Tag Archives: FTI

Some small bits

We all see them, we all face them and even as there is no overwhelming story out there, I think it was time to set up a look at the small bits, the parts I have already given view to and now I am adding to them. 

Huawei

The first part is ‘Huawei row: Trump chief of staff to meet Dominic Cummings‘, here we see another media driven attempt to ban Huawei from the UK, the UK is now as much a bitch as the Australian government. So far the US has not given any evidence that the Huawei hardware can be used to spy on people by the Chinese government, so far the US is not even sending that person with a really bad haircut, so that he could compare barbers with Boris Johnson, no he is sending his acting White House chief of staff, Mick Mulvaney. Even after Richard Grenell gives us “to make clear that any nation who chooses to use an untrustworthy 5G vendor will jeopardize our ability to share intelligence and information at the highest level“, in my response ‘what intelligence?’ at present the CIA is regarded as one of the least trustworthy intelligence providers, we could argue that Facebook has better intelligence than the CIA does (hurts doesn’t it?)

Now, if the US had provided intelligence on Huawei several Cyber experts would nitpick that intel, yet the setting is out there, there is no evidence whatsoever, the US is fearing for its life and its economy. The backdraft is also there, any nation will get an advantage over whatever paperback spinal cord is supporting the US without evidence. All because the US cannot control its national corporations, we all must pay.

We can treat “A group of backbench Conservatives also wants Johnson to commit to remove all Huawei kit from British phone networks over time” with optional disgust as well, even as there is no stage set on ‘over time‘, as I personally see it these acts are profit driven, not national security driven, even as some will make a claim in that direction. 

Jeff Bezos

You know the man, the intelligent man with the really long forehead (read: bald), was hacked, it happened in 2018 and the media keeps on blaming the Crown Prince of Saudi Arabia, yet there is no evidence. In light of all that had happened, the idea that any Crown Prince is THAT hands on with an issue is overlooked on several levels. The FTI report reads like a joke and personally, if Mr. Bezos pays THAT much for what I personally see as trash, than I have optionally 4 IP stages, one unfinished book and over a 1000 articles for same for the mere price of $50,000,000 post taxation (50% for the IP and the rest is a gimmick), you see at least I am willing to say that upfront. In addition, his own paper gives us on January 28th “Indeed, in October 2018, Michael Sanchez and AMI entered into a nondisclosure agreement “concerning certain information, photographs and text messages documenting an affair between Jeff Bezos and Lauren Sanchez,” according to three people who have reviewed the agreement. The existence of the contract was first reported by the New York Times. One of those people also confirmed a Wall Street Journal report that federal prosecutors who are investigating whether the Enquirer tried to extort Bezos have reviewed the text messages that Lauren Sanchez allegedly gave to her brother and that he then provided to the tabloid.” as I personally see it several parties owe Crown Prince Mohammad bin Salman bin Abdulaziz Al Saud a few apologies and all kinds of Saudi catering hoping that it will appease his royal highness. On a personal note, I reckon he will be jealous of my yacht by the CRN ship wharves, so as we see the wealth of Jeff Bezos, he might just want to say ‘Sorry!’ to his royal highness and spend 0.5% of his wealth to appease that rather rich party with a yacht (so that mine will remain optionally safe, when it is completed). And no matter how it all get spinned, the UN report needs to be nitpicked and rather quickly, too many questions remain and even as we see that a person with knowledge of the investigation who was not authorized to speak publicly about its progress, or as the Washington Post is skating around the trandsetting term ‘anonymous source‘, which would place them on the same scale as the Enquirer, they give us “It’s possible that the Saudis hacked Bezos’s phone and Michael Sanchez independently got the photos from his sister and some people were trying to get paid and some people were trying to get Bezos,” all whilst there is no actual evidence that the hacker was Saudi, I did away with that quite nicely in ‘6 Simple questions‘ (at https://lawlordtobe.com/2020/02/03/6-simple-questions/), whilst the 6th question ‘Why on earth is the UN involved in an alleged Criminal investigation where so much information is missing?‘ was never answered by any media EVER! (OK, as far as I know).

