Tag Archives: GCHQ

November 4, 2022 · 00:16

Negative Similarity Authority

Yup, me trying to be clever and finding an alternative for ‘No Such Agency’ (NSA). I reckon that this is for them. I do not keep any IP for the hunting of terrorists and other people in similar lines of work. The idea hit me today, I cannot tell whether it was sparked by the Metadata directional assistant, something I wrote about a year ago. Or that is was a reference to a jump in time I made when I went back to the late 80’s and BASICODE. This last one needs an explanation. In the late 80’s someone came up with the concept of  basic that would work anywhere (I think it was a way to plug MSX systems) and radio programs would tell you to record what was coming and you hear a fax like sound, but then via radio the entire script was transmitted and these people could play the cassette on their computer and load the program. I was a geeky nerd, I had a disk drive, not a cassette. But for some reason the thought came to me. What if we add an inaudible sound to the conversation, not digital, but analogue. Something added to the conversation that cannot be edited out, not directly anyway. So kidnappers, terrorists, and all kinds of people would be transmitting part of their location in the message. The first mobile tower for example. It is not a complete solution, it might need tweaking, but that is why I leave this idea to the NSA (GCHQ can go nuts on this too). Consider that smartphones are getting smarter, the makers are making ‘privacy’ a noble goal (whilst assisting criminals in their work), so what if the noise is not the digital path, but an added analogue part, possibly in the ultra law side of the spectrum (the high part sets of dogs and those with sensitive hearing), so I reckon that ultra low is the way to go. It would be nice if the signal towers respond more like radar (so a direction could be added) but that might be too much of a catch. An alternative is three antenna’s in a place like London or New York and like Decca they give their signal and it gets incorporated in the signal. And as 5G towers need overhaul and there would be a priority approach, it might make issues easier for the suited players (FBI and aligned players). 

I wonder if this could work, suddenly we consider not what is digitally possible, but what analogue solutions could be added to the digital fold. 

Yes, it might be a crazy idea, like one of my previous bosses stated, but he threw away the idea I created and what would become reality in Facebook, so that told me years later what he knew (basically nothing) and as I am about to prove that three times over, my mind started to be creative all by itself and this was the result. No idea if these people can make it work, or if they see anything in this, but at least I added options without charging them. And now it is time to imitate a sawmill (snore like the devil until 05:30) 

Have a fun day.

Advertisement

Leave a comment

Filed under IT, Military, Science

Tagged as , , , , , , ,

October 24, 2022 · 19:04

When is a stamp not a stamp?

That is the thought I was confronted with when I saw an article this morning. It linked to an article to the beginning of the year and it was about stamps, and I initially ignored it (there is only so much I can read), but today I saw the article (at https://www.bbc.co.uk/news/business-63367733) giving me ‘Royal Mail: 100 days left to use stamps without a barcode’ and this time it held my attention. In the article we see “Royal Mail introduced barcoded stamps in February, saying they would open up possibilities for “new innovative services.” The long-term plan is that people will be able to watch videos, find out information and send birthday messages to each other through the barcodes which can be scanned with the Royal Mail app”, but the implications are a lot larger. 

There are all kinds of intelligence implications not short term, but long term. If it can be paired to this setting, it could also be paired to where that stamp was bought, over time we can connect it to who bought it and that list extents almost indefinitely. QR codes are that solution too and let no lulling of some innocent setting tell you otherwise. It makes sense, the UK has billions of pounds getting shipped through royal mail under the eyes of the police, under the eyes of intelligence and something had to give. There was no other way, and frankly it is kind of ingenious, it seems no one else had the idea and that gives the UK an edge for a much longer time. 

And as I look at the solution, I wonder why no one else hd the idea, I certainly did not. I still mail things at time, but it is rare that I do so and we accepted a stamp as the most mundane of solutions and someone (a Brit no less) decided to evolve the stamp and how it is used. I reckon that someone in GCHQ will also be bucking for a promotion, because if I see this right, the criminals who rely on the mail solution will soon be out of business and that is a victory that should not now or ever be underestimated.  

