Tag Archives: Cisco

Two linked events showing trouble

Yes, that I how it started for me today. It all links back to the Optus failures and a few other matters, but cybersecurity is at the heart of it. Initially I saw the second article, but I will get back to that later. First we look at ‘Sydney teenager accused of using Optus data breach to blackmail indicates guilty plea in court’ (at https://www.abc.net.au/news/2022-10-27/teenager-accused-of-using-optus-data-breach-to-blackmail-court/101584078), a simple deception. Yet one with a few sides. The first part “Australian Federal Police (AFP) charged Dennis Su with two offences earlier this month, claiming he sent text messages to 93 Optus customers demanding they transfer $2,000 to a bank account” sets the guilty party up, but in more ways when we consider part two “The charges were laid after a bank account belonging to a juvenile, which Mr Su allegedly used, was identified”, so he used a third parties account and wholly Moses, it is apparently of a minor. How the bough breaks! Well it actually doesn’t break. It seems that there was a serious amount of thoughts and planning here. Well, for some it is not a serious amount, but he had to know what was planned and he got a minor to be the front to some parts. It all refers not to the second article that as the first on my eye sight. It was ‘Medibank and Optus hacks spark warning over identity theft risks from former victims’ (at https://www.abc.net.au/news/2022-10-27/identity-theft-warning-after-optus-medibank-hack/101576992). Here we get “The first thing the victim knew about her identity being hacked was when a man turned up on her parents’ doorstep asking for the sexual services he’d paid for online.” It is the start of a new steeple chase. When we consider “Former identity theft victims have shared how their details were used to steal luxury vehicles, take out personal loans in their name and hock fake goods online, because criminals got hold of the kinds of information millions of Australians are believed to have had compromised in the latest Medibank and Optus hacks” and this is not nearly the end of this. When we see “While living in Melbourne, she sent a photo of her licence to a real estate agent applying for a lease, and that image was somehow then uploaded into a gallery of property photos featured on that agent’s website” especially in the Australian housing market, can we please remove this bozo’s character from the housing market? How can anyone be stupid enough to ‘upload’ identity details? There is an unacceptable lack of common cyber sense in Australia. It goes from the big banks to the most stupid of housing players. They have no idea what they are doing and the excuse ‘we made a boo-boo’ just doesn’t play here. First Optus, then Medibank and that list keeps on growing. That is accelerated by alleged cowboy institutes that make money offering cyber degrees. Australia has a serious problem and it needs to be dealt with starting with a lot better protection regarding ID’s and identity documents.  

And we do not blame Google here, but “Probably the most shocking and stressful part was just seeing my licence there on Google for anyone to use” should be seen as evidence that a much larger issue is in play. When we see newspapers give us “The federal government has promised to dedicate millions of dollars to “investigate and respond” to the massive cyber attack which rocked Optus” which according to some amounts to $6,000,000 over two years. I reckon that in two years the problem will be a lot larger and two years to investigate what I in part did in 5 minutes is a joke. Something needs to be done NOW and lets start by holding corporations accountable to cyber security and lets make sure that a certain housing agent is an Uber driver in 48 hours and not a housing agent any more. Yes, I agree that I am overreacting, but uploading ID details? To a photo gallery? I think we hit rock bottom on the village idiot scale and that needs to be addressed well within 2 years, within 48 hours be more likely. I think that my optional IP move to Canada might be a good thing. It is not out of the question that these players will set my IP on a server with a connected router that still has the password ‘Cisco123’, that could be how my luck goes and I have seen enough bad luck to last me a lifetime. 

As I see it Australia has a lot of problems, not in the least the larger absence of Common Cyber Sense, I raised that in ‘The Bully’s henchman’ (at https://lawlordtobe.com/2020/01/31/the-bullys-henchman/) which I wrote on January 31st 2020, almost 3 years ago, it is that much of a failure and if I raised it then, it was already an issue. As such we see a failure that surpasses 3 years and now they want to debate it for two more years? These people are out of their flipping minds!

Advertisement

Leave a comment

Filed under IT, Law, Media, Politics, Science

Wheels are for sleeping

Yes, that is the indication. So far I have been busy redesigning over half a dozen games and I get the impression that asleep at the wheel is a common factor at both at Amazon and Google, might be at Microsoft a well, but I do not care about them, they can become obsolete all on their own. The redesign is essential as there are factors for a larger audience and one does want to entice that audience as such I started with half a dozen games, kept the overall appeal, kept the foundation of the game, but the rest got upgraded to the improvements we got the last decade. And 3 of them had 90+ scores, so they can be remade into something better fitting this decade and this generation. Even as I am looking into Unreal engine 5 (where applicable), we have a much larger optional setting and this I did after having a sandwich, before I had a cup of milk and I am merely waking up. We have had a lot of games that were contemporary, we had games that were in the stage or the age of the arcade, but why are they abandoned? They were good games and even as we see everyone go nuts for some goat simulator (for some reason Microsoft got that right and it is massively addictive to some), they forgot a game like Soul Edge (1995), the Dreamcast had it as Soul Calibur (1998) where it scored a whopping 97%, a game that close to perfection was partially forgotten and what was rereleased was nowhere near as perfect and the makers decided they were more clever and created a lesser product. The lines in those days were that this game alone was reason to buy a Dreamcast. Why are these gaming executives so short of memory? Soul Calibur was all about fun and they created a game that did that and more. There are a lot more examples and more could be done to make it changed enough to get a new IP registered. One day and I come up with half a dozen games that could be upgraded and Google (deciding not to be a developer and dropping the Google Stadia coming January) is letting $500 million a month slip by, well they must have the corner on something. I for one am willing to guess that they got the corner on Melatonin (sleeping ingredient). And that is merely one part of one branch. I  truly wonder what Tencent is up to, because if they are more awake then there is every chance that Amazon will lose their share as well. And these two got that done in under two years. Good going guys (girls also). 