Yet there is a reason why we bring this all, it is seen (at https://www.inc.com/jason-aten/facebook-says-apple-is-to-blame-for-hacking-of-jeff-bezos-phone.html) where we get introduced to ‘Facebook Says Apple Is to Blame for the Hacking of Jeff Bezos’s Phone‘, with the optional part “Nick Clegg, said that the hacking of Jeff Bezos’s phone wasn’t the fault of WhatsApp, pointing instead to the Apple iOS that powers the iPhone X Bezos was using. Or, at least, that’s presumably what he was trying to say, though his answer when asked by the BBC was largely incomprehensible“, as well as “he argued, “It sounds like something on the, you know, what they call the operate, operated on the phone itself.” To be clear, he didn’t specifically mention Apple by name, however it had been previously known that Bezos was using an iPhone X at the time he was hacked“, I find it debatable, but it takes the court away from the Saudi Crown Prince and a few others, if that hack is not one that NSO Group’s Pegasus or Hacking Team’s Galileo uses, then we have a much larger issue, one that is not identified and even as it takes the Saudi players off the board, it does not take the issue away. The NSO group has loudly denied the entire issue and this gives them the option to do that, so far the FTI report is too shabby, it does not seem to warrant or deny the optional allegations. So as we see: “someone actually took advantage of a vulnerability that WhatsApp itself has already acknowledged was an issue and issued a fix. It’s even more confusing that he attempted to pass the blame to Apple“, I personally feel in agreement with the writer, the entire WhatsApp feels like to comfortable solution, yet that vulnerability was out in the open and there is still no evidence that it was done by Saudi hands, even now, the list of perpetrators is growing, pushing the optionally (and alleged) Saudi players to the bottom of that list. I would advise Brainy Smurf Jeff Bezos that he pays up as fast as possible (and sizeable) before it becomes a behemoth of an issue that a mere sorry and a box of chocolates will not solve. 

Yemen

You might have heard of that place, apparently there are a few humanitarian issues playing and even as we now see ‘UN Condemns ‘Shocking’ and ‘Terrible’ US-Backed Saudi Coalition Bombing That Killed 31 Yemeni Civilians‘, we are given “Those who continue to sell arms to the warring parties must realize that by supplying weapons for this war, they contribute to making atrocities like today’s all too common“, yet the EU and the US are happy that this all continues. My evidence? Well consider that we see today ‘The EU has agreed to deploy warships to stop the flow of weapons into Libya‘, all whilst a similar action in Yemen would have diminished the dangers over two years ago, so how many ships had the EU to set up a blockade to stop weapons going into Yemen? As far as I can tell, there is an unwritten consensus to give as much freedom to Iran as possible. I gave that part in ‘Media, call it as it is!‘ (at https://lawlordtobe.com/2018/11/03/media-call-it-as-it-is/) almost 18 months ago, so why exactly is Yemen not an issue and Libya is? It is oil and everyone is dancing around the stage hoping for a barrel full of the substance. Yet the Yemeni don’t matter, if you doubt that you merely have to read the articles, all about complaints and condemning, not about action packed events, are they? And in all this Xavier Joubert, director of aid group Save the Children Yemen is equally to blame, does he give the stage in a proper setting? Does he give any information on the actions that Houthi forces have been eager to take forward (including those on children)? Nope! So when we see “after Houthi rebels claimed to have shot down a Saudi Tornado jet Friday in Al-Jawf province“, as well as ““possibility of collateral damage”—a common euphemism for civilian deaths“, yet how many enemy troops were there? that part is not given as it takes the power away from their own story, yet the story they give us is out of whack. So whilst people like Lise Grande come up with “it’s a tragedy and it’s unjustified“, all whilst for well over two years a blockade could have optionally limited the damage that could have occurred, yet no one is willing to skate that track, are they?

All whilst we see (at https://www.timesofisrael.com/pompeo-calls-for-action-against-iran-after-us-navy-seizes-weapons-sent-to-yemen/) ‘Pompeo calls for action against Iran after US Navy seizes weapons sent to Yemen‘, a stage that was set this week, we see the laughingly entertaining ‘World’s silence has emboldened Saudi-led war crimes in Yemen: Iran‘, all whilst we see Iranian Foreign Ministry spokesman Abbas Mousavi giving a speech on what he calls War Crimes, at the same stage where they send hundreds of missiles into Yemen, there is only so much hypocrisy I can stomach and Iran is handing us way too much. So whilst the Islamic Republic of Iran continues to defy the UN Security Council, we need to start being honest about the Yemen situation, the EU does not care about Yemen, it has nothing to offer, yet the US has on this occasion stopped one of several Iranian supply ships. I wonder how many were missed, the ongoing war clearly gives rise to the fact that this war will not be over soon and as such more civilians will die, it is the clear consequence of a war.