Leave a comment

Filed under IT, Media, Military, Science

Tagged as , , , ,

April 26, 2022 · 20:14

Bring out your CV

The CBC had two articles last night, the first one I dealt with in the previous tory. This one can be found (at https://www.cbc.ca/news/politics/cse-candidates-hiring-cyber-1.6426275) ‘Ottawa needs more codebreakers — but spy agency says finding them isn’t easy’ and that is not even half the story. It is not a Canadian issue, it is a global issue. So when we see “Canada’s electronic spy agency, the Communications Security Establishment, is set to receive a large influx of funding to launch cyber operations and ward off attacks on government servers, power grids and hospitals.” It’s always nice to receive funding. But the reality is a little harder. I spoke about part of this in ‘Red flags’ (at https://lawlordtobe.com/2022/02/24/red-flags/) there were too many red flags and they are eager to charge a fair penny. Summits, courses and in some cases you do not even need an IT education, but a bachelor education is expected. It is a Wild Wild Cyber West out there and the problem is that there are too few stages where we can separate the good from the shallow. So when we see “CSE, which gathers and decodes signals intelligence and is also in charge of technology security for the government, says it receives 10,000 to 15,000 job applications per year. But only about one or two candidates out of 100 applicants go on to be hired after the skills testing and background security checks.” We see part of the problem. Have you seen it? It is seen in “about one or two candidates out of 100 applicants go on to be hired after the skills testing and background security checks”, the funnel needs inverting. Instead of seeking in the same place, seek somewhere else. Seek in the military and governmental technical support places. Seek in the places you overlook and hire these people. It is nice to hire that one bright light. We all want that, but who considered hiring the 20-50 that can overcome the ‘background security checks’ then start TEACHING them. Out of the 50 you educate whilst they are employed in several places you end up with 10-25 people ready to take the challenge instead of relying on the 1-2 candidates. When you need 1500 of them, my approach makes sense. Yes, you can try to get to the techies from the University of Toronto, but so is commercial land and they pay a lot better, so you need to hope to get the few with a calling, or you open the stage to a larger group and set them in all kinds of governmental fields, where there is a large shortage too. All sides that needs attending too and not all will end with the CSE, GCHQ or whatever Australia and New Zealand have, but all these governments have large shortages including their Cyber police and a few other places. It is time to change the way hiring is done all over the Commonwealth field because they are all coming up short and having different divisions that have shortages, so why are they not taking a hard look at what else is possible? If not these places will all end up in a bidding war like they saw in the 90’s and they will come up short again. Oh and whilst Amazon is desperately seeking 250,000 people and where do you think they will look next? The second plan (my crazy wild idea) gives the people a long term plan, long term employment and a larger setting of choice with one application instead of 5-15 applications. 

But this is only possible when some people take a long hard look at what they used to do and see what COULD be done. 750 application runs, or 60 application runs, what makes more sense? I will let you decide.

Leave a comment

Filed under IT, Law, Military, Science

Tagged as , , , , , , , , , , , , , ,

April 24, 2022 · 09:29

Gapping data

I did take notice of the story, but there were other considerations. So what is the issue with a two week old story? Actually there is nothing wrong with the time gap, it actually works out nicely. Yet before we go anywhere, lets take a look at ‘A data ‘black hole’: Europol ordered to delete vast store of personal data’ (at https://www.theguardian.com/world/2022/jan/10/a-data-black-hole-europol-ordered-to-delete-vast-store-of-personal-data) there we are given “The EU’s police agency, Europol, will be forced to delete much of a vast store of personal data that it has been found to have amassed unlawfully by the bloc’s data protection watchdog.” Here I have an issue with the stage of “amassed unlawfully”, then we get “The unprecedented finding from the European Data Protection Supervisor (EDPS) targets what privacy experts are calling a “big data ark” containing billions of points of information. Sensitive data in the ark has been drawn from crime reports, hacked from encrypted phone services and sampled from asylum seekers never involved in any crime.” There we get “hacked from encrypted phone services and sampled from asylum seekers never involved in any crime” You see, the biggest problem in any data set are the data gaps. MISSING VALUE analyses will not get you anywhere and data cannot be analysed on data that is not there. As I see it, the commercial world amasses worlds of data and the EDPS (European Data Protection Supervisor) does next to nothing. We could start an argument that the EDPS is catering to organised crime, but that might be a stretch. I know my data has been collected by CIA, FBI, GCHQ, Mossad, DGSE and at least two other organisations. You think I care? I live my life and keep doing what I am legally allowed to do. The data merely reinforces this. So why is there such a rush to maim the mobility of Europol? I have nothing against laws, I believe that laws are important, but how stupid is it to set up the laws to hinder the law? When our data is all over Microsoft, Google, Amazon, GTCOM and whatever Russia has. The 4,000 TB that is to be deleted will serve organised crime and criminals, no one else. And more importantly it will not protect refugees, if anything, the data shows them to be innocent. Did no one make that leap? You see I oppose “Europol had worked with the EDPS “to find a balance between keeping the EU secure and its citizens safe while adhering to the highest standards of data protection”, the agency said.” I oppose it because data does not protect or endanger lives, it is the one wielding all that data does and whilst commercial enterprises are given a wide berth avoiding their ‘legal’ teams, the EDPS has to prove its existence by having a go at Interpol.

