merely presenting the facts as I see them.

It all started on a simple Wednesday (2 days ago) when I was confronted with the statement ‘Coalition calls on Google and Facebook to get on side with encryption bill‘, just another political yada yada moment and I was about to ignore it and more to the next page when I noticed ‘the internet giants have a responsibility to help combat organised crime‘, which woke me up nice and widely. So the article (at https://www.theguardian.com/technology/2018/oct/10/coalition-calls-on-google-and-facebook-to-get-on-side-with-encryption-bill) gives us: “Australia’s law enforcement agencies have been prevented from infiltrating paedophile networks and other organised crime groups because the messages they send over encrypted electronic messaging services, such as Wickr and Whatsapp, cannot be intercepted by authorities“, in light of Australia being America’s minion in the anti-Huawei activities is admitting that mere app decryption is beyond their ability? And they have the loudly shouted notion that Huawei is a 5G risk whilst ‘basic’ skills are not in their arsenal? Apart from making a case that Huawei is now basically a political fuelled exploitation game and a setting of bias (and optionally nepotism), we are interested in learning that certain skills are beyond Australian Intelligence. I am certain that Paul Symon, Mike Burgess and Duncan Lewis would have been delighted to learn of this revelation via the Guardian, but that was merely comical relief anecdote, let’s get down to the brass of it all.

We get to see the first part in “He said a new report from the Australian Institute of Criminology, released on Wednesday, estimated the cost of serious and organised crime in Australia in 2016–17 was between $23.8bn and $47.4bn, and showed how sophisticated internet-based crimes can be“. So as we take a look at that report (attached), we take a first look at the end (just like any detective story, starting at the end we see the revelations we needed to see if the story adds up). So there we see: “This paper sought to estimate the cost of serious and organised crime in Australia for the 2016–17 financial year. It was not possible to undertake new empirical research to provide more accurate baseline data to support the estimated costs, so in most cases uprating using the RBA (2018) inflation calculator was used in conjunction with the most recent reported crime statistics to assess the prevalence of the various crime types examined“, which gives us another part. The first is on page 3 where we clearly see (in bold) ‘$31.5 BILLION for the cost of serious and organised criminal activity as well as the serious and organised component of conventional crimes‘, so now we see in opposition an amount against ‘between $23.8bn and $47.4bn‘, which I admit remains a truth, yet when we do the math, we see $15.9B for prevention and $31.5B for the so called organised and serious criminal activity, which gets us to $47.4B. At this point we could surmise that Peter Dutton passed his basic math test, was it not that the same page 3 (just like in the Sun, for the longest of times) gives us an additional $8.6 on organised Fraud (debatable), and $6.5B, $9.6B, $4.1B and others adding up to almost $2.7B, so in total we have the $31.7B, yet here is the problem, the individuals cannot clearly represent 100% of organised crime. We are now getting to the miscategorised and the miss set properties of certain players, which also deflates the issue. It becomes a larger setting when we consider the ABC, who reported in May 2017: “the Australian Cybercrime Online Reporting Network, and the reported losses from online scams across the nation come in at around $300 million“. So here we get the second part. We see ‘online scams‘ and I am willing to accept that, yet against ‘PURE CYBER CRIME‘ the question becomes what is what and where are the definitions and this gets us to page 18 where we see: “It extends the conventional understanding of organised crime groups by adding all serious crime of an entrepreneurial nature or committed to support a criminal enterprise, whether by a group or an individual“, now the entire setting changes. It optionally includes all the entrepreneurial naughty people in places like Wall Street does it not? Good luck getting anything done at that point!

Then we get to the illicit drug activity. Now, I am not debating the number overall. I do not have the data to do so, yet consider the part on page 10 where the three costs are included namely Medical costs, Lost Output and Expenditure on drugs. The items are fine, it is how you set your filter, I get that, yet in all this when we consider the numbers and the setting whilst we also have been treated to the longest time to those individuals in caravans in the middle of nowhere making their acid/ecstasy junk. So when we look at Methyl​enedioxy​methamphetamine (MDMA), we can see that it is a serious crime and that we are given a dangerous setting, no one denies that, yet in all this, those singular people who do something with gallons of cough syrup (as It was presented at one point) we should also see that at this point that Peter Dutton had all the elements added together and presents it like a Ponzi scheme, or should I say that it looks like an Amway sales presentation (the one I saw at least)? You know, the one where someone states ‘replicate, don’t reinvent‘ it is a good sales pitch, no one denies that, and it is here that we see the flaw and failing of Peter Dutton.