And as I am vamping a few more titles, I remembered a game from 1991 called Streets of Rage, a simple game, but addictive and a game that could entice plenty of people. You see, this new ‘gaming’ industry is a lot less about making money. It is about the microtransactions, that is where they think the real money is and when my solution is accepted and 50 million subscriptions start cancelling the other options, these people will learn the hard way what an empty IP looks like. They all ignored that gamers want to have fun and for some it is racing, for some it is stealth, for some it is bashing and in these groups none of them are overly excited of microtransactions. So when they get a micro-transaction free environment, they will move. I am completely convinced of that. These people also are not interested to pay by watching advertisements. So there are two elements that would fall away pretty quickly and in all that the current ‘champions’ would end up being tomorrows losers. I reckon that is here Tencent is heading as well, so they will get two tiers of advantages of all those who haven’t figured it out yet and that will cost the wrong people a lot of marketshare. But not to fret, they are willing to lose that marketshare, I know because I cannot  see them making any alterations, so they are definitely waiting until it is too late. But that is big tech for you. So whilst they are asleep at the wheel, I will continue embellishing my IP for the current customer line. And there it will stay, especially when the right people figure out I wasn’t making a funny, and that my part in gaming since 1984 implies I actually know stuff. But feel free to disagree, it is your right and when you come up short, you merely did it yourself.

As such I do hope to have a field day. Because hope is still part of that equation, we all hope, we can do little more. And lets give Microsoft a hand, only yesterday we were given “Many enterprises continue to leave cloud storage buckets exposed despite widely available documentation on how to properly secure them”, and the hand was not in sarcasm. You see ‘despite widely available documentation’ implies that this is a Layer 8 ID10T issue (aka: idiot users). So when we read “SOCRadar, the threat intelligence firm that reported the issue to Microsoft, described discovering the data in an Azure Blob storage bucket that was publicly accessible over the Internet. The data was associated with more than 65,000 companies in 11 countries and included statement-of-work documents, invoices, product orders, project details, signed customer documents, product price lists, personally identifiable information (PII), and potentially intellectual property as well.” Yes, it gets to be that bad and it is NOT all on Microsoft, some is, not all. But keep screaming that Azure is fine, especially when 65000 companies are placing their data on the internet. As such the China and Huawei issues are not an issue, people are placing their data online all by themselves. Cisco was also a factor, but they seemingly fixed the issues they had. In all this it matters, because streaming opens a new can of worms and I am opening a separate one as well, especially when the Kingdom of Saudi Arabia buys my IP. In all this we see that there is a much larger need to stop being the inclusive wanker. It is time to call out the larger flaws and stop messing about, or buy a Jaguar (a Crazy People 1990 reference).

This is one of the reasons I do not want Microsoft anywhere near my IP, and that is in part why I offered it to Saudi Arabia. These tech players might bully me, but they have a much larger problem if they mess with Saudi Arabia and when the Saudi party realises just how big the IP can be, Microsoft will be kept outside, of that I am convinced. It was also in part why I hoped that Amazon would have called earlier, but they slept for months, so I am happy to head to plan B. And as I embellish my IP the chances will increase and increase. Some wheels might be for sleeping but my cogs rotate unrelentlessly and they keep on rotating, I owe that to myself even if it is merely to show where all the others went wrong.

Leave a comment

Filed under Finance, Gaming, IT, Science

Web Web Web

My mind has been pounding on some new IP. Not really IP, more of a concept on what Ould become great IP. Yet will it be mine? I doubt it, there are plenty of takers, but for some reason I believe that Adobe has the inside track here. Whilst players like Microsoft make all the spin, make all the presentations, they deliver too little. Whilst they are all about Office365, we see a collection of bugs that still have not been resolved. And as they grow their product they also grow the traps and the pitfalls. 

So as we see (or recall) “The bug in Exchange Online, part of the Office 365 suite, could be exploited to gain “access to millions of corporate email accounts”, said Steven Seeley of the Qihoo 360 Vulcan Team in a blog post published yesterday (January 12 2021).” It would be come time before we could see “The Exchange Server flaw is one of 55 vulnerabilities fixed in Microsoft’s Patch Tuesday update. Microsoft is urging administrators to apply patches for a remote code execution vulnerability in Exchange Server, which is being exploited in the wild. (Nov 2021)” as I personally see it, Microsoft is digging its grave deeper and deeper, all whilst complaining to Congress about anti competition issues. How about fixing your bloody program? Optionally in less time it take a woman to get fucked, get pregnant and deliver a baby? Rude? You ain’t seen nothing yet! Microsoft complains wherever it can, against Apple, against Google and it takes over 36 weeks to get the Exchange flaw seemingly under control. I used seemingly as we also got this year ‘Microsoft kicks off 2022 with email blocking Exchange bug’ with the added “A coding mistake after a January 1 auto-update is causing the FIP-FS anti-malware service to crash with the 0x80004005 error code when it encounters 2022 dates

Apart from the idea that kicking Microsoft should be regarded as a civil service there is actually a bigger fish to fry. 

The who now?
You see this is in part about Web3, it was one of the stopping points that my mind entertained towards some of the software that I saw in ‘Pristine and weird’ (at https://lawlordtobe.com/2022/02/24/pristine-and-weird/), I gave additional views in ‘The hardware perimeter’ (at https://lawlordtobe.com/2022/02/25/the-hardware-perimeter/). I still believe that in some respects Adobe might become the salvation. In 15 years of Adobe I have crashed less than half a dozen times, Adobe, or as I tend to call them (with a giggle) Macromedia Plus. You see, Adobe is a union (OK, they bought the other place) of Adobe and Macromedia. You might think that this is not a big deal, but it is. The union of two great innovators in their field. I truly wonder if Microsoft understands what an actual innovator is, they spun it so often in so many area’s that I truly believe they forgot what true innovation is. But consider Adobe and Apple, what if Adobe gets the sources of Pages, Numbers and Keynote? They would be close to ready. They still need a good database to stage the next scene but there are all kinds of solutions in that direction. 

The hardest part (for them) would be the web in a web stage.
This is not some fictive side, it will be the connection side of collections of blockchains (finance, documentation, hardware foundations and document tallies. The example you saw earlier is something I saw somewhere and it fitted the bill as closely as I envision it (I do not have the right software to make my own) that might get the closest to what is required, as well as a new need for checking the integrity of blockchain based connections. The need to check the integrity becomes overwhelmingly essential and when it comes to integrity checking, there is every indication that Microsoft is not really on board with that need, or its board of directors might be filtering out anything negative until AFTER it launches. In that setting a player like Adobe (or Google) is a much safer bet and that matters.