These are three of the small bits that I am adding today, there have been a whole range of issues I touched on in the last few days, yet these small bits are important parts to other information I gave out. 

Have a great day, see you all tomorrow

 

Leave a comment

Filed under Finance, IT, Media, Military, Politics

Evidence? Why?

I ignored the news initially, as I saw it, it was nothing more than some bash piece on Saudi Arabia. Yet something hot me, it was just a thought and it was: ‘What if I illuminate parts and let common sense people decide‘ (which takes out many journalists and mostly all politicians). As for me? The issue is that the media is all about bashing any royal part of Saudi Arabia, all whilst ignoring evidence (and debatable evidence to a much greater degree, their pursuit of circulation and agreeing to the beat of shareholders and stakeholders has gone to the heads of too many editors and I get a real rush to illuminate this part.

I have never ignored evidence, yet just like with Huawei, it is seemingly all about the big bully shouting, whilst the deciding world for the most ignores evidence and I think that it is a weird situation. Not merely in this blog, but on a few matters, we will get to hold them to account in a few years, at that point these people will make hastily formulated excuses whilst running to their mummies to get breastfeeding (I reckon).

So, lets begin. In the first we have ‘How the UN unearthed a possible Saudi Arabian link to Jeff Bezos hack‘ (the Guardian at https://www.theguardian.com/technology/2020/jan/22/how-the-un-unearthed-a-possible-saudi-arabian-link-to-jeff-bezos-hack) as well as ‘Did Saudi Arabia’s crown prince hack the Amazon king?’ (the Economist at https://www.economist.com/middle-east-and-africa/2020/01/25/did-saudi-arabias-crown-prince-hack-the-amazon-king), a nice side effect is that the Economist, is viewed and acted on on the 24th of January, whilst the article states that it is the Jan 25th 2020 edition, but enough about that. Let’s start with the Guardian who tells us “The UN’s demand for law enforcement authorities to conduct a proper investigation into the alleged hacking of Jeff Bezos’s mobile phone came after it reviewed the findings of a cybersecurity firm, FTI“, we might not see anything here, yet the UN, who is underfunded and strained has time for this? Is this another US Essay like the one by some French girl on the killing of Jamal Khashoggi? And what about ‘after it reviewed the findings of a cybersecurity firm, FTI‘? This implies that the United Nations called for the inspection, notified a cyber security firm (FTI) and investigated the phone of some so called billionaire (postage and shipping required). So why exactly is this not with the police or an official investigative body like the FBI Cyber division?

Following this we get the real beef with “concluded with “medium to high confidence” that it had been compromised because of actions attributable to a WhatsApp account used by the Saudi crown prince, Mohammed bin Salman“, first of all, if I want to investigate the corruption at an army base, I will not go in as the lawlordtobe, I would enter the situation as some poor schmuck who is from the city of Noonecares. It is almost like an assasination and the official in question uses his own service revolver instead of someone else’s. And what goes with ‘medium to high confidence‘, what evidence was uncovered? Then we get the part where is all falls to shambles. With “The UN was careful not to be definitive. Instead of pointing the finger, its statement said the apparent hack had been achieved using software “such as NSO Group’s Pegasus or, less likely, Hacking Team’s Galileo, that can hook into legitimate applications to bypass detection and obfuscate activity”“, just like the Khashoggi essay fiasco, the UN is all about being not definitive, as such we want to know how accusations can be made when you are not definitive. As such I would like to point the UN troll to a kids game called Clue, there in that games (for ages 8+) we are introduced to the concept of evidence, where you need to collect facts and state “I am accusing Colonel Mustard who killed Dr. Black (aka Mr. Boddy) in the Kitchen using the lead pipe” and then we look at the evidence and see if the claimant had his or her facts straight. None of that CIA BS where we see ‘medium to high confidence‘, I would offer that if the confidence is already medium, what was not looked at and what was discarded. The statement comes directly before “The NSO Group, an Israeli cyber-surveillance firm, strongly denied that its surveillance tools were responsible“, as such we are left with ‘less likely, Hacking Team’s Galileo‘. so there is a mountain of doubt on an article that throws the Crown Prince of Saudi Arabia in a bad light and there is seemingly an increasing lack of evidence. As we go on, we see the NSO giving the statement that offers direct opposition to some firm called FTI with “These types of abuses of surveillance systems blacken the eye of the cyber-intelligence community and put a strain on the ability to use legitimate tools to fight serious crime and terror. We expect that all actors in this arena put in place stringent procedures and technological controls, such as those that we have put in place, to assure that their systems are not used in an abusive manner“, as such there are larger questions not merely on the UN for setting the stage of something that is not on their plate, they apparently went to another small operation (who knows) and let them set up the stage of doubtful and debatable documentation, doubtful as we get one of the implied companies go directly into denial and setting a document based on evidence that is regarded as ‘medium to high confidence‘.