Yes, it is their job, but in what job do you hand opportunity to criminals, organised crime and terrorists? 

And the Guardian is appeasing the stage buy giving the simplest of examples, the example that makes you go ‘awww’. But the example “The political activist, whose only serious run-ins with police amount to breaking a window to gain entrance to a building and create a squat for homeless people, was removed from the Dutch watch-list by authorities in 2019. But a year prior to this removal he had moved to Berlin, which unknown to Van der Linde at the time prompted Dutch police to share his data with German counterparts and Europol. The activist discovered his entanglement with Europol only when he saw a partially declassified file at Amsterdam city hall.” So a criminal, guilty of breaking and entering, that is the simple truth. But we are not supposed to see that, are we? And when the next assault is not in London, but Amsterdam and the gapped data will show to have been an option to stop this, what will the EU give as a response? 

 

Leave a comment

Filed under IT, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , ,

April 20, 2022 · 05:13

The simplicity of a label

That is at times a setting, not the setting, but an option. You see it is easy to paint all the piggie’s pink, but at that time we end up with all the painted piggies and piglet. Yet is piglet the one we were looking for? That is one of the settings and my issue with ‘No 10 network targeted with spyware, says group’. The article (at https://www.bbc.com/news/uk-61142687) is not entirely wrong. But when I see “The Citizen Lab says it informed officials that suspected Pegasus spyware was discovered in 2020 and 2021, with the Downing Street incident linked to operators in the UAE.” My suspicious mind has questions. Now, I accept that the Citizen Lab has expertise and knowledge, I am not attacking that. It is the statement “The Citizen Lab, which tracks electronic surveillance, said in 2020 and 2021 it notified the UK government that networks belonging to both 10 Downing Street and the Foreign and Commonwealth Office were suspected to have been infected using Pegasus spyware.” You see, ‘suspected’ is all good and well, but were the suspicions properly investigated and confirmed, or is that all it was, a suspicion? And it does not get better when we see “in the UK a number of official phones were tested including those of the prime minister, but it was not possible to establish which device was infected or what – if any data – was taken”, as such there is a suspicion and a lack of confirmation of which device was infected, whether data was captured and what the outcome was. And it does not end there. The statement “the suspected Foreign Office infections were believed to be linked to operators of Pegasus in the United Arab Emirates, India, Cyprus and Jordan.” You see, not only is the method a problem (through lack of evidence), but how in the hell can it be fingered to operators from United Arab Emirates, India, Cyprus or Jordan? Sometimes the simplicity of a label also has the lack of clarity. 

Why Jeeves, why?
It is actually simple. These are a few names: EverC, Sentar, Ignitho, PhishLabs, AppDetex, CyberInt, CareMessage, and Geneca. Eight names, all competitors to the NSO group. They all have ‘their’ solutions, they all have their ways and they might not be as good as the NSO group, but these players are raking in the millions. It is not impossible that they planted NSO materials, or  use a ‘friend’ to infect NSO guided options to lead the trail away. All speculation and none may be true or factual, I accept that. Yet the article gives us nothing but suspicions, no facts, no evidence and it is all given weight by “linked to an investigation by the New Yorker magazine which looked at the targeting of individuals campaigning for Catalan independence from Spain”, so what does the New Yorker magazine have and how do the two matters connect (if they connect at all). Consider the price of an NSO infection (it is enough to buy a 2022 Ford Mustang 5.0L Fastback, shadow black) and as people tend to rate cars higher than any Catalan interest, the list of interested people grows short really fast, the sliver thin comparison makes me suspicious even more. And to complete matters “The Citizen Lab said it believed the Downing Street suspected infection was linked to the United Arab Emirates.” So not only is there no evidence that an infection took place, they have a suspect too?

All half way statements, all half baked evidence and the lack of evidence that shows some clarity. All whilst I found 8 options at the drop of a hat. And I can tell you right now. I have no evidence of ANY kind. Yet the writings of some lack evidence too. So what makes the press so hungry for alleged illumination of the NSO group and the UAE all whilst there is no clear evidence? 

Questions should be asked, but I believe that additional questions should be asked of people who have been linking certain events with the near total lack of evidence. And it matters, because if we see the allegations that No.10 network is infected (which would be interesting to ANY party with non-UK or anti-UK needs). So there is a drastic need for the minions of Ken McCallum to wake up and find out what is going on. It might be essential to get the GCHQ goblins active as well, it is a digital issue so GCHQ gets to be connected to this. 