You see, I saw as early as 2009 that the borders between hardware and software were overlapping in some grey area. The initial stage of brand of hardware would be overshadowed by the software controlling it and there is the rub, the court cases where we get some version of ‘She said versus She said’ will overwhelm courts and the law is nowhere near ready on such cases, because the rules of evidence are not ready to process what gets to court. You see, to some extent Web3 might be a solution, the blockchain need will govern the desire, but there is also the larger case. We are given settings like “the idea of decentralisation” as well as “a possible solution to concerns about the over-centralisation”, but the borders of what we see to what is centralisation and decentralisation is becoming blurry. We see voices like Kevin Werbach, author of The Blockchain and the New Architecture of Trust making mentions on the lack of decentralisation, some give us issues on scalability. But what is scalability? It is a serious question. You see Microsoft, Google and Apple have their own ’version’ on what constitutes scalability, but always towards THEIR OWN design and I get it, that is one point of view, but when did you see a clear presentation where the CONSUMER is shown a presentation to see scalability towards their organisation and another organisation? An accountant compared to KPMG? A consultant compared to Deloitte? You think it does not matter but it does and the cloud brought it a lot closer than anyone realises. The booklet version is “scaling is the process of adding or removing compute, storage, and network services to meet the demands a workload makes for resources in order to maintain availability and performance as utilisation increases”, but as I tend to say, cloud computing is computing on someone else’s server. The term of scalability ‘adjusted’ from home processing to cloud processing. It is there that you see the larger stage of bilateral processing. The workstation (like I described earlier) with a thick client and local stages, often connected with a secure server that protects its settings and a cloud environment. A sort of 2 stage security in place and that is the larger danger. Microsoft (et al) want you to trust them, all whilst they screwed up your life with 36 weeks+ Exchange online dangers and they cannot change, they are too much involved with their board of directors and THEIR needs of the story as it needs to be. And as I rudely stated at the beginning with every chance of getting screwed over and their ‘spin’ impregnating you, but the turnaround? There is none! And what do you think their liability is when you see that your IP is gone? So whilst the news gives you “Vulnerabilities are being exploited by Hafnium”, how long until a message from the cloud provider is given to you that due to configuration errors detected we do not consider any liability against us to be valid? And let’s be clear, Microsoft Office is Exchange, Word, Excel, Powerpoint and Access. They have had 25 years to clean it up, but the waves of iterations (new options) have given rise to issue after issue. Is it such a surprise that this stage might start flowing towards a player like Adobe who will add a near universe of new options and all that arranged in some next generation skin that incorporates some version of Web3? 

There are other players (Amazon, IBM) but in what I saw in ‘Pristine and weird’ Adobe fits the bill better and more complete. Even as I saw additional parts, I saw a stage where hardware is more interchangeable with software and Adobe has proven the field there. You see, as hardware from Cisco, Dell, Huawei and Juniper become more generic, software will have a much larger impact and the hardware will merely open doors to WHAT is possible and how fast the new options could be. A different setting but not merely due to the cloud, but because the one man show technologies are on the way out, pretty much like Microsoft already is. A stage that has now become too unreliable to consider trusting. And where will Apple and Google be? Apple will most likely have a larger niche, Google has been accomodating on several levels, so they both have larger fields and for them it matters in the long run. Other players will need to push for their niche, a cooperative niche or they will become obsolete, almost as much as Microsoft soon will be. But that is merely my point of view on the matter and my point of view on where we are going. Feel free to oppose my side, but do not forget to check all the facts, for now they are on my side of the equation.

Leave a comment

Filed under IT, Science

1-800-LoadMyMissile

Yup, I had to go there. And when you see the headline ‘F-35 program seeks cyber reinforcements’ you might go there too. Now, you need to know that there is nothing wrong with the article that can be found (at https://fcw.com/defense/2022/02/f-35-program-office-seeks-cyber-reinforcements/361848/). Yet the quote given to us 2 days ago “To improve the joint strike fighters’ defences against cyber attacks, the program office responsible for it wants an open system design solution” implies there is close to nothing, all whilst this danger was out in the open for some time, so why react this late? And when we are given “the program office responsible for the aircraft is looking to create a multi-phased process that would enhance the security of F-35’s – and supporting ground systems – through newly developed or integrated technologies, such as real-time, automated in-flight detection, response and recovery” concerns should be raised. You see that dinky toy (the F-35) is not the cheapest of all Corgi toys, so something should have been in place already. The issue is not that simple, I get that. To take a more Cisco stage of expression. Every plane will need a router that has SecureX platform, Secure Firewall, Secure Endpoint and connects to the ground in a similar way and does it in real time, not the easiest of tasks and in this the real-time part will be the hardest to get working. A system that can interact with every system. 

As I personally see it (see image), it is a setting that has a number of points (like hardware points) for fire solutions, navigation, weapons systems and the security station. It cannot check all, but each system has its own header, and the headers check each other, so if one is hacked the others fix the one hacked and the system is back on tour, there is no guarantee that this will work, but hacking one system is one thing, hacking all 5 becomes virtually impossible. And there is another problem, such a system will need online load balancing. Not online like we know online, but a system that is always checking the load balance of every header station and as this is all done in real time will require an upgrade of hardware, because there is no way that the added electronics will not have an impact on current efficiency numbers and with the costs already way out of proportions, I have no idea how this gets passed the budget committee and even if they get some kind of new Cisco device (which is one of the leading cyber authorities) the hardware will not come cheap and it will require a new OS to make it work. I wonder if relaunching ADA would be a solution. It would be allowing one of ADA strengths to be deployed and if the NSA can boost the security and it is implemented with a newer version of Cisco Cyber Constructs, there is a decent chance it might work but all this requires specialists working together and in the IT field that is almost a challenge on its own (like making a submarine fly). So I have no idea where it all will end, but taking into consideration that the expected acquisition costs is set to $406.5 billion, with total lifetime cost (i.e., to 2070) to $1.5 trillion in then-year dollars, and the cyber equation will ramp up costs by another 10% (rough estimation) and my estimation is set to the fact that it is smooth sailing, but that has never been the case so there is every chance that the F-35 will break all records, including cost to produce.

That is my mere speculative thought in the equation that the FCW brought to light. 