You see his presentation adds up ‘perfect’, these numbers add up, whilst a millennia of history shows us that numbers never add up, not in any criminal enterprise; to do that I have to teach you a little data basic. The best comparison is the use of a cross tabulation. Let’s take gender and shoes. For example we see 6 men and 14 women bought shoes. We also see that 24 women and 25 men did not buy shoes. So far we get the table on the left, yet now we also get the setting that a cross tabulation will not deal with.

For example the fact where we know that shoes were bought, yet the gender is unknown or we see a gender reference and that something was bought, but we cannot see if they were shoes. These are called missing values and they will not show up in that cross tabulation and there we see the first part. It gives us the setting of crimes but not by whom, they are serious in setting but that is not enough is it? You see Peter Dutton gave us ‘help combat organised crime‘, yet not all serious crime is done by organised crime and now we have a $47 billion dollar question and in addition the failing that we are now introduced to is a much larger failing. In this we now see that we saw in the beginning when we went to the end of the story. It is seen with: ‘estimated the cost of serious and organised crime‘ and that is not enough. We could argue that it should be, we can argue that (the amount involved) is way too big, but the setting is not merely that Tech companies should ‘help’, it is the prosecution setting. The setting that there is too much junk attached and the prosecution will fail in the bulk of all those cases because the evidence relies on loaded and unproven data. It is the part that we have faced for well over 7 years. The court barristers will give every jury the speech of authentication versus non-repudiation and the second one cannot be proven (in most cases), so we end up not merely not having ‘beyond all reasonable doubt‘, there will be a high and likely chance that the courts will not even be able to prove ‘on the balance of probabilities‘ or ‘is it more likely than not‘ and it is here where we see that Peter Dutton could be optionally wasting millions upon millions of costs to set the stage of presentation that will have little to no results and that is a much larger problem. The additional play is that any smudging of any presented evidence will give us the stage that a case will be thrown out of court, how is that helping anyone?

So whilst we ponder this, we need to review the statement “And it should be noted the same companies who protest about having to help police with the encryption problem, operate their business in less democratic countries and accept a compromise on privacy to allow their presence in those growth markets“. We are not those countries are we? so at this point, we get the impression that Peter Dutton is merely a minion for the intelligence services who according to him were unable to ge to places in the first place, which implies that certain players have much larger problems and the serious cirme part, which is not on their plate is already beyond them, so there!

At this point we get to the final part where we see: “It is important that tech firms understand and embrace their responsibilities to the community that has helped enrich them“, I actually do agree with that part, yet that should be set in taxation law. A flaw that I reported on yesterday (at https://lawlordtobe.com/2018/10/11/taxation-solved-the-old-way/) which I charmingly called ‘Taxation solved the old way‘ (pun intended). So when we now consider the biggest organised crime master in Common Law (Al Capone), who funny enough got scuttled not by crime fighters but by tax laws. How we get to relearn the lessons of old, do we not?

It gets us to the quote: “Currently our police and intelligence officers who have a warrant may be able to covertly recover an email or a photo or other evidence of a crime from someone’s computer, but they can’t crack encryption, which is why it is now being exploited by criminals“, so these are criminals and not organised crime. Or in a simplistic setting that every square is a rectangle, but not every rectangle is a square. It is at that point that I will teach Peter Dutton the one lesson he never learned (optionally he merely forgot the lesson).