Yet none of the parties have clear evidence and no one can prove that it was not a competitor, there are larger plays in actions and they cannot be identified with piggy pink. Yet the station is optionally served by paint and finding WHERE it leads could be beneficial, but that is merely my thought on the matter. So far the media I have seen tells me little and the accusations and links are a little too shoddy to my liking.

It stands to reason to state that I do not completely trust the BBC article, thee is nothing wrong there, but too little of it is right and does not sit well with me, but that is just me, and I do not trust anyone, a habit of the beast and thorough knowledge on knowing that the beast is a self serving entity in all this, it always has been.

 

Leave a comment

Filed under IT, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , ,

March 20, 2022 · 13:33

Coin number two

Yes, after the first coin (previous article) the second coin becomes a reality. Yet this coin is a lot more speculative, there is a side we do not know, we cannot know because we are not in the know. Anyone not part of their operations, is not privy to a lot of it and those who are not and make claims are lying to you. That is a simple truth. I am not in the know, I do not know and I speculate, or I make educated guesses, and I tell you that I do, but the truth of the matter is that I am NOT CIA, so I cannot tell what they are doing. 

Yet here we hit a snag. You see the BBC gave us yesterday ‘Ukraine: How crowdsourcing is rescuing people from the war zone’ (at https://www.bbc.com/news/technology-60785339), so there we see that civilians are more successful and more clued in than the CIA is? How screwed up is that? So in the article we get “They, in turn, send information in real-time about safe roads to drivers who can rescue busloads of people”, as well as “they are crowdsourcing safe passage out of a war zone.” And this differs from CIA extractions… how exactly?

A stage that could have been set up from the very beginning and the US did not do this. A stage that would have been on the forefront of GCHQ and MI6 from the beginning. But there is a seemingly large lack in activities by a few intelligence operators aren’t there? Is this evidence that there is a lack of funds, an indication that there is a larger lack of resources? Or is it mere speculation from my side and are they operating through crowdfunded operations? It is all speculations and it is less about the speculations and less about who is right and who is wrong. It is about what can be done and what should be done for the Ukraine. I get that, I am not singular or selfishly driven. But some out there are and their game is costing lives. I understand that governments for the most cannot get directly involved. But between full in and not in at all there is a difference and I am starting to rack up the questions on how governments did not act in Syria, how they knowingly and intentionally delayed nearly all actions in Yemen, now we see too many players dragging their heels in Ukraine. The jet setting between Poland and Ukraine and the connected US and Poland actions should have raised a lot more questions then were actually asked. The stage is larger, I get that. Yet the connected inactions should raise questions. Reuter gave us three days ago ‘UK says there is “very very strong evidence” Russia’s Putin behind war crimes in Ukraine’. Really? Very strong evidence? How is that for flaccid? And the UN, on March 2nd they gave us that Russia committed war crimes, yet how many actions were taken by governments? When we rack those tallies and we see inactions we can (speculatively) conclude that governments are either too poor, or too poorly stacked for any actions. And we wonder why China does not act and why Russia does not care?

Questions are coming and no answers are coming forward, not even by the media on either side of that equation. That’s just a thought for Sunday. 

Leave a comment

Filed under IT, Media, Military, Politics

Tagged as , , , , , , , , , ,

March 14, 2022 · 02:45

Not so funny now, is it?