Leave a comment

Filed under IT, Military, Politics, Science

Getting a mute to lead the blind

Confused? Good! It has been going on for a little while, but Al Jazeera heads the setting of others with ‘Is the US crackdown on spyware firms just getting started?’, the article (at https://www.aljazeera.com/economy/2021/12/22/is-the-us-crackdown-on-spyware-firms-just-getting-started) gives us “The Biden administration blacklisted Israeli spyware firm NSO in November, but experts say more needs to be done.” Well, that might b e nice, yet the absence of evidence means that they take to the streets with the stupid and flammable people. It becomes even worse with “a collaboration by Amnesty International and a coalition of media outlets – revealed that NSO’s software was sold to authoritarian governments that used it to spy on political leaders, journalists, executives and human rights activists, including people close to murdered Saudi journalist Jamal Khashoggi.” As I personally see it, it was a collection of wannabe’s and fakes. They are that because evidence was not ever presented. And now the plot thickens, you think it does not? Well hold on, we are about to really up the throttle on this.

You see Bloomberg hands over the evidence I claimed all along. I wrote in several articles that if that list of 10,000 numbers was real the NSO Group would have a $400,000,000 piggy bank. But Bloomberg gives us ‘Pegasus Spyware Maker NSO Group Throws Cash at New Ventures to Survive’, where we are treated to “Israeli spyware firm NSO Group burned through most of its cash this year in a desperate bid to move past the scandal surrounding its phone-hacking tool Pegasus, according to a person with knowledge of the matter and private financial documents seen by Bloomberg News”, this could be seen as implied evidence that the money was never there, as such the list has to be (to a larger) part fake. Something I saw in less than 5 minutes, but all these wannabe essay writers You know, the one the Guardian has in Washington DC, as well as a wannabe essay writer at the United Nations with an outspoken hatred of Saudi Arabia. All going on flames and friends, but not a lot of evidence. Last Week at Wired we also get ‘Google Warns That NSO Hacking Is On Par With Elite Nation-State Spies’, but I will get back to that. You see the Bloomberg article (at https://www.bloomberg.com/news/articles/2021-12-21/nso-group-burned-up-most-of-its-cash-to-shift-away-from-pegasus) also gives us “Two American funds have expressed interest in NSO’s Eclipse technology — which can detect, commandeer and land drones — and in its new big-data analytics platform, for which the company signed its first contract this quarter, the person said. Pegasus would either be shut down or brought under the same umbrella as the other businesses in a bet that U.S. ownership would improve its standing, according to the same person.” In this I personally think that these American Funds can go and get fucked (apologies for the language), you see if the NSO is on a blacklist, the Americans can go try and make it run on a kite. 

Although, there is every chance that China, Russia and optionally Saudi Arabia might want these technologies. So as we consider Wired giving us “The exploit mounts a zero-click, or interaction-less, attack, meaning that victims don’t need to click a link or grant a permission for the hack to move forward. Project Zero found that ForcedEntry used a series of shrewd tactics to target Apple’s iMessage platform, bypass protections the company added in recent years to make such attacks more difficult, and adroitly take over devices to install NSO’s flagship spyware implant Pegasus.” You see what Google (Apple too) isn’t telling you is that the transgression was possible to begin with. This is not some nerd in his mothers basement. This is the kind of person that can equal if not surpass both the NSA and GCHQ. More importantly both Google and Apple were not prepared, so just how many gaps are there in mobile phones? You want to complain about Huawei and their security dangers? Google and Apple are doing that all by themselves, just like Cisco did, but you probably missed those articles. Credit to Cisco of alerting everyone to this, but the media was eager to ignore it, much sexier to accuse Huawei without evidence.

So whilst the White House idiot gave the people a blacklisting, we get:  “NSO issued a statement at the time saying it was “dismayed” by the Biden administration’s decision and that its technologies “support US national security interests and policies by preventing terrorism and crime”” So now the parts are here, we get to my use of ‘White House Idiot’, fair enough! You see, as the finances show that members of the media have been lying (optionally by not vetting information). We also see that the members of the NSO Group might sell to anyone BUT the Americans. A stage that will cost America greatly, especially if China acquires this technology. So after they squandered weapons sales to Saudi Arabia (I am still hoping for my 3.75% bonus on sales to China), the setting is now that one of the most sophisticated pieces of intrusion software might end up where no one wanted it to go, it reminds me of the old saying regarding ‘A cornered cat’, and it serves the mother goose brigade as I personally see it and you can see it too, you merely need to look at the actual claims and the fact that we see words like ‘alleged’, we see ‘might be infected’ and we see no clear number system. No dashboard that gives optional validity to the claims by wannabe essay writers. 

You know what? I am slightly too angry. First the yanks go all out on Huawei whilst evidence was never presented, now we see that the 5G networks are AT BEST a mere 50% of what Saudi Arabia has and in case of the US it is a mere 1.4% of 1%, it is THAT slow. Now we see the same exercise and it will be anyones guess who ends up with the NSO group software. It will be up to the NSO group to decide, yet I feel strongly that it should never end up in American hands. A person should not be allowed to be THIS stupid and being given a slice of cake, if it does happen, it better be valued at several billions. If you are THIS stupid, you cannot be much of a software maker, so pay you will, optionally Google could buy it to make their hardware more secure. It is a stretch and it is a steep price, but it could mean that the Apple supremacy ends and that might be worth a bag of coins to Google. 

Yet the best moment was when I saw that the media nailed their own coffin (the finance bit), so whilst Wired and the Washington Post did the right thing, the others can take a long walk of a short pier as far as I see it. Oh yes, the Wired article was at https://www.wired.com/story/nso-group-forcedentry-pegasus-spyware-analysis/ 

One day until Christmas, I reckon it is that time of the year when we take a little more time to see what weapon systems are out for sale. I need a new hobby!

Leave a comment

Filed under IT, Media, Politics, Science

Turmoil of doubt

We all have it, at times and some more often we doubt. Whenever I see such doubt I think back to a story that I heard in primary school. It was about Lakshmi and the greedy beggar. You might have guessed it, or perhaps you know the story. The beggar just wants in the end one coin more and ends up with nothing. This is a setting we know where it goes, but now let’s change the premise. I could end up with $3.7 billion over 3-5 years of Google, Amazon or Huawei buys my IP. I could optionally make $250,000 if I publish an idea of intrusion I have. An idea they all overlooked and could give a certain wall street player the insight on certain patents that would be accepted within 30 days. With this method I speculatively could make another 3 million, yet that would also mean that I can no longer rely on the larger amount to ever become mine. What would you do? The small amount now or hoping for the best? I am not breaking any laws, because I am showing a flaw, two actually and the law has close to no chance of finding substantiative evidence. So I am basically in the clear. So what to do?