Consider: “When sarcasm bounces it is merely irony“, a lesson that has a much wider application that the honourable youthful young Dutton might not have contemplated yet. However, we have to consider he was only reappointed his seat on August 24th, so he has time to settle in. And the lesson does not end, the second part of the lesson is not from me, it comes from Lizzie O’Shea who gives us: “they were united for the first time in their opposition to the government’s encryption bill“, when we see united tech giants, how short sighted was this encryption bill in the first place? It gets to be a larger issue when we add the setting from World Animal Day (pun intended) when we see the two parts “Telstra has won a $8.2 million contract with the Department of Foreign Affairs and Trade (DFAT) for the landing of the Coral Sea Cable System” and “Chinese technology giant Huawei was originally set to build the 2.5TB-cable linking Australia to the Pacific island nation back in July 2017. However, following concerns that Huawei’s involvement posed a security risk, the Australian government stepped in to fund the multi-million-dollar project from its foreign aid budget“, whilst clear evidence has never been presented and in that stage we see optional nepotism and ego and not fact and science based solutions. We are supposed to trust any of the reporting parties on any of this? The articles are different on different settings, yet the entire mess as it is now shows a much larger failing and a setting of doubt, not one of justified confidence and in that we see the second part of the reason why the tech giants are uniting. A certain play performed by adjusting to the notion of stupid and short sighted whilst the captains of industry have been getting their A-game in gear and others never did. It is merely another stage of the impact of iterative exploitation and profit founding, that whilst Huawei, Google, Apple and Samsung are no longer going iterative, they are now making larger leaps over the next 5 years as they want the largest slice of 5G pie possible and in an iterative setting the others can catch up and that is where we see the clash, because these hardware jumps will also prevail in software and data jumps and some players are in no way ready to play that game. That is where this so called balanced report strikes out as well. this is seen on page 21, where we see: “Because information and communications technologies are used widely throughout society and are instrumental to government, business and consumer activities, there is considerable overlap between the estimated costs of cybercrime and the costs of other crime types— particularly economic crimes, banking and financial crimes, transnational crime, online commerce and internet-facilitated crime such as consumer fraud, online dissemination of child exploitation material and intellectual property infringement“. You see in that stage we see the mention of ‘economic crimes, banking and financial crimes‘. Here we see that Financial institutions and Wall Street come into play (perhaps ‘entrepreneurial bankers’ is a much better term). This is not organised crime because Wall Street never committed any crimes did they, yet they are at the centre of a group of people in that classification are they not? And there we see not merely the adaptations of block chains, we see that organised crime will go there (as soon as they possibly can) whilst the bulk of all the players will not be ready and any encryption bill will hinder the progress of new technology as other players are not anchors of stability, they are concrete blocks of deceleration, another part not considered in any of this.

So yet, the tech companies are uniting and there is a second part in all that. When they strike a deal with Saudi Arabia and set a large part in the city of Neom; when Saudi Arabia accepts certain concessions towards the FAANG group? I personally believe that as soon as the benefit is clearly shown to the rulers of Saudi Arabia and the headway that they could make, they will adjust whatever they can according to Islamic Law, and at what point will governments realise that their only option of control will be isolation and a loss of economy? We are not that far away from that point. Even as we were told yesterday “A senior executive who works for Google’s parent company and a former US secretary of energy have dropped out of a Saudi Arabia tech and business advisory board following international outcry over the disappearance and alleged murder of a dissident Saudi journalist“, yet as Google cloud picks up more and more banks, how long until they reverse the setting? In this the Financial Times also gave us (a day earlier): “A radical blueprint to transform Saudi Arabia through socio-economic reform and ambitious development projects is persuading banks to return to Riyadh“, so at what point will we realise that Saudi Banking is growing and that all players want them as customers? It all boils to dollars and crime is merely a cost of doing business. It is that side that shows the missing data part (going back to the cross tabulation comparison). Corporations have always been about the privileges that come with a certain network and the most facilitating one is the one they will choose, that is in the heart of the flaw that I saw regarding Peter Dutton’s claims here. A bill that stops facilitation and stops optional business on much more levels, as banks need to show more and more profit. The greed driven business model will always be destructive in nature, learning that lesson 10 years ago would have made a difference, now it no longer will.

That is part of the heart of the “$40bn of foreign money is expected to flow into the stock market as a result of Saudi Arabia gaining MSCI emerging markets index status next year“, that against a flawed encryption bill, it was a bad play, played even worse on the surface of all the facts shown and I did not even bother going all the way when it comes to the initial ‘sought to estimate the cost‘, it almost reads like ‘the lady gains weight and we are trying to determine whether she is pregnant, or if she really likes pizza‘, how was that ever going to go? Perhaps asking her: ‘Have you been screwed (over) lately?‘ It could give you a truth and a lot more non-truths. That is the problem with data, whilst moulding data in one direction, you tend to open a door in another direction too, I learned to see and seek those doors, oh and that is before we consider the estimates and the application of weights to a data file, which I do not know whether it happened. this we should have consider with the statement on page 2 ‘Where data were not available for this period, the Reserve Bank of Australia (RBA) (2018) inflation calculator was used to uprate estimated costs from earlier periods‘, the part ‘uprate estimated costs‘ would have gotten us that part, also the fact that it is not data merely a ballpark idea on what the data could be, it is not the same, is it?

 

Leave a comment

Filed under Finance, IT, Law, Media, Military, Politics, Science