This al started in 2018. In that year I wrote 4 articles. In the first setting a premise that the entire matter does not fit the bill, the bodged assassination, the larger station of failure through complexity. It never made sense and I was clear about that. Yet I believe that MI5 ignored me on this (I would too, honestly) but I would investigate. You cannot be so warped as to think it would stay there. And I gave the larger station in ‘Something for the Silver Screen?’ (at https://lawlordtobe.com/2018/03/17/something-for-the-silver-screen/), ‘The man in the middle’ (at https://lawlordtobe.com/2018/08/07/the-man-in-the-middle/), ‘Could I be wrong?’ (at https://lawlordtobe.com/2018/09/06/could-i-be-wrong/), and ‘Investigating Self’ (at https://lawlordtobe.com/2018/09/12/investigating-self/). Over 4 articles I set a scene that optionally  included KalVista Laboratories and Porton Biopharma, not because they were guilty, but because they had the equipment that a Novichok maker required. There was laughter all around and I merely ignored it. Now the guardian (in an opinion piece) gives us ‘Putin has already deployed a chemical weapon. In Salisbury’ (at https://www.theguardian.com/uk-news/2022/mar/13/putin-has-already-deployed-a-chemical-weapon-in-salisbury), we see different parts here. Parts I never considered addressing or investigating, as it was not part of the out and open pieces seen. The Guardian gives us “It’s just four years too late. Because he’s already used unconventional weapons. Not in Ukraine, but right here, in Britain. On 4 March 2018, Putin deployed a chemical weapon against a civilian population. Our civilian population. Us.” As well as “The poisoning of Sergei Skripal may have played out in the British press as a “botched assassination attempt”, but that’s just half of a more terrifying story.” So in all it seems that someone is late to the party and before you wonder who, it is MI5. It is 4 years later and I am partially proven correct. Partial because even as I noticed the wallet fatteners, the station of uninvestigated county. I never had anything on Evgeny Lebedev (I had nothing to link him on in the first place) but that makes my scene a mere partial one. It seems that Carole Cadwalladr had more information and better linked information than I had. On the other hand I offered Leonard Rink from the beginning, others did not. And in the end the two Russian cathedral visitors might have been nothing more than a decoy, I gave doubt to a lot of issues there and no one else did (yay me). A station optionally missed by both CIA and MI5, I do say optionally as that is a hand you show no one and I get that. And when we are given “A year later, the Guardian would reveal that Johnson had travelled directly from that summit to the Italian villa of Evgeny Lebedev, the UK-based Russian newspaper proprietor. It published a photograph showing him alone and dishevelled at San Francesco d’Assisi airport, no security in sight.” Is anyone wondering if there is a security breach in progress? I certainly am. We can try and fit the pieces what we have, but it might be folly. There is enough indication that neither Carole or me have a complete picture, she merely make me boast towards a certain person at GCHQ “Not so funny now, is it?” And that is as good as my ego let it be, but I will snore like a baby soon enough (in about 635 seconds). 

Enjoy Monday!

Leave a comment

Filed under Media, Military, Politics, Science

Tagged as , , , , , , , , , , ,

February 24, 2022 · 03:27

Red flags

We all have them, we all see them, it is what comes next that matters. For me it was a visit to the introduction of a cyber course. There were so many red flags it was weird. The first flags came two days before the presentation, two emails to set the stage, one with the option to delay payment to six months after the course was done, the first sales pitch. Now there is nothing wrong with sales pitches, but here it seems misplaced, cyber space os pedantic to say the least. So I went to that presentation, even though there were already red flags going up. Then there was the event. To be honest, it wasn’t all their fault. There were IT issues and IT couldn’t figure out what was wrong. This happens, the moment sucks, but that is part of the game. 

Then there was the space, 2 attendants, the rest via zoom.  I was one of the two, no drinks, not even water. If it is a sales pitch, you want people relaxed, so how does a thirsty presentation go? They had bought water for themselves. Then there were no handouts, in case of a training you want people have the information, hand outs are a great option for them to have the slides and make notes. The presentation was not updated and was still saying November 2021, remember I stated pedantic? Then the presentation, so much mention of “You do not need to be from IT” and then all the examples of people who were from another education, there were good parts, but so much a sales-pitch. The number of red flags were passed and I left. 

