Tag Archives: Catalan

Return of Common Cyber Sense

So, is it the return of CCS, is it Son of CCS? With all the 60’s movie references it can go either way, like Son of Blob, Return of the Predator, the Swamp Man strikes again, take your pick. We can go in any direction. And it all starts with the NOS (Dutch News) article of ‘Hackers stole 3 gigabytes of data from Spanish Prime Minister’s phone’ (at https://nos.nl/l/2427306). There we get exposed to “The hackers who used Pegasus spyware to access the phone of Spanish Prime Minister Pedro Sánchez last year were able to extract 3 gigabytes of information from the device. They also managed to penetrate the telephone of the Minister of Defense, although less data was stolen from it. The hack of the Spanish Prime Minister’s phone came to light by chance during a routine check, it turned out today. The government was informed this weekend. The telephones of all cabinet members are now being searched for the espionage software.” As such we now have two settings, the first one is linked to ‘State of what?’ (at https://lawlordtobe.com/2022/04/24/state-of-what/) where some attacked the NSO on Catalan settings. Now we see that two Spanish governmental targets were out in the open, and its Prime Minister was not too intelligent and lacking Common Cyber Sense. 

So in what universe is it a good idea to put 3GB of data on your mobile? I have (by choice) 224MB of data on my phone (over 6 years) and well over 80% are ASCII files (a collection of articles I have written). 

A mobile phone is a transmitter at rest, no matter how much you run, as such it is a trove of information for any hacker with anti-Spanish sentiments. So in what universe should we see “Spanish opposition parties speak of “a very big coincidence” that the burglary into government telephones is just now becoming known. Others speak of a smoke screen. Already two weeks ago it became clear that 63 Catalan politicians and activists had Pegasus on their phones. Among them were members of the European Parliament, Catalan regional presidents, lawyers and political organisations”? Well the answer is none. You see the setting that we are a witness of shows a massive lack of Common Cyber Sense. And in this consider “Pegasus is sent via apps, a WhatsApp message from friends or acquaintances or an email. When the recipient clicks on such a message, the spy program settles in the phone. Secret services have access to all possible data such as passwords, telephone conversations, location or photos” You see, this is a side that might be on me. People like that have a work phone and a private phone. The work phone has no need for WhatsApp, Facebook, or a whole range of other social apps. Having them on your work phone is folly, extremely stupid and massively shortsighted. When you are a governmental tool (of any kind) you need to adhere to Common Cyber Sense. It applies to any Prime Minister, Defense minister, minister and that list goes on for a while. The only exception might be the cultural minister, but then that person tends to not have any classified data, or classified data of a limited stretch. So when we see “The organisation Citizen Lab, which previously revealed that the 63 Catalans were targeted, is drawing no conclusions about who is responsible for the covert operations against the Catalans. “But the circumstances indicate involvement of the Spanish government,” the authors of the report believe.” OK, that is fair, we are all seemingly nodding towards the Spanish team, but it is assumption. And when we have that stage, the lack of Cyber Sense is making it all into a farce. So whoever hacked the Spanish, might through that have gotten access to two teams for the price of $100,000 per phone. A good deal if any. 

So at what time will governmental teams (on a global setting) decide to embrace Common Cyber Sense, with the added realisation that apps like WhatsApp and several other have no business being on your work mobile? 

In this, my message to these politicians is as follows: You are (for the most) not an A-lister, a movie star or a social media revelation. For the most, you are all governmental tools and you need to take responsibility for the stupidity you employ. Keep personal stuff OFF your work phone, give the hackers a challenge, not a trip to easy street, Common Cyber Sense has reason, take it seriously.