And then something beautiful happens. We see “The FTI report cited by the UN special rapporteurs, Agnes Callamard and David Kaye, noted that both NSO and Hacking Team, an Italian company, offered tools that could theoretically have performed the attack” where we are (again) introduced to that UN essay writer, the one that had given us the joke called some Khashoggi report (Agnes Callamard), as well hiding behind ‘tools that could theoretically have performed the attack‘, the idea that this joke from a building based at 760 United Nations Plaza, Manhattan, New York City, New York 10017 and hide behind the word ‘theoretically‘, as such pardon my French (oh, that was funny!) but how the fuck does she still have a job?

For several reasons I will not use the Economist (as I am not a subscriber), but the quotes in their magazine “which was soon used to steal large amounts of data—though the un did not say exactly what, or how it was used” as well as “It called for an “immediate investigation”. The Saudi embassy in Washington, dc, said the accusations were “absurd”.

As I see it, the UN is nothing more than an advertising paper tiger, adhering to the commands of some stakeholder (identity unknown), if this was a direct action by the UN, those people need to be investigated immediately, I feel decently certain I will get both China and Russia to sign off on this, as this has the distinct smell that comes from neither region, so they would score a win, in addition to that, the UN would have to submit data as to what exactly was taken and how it could be identified, which is also an issue that is unclear and optionally unclear to the UN people involved. 

The Verge had a lot more, they had (at https://www.theverge.com/2020/1/23/21078828/report-saudi-arabia-hack-jeff-bezos-phone-fti-consulting) the actual report, and there we see on page one we see the person we need to hackle for information, it is Anthony J. Ferrante who needs to give us the names of who this so called ‘Confidential Report’ was given to, because it seems that it was leaked. And there we see the originator (vice.com) giving us “The report, obtained by Motherboard, indicates that investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it. Instead, they only found a suspicious video file sent to Bezos on May 1, 2018 that “appears to be an Arabic language promotional film about telecommunications.”“, however, this is not the end. They also give us “Investigators determined the video or downloader were suspicious only because Bezos’ phone subsequently began transmitting large amounts of data. “[W]ithin hours of the encrypted downloader being received, a massive and unauthorized exfiltration of data from Bezos’ phone began, continuing and escalating for months thereafter,” the report states“. In this I state OK, let’s take an actual look.

And they do give us more, quotes like “The digital forensic results, combined with a larger investigation, interviews, research, and expert intelligence information, led the investigators “to assess Bezos’ phone was compromised via tools procured by Saud al Qahtani,” the report states“, as well as “A mobile forensic expert told Motherboard that the investigation as depicted in the report is significantly incomplete and would only have provided the investigators with about 50 percent of what they needed, especially if this is a nation-state attack“, ““They would need to use a tool like Graykey or Cellebrite Premium or do a jailbreak to get a look at the full file system. That’s where that state-sponsored malware is going to be found. Good state-sponsored malware should never show up in a backup,” said Sarah Edwards, an author and teacher of mobile forensics for the SANS Institute“, and “The investigators do note on the last page of their report that they need to jailbreak Bezos’s phone to examine the root file system. Edwards said this would indeed get them everything they would need to search for persistent spyware like the kind created and sold by the NSO Group. But the report doesn’t indicate if that did get done.“, which is as I personally see it the shallow political BS that some people go for. As such we see in the report “The following investigative steps are currently pending“, and more profound, on page 4 we see: “On May 1st, 2018, Bezos received a text from the WhatsApp account used by MBS“, my issue here is that this might have been the infected one, yet if I did that, I would use an originator that was real. And there we have it, the Dailymail gave us ‘New bug allows hackers to send fake messages pretending to be you – and there’s nothing you can do to stop them‘ (at https://www.dailymail.co.uk/sciencetech/article-6039533/WhatsApp-users-beware-Hackers-send-fake-messages-pretending-you.html) with the additional text: “First discovered by Israeli cybersecurity group CheckPoint Research, the flaw is incredibly complex and involves a gap within the app’s encryption algorithms. Writing on their website, the team said the vulnerability could make it possible for a hacker ‘to intercept and manipulate messages sent by those in a group or private conversation’ as well as ‘create and spread misinformation’. Hackers could use the bug to alter the text sent in someone else’s reply to a group chat, essentially ‘putting words in their mouth’, the group said.