So was I wrong?
There is no indication that they weren’t what they said they were, they were in a decent place, they did this with a well known University, so this was all on the up and up, but the hairs on my neck were up, it was about revenue, it was about sales and the approach was wrong. You see the article (at https://www.bbc.com/news/uk-60387324) gives some of the goods. It was titled ‘the con that tricked dozens into working for a fake design agency’, the BBC gave it two days ago and there we have the problem. The BBC gave us “those who had turned on their cameras didn’t know was that some of the others in the meeting weren’t real people. Yes, they were listed as participants. Some even had active email accounts and LinkedIn profiles. But their names were made up and their headshots belonged to other people.” The enforcing of a sales pitch. As such we see “the real employees had been “jobfished”. The BBC has spent a year investigating what happened.” You still think that being pedantic is something else than a virtue? Yes, we get “the job represented more than just a pay cheque – but a UK visa too. If they passed their six-month probation period, and met their sales targets, their contracts said Madbird would sponsor them to move to the UK” and there is the real pitch, exploitative slavery, hiding behind a piece of shit hiding behind “I have put 16 hours every single day for months and done the best that I could to make this work. I should’ve known better and for that I’m truly sorry.” No he isn’t and I feel that people like that should get one bullet through the back of their heads. We get “By February 2021, not a single client contract had been signed. None of the Madbird staff had been paid a penny”, we are given “Some recruits ended up leaving after a few weeks, but many stayed. Many had been there for almost six months – forced to take out credit cards and borrow money from family to keep on top of bills” that should have been a big red flag but in this world of pandemics, too many feel the pinch of desperation, but an agency that cannot pay you? That is an agency that has no real clients, no revenue and no real future at that point. We are given “a photo showing an open issue of GQ magazine, with Ali Ayad modelling a blazer in a full-page ad for Spanish fashion brand Massimo Dutti. “Hustle in silence, let your success make the noise,” read the caption.” As well as “a post claiming he had modelled for Massimo Dutti in British GQ which received 4,000 ‘likes’”, “Ali Ayad has over 90,000 followers on his Instagram – in his bio he describes himself as an “influencer”” as well as the stolen identities, I personally see a clear case for targeted killing. You see this world is changing and if State players can do the games they play, going after created leaks on Credit Suisse, hack and spell the goods through Pandora Papers, I can make a clear case that some of these exploitative nut-jobs are in the market for targeted killing. It is time that we clean the streets on both sides of the isle but not merely on red flags, that does not constitute evidence and for the Cyber setting I might be wrong, it is more than a gut feeling, it is more then small pressure point, it is more than a sales-pitch (which was never invalid) and the half dozen red flags I do not mention here is because they are personal, they are based on the corporate and university world I have faced over decades, and based on what THEIR bosses see as proper etiquette. The red flags does not mean wrong, it means that the pedantic levels I have seen in the cyber world does not constitute evidence, it does not and I know that. The BBC shows a different version, a version that it takes a year to get to a piece of shit like that. So when we see “We contacted all 42 brands Madbird had listed as former clients – including Nike, Tate, and Toni & Guy. None of those that responded had ever worked with Madbird.” We also see that this is becoming a much larger problem. And I have over 50 people for my case, some who lost thousands. I feel decently certain that the image he used is optionally not him, the stage of “Whilst Madbird and Ayad have seemingly vanished”, as I personally see it, the NSA/GCHQ better get fucking active, if players like this can play their tax the rich approach, they can also hunt down people like Ali Ayad and prove that they are serious about stopping certain crimes. The 50 people have rights and their rights were trampled upon. It was not mischief, it wasn’t some prank and it was not to do “the best that I could to make this work” it was exploitation, it was mislabeled slavery and it needs to stop. We cannot blame some of the social media on how people like this do what they do, but we can execute them. I prefer long term prison but so far Ali Ayad has vanished, and making him run in fear is better than him walking away to restart the scam somewhere else.

That is how I see it but here too is the problem. I am the problem on the relying of red flags, the setting of expectation regarding a pedantic setting, I get that, but between the two events is a borderline, I am not certain where it is, or where it should be, but that border needs to be created, governments have sat on their asses for too long and the wrong people are left with the bill of scammers, that is not completely on social media and more on governments, but that is merely how I see it and I admit, I could be wrong.

1 Comment

Filed under Law, Media

Tagged as , , , , , , , ,

January 26, 2022 · 23:41

When ding-dong goes clingaling

Yes, as titles goes it is a snazzy one, yet there it is. It all started for me about 6 hours ago and I took notice of the news. The initial issue I had with it is usually seen in dictionaries. When you seek Grundlichkeit you get:

Gründlichkeit noun
thoroughness [noun] care; attention to detail; also see German intelligence services.

So knowing what was in stock I decided to take another look, especially in light that the news is now also all over LinkedIn. 