Leave a comment

Filed under Law, Politics, Science

The simplicity of a label

That is at times a setting, not the setting, but an option. You see it is easy to paint all the piggie’s pink, but at that time we end up with all the painted piggies and piglet. Yet is piglet the one we were looking for? That is one of the settings and my issue with ‘No 10 network targeted with spyware, says group’. The article (at https://www.bbc.com/news/uk-61142687) is not entirely wrong. But when I see “The Citizen Lab says it informed officials that suspected Pegasus spyware was discovered in 2020 and 2021, with the Downing Street incident linked to operators in the UAE.” My suspicious mind has questions. Now, I accept that the Citizen Lab has expertise and knowledge, I am not attacking that. It is the statement “The Citizen Lab, which tracks electronic surveillance, said in 2020 and 2021 it notified the UK government that networks belonging to both 10 Downing Street and the Foreign and Commonwealth Office were suspected to have been infected using Pegasus spyware.” You see, ‘suspected’ is all good and well, but were the suspicions properly investigated and confirmed, or is that all it was, a suspicion? And it does not get better when we see “in the UK a number of official phones were tested including those of the prime minister, but it was not possible to establish which device was infected or what – if any data – was taken”, as such there is a suspicion and a lack of confirmation of which device was infected, whether data was captured and what the outcome was. And it does not end there. The statement “the suspected Foreign Office infections were believed to be linked to operators of Pegasus in the United Arab Emirates, India, Cyprus and Jordan.” You see, not only is the method a problem (through lack of evidence), but how in the hell can it be fingered to operators from United Arab Emirates, India, Cyprus or Jordan? Sometimes the simplicity of a label also has the lack of clarity. 

Why Jeeves, why?
It is actually simple. These are a few names: EverC, Sentar, Ignitho, PhishLabs, AppDetex, CyberInt, CareMessage, and Geneca. Eight names, all competitors to the NSO group. They all have ‘their’ solutions, they all have their ways and they might not be as good as the NSO group, but these players are raking in the millions. It is not impossible that they planted NSO materials, or  use a ‘friend’ to infect NSO guided options to lead the trail away. All speculation and none may be true or factual, I accept that. Yet the article gives us nothing but suspicions, no facts, no evidence and it is all given weight by “linked to an investigation by the New Yorker magazine which looked at the targeting of individuals campaigning for Catalan independence from Spain”, so what does the New Yorker magazine have and how do the two matters connect (if they connect at all). Consider the price of an NSO infection (it is enough to buy a 2022 Ford Mustang 5.0L Fastback, shadow black) and as people tend to rate cars higher than any Catalan interest, the list of interested people grows short really fast, the sliver thin comparison makes me suspicious even more. And to complete matters “The Citizen Lab said it believed the Downing Street suspected infection was linked to the United Arab Emirates.” So not only is there no evidence that an infection took place, they have a suspect too?

All half way statements, all half baked evidence and the lack of evidence that shows some clarity. All whilst I found 8 options at the drop of a hat. And I can tell you right now. I have no evidence of ANY kind. Yet the writings of some lack evidence too. So what makes the press so hungry for alleged illumination of the NSO group and the UAE all whilst there is no clear evidence? 

Questions should be asked, but I believe that additional questions should be asked of people who have been linking certain events with the near total lack of evidence. And it matters, because if we see the allegations that No.10 network is infected (which would be interesting to ANY party with non-UK or anti-UK needs). So there is a drastic need for the minions of Ken McCallum to wake up and find out what is going on. It might be essential to get the GCHQ goblins active as well, it is a digital issue so GCHQ gets to be connected to this. 

Yet none of the parties have clear evidence and no one can prove that it was not a competitor, there are larger plays in actions and they cannot be identified with piggy pink. Yet the station is optionally served by paint and finding WHERE it leads could be beneficial, but that is merely my thought on the matter. So far the media I have seen tells me little and the accusations and links are a little too shoddy to my liking.

It stands to reason to state that I do not completely trust the BBC article, thee is nothing wrong there, but too little of it is right and does not sit well with me, but that is just me, and I do not trust anyone, a habit of the beast and thorough knowledge on knowing that the beast is a self serving entity in all this, it always has been.

 

Leave a comment

Filed under IT, Science