Well, I am also a story teller, so here goes (it was a simple riddle).

Between a larger technology firm and a patent office is a link, they mail and they take all the precautions. The messages go from router 1 to router 2 via what some might know a router table. Now no matter what the path is, at some point it will go via router N1. That is how the beans take the high or low road. So I got the idea to place a listener to ANY router one jump away from Router N1, so it could be almost anywhere. That place we call Router X0, it was my idea for the Hop+1 solution. There is a second part, this part means we need to get to that router somehow, whether it is internal solutions of intrusion. The idea was to replace the CF card in that router with an identical one, but there is one difference, it might state 64MB, but it has 256GB and one small internal component sets the 64MB apart and the rest is a floating drive. The floating drive has its own dynamic and it installs a small program in the memory of Router N1, that program will copy EVERY packet directed to Router 2 towards Router X0. There is almost no chance to detect it, when someone resets it, the program is gone, the evidence is gone. The memory card will unless dissected not show anything and there too is nothing to show what is going on, the CF card will know when it can forward packets to the end station when it can hide in other traffic, unless a System administrator reads the ENTIRE log, there is nothing to see. The receiver now has a collection of packets of traffic from Router 1 to Router 2, which also includes a message that Patent acceptance was achieved, the Wall Street Firm now has an advantage to place the right options and stock ahead of all the others and when the rest catches on the larger profits are raked in. 

A setting of not so speculative anticipation of profit and when the deed is done, both routers are reset and the evidence is gone forever. There is one remaining part, that is the CF card, yet id that went to an empty mobile station that might not be the problem, the only issue is getting the card back, leave no evidence behind. These System administrators are often underpaid, so that might not be an issue either. 

An idea that I had when I was wondering how Sony was transgressed upon, because there was no way that North Korea had that level of know how. In this setting it was an internal setting, optionally a disgruntled employee, but it was all speculative from my side, it felt more realistic than North Korea with its lack of technology. 

So will I doubt? Yup, I will remain hopeful the three true innovators will take my IP, if not, ah well. Still time to make it all public domain, what Wall Street tends to call pubic domain, not sure why but there you have it. Have a great Monday!

Leave a comment

Filed under Finance, IT, Science

The devil rang

This is too good, I had just finished yesterday’s article and the Guardian gives me ‘Spyware can make your phone your enemy. Journalism is your defence’, in this that I have some troubles accepting that journalism is my defence, they are al about circulation and satisfying their shareholders and stakeholders (optionally advertisers too). But the article came at the right moment, even as this is about Pegasus and the NSO group. Whenever I look back at the title ‘Pegasus’ I think back to Pegasus mail and windows 3.1. It is a reflex, but a nice one. So, the article gives us “The Pegasus project poses urgent questions about the privatisation of the surveillance industry and the lack of safeguards for citizens”, which is nice, but Microsoft, Solarwinds and Cisco made a bigger mess and a much larger mess, so pointing at Pegasus at this point seems a little moot and pointless. (Microsoot’s Exchange anyone?)

Yes, there are questions and it is fair to ask them, so when we see “This surveillance has dramatic, and in some cases even life-threatening, consequences for the ordinary men and women whose numbers appear in the leakbecause of their work exposing the misdeeds of their rulers or defending the rights of their fellow citizens”, yes questions are good, but the fact that millions of records went to the open air via all kinds of methods (including advertiser Microsoft) is just a little too weird. And it is not up to me, it was The Hill who asked the people (5 days ago after the Kaseya hack gone public, the larger question that actually matters ‘Kaseya hack proves we need better cyber metrics’ and they are right, when we see “Once “infected”, your phone becomes your worst enemy. From within your pocket, it instantly betrays your secrets and delivers your private conversations, your personal photos, nearly everything about you” we read this and shrug, but at this point how did a third party operator (NSO group) get the data and the knowhow to make an app that allows for this? Larger question should be handed to both Google and Apple. The fact that the phones are mostly void of protection comes from these two makers. This is a setting of facilitation and a lack of cyber security. The NSO group decided to set a limited commercial application (more likely to facilitate towards the proud girls and boys of Mossad) and they took it one step further to offer it to other governments as well, is that wrong?

So when we see “All of these individuals were selected for possible surveillance by states using the same spyware tool, Pegasus, sold by the NSO Group. Our mission at Forbidden Stories is to pursue – collaboratively – the work of threatened, jailed or assassinated journalists”, if that were true, we would see a lot more articles regarding the 120 Journalists jailed in Turkey, not to mention the 60 journalists that were assassinated (read: targeted killing exercise) there as well. The papers are all about a journalist no one cares about (Jamal Khashoggi) but the other journalists do not really make the front page giving pause and skepticism to “the work of threatened, jailed or assassinated journalists”, my personal view is that the advertisers and stake holders don’t really care about those lives. Then I have issues with “This investigation began with an enormous leak of documents that Forbidden Stories and Amnesty International had access to”, was it really a leak, or did one government take view away from them (by Amnesty International) and handed it towards the NSO group? A list of 50,000 numbers is nothing to sneer at, as such, I doubt it was a leak, it was a tactical move to push the limelight away from them and push it somewhere else. As we consider Kaseya, Solarwinds, Microsoft and Cisco, the weak minded democratic intelligence players from the Unified Spies of America come to mind, but I admit that I have no evidence, it is pure speculation.

And then we see the larger danger “But the scale of this scandal could only be uncovered by journalists around the world working together. By sharing access to this data with the other media organisations in the Forbidden Stories consortium, we were able to develop additional sources, collect hundreds of documents and put together the harrowing evidence of a surveillance apparatus that has been wielded ferociously against swaths of civil society”, who did they share access to? Who reports to another faction that is not journalism or is purely greed driven? In this, the article (at https://www.theguardian.com/world/commentisfree/2021/jul/19/spyware-can-make-your-phone-your-enemy-journalism-is-your-defence) gives us one other gem, it is “not to mention more than 180 journalists from nearly two dozen countries”, as such we see 0.36% of the data is about journalists, so if I was to look at a slice and dice dashboard, how will these 50,000 people distribute? So when we see “If one reporter is threatened or killed, another can take over and ensure that the story is not silenced”, yes, how did that end up for those journo’s in Turkey? What about outliers in data like Dutch journalist Peter R. De Vries? He is not getting the limelight that much in the last three days, you all moved on? You pushed the limelight towards Jamal Khashoggi for well over a year, who achieved less than 0.01% compared to Peter R. De Vries. I reckon that this article, although extremely nice is there to cater to a specific need, a need that the article does not mention (and I can only speculate), but when we see all this holier than though mentions and we see an inaction on Turkey’s actions, as well as a lack of news regarding Peter R. De Vries, I wonder what this article was about, it wasn’t really about the NSO group and Pegasus, they are mentioned 4 and 7 times, the article was to push people towards thinking it is about one thing and it becomes about the 0.36% of journalists in a list of 50,000, all whilst the number is mentioned once in the article without a breakdown. Someone else is calling, when you answer, just make sure the local number is not 666.

Leave a comment

Filed under IT, Military, Science

Your data or your life!

It is not the dream, not this time. I was persecuted by a Construction AI with diminishing reality capacity, but in the humour side there were a few criminals trying to get away with a golden car (like Goldfinger) and they got in the middle, so there. No, today is about Ransomware. Reuters gives us ‘Ransomware breach at Florida IT firm hits 200 businesses’ (at https://www.reuters.com/technology/200-businesses-hit-by-ransomware-following-incident-us-it-firm-huntress-labs-2021-07-02/). Like the solarwinds issue we see “The attackers changed a Kaseya tool called VSA, used by companies that manage technology at smaller businesses. They then encrypted the files of those providers’ customers simultaneously” and no one, most visibly the media is asking the questions that needs asking. The Microsoft Exchange issue, the Solarwinds issue, now Kaseya. We understand that things go wrong, but as I see it the hackers (read: optionally organised crime) have a much better understanding of matters than the lawmakers and police do, we see this with “encrypted the files of those providers’ customers simultaneously” and that is before we consider that ‘an American software company that develops software for managing networks, systems, and information technology infrastructure’ has the kind of security that can be trespassed upon. And why do I think this? It is seen “The attackers changed a Kaseya tool called VSA, used by companies that manage technology at smaller businesses” and contemplate the issue that this had been happening for the last 5 months. A lack of larger systems as well, and all this continues as the law is close to clueless on how to proceed on this. We see statements like “In their advisory and further incident communications, Kaseya said that only a few out of their 36 000 customers were affected”, yet CNet gives us “REvil, the Russia-linked hacking group behind the attack on meat processor JBS, is linked to the Kaseya attack, The Wall Street Journal reported. Security firms Huntress Labs and Sophos Labs have likewise pointed to REvil”, which gives the law the problem that a member must be a proven member of REvil and that is largely not the case, moreover they have no clue how many members are involved. When one player gives us “We are in the process of formulating a staged return to service of our SaaS server farms with restricted functionality and a higher security posture (estimated in the next 24-48 hours but that is subject to change) on a geographic basis”, all whilst one of the victims is the largest grocery store in Sweden (COOP), the setting of “only a few out of their 36 000 customers” becomes debatable and it will affect the retail stage to a much larger degree, especially when you consider that they are cloud based. I stated in the past (based on data seen) that 90% of the cloud can be transgressed upon. And they are all servicing the larger stage of people dealing with IT requirements on a global scale. Now consider that cloud systems remain largely insecure and beyond the fact that ITWire was giving us “SolarWinds FTP credentials were leaking on GitHub in November 2019” and it was a direct results from someone who thought that ‘solarwinds123’ was a good idea. Oh, I remember a situation involving Sony and stated that there might be an issue that someone (I implied the Pentagon) had a router with password ‘cisco123’, I did that in ‘The Scott Pilgrim of Technology’ (at https://lawlordtobe.com/2019/05/23/the-scott-pilgrim-of-technology/) in MAY 2019, and did anyone learn anything yet? It is now 2 years later and still we see these levels of transgressions? Some might say that IT firms are helping REvil get essential revenues, some might say that these IT firms got themselves in this mess. So when we look at some firms relying on ‘Five years of experience for an entry-level job’, or perhaps “Any of the following will be grounds for immediate dismissal during the probationary period: coming in late or leaving early without prior permission; being unavailable at night or on the weekends; failing to meet any goals; giving unsolicited advice about how to run things; taking personal phone calls during work hours; gossiping; misusing company property, including surfing the internet while at work; submission of poorly written materials; creating an atmosphere of complaint or argument; failing to respond to emails in a timely way; not showing an interest in other aspects of publishing beyond editorial; making repeated mistakes; violating company policies. DO NOT APPLY if you have a work history containing any of the above” (source: Forbes). All this in a stage of age discrimination and narrow minded thinking of HR departments. Yes that is the dynamic stage of people that have bad passwords and a stage of transgressions. So whilst we might think it is a stage of ‘Your data or your life’, there is a larger stage where the law has a bigger issue, it has the issue of IT firms cutting cost and having a blasé approach to the safety of their systems, and more important their customers. And whilst ABC New York gives us “The number of victims here is already over a thousand and will likely reach into the tens of thousands,” said cybersecurity expert Dmitri Alperovitch of the Silverado Policy Accelerator think tank. “No other ransomware campaign comes even close in terms of impact” (at https://abc7ny.com/amp/ransomware-attack-4th-of-july-cyberattack-kaseya/10859014/) we see a first stage where the statement ‘only a few out of their 36 000 customers were affected’ is as I personally see it marketing driven panic. And that is a much larger case. I get that the firm hit does not want too much out in the open, but between a few, 2% and optionally a stage that could go beyond 27% is a setting too many are unable and too uneasy to consider. And when we see that 27%, do I still sound too ‘doomsday’ when I state that there is a much larger problem? And when we see the media go with ‘MSPs on alert after Kaseya VSA supply chain ransomware attack’, all whilst I stated a few issues well over 2 years ago, they should have been on the ball already. I am not blaming the MSP’s, but I do have questions on how their systems are so automated that an attack of this kind (the stated 1000+ customers hit) all whilst some sources state 50 MSP’s, there is a stage where triggers would have been there and the alarms were set to silent because some people might have thought that there were too many false alarms. This is a different stage to the larger playing field, yet I believe it needs to be looked at, especially when the damage can be so large. I am not certain what work lies ahead of the hit customers like COOP that had to close down 800 supermarkets, but in all this something will have to give. 

Leave a comment

Filed under IT, Science

Choices and Wisdom

We all have all kinds of wisdom, what we learned in school and that what as further tempered by work and eduction. Then there is the wisdom we get over time, from the things we have enjoyed doing, or loved doing for decades. No this is not some weird way to tell others that we are all well grown gynaecologists (without a medical education we really are not), yet some events, like photography, music, filming, gaming, reading. These are skills that develop over time. Some will never be great writers, but they grow a knowledge that allows them to recognise good and great pieces of writing, some will see great movies and TV series from the early beginnings, some will recognise a really great game. We all grow such skills, some faster and more complete than others. And here is where I am now. With Keno Diastima I am now at an impasse. I completed the thoughts on the cliffhanger on season 3, and as I see it, it will be one that will make jaws drop all over the field, yet what next? Try to get into season 4? Or end the story with a wide open ending? For some reason the second one is appealing to me. I haven’t thought of where to go in season 4, that is true enough, but in all that the setting of an open ending is appealing. It lets the viewer imagine what would be next. I personally never liked the American approach to finalise everything. The setting is that in the first finalisation is overrated, in the second it is that life is never complete, if we finalise we cannot perfect, if we cannot perfect we can grow, we can become better, the finalised people are mediocre or will never know the perfection they could have been headed to. It is like a lot of Ubisoft games, they are below par. 

Am I correct?
Well, the balance of probability states me to be correct, yet in opposition, we see God of War 4, Ratchet and Clank Rifts apart, Miles Morales. The PS5 is showing a whole host of games that ended up close to perfect, all whilst Ubisoft showed us games that were mediocre between 70% and 80%. So we have two stations, one showing me that I am right, one making it debatable and I am in the middle trying to make a choice. In all this I am wondering what to do. Even as I saw another side of some of the settings that I designed, as I see more and more evolutions in the IP I created, I also see that anything can be improved on, Keno Diastima is no exception. And in this yes, there is more to explore, but the appeal of finishing a story on a high is weirdly appealing. I wonder if J. Michael Straczynski faced this at the end of season 4 of Babylon 5? 

So how should I go about it? I am asking this of myself. Perhaps in a few days I see the light and a larger idea opens up, but it is not a guarantee. And within me the struggle continues shall I move forward, or not? It is a stage of wondering, not a stage of fear. Not a stage where we see ‘US lawmakers have introduced five bills aimed at limiting the power held by Big Tech companies’, bills that were designed out of fear, because overhauling the tax laws to fit all was too dangerous, powerful friends would be out in the cold and demonising a few is preferable, not unlike the Nazi’s who demonised the gypsies, the jews and a few others, remember that? How did that end? So when you see “The bills were drafted after a 16-month investigation into the powers of Amazon, Apple, Google and Facebook” consider that a law on 4 is discrimination, an overhauled tax law including the 4 is the right direction. I have said that for the better part of 2 decades, yet we see an investigation of 16 months. How is there any level of equilibrium? How is there balance on al fronts when 4 are demonised? So when will they limit Netflix and Disney plus to give ‘equal’ way to the others? It is the beginning of dead people trying to live a little longer. Soon America will see a larger setting, soon they will claim the union of patents and IP into the economy, because it will be best for all the people, a limitation of 5 is preferable over the denying to nearly all, and the US still has no plan to avoid overspending by trillions on an annual basis. So whilst I look at the optional ending of a great ride, they are merely looking at the continuation of a mediocre ride and there is the rub, there is the flaw. We see it in movies, TV, games, books and software, yet we do not catch on, life is unpredictable. Those who wield choices to their end are all about staying in power, even though they do not contribute and they are scared, China is on their heels to surpass them technological and economical, a twofold loss. So whilst CNBC gives us ‘U.S.-China relations are ‘still deteriorating,’ says former U.S. ambassador’, we need to consider that the US overplayed itself economically in well over a decade and whilst they needed to strap expenses, they refused to do so, they entered a road of iteration, all whilst a nation without true innovation has no place to go, but to become a following sheep and the innovations by Huawei are proof of that, Apple, IBM, Microsoft all iterative, all whilst I designed more original IP by myself then all of them together. And that is separate from the ideas on movies, TV series and games I came up with, and that is besides the additions to existing games. 

I feel happy in some way and sad that several government are so scared and so dependent on the US that it is almost scary that the media (from a multitude of sources) are merely copy and pasting some news. Consider ‘Romanian president signs bill into law to ban Huawei from 5G’, as well as ‘‘No concrete proof’ of espionage: Malaysia on verge of Huawei 5G deal. For me the issue is that the US and others have NEVER EVER shown evidence that Huawei equipment was used for espionage. In opposition the equipment in use (Cisco for example) allows for example allows for all kinds of sneaky acquisition of data. The sources via Solarwinds are proof of other larger flaws, Huawei equipment is not needed. When you consider that and we see the US accusations, as well as copied accusations by others, all whilst no evidence was ever produced. The Verge gave us “There is no hard evidence to support this notion, and some of the reasons put forward for this notion are weak. For example, the background of the chairmen of Huawei. Huawei founder Mr. Ren Zhengfei once served in the People’s Liberation Army. As we know, serving in the army was one way of getting out of poverty for people in the countryside, which is where Mr. Ren is from. His time in the army was a short one and he was not in any important position”, as well as “Any supposedly safe Chinese product is one firmware update away from being an insecure Chinese product”. The second one is optional, but that applies to all American hardware as well, but the media is not giving us that part, are they? The media did (to the largest extent) avoid for the longest time to look into the Cisco flaw(s), even as Cisco informed their customers close to immediately. So what is wisdom? I am not sure if I am the right person to state that, but I do feel that limiting 5 players whilst they were not illegally acting is wrong on several levels and all whilst the IP and patent stage remains open, as such I will make a case for my IP to be placed in either the UK or Canada. They seem the safest place and when other figure out what I have figured out and the IP and patents of the Fortune 500 end up being registered in these two locations over the US, you will see that I am correct and the US will find them self in something close to a Wall Street free fall soon thereafter. 