There are two sides. In the first there is that I have no idea whether she is right or wrong, I DID NOT SEE THE EVIDENCE. That needs to be clear from the very first setting. However, as I was looking into an article from August 2021 giving us “When activist Lilith Wittmann drew attention to a security problem with a CDU app, the party pressed criminal charges against her” (source: Berliner Zeitung). There we also see “The Landeskriminalamt – a branch of the police focused on serious crime – is investigating the IT security researcher – as she calls herself. The CDU lodged a criminal complaint against Wittmann after she told the party about a security vulnerability in the CDU-Connect election campaign app. The activist has thus became the target of a paragraph in Germany’s criminal code for which the CDU is chiefly responsible.” And there as a 25 year old, we see that she worked in this field for 10 years, so she started in this field when she was 15. When the BZ adds “Paragraph 202c makes the interception of data a punishable offence. The law is considered controversial because, depending on how it is interpreted, it also covers people who investigate security vulnerabilities in order to report them, not to exploit them. Thanks to §202, Wittmann could now stand trial” Yet that is not enough, the article (at https://www.berliner-zeitung.de/en/the-cdus-leaky-campaign-app-li.176310) also gives us “Due to a security gap in the app software, data on around 500,000 people who had been visited by CDU door-to-door campaigners had been stored on servers without any major security barriers and was therefore basically open to public scrutiny. She could also access the data of about 18,000 users registered with the app – i.e. election workers – as well as 1,300 records of people who had indicated that they wanted to support the election campaign.” The numbers and facts are not that important. It is “Wittmann had been alerted to the potential security vulnerability on Twitter back in May.” It matters that she never discovered it, it does not mean that the issue did not exist, it implies that she is someone’s tool. She becomes the alibi no ones to be. So when I see ‘Apple AirTags Used by German Researcher Uncover Secret Intelligence Agency’ (at https://www.techtimes.com/articles/270997/20220125/apple-airtags-used-german-researcher-uncover-secret-intelligence-agency.htm) I wonder what actually is going on. You see, the Tech Times article gives us “a German researcher has used one to expose the secrets of the government, according to Apple Insider”, this leads us to “Lilith Wittmann, a German activist, claims that she has uncovered how Germany’s Federal Telecommunications Service is just a front for a secret intelligence agency”, is it though? Do not get me wrong, I believe that the Dutch AIVD uses KPN Telecom, GCHQ uses British telecom and so on and that puts the NSA in a bit of a mess (especially if they rely on Sprint Telecom), with a big laughing out loud at the end of that. Yet to see these companies (including the German Federal Telecommunications Service) as an intelligence front is a bit of a stretch. What I see (due to the Berliner Zeitung) is a wannabe with a chip on her shoulder, She is seemingly used as a tool, but to what end is not clear, and it will not be clear until someone digs into the data she was led to. Yes, I am distinct here, Twitter led her to one part, but I reckon that she is someones tool. 

German intelligence (thanks in part to East German Stasi) is unearthly painted with the colour of grundlichkeit, so the story does not fit and 4 years after the Apple Watches leading to a black site makes the Apple gadget a clear no go. And when we see “Some of the steps that she details can no longer be reproduced, like looking up a list of federal authorities online. Similarly, the researcher includes transcripts of phone calls with an official whose phone number that she reports then has stopped working.” We see evidence that is not verifiable and the sinister theorists of a dark nature will rely on “You see! That is evidence” It is not, it really is not. There are other paths to verification and I see none of them, someone is leading us through some rabbit hole telling us to ignore the sideways there but that is a shallow setting to anything that makes sense. I personally see nothing more than an article to set a system up for clicking and receiving digital dollars (an applied click bitch principle). 

And in the middle of it, a self proclaimed activist who worked in cyber security since she was 15, she should know better and she should have been able to present more evidence if there was any. You see German grundlichkeit is one thing, systems with log files are another, the most basic setting in any system and it is not seen here. It is not reported here. Why is that? You see, as I personally see it grundlichkeit also implies records (to show grundlichkeit), records can be tracked, they rely on log files (in many cases) and in many cases it leads to something, not that it is valid, but it could imply that and now we see a cyber operator (to coin a phrase) who uses an Apple AirTag and she does not have a log file to present that shows us something? Weird is it not?

I think she is being used, for what, by whom and to what end remains unknown, but perhaps German intelligence might make something of it, and me? I am hungry and I have deserved an ice cream. I would go for Weißwürste with Haxen and a large Munich pint with Kaiserschmarrn yet I am in Australia, so an ice cream will have to do. 

Unfolding the ravings of a conspiracy theorist makes me hungry, I never knew why.

Enjoy!

Leave a comment

Filed under Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , ,

December 23, 2021 · 23:16

Getting a mute to lead the blind

Confused? Good! It has been going on for a little while, but Al Jazeera heads the setting of others with ‘Is the US crackdown on spyware firms just getting started?’, the article (at https://www.aljazeera.com/economy/2021/12/22/is-the-us-crackdown-on-spyware-firms-just-getting-started) gives us “The Biden administration blacklisted Israeli spyware firm NSO in November, but experts say more needs to be done.” Well, that might b e nice, yet the absence of evidence means that they take to the streets with the stupid and flammable people. It becomes even worse with “a collaboration by Amnesty International and a coalition of media outlets – revealed that NSO’s software was sold to authoritarian governments that used it to spy on political leaders, journalists, executives and human rights activists, including people close to murdered Saudi journalist Jamal Khashoggi.” As I personally see it, it was a collection of wannabe’s and fakes. They are that because evidence was not ever presented. And now the plot thickens, you think it does not? Well hold on, we are about to really up the throttle on this.