It took me 5 minutes and Google search to find this. I am not stating that this is true and that the Daily Mail is the source to use (they often are not), yet this is a larger failing, I expected this from the very beginning, the origins of the setting was not properly investigated. Then Vice.com gave us “the report is significantly incomplete and would only have provided the investigators with about 50 percent of what they needed“, which is what I expected before I read one word of the accusation, and with US Essay writer Callamard involved (yes again it is her) we see what this is, another mindless attack on a nation and one person. They did not even bother getting him properly smeared, and no one is asking questions, I reckon that the involved stakeholders are likely to go for the, if we create enough barbeques, someone will shout fire: ‘I ran’ for office! Anyone?

what is the most irritating part is that the UN is again used as the cheap tool that they are. In this there is also the involvement of the FTI and more interesting that a Cyber Security firm did not look past the simplest trappings, as as we consider the optional involvement of Anthony J. Ferrante we need to consider sending quota to all 49 of the Global 100 companies that are FTI clients. Even if it was merely to make a few people sweat. When a non Cyber adapt like me can see through this part they have a clear problem and whether Anony Mouse Bezos was part of this or not will not matter. There is one other part in the report that should be considered. On page 2 we see “More significantly. al Qahtani is known to have played a key and senior role in the killing of Washington Post columnist Jamal Khashoggi.” In the first, he was acquitted (in a Saudi trial) and there has been no other trials, as such the statement should be read as false, no clear evidence was ever presented. In the second, as this is part of the executive summary, it seems that this was a way to blatantly strike out against one individual and the evidence is not corroborating any of this, too many questions are left unanswered and the media is not asking them either, as such I wonder what is to be believed, especially in light of the Daily Mail ‘revelation’ last August, which implies long in advance of this report. The fact that this (optional) fact is ignored gives out a much larger issue, the work in incomplete, debatable and political, not factual, as such sending serious cyber letters to the 49 of the Global 100 companies that are FTI clients, as I personally see it, these players are all about facts and when their provider and be painted as open for considerations, we should entertain all kinds of questions. 

I would also look at the footnotes and take a larger look at that descriptive part, I wonder what is left once I have had the chance to take a red pencil through this report. Now, I am not stating that Crown Prince of Saudi Arabia Mohammad Bin Salman Al Saud is innocent, I am merely considering that his evidence is so shallow, that I would never accuse him of anything, not before a lot more work was done (and a lot more footnotes were properly weighed), in this consider on page 3 footnote 8. When we go there, we see that the article is Lorenzo Franceschi-Bicchierai a member of Motherboard (so why is there no Motherboard article that is the source), we see “An investor from Saudi  Arabia is apparently behind a company that bought a stake in the controversial spyware vendor” where ‘apparently‘ is the operative word. It is also where we see: “Hacking Team was thoroughly owned, with its once-secret list of customers, internal emails, and spyware source code leaked online for anyone to see“, were all these customers on a secret list investigated? There is also ‘spyware source code leaked online for anyone to see‘, a small fact that is apparently not investigated, additional players all optionally ready to give someone called Bezos the time of his on-line life. Then we get “this apparent recovery is in part thanks to the new investor, who appears to be from Saudi Arabia“, a line ruled by, you guessed it ‘apparent‘ and ‘who appears‘, so much filtering and doubt, and in this FTI used that as a footnote source? A program co-owned for 80% by none other then David Vincenzetti. That does NOT make HIM a guilty party and neither is there any convincing evidence of any kind towards the Crown Prince of Saudi Arabia Mohammad Bin Salman Al Saud.

When I see all this I wonder if the UN (or FTI) has any clue how much we should regard them as tools. I cannot tell at present what kind of tools they are, but my personal view is that if this is the debatable level of evidence that some employ, we all are in so much more trouble then we ever thought.

 

1 Comment

Filed under IT, Law, Media, Military, Politics, Science