Leave a comment

Filed under Law, Media, Politics, Science

Feel free to lose control

Yup, we all have that. You, me, pretty much everyone. Even the Catholic cleric in [censored], should you doubt that, ask any choir boy there. So when the BBC gave us ‘Facebook sued for ‘losing control’ of users’ data’, I merely shrugged and went ‘Meh’. You see, it is not about “the case against the technology giant, expected to last for at least three years, will argue a “loss of control” over users’ personal data warrants individual compensation”, which is hypocrite on a few levels, we see people handing over data and fact to complete strangers in Facebook and plenty of other social media paths. We laugh at “Coolum resident Essena O’Neill, 19, said she was paid up to $2,000 for the posts, which show her posing with products and often in revealing positions. With more than 600,000 followers on Instagram and 260,000 on YouTube, Ms O’Neill has deleted many of her original photos and re-captioned others with more honest descriptions” (ABC, 2015). We also get (two weeks ago) ““I accidentally posted a picture on Instagram of my wine glass and I was naked,” she said whilst nervously laughing. Then, she went on to explain that you could actually see her naked body in the reflection of the wine glass”, is anyone buying this? Social media has been used on a huge number of settings revealing ‘accidentally’ facts that normally do not get to see the light of day, and in all this we are given ““loss of control” over users’ personal data”? Go cry me a river! In the mean time, did anyone see Alexander Nix, Julian Wheatland, Rebekah Mercer, or Steve Bannon in the dock of a courtroom in any of the hit countries? In this the quote “harvesting of Facebook users’ personal information by third-party apps was at the centre of the Cambridge Analytica privacy scandal” applies, a third party app, was there any documented agreement, or documented acceptance of the harvesting of personal data? I do not see Microsoft in the dock in court over their exchange failure that had hit 250,000 businesses, so why not? And when we see “Cambridge Analytica’s app on Facebook had harvested the data of people who interacted with it – and that of friends who had not given consent” did anyone consider putting the board of directors of Cambridge Analytica in prison? I wonder how far we have strayed from the flock of convictions to go after the money and not the transgressors. I do get it, it is a rule or Torts, the mere “go where the money is” is not a wrong setting, but in this setting all the blame on Facebook seems wrong. They are not without fault, I get that, but to see a reference to Journalist Peter Jukes giving us “leading the action, claims his data was compromised”, so how was his data compromised? What evidence is there? In turn I have equal issues with “The Information Commissioner’s Office investigation into these issues, which included seizing and interrogating Cambridge Analytica’s servers, found no evidence that any UK or EU users’ data was transferred by [app developer] Dr [Aleksandr] Kogan to Cambridge Analytica”, I wonder how far backup investigation went, in turn the setting of ‘no evidence that any UK or EU users’ data was transferred’ is almost preposterous, the data was collected, as such it went somewhere, the fact that the Information Commissioner’s Office couldn’t find that part is mere icing on the cake of Cambridge Analytica. In addition, when we see “Mr Jukes told BBC News it was not about “where the data went” but rather “that Facebook didn’t care”. “They didn’t look after it,” he said.” Can this be proven? ‘Didn’t care’ is subjective and presumptive, we can agree that security measures failed, yet ‘They didn’t look after it’ is equally unproven, and these people are not going after the people of Cambridge Analytica as THEY transgressed on the data. As such as we look at Eton boy Alexander Nix, in the setting of “Nix agreed to a disqualifying undertaking prohibiting him from running U.K. limited companies for seven years after permitting companies to offer potentially unethical services, while denying any wrongdoing”, he got a mere slap on the hand, with a mandatory 7 year vacation all whilst we are told ‘denying any wrongdoing’, in addition there is “agreeing to delete previously obtained data”, a 2019 agreement, so where was the data all this time? Let’s be clear, Facebook has made blunders, huge ones, yet in light of the fact that Microsoft gets a mere fine and the issues is closed after that, why keep on going after Facebook? When we see ZDNet give us ‘Microsoft Exchange Server attacks: ‘They’re being hacked faster than we can count’, says security company’ two weeks ago (at https://www.zdnet.com/article/microsoft-exchange-server-attacks-theyre-being-hacked-faster-than-we-can-count-says-security-company/), what gives, why are they not being sued for setting a dangerous precedence on corporate information? We go after Huawei without evidence, we ignore alleged criminals and their app transgressions with our data, but it is fine to go after Facebook whilst ignoring the massive flaw that is Microsoft? So what gives?

So yes, we can lose control all we like, but if we hamper the courts with empty cases that are set on emotion, all whilst people like Alexander Nix, Julian Wheatland, Rebekah Mercer, and Steve Bannon are allowed to return to positions and try again? And what about Cambridge Analytica? As it was soon thereafter acquired by? The only reason I see to acquire Cambridge Analytica is because of hardware, because of software and because of data, so who is looking into that, preferably all before we lose time slapping Facebook around? I see very little after 2018, but perhaps Peter Jukes is too busy to see were his alleged compromised data optionally went. 

So whilst we giggle on statements like “I accidentally posted a picture on Instagram of my wine glass and I was naked”, we see a setting where a large group of people are using social media for all kind of things, the limelight most of all and in this we need to separate the real issues from the fictive cash cows. In this, did you wonder if the people are realising that Wired gave us a mere hour ago “collaboration platforms like Discord and Slack have taken up intimate positions in our lives, helping maintain personal ties despite physical isolation. But their increasingly integral role has also made them a powerful avenue for delivering malware to unwitting victims—sometimes in unexpected ways” (at https://www.wired.com/story/malware-discord-slack-links/) and that is a mere tip of the iceberg, a massively large one. How many apps are a gateway to YOUR system? So when we take notice of “hackers have integrated Discord into their malware for remote control of their code running on infected machines, and even to steal data from victims”, as such in that case it is not the nude reflection shot that matters, it is the wineglass porn that some people decided not to post that is out there for everyone to see. Consider the words by Stephen Fry on 2014, when he said “The best way to prevent nude pictures online, is to never pose nude”, or something according to those lines and he is right, the best social media is the boring one, where you just say hi and connect to relatives. But the limelight is for some just too appealing and to give everyone the lowdown on all your needs and that is what players like Cambridge Analytica were banking on. As such, when we add that light, that spotlight, what data of Peter Jukes was transgressed on and in light of the Exchange server issues, the Cisco issues and the larger stage of interconnecting apps, can it even be proven that it was Facebook? 

I’ll buy popcorn for that court case, it should be fun.

Leave a comment

Filed under IT, Law, Media, Science