You see Bloomberg hands over the evidence I claimed all along. I wrote in several articles that if that list of 10,000 numbers was real the NSO Group would have a $400,000,000 piggy bank. But Bloomberg gives us ‘Pegasus Spyware Maker NSO Group Throws Cash at New Ventures to Survive’, where we are treated to “Israeli spyware firm NSO Group burned through most of its cash this year in a desperate bid to move past the scandal surrounding its phone-hacking tool Pegasus, according to a person with knowledge of the matter and private financial documents seen by Bloomberg News”, this could be seen as implied evidence that the money was never there, as such the list has to be (to a larger) part fake. Something I saw in less than 5 minutes, but all these wannabe essay writers You know, the one the Guardian has in Washington DC, as well as a wannabe essay writer at the United Nations with an outspoken hatred of Saudi Arabia. All going on flames and friends, but not a lot of evidence. Last Week at Wired we also get ‘Google Warns That NSO Hacking Is On Par With Elite Nation-State Spies’, but I will get back to that. You see the Bloomberg article (at https://www.bloomberg.com/news/articles/2021-12-21/nso-group-burned-up-most-of-its-cash-to-shift-away-from-pegasus) also gives us “Two American funds have expressed interest in NSO’s Eclipse technology — which can detect, commandeer and land drones — and in its new big-data analytics platform, for which the company signed its first contract this quarter, the person said. Pegasus would either be shut down or brought under the same umbrella as the other businesses in a bet that U.S. ownership would improve its standing, according to the same person.” In this I personally think that these American Funds can go and get fucked (apologies for the language), you see if the NSO is on a blacklist, the Americans can go try and make it run on a kite. 

Although, there is every chance that China, Russia and optionally Saudi Arabia might want these technologies. So as we consider Wired giving us “The exploit mounts a zero-click, or interaction-less, attack, meaning that victims don’t need to click a link or grant a permission for the hack to move forward. Project Zero found that ForcedEntry used a series of shrewd tactics to target Apple’s iMessage platform, bypass protections the company added in recent years to make such attacks more difficult, and adroitly take over devices to install NSO’s flagship spyware implant Pegasus.” You see what Google (Apple too) isn’t telling you is that the transgression was possible to begin with. This is not some nerd in his mothers basement. This is the kind of person that can equal if not surpass both the NSA and GCHQ. More importantly both Google and Apple were not prepared, so just how many gaps are there in mobile phones? You want to complain about Huawei and their security dangers? Google and Apple are doing that all by themselves, just like Cisco did, but you probably missed those articles. Credit to Cisco of alerting everyone to this, but the media was eager to ignore it, much sexier to accuse Huawei without evidence.

So whilst the White House idiot gave the people a blacklisting, we get:  “NSO issued a statement at the time saying it was “dismayed” by the Biden administration’s decision and that its technologies “support US national security interests and policies by preventing terrorism and crime”” So now the parts are here, we get to my use of ‘White House Idiot’, fair enough! You see, as the finances show that members of the media have been lying (optionally by not vetting information). We also see that the members of the NSO Group might sell to anyone BUT the Americans. A stage that will cost America greatly, especially if China acquires this technology. So after they squandered weapons sales to Saudi Arabia (I am still hoping for my 3.75% bonus on sales to China), the setting is now that one of the most sophisticated pieces of intrusion software might end up where no one wanted it to go, it reminds me of the old saying regarding ‘A cornered cat’, and it serves the mother goose brigade as I personally see it and you can see it too, you merely need to look at the actual claims and the fact that we see words like ‘alleged’, we see ‘might be infected’ and we see no clear number system. No dashboard that gives optional validity to the claims by wannabe essay writers. 

You know what? I am slightly too angry. First the yanks go all out on Huawei whilst evidence was never presented, now we see that the 5G networks are AT BEST a mere 50% of what Saudi Arabia has and in case of the US it is a mere 1.4% of 1%, it is THAT slow. Now we see the same exercise and it will be anyones guess who ends up with the NSO group software. It will be up to the NSO group to decide, yet I feel strongly that it should never end up in American hands. A person should not be allowed to be THIS stupid and being given a slice of cake, if it does happen, it better be valued at several billions. If you are THIS stupid, you cannot be much of a software maker, so pay you will, optionally Google could buy it to make their hardware more secure. It is a stretch and it is a steep price, but it could mean that the Apple supremacy ends and that might be worth a bag of coins to Google. 

Yet the best moment was when I saw that the media nailed their own coffin (the finance bit), so whilst Wired and the Washington Post did the right thing, the others can take a long walk of a short pier as far as I see it. Oh yes, the Wired article was at https://www.wired.com/story/nso-group-forcedentry-pegasus-spyware-analysis/ 

One day until Christmas, I reckon it is that time of the year when we take a little more time to see what weapon systems are out for sale. I need a new hobby!

Leave a comment

Filed under IT, Media, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , ,