Tag Archives: GCHQ

November 21, 2016 · 13:41

Batches of three days

After a Law conference of three days and a case of the flu, it is time to get back into the saddle. For the speculative people amongst you, I needed 8 boxes of tissues, so if you invested in Kleenex, their forecast is very expected to be up, so you are all good! There are a few things to deal with, but let’s get into the deep end, with ‘Trump cabinet appointments will ‘undo decades of progress’, rights activists say‘ (at https://www.theguardian.com/us-news/2016/nov/18/trump-cabinet-appointments-sessions-pompeo-flynn). Yes, from their point of view that might be, but you do not get to cry wolf over Syria, whilst leaving a pussy to deal with the situation. This is now a Republican administration and as such, there will be a change of hearts, minds and a few tactical directions. The first one to look at, director Pompeo is an interesting choice. He has earned his stripes in several events. A thorn in Clinton’s Benghazi disaster and a member of the Tea Party. However, this is not same Jasmine flavoured variety, this member from Kansas is more like gunpowder tea. An acquired taste that is likely to turn a few stomachs in Iran. As I see it, one of the most likely to receive a high Israeli award for keeping them safe from Iran’s bile as some would quote it. My issue has always been no matter how liberal this elected official is, we have seen that the next elections could bring another Ahmadinejad, not something anyone is waiting for.

But let’s get back to nominated director Mikey. The one part that was part of the Wichita Eagle (link lost) was that Mike Pompeo predicted a new energy bill would cost millions of jobs and make the United States a net food importer. There are two sides to all this, the first the energy part. There are too many question marks (apart of the change to make it realistic), the net food importer is another matter, and it also drives at the core of national security. You see, NAFTA, opened up a whole range of options in regards to the trade with Mexico and overall there is a benefit, yet when we realise that this opens up regional security options (as stated by s Col. Michael Dziedzic, USAF), we see that in light of multiple sources stating that the Mexican Cartels have been assisting ISIS members to get into the US to explore targets. The fact that ISIS sleeper cells are reported by a few sources to be close to the US border gives cause to consider certain new avenues for the CIA to consider. That is, if they aren’t already doing that, because we can all agree that yours truly isn’t being kept up to date by Langley for reasons that need no clarification.

The Wichita Eagle also gives us: “Pompeo ended up co-authoring a separate report from the main committee investigation, which accused former U.S. Secretary of State Hillary Clinton, the 2016 Democratic nominee for president, of downplaying the attack to boost President Obama’s re-election efforts” (at http://www.kansas.com/news/politics-government/article115756373.html), which is only half the truth I reckon. I mentioned earlier that the intensely wrong acts by people in the US Department of State in 2012 was centre in all this and the events since have only shown that they were utterly negligent in several ways (not only the office of State Secretary Clinton), the downplay has been beyond that office and as such left too many concerns, especially when you do not react strongly to such an event, should you be considered President of the United States?

I reckon that once confirmed, Mike Pompeo might be one of the strongest members of the Trump government and could possibly be one of the better CIA directors of these last three administrations, which is speculative, and time will tell. Jeff Sessions is another interesting pick, although the President elect could have taken several extreme options, which in light of following Eric Holder, the only cabinet member in history to be held in contempt of congress (there will always be a first one), the President Elect had a few options, yet those were basically taken off the table when Loretta Elizabeth Lynch, the 83rd United States Attorney General decided

On June 27, 2016, Lynch and former President Bill Clinton met privately aboard Lynch’s Justice Department jet which was parked on the tarmac in Phoenix. ABC15 Phoenix reporter Christopher Sign broke the story on June 29, citing unnamed sources. (at http://www.abc15.com/news/region-phoenix-metro/central-phoenix/loretta-lynch-bill-clinton-meet-privately-in-phoenix), in light of Benghazi, when we see the quote ““Our conversation was a great deal about grandchildren, it was primarily social about our travels and he mentioned golf he played in Phoenix,” said Lynch Tuesday afternoon while speaking at the Phoenix Police Department“, now we can agree that if you have 35 things to do before lunch, having a social meeting on the tarmac of an airport in a jet is rather odd, to say the least. It is true that it might not have been about Benghazi, it might have been about future careers, yet the event on the tarmac and not in some closed of 1st class business lounge implies that this was about deniability, not something that is required when Golf is on the menu of conversation. The image of Benghazi remains, whether just of unjust, when you decide to do a Deep Throat (read: Woodward, Bernstein & Washington Post), you set yourself up for all kinds of gossip.

So when we see Jefferson Beauregard Sessions III, a former senator of Alabama, we have to wonder what America will get this time. The media is already all over it. The Guardian stated: “The hawkish trio have made inflammatory statements about race relations, immigration, Islam and the use of torture, and signal a provocative shift of the national security apparatus to the right“, the subsequent quote is “For liberals they appeared to confirm some of their darkest fears about the incoming Trump administration“. To them I have this message. ‘Over a period of 8 years, this administration has done absolutely nothing to reign in corporate accountability, the financial sector can go its own sweet way and this American administration turned 180 degrees around on corporate taxation. Their acts, together with the IMF is why Brexit is now a fact and is also still the driving force for Frexit. Those who are now fear mongering in the direction of France better realise that a second bad estimate (like Brexit) will be regarded as clear evidence to dismiss their services’. Columbia Threadneedle was quoted in Reuters on what a catastrophe it will be. Yet, who would it be disastrous for? The quote “Mark Burgess, chief investment officer for the firm in EMEA, said that unlike the positive or even ambiguous market reaction to the British vote on an EU exit or Donald Trump’s win last week, a win for avowedly anti-euro, anti-EU party in one of the many euro zone elections next year could spell disaster for the still-undercapitalized European banks“, the banks have had more than enough time to get their affairs in order. We have seen bail-out after bail-out and we have been all subject to a large loss of quality of life, whilst the financial sector played and gambled living on incomes that most people have never seen, not even before the financial crash. This has driven anti-European Union sentiments. The sentiment of all talk and no achievements, no forward momentum for anyone but the large corporations. This is what the Democratic Party left America with, no real future and a 20 trillion dollar debt. It is now up to the Republican Party whether they can return the USA towards a status of less debt and a healthy economy. This will take a years to achieve, but no matter how far it is taken, America seems to realise that the party is over, they only have themselves to blame on how they got to this point.

So how did I get from these three to Frexit and Greed? Let’s face it, the President-elect is part of a system of greed and Frexit is pretty much next on the agenda. All those ignorant economists and media that have been ignoring these events for over two years, all with comments on how this was never a reality now have faced Brexit and after that, they played anti-republican for 8 years, they now see their options cancelled and they are left in the dark regarding events in the White House. How many wrong predictions does it take for the media to realise that reporting is not the same as speculative empowering?

As the world is now setting the stage of how the first three picks of the President-elect is to be regarded. We need to realise that the world is a lot larger than America and our choices are indeed diminishing when we side with only one group of governing people. For those who seem to be focused on how bad this upcoming president will be, perhaps we need to take a look at a little place like Syria and how this current administration has not achieved anything at all. With bombings increasing and the Non-Assad supporting Syrian population getting closer to zero, we need to ask questions that no one is asking and even less are willing to answer.

The last part in all this is the IMF, as mentioned before. When we see the Australian, we get: “The IMF has given powerful backing to Labor’s call for a crackdown on negative gearing saying Australia’s tax rules are encouraging people to take on too much debt to invest in the housing market, pushing prices higher. The IMF’s annual mission to Australia has also criticised the Turnbull government’s May budget, saying it is trying to narrow the budget deficit too rapidly and risks hurting the economy.” Can anyone please explain what the fuck (pardon my French), the IMF is doing telling a sovereign nation on how we prefer not to be in deep debt and that is not OK with them? Consider in what state the debt driven economies are when it can be endangered by one economy removing its deficit. Consider on how many papers have given proper attention to debt driven economy (read: meaning almost none have done so, apart from those ridiculing the issue), this in light of the IMF quote in the Australian “The IMF says the government has been right to allow deficits to blow out over the past few years, saying the shortfalls have been mainly due to weak revenue, not excessive spending. The fund suggests that if the government spend more on infrastructure, it would generate enough economic growth that there should be little impact on the ratio of debt to GDP“, we need to wonder on how we were all kept in the dark when the media at large ignored calls for clarity, when we were (as I see it) intentionally misinformed, now we see that ‘right to allow deficits to blow out‘, which was never OK, even as Australia is getting out of that dark valley, other nations are still fighting their own battles. This is one of the driving sides to France, who have been pushed into a $2.4 trillion dollar debt. Perhaps President Hollande will have the same excuse that it was ‘mainly due to weak revenue‘, so the French people get to live with consequence of the IMF driven ‘equalising’ of debt. Now this last part is purely speculative from my side, yet how wrong is my train of thought? And as other nations realise that these debts are orchestration and the governments refused to tighten belts, spend irresponsibly regarding the need of other nations, keeping debt at a maximum. How do you think people will react when they realise that irresponsible behaviour will keep their quality of life down, perhaps for more than one lifetime? Are you still wondering whether Frexit will happen, or are you realising that Frexit not happening is no longer being considered?

Now, events differ from nation per nation, yet there is clear evidence that nations have been overspending for well over a decade and none had the idea to tighten the belt (except Germany in 2009). This is how Europeans feel and all this to enable big business, whilst they get more and more deals offered. This is the setting in which President elect Trump finds himself. The three nominations are not part of any of it, but they give rise to the question, who will be the elected officials in the departments, of State, Interior and Commerce, these three subsequent nominations will be at the core of what will happen next. No matter what the pressures are for the upcoming American Administration, they will be at the core of events that will take centre stage in 2017 and 2018. So many eyes, not just in America will be on those nominated for these three fields. We will have more and more questions, we only need to await the first results.

In that light we get to look at some of the issues I predicted two years ago. Last Saturday I got the Quote “European leaders have come to a 27-nation consensus that a “hard Brexit” is likely to be the only way to see off future populist insurgencies, which could lead to the break-up of the European Union” (at https://www.theguardian.com/politics/2016/nov/19/europes-leaders-force-uk-hard-brexit-farage-le-pen). The subtitle gives us even more ‘Fears grow about impact of populist surge as Nigel Farage predicts Marine Le Pen could win French presidential election’. I got there a year earlier, even now there is still some doubt as Sarkozy is making an about turn move on French National issues, yet Marine Le Pen remains a contender. Slightly stronger than before Trump got elected and there is where the issue for Europe now resides. Their indecisiveness in certain matters is driving people towards nationalism, with President elect Trump now approaching office, those issues will polarise and the shift will move stronger towards the right. The additional quote: “The latest intervention by Farage will only serve to fuel fears in Europe that anti-EU movements have acquired a dangerous momentum in countries such as France and the Netherlands, following the precedent set by the Brexit vote”, is one that is not correct as I see it. You see, Brexit was always a risk, yet those working behind the screens were so intent on the Status Quo that they forgot sight of the effects of the actions that they caused, Greece being the first and strongest elements. By trying to hang onto a non-realistic 300 billion, they now stand to lose 14.5 trillion, you tell me how stupid this was. The Netherlands is not the strongest influencer and at present, the Dutch PVV might be strong, twice as many seats as the number three (CDA) and leading by merely 4 seats on number 2, the reality is that this party became the largest fast and as they were only regarded as something not to be taken serious, the size they are now does not warrant such consideration, they are the largest player. Yet in all this, the issue is that 150 seats are there and a majority requires 76 seats, which cannot be done without some coalition that will require the PVV. In this the PVV is the only clear anti-EU party. The example as given by me in ‘A noun of non-profit’ (at https://lawlordtobe.com/2013/05/15/a-noun-of-non-profit/), where I state: “Consider a large (really large) barge, that barge was kept in place by 4 strong anchors. UK, France, Germany and Italy. Yes, we to do know that most are in shabby state, yet, overall these nations are large, stable and democratic (that matters). They keep the Barge EU afloat in a stable place on the whimsy stormy sea called economy. If the UK walks away, then we have a new situation. None of the other nations have the size and strength of the anchor required and the EU now becomes a less stable place where the barge shifts. This will have consequences, but at present, the actual damage cannot be easily foreseen”, What I predicted on May 15th 2013 is not just coming to pass, finally others are admitting that this is the future, a future they kept you in the dark about, consider that when you realise that this had been known for some time. They played their ignorance and fear mongering game and those who have done so are now considering what one more bad prediction will bring them. I still believe that it required the second of four to truly collapse the EU barge, but that reality is now getting closer, with the Republican push we see, the chances for Marine Le Pen getting elected as President is now an actual reality. I knew that there was a chance just within France and as President Hollande failed again and again her chances increased, now with the Republican view of nationalism, the French view only enhances that view for themselves, enabling Marine Le Pen as a possible President of France. This links to Jefferson Beauregard Sessions III and his conservative views. He plucks the same chords on the musical loom of government as Marine Le Pen will when it comes to immigration. In that regard, the choices that still have to come will make even stronger impressions for European nations as they unite or dissent from that view. You see, we still need to realise that America is 20 trillion down, which implies that if Europe decides to exit hard for the second European nation (France most likely), the economic view for America changes, especially as it has been a net importer of food and a few other materials. It would need to strengthen ties with Canada and Mexico by a lot, allowing those two to get a better overall deal, increasing the cost of living for Americans. At this point, we see that Wilbur Ross is now the strong favourite for the Commerce position. It is CNN that gives us a quote, which seen in a different light implies the issue I had for a long time. The quotes “Pritzker strongly supported free trade, traveling to 38 countries over her tenure. She advocated clean energy partnerships and the Trans Pacific Partnership deal” as well as ““Free trade is like free lunch: There is no free lunch,” Ross told Lou Dobbs of Fox Business in August. “Somebody wins and somebody loses. And unfortunately, we’ve been losing with these stupid agreements that we’ve made””, Here we see that someone visited 38 countries, which sounds like an office paid world tour and we know that is NOT the case, but all that travelling must be nice. Following that, we see Wilbur Ross stating that there is no such thing as a free lunch. That we have all learned, many of us learned it the hard way and the TPP was a bad deal from the get go for several nations. These quoted came from CNN (at http://money.cnn.com/2016/11/20/investing/wilbur-ross-donald-trump/index.html) and are at the core of changes for commerce, which will reverberate in both the English and French minds as well. So 4 of the 6 main nominees are also powering the European Exit. I believe that one of them is in for quite the challenge. Michael Flynn is a veteran on several levels, as a retired General he knows the military and as former director of the DIA he knows the intelligence whip. Yet, the premise he faced will start to change dramatically in 2019, as such the America he will be the National Security Advisor for will have new challenges, some none have seen before. Time will tell how realistic those challenges are, yet we are already faced with the limitations of dealing with 4G and the next wave is now less than 365 days away. The funds needed for cyber security and cyber development were never forthcoming, giving nations at large new challenges and totally new issues in Criminal law. All fields untouched to the degree they needed to be. Another reason why W. Ross and J.B. Sessions need to sit down sooner rather than later. In that regard, the UK needs to clearly revisit some of the protocols that never worked in the first place.

There are many changes coming towards us, some will drive others, some will just be met with complaints, and others will just drive the Democratic Party insane, which will be used to the entertainment of the media at large.

Leave a comment

Filed under Finance, Law, Media, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

October 8, 2016 · 14:26

What did I say?

Last night I got a news push from the Washington Post. It took me more than a second to let the news sink in. You see, I have been advocating Common Cyber Sense for a while and apart from the odd General being ignorant beyond belief, I expected for the most that certain players in the SIGINT game would have their ducks in a row. Yet, the opposite seems to be true when we see ‘NSA contractor charged with stealing top secret data‘ (at https://www.washingtonpost.com/world/national-security/government-contractor-arrested-for-stealing-top-secret-data/2016/10/05/99eeb62a-8b19-11e6-875e-2c1bfe943b66_story.html), the evidence becomes blatantly obvious that matters in the SIGINT industry are nowhere near as acceptable as we think they are. The quote “Harold Thomas Martin III, 51, who did technology work for Booz Allen Hamilton, was charged with theft of government property and unauthorized removal and retention of classified materials, authorities said. According to two U.S. officials familiar with the case, he is suspected of “hoarding” classified materials going back as far as a decade in his house and car, and the recent leak of the hacking tools tipped investigators to what he was doing“, so between the lines we read that it took a mistake after a decade for the investigators to find out? No wonder the NSA is now afraid of the PLA Cyber Division!

In this light, not only do I get to tell you ‘I told you so‘, I need to show you a quote from July 1st 2013, where I wrote “So if we consider the digital version, and consider that most intelligence organisations use Security Enhanced Unix servers, then just accessing these documents without others knowing this is pretty much a ‘no no’. EVEN if he had access, there would be a log, and as such there is also a mention if that document was copied in any way. It is not impossible to get a hold of this, but with each document, his chance of getting caught grows quicker and quicker“, so I questioned elements of the Edward Snowden case, because my knowledge of Security Enhanced Unix servers, which is actually an NSA ‘invention’, now it seems to become more and more obvious that the NSA has no flipping clue what is going on their servers. They seem to be unaware of what gets moved and more important, if the NSA has any cloud coverage, there is with this new case enough doubt to voice the concern that the NSA has no quality control on its systems or who gets to see data, and with the involvement of a second Booz Allen Hamilton employee, the issue becomes, have they opened up the NSA systems for their opponents (the PLA Cyber division being the most likely candidate) to currently be in possession of a copy of all their data?

If you think I am exaggerating, then realise that two people syphoned off terabytes of data for the term of a decade, and even after Snowden became visible, Harold Thomas Martin III was able to continue this for an additional 3 years, giving ample worry that the NSA needs to be thoroughly sanitised. More important, the unique position the NSA had should now be considered a clear and present danger to the security of the United States. I think it is sad and not irony that the NSA became its own worst enemy.

This is seen not in just the fact that Harold Thomas Martin III moved top secret data home, whilst he was at work a mere FSB or PLA intern could just jimmy the front door and copy all the USB devices. So basically he was potentially giving away data on Extremely Low Frequency (ELF) systems, which would be nice for the PLA Cyber Unit(s), as they did not have the capacity to create this themselves. So whilst they were accused for allegedly trying to get a hold of data on the laptop of Commerce Secretary Carlos Gutierrez (2008), they possibly laughed as they were just climbing into a window and taking all day to copy all the sweet classified data in the land (presumption, not a given fact). So he in equal measure pissed off the US, India and Russia. What a lovely day that must have been. In that regard, the Affidavit of Special Agent Jeremy Bucalo almost reads like a ‘love story’. With statements like “knowingly converted to his own use, or the use of another, property of the United States valued in excess of $1,000“. Can we all agree that although essential and correct, the affidavit reads like a joke? I mean that with no disrespect to the FBI, or the Special agent. I meant that in regard to the required personal viewed text: “Harold Thomas Martin III, has knowingly and intentionally endangered the safety and security of the United States, by placing top secret information and its multi-billion dollar value in unmonitored locations“, I do feel that there is a truth in the quote “The FBI’s Behavioural Analysis Unit is working on a psychological assessment, officials said. “This definitely is different” from other leak cases, one U.S. official said. “That’s why it’s taking us awhile to figure it out.”“. It is my personal view that I agree with this, I agree because I think I speculatively figured out the puzzle. He was a reservist, Reserve Navy and a Lieutenant at 51. So the Navy might not see him as ‘full’ or ‘equal’, this might have been his way, to read these documents at night, knowing that they will never have this level of clearance for such an amount of Top Secret information. With every additional document he would feel more in par with Naval Captains and Admirals, he would feel above all the others and if there was ever a conversation with people who did know, he had the option to leave the slightest hint that he was on that level, perhaps stating that he was also an NSA contractor. He star would suddenly be high with Commanders and higher. It is a personal speculation into the mind of Harold Thomas Martin III.

When we look at 18 U.S. Code Chapter 115 – TREASON, SEDITION, AND SUBVERSIVE ACTIVITIES. We see at paragraph 2381 “Whoever, owing allegiance to the United States, levies war against them or adheres to their enemies, giving them aid and comfort within the United States or elsewhere, is guilty of treason and shall suffer death, or shall be imprisoned not less than five years and fined under this title but not less than $10,000; and shall be incapable of holding any office under the United States“, now if we see the following elements ‘giving them aid and comfort within the United States‘ and the other elements are clearly stated as ‘or’ a case of treason could be made. In my view a person like that was guilty of treason the moment Top Secret materials were removed or copied from there assigned location and without proper clearance moved to an unsecure location. As an IT person Harold Thomas Martin III should have known better, there is no case of presumption of innocence. The fact that I made a case that he might have a mental issues does not mitigate it in any way, to do this in excess of a decade and even more insidious to do this for years after Edward Snowden got found out is also matter of concern.

The NSA has a sizeable problem, not just because of these two individuals, but because their servers should have has a massive upgrade years ago, in addition, the fact that contractors got away with all this is in equal measure even more insulting to a failing NSA. I can only hope that GCHQ has its ducks properly in a row, because they have had 3 years to overhaul their system (so tempted to put an exclamation mark here). You see, we have all known that for pretty much all of us, our value is now data. No longer people, or technologies, but data and to see 2 cases at the NSA, what was once so secret that even the KGB remained clueless is now, what we should regard as a debatable place. This should really hurt in the hearts of those who have faithfully served its corridors in the past and even today. In addition, the issues raised around 2005 by the CIA and other agencies regarding the reliability of contractors is now a wide open field, because those opposing it and those blocking data integration are proven correctly.

This now gets us to a linked matter. You see, it is not just the fact that the government is trailing in this field, because that has been an eternal issue. The issue is that these systems, due to the likes of Harold Thomas Martin III and Edward Snowden could be in danger of intrusions by organised crime.

For those thinking that I am nuts (on the road to becoming a Mars bar), to them I need to raise the issue of USB security, an issue raised by Wired Magazine in 2014. The fact that the USB is not just used to get data out, if malware was added to the stick, if it was custom enough, many malware systems might not pick up on it and that means that whomever got into the house, they could have added software, so that on the next run to copy a project, the system might have been opened up to other events. There is no way to prove that this happened, yet the fact remains that this is possible and the additional fact that this was happening for over 10 years is equally disturbing, because it means that the NSA monitoring systems are inadequate to spot unauthorised activities. These elements have at present all been proven, so there.

I think it is time for TRUSIX to convene again and consider another path, a path where USB sticks get a very different formatting and that its embedded encryption require the user, the location and the hardware id to be encrypted within the stick, in addition the stocks need to work with a native encryption mode that does not allow off site usage. Perhaps this is already happening, yet it was possible for Judas tainted Highwayman Harold to walk away with the goods, so something is not working at present. I am amazed that a system like that was not in place for the longest of times. I certainly hope that Director Robert Hannigan at GCHQ has been convening with his technology directors. In addition that there are some from Oxford and some from Cambridge, so that their natural aversion to the other, will bring a more competitive product with higher quality, which would serve all of GCHQ. #JustSaying

The one part where this will have an impact is the election, because this has been happening during an entire Democratic administration, so that will look massively sloppy in the eyes of pretty much every one, too bad Benghazi emails were not left that much under the radar, because that could have helped the Clinton election campaign immensely. Still, there are technology and resource issues. The fact that Booz Allen Hamilton gets mentioned again is unfortunate, yet this should only be a partial focus as they have 22,000 employees, so statistically speaking the number of transgressions is in that regard insignificant. What is significant is how these two got vetted and passed all their clearances. In addition to this there is the issue of operation centres. You see, if there has been data breaches, have there been system breaches? The question derives directly from the fact that data was taken off site and there were no flags or alerts for a decade. So at this point the valid question becomes whether NSOC and NTOC have similar flaws, which now places US Homeland Security in speculated direct data dangers. My consideration in this regard came from earlier mentions in this article. If any US opponent has a clue in this regard, what would be the repercussions, in addition, the question (due to my admitted ignorance) would be, did Edward Snowden have any knowledge of Harold Thomas Martin III, if so, was this revealed in any conversation Snowden would have had with a member of the FSB (there is absolutely no doubt that they had a ‘conversation’ with Edward Snowden whilst he was in sunny Moscow. If so, what data dangers is Homeland Security facing? If data was copied, it is not impossible that data was moved. If that has happened, any data event with any specific flag?

Now the next example is purely fictional!

What if conditionally an <!important> (or whatever flag the NSA uses in their data sets) was added or removed? If it was used to give weight to certain data observations, like a cleaning pass, the pass would either be useless, or misdirecting. All possible just because Harold Thomas Martin III had to ‘satisfy’ his ego. This is not whether it happened or not, this is about whether it was possible, which would give added voice to the NSA issues in play and the reliability of data. This is a clear issue when we consider that false journalistic stories give way to doubt anything the journalist has written, any issue with a prosecutor and all those cases need reviewing, so do you think it is any different for IT people who have blatantly disregarded data security issues? This is not some Market Researcher who faked response data, this is collected data which would have been intervened with, endangering the people these systems should protect. As stated, this is speculative, but there is a reality in all this, so the NSA will need to sanitise data and sources from the last 10 years. There is no telling what they will dig up. For me it is interesting to see this regarding Snowden, because I had my issues with him and how he just got data away from there. Now there is a chance that the NSA gets to rename their servers to NSA_Siff_01 to NSA_Siff_nn, wouldn’t that be the rudest wake up call for them? I reckon they forgot the old rules, the one being that technology moves at the speed of your fastest employee + 1 and the human ego remain the most dangerous opponent when it involves security procedures.

 

 

Leave a comment

Filed under IT, Law, Media, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , ,

September 26, 2016 · 13:14

The name of the sponsor

The article that was in the Guardian on Friday, gives us a few issues. You see, I have been looking at several issues in the tech world and I overlooked this one (there is only so much reading that can be done in a 24 hour range and it is a big planet). You see the article ‘Yahoo faces questions after hack of half a billion accounts’ (at https://www.theguardian.com/technology/2016/sep/23/yahoo-questinos-hack-researchers) gives us the goods from the very beginning. The quote “Yahoo’s admission that the personal data of half a billion users has been stolen by “state-sponsored” hackers leaves pressing questions unanswered, according to security researchers“, is one I would go with ‘and the evidence?‘, which gives us all kinds of related connections. The quote “Jeremiah Grossman, head of security strategy at infosec firm SentinelOne, said: “While we know the information was stolen in late 2014, we don’t have any indication as to when Yahoo first learned about this breach. This is an important detail in the story.”” is only one of a few issues at the heart of the matter. You see, when we look at the issues that are the plague of these start-up firms (Yahoo and Sony), we should think that they are start-up firms or they are massively negligent. In both cases their routers allowed for the transfer of massive amounts of data. As they are the same size in start-up (sorry, sarcasm prevails), we need to wonder how a few hundred million packages fall between the cracks of vision of whatever security element their IT has. We could wait until someone states that there is no security on that level and the race is truly on then!

This whilst additional support as seen stated by Chris Hodson, EMEA chief information security officer at enterprise security firm Zscaler, when we read: ““With no technical details included in Yahoo’s report about how the data was exfiltrated, just that it was, it’s impossible to assess credibility of the ‘state sponsored’ claim“, a statement I agree, but in addition, I also wonder why we aren’t seeing any reference or initial response from the FBI that this was from North Korea. It fits the time frame doesn’t it? First a dry run on Yahoo and the actual heist was Sony. Or perhaps some players are figuring out that North Korea was never an element and that someone clever enough found a flaw and hit both Yahoo and Sony. The quote “both from the date of the hack, almost two years ago, and from the first appearance of the dumped data on the dark web almost two months ago where it was being sold by a user named “Peace of Mind””, the speculation comes to mind: ‘perhaps this person is the second owner and this person is reselling acquired data’, which would make sense in several capitalisic ways. The article also enlightens what I believe to be a callous approach to security: “The breach also highlights a strong problem with “security questions”, the common practice of letting users reset passwords by answering questions about their first house or mother’s maiden name. Yahoo did not encrypt all the security questions it stored, and so some are readable in plaintext. While it may be irritating to have to change a stolen password, it is somewhat worse to have to change a stolen mother’s maiden name.” The insensitive disregard is clear when the security question is not encrypted and mum’s maiden name is given in plain text, adding to the personal data the thieves borrowed (long-term). Now, we know that there are in these situations several questions, and not all are really about privacy sensitive based data (like a favourite pet), but consider the 2013 movie ‘Now You See Me‘ Consider the dialogue in the New Orleans Show scene:

Jack Wilder: How could we, Art? We don’t have your password.
Henley Reeves: We’d need access to information we could never get our hands on.
Daniel Atlas: Yes, security questions, for instance, like, I don’t know, your mother’s maiden name or the name of your first pet.
Merritt McKinney: Where would we get that information, Art? You certainly would never tell us.

A movie gives us the danger to our goods a year before this data is stolen and nobody presses the alarm bell? The only part that would be even funnier if this was a Sony movie, but no, it was Summit Entertainment who brought this gemstone! Now, we know that life is not a movie, yet the fact that this part is stored as plain text, perhaps not the best solution! In addition as IT developers tend to be lazy, how many other firms, especially those who are a lot smaller, how are they storing this data? Also in plain text?

You see, I have seen parts of this issue too often. Too many firms have no real grasp of non-repudiation and go through the motions so that they seem (read: present themselves) to be about security, yet not really security driven. Because if the client doesn’t want it (many are too lazy), they have opted for it and they are in the clear. Yet when we see that the security questions are in plain text, questions should be asked, very serious questions I might add!

There is one more side to all this, the Guardian raises it with: “what happens to the company’s multi-billion dollar merger with Verizon now? Kevin Cunningham, president and founder at identity company SailPoint, argues that the breach should already be priced in“, we then see the issues of thoroughness raised from Verizon, but in all this, the data theft does not makes sense. You see, if my speculation is true and “Peace of Mind” is the first sales iteration, was this ID the only customer? If so, how come that the sale took this long, the timeout between the event in 2014 and the optional sale a few months ago is weird, as accounts change so quickly, the power and value is in quick sales. To put it in perspective, selling the data to 10 people for a total of 5% of the value is safer then awaiting for one person getting 70% of the value 90 days later. This is a movers and shakers world, the 90 day person is a perhaps and these people are about the ‘cash now’. The market stall people! So in this an 800 day customer implies that there might have been ulterior reasons. Which one(s) I can only speculate on, and I prefer not to do that at present. Now, in that side, it is of course possible that this was ‘state-sponsored’ and it was sold on to keep the wolves at bay, but that too is speculation with absolutely no data to back the speculation up.

Verizon might have taken a calculated level of risk in acquiring Yahoo, yet if the data transgression was never divulged, would this be a case of fraud? The US has the “benefit of bargain” rule, so there could be a decent case of represented and actual value. In addition if we allow for Special damages from a legally recognizable injury to be held to be the cause of that injury, with the damage amounts to specificity. If the data theft would have been known, the value of the firm would have been a lot lower.

Unless this was clearly disclosed to Verizon (I actually do not know), Verizon might have a case, which would be disastrous for Yahoo.

If we consider the news from July at NBC (at http://www.cnbc.com/2016/07/25/verizon-to-acquire-yahoo.html), the setting is not just “Microsoft, Yahoo and AOL lag far behind and have lost market share“, there is no guarantee that those hit by the hack will remain in their Yahoo setting. Google has made it far too easy for people to switch over. The effort made in the past to transfer towards Google could inspire those people to switch to Google, import their mails and start with little or no loss at all. Which means that it is not impossible that Verizon after the merger remains a one digit digital marketing group, something I feel certain Verizon never counted on.

So where is this going?

There are two sides to this, not only is this about cyber security, or the lack thereof. The fact that Verizon has no unlimited data and those with Yahoo accounts who had them will now see their prices go up by a lot (when is this not about money?). Verizon has a 100GB shared option at $450 a month, which is beyond ridiculous. In Australia, iiNet (an excellent provider) offers 250GB for $60 a month and in the UK British Telecom offers a similar plan for no more than £21 a month (which is about $35), considering that BT is not the cheapest on the block, I have to wonder how Verizon will continue, when people have to switch, because their music apps (radio and so on) drain their data account at 6-8GB per day (a harsh lesson a friend of mine learned). Meaning that Verizon is actually a disservice to open internet and free speech. As I see it, free speech is only free if the listener isn’t charged for listening, or better stated, when certain solutions are locked to be not via Wi-Fi, meaning charged via bandwidth. So the accounts were one side, the amount of data breeches that we are seeing now (on both the Verizon and Yahoo side) imply that not only are they too expensive, they aren’t as secure as they are supposed to be and in addition, cyber laws are blatantly failing its victims. Having your data in plain text at $450 a month seems a little too unacceptable, merely because the odds to keep your fortune in Las Vegas tend to be better than this.

So now consider the sponsor, the people behind the screens on both the corporate and hacking side. So let’s take a look

Corporate

Here the need for security is essential, yet there is clear indication that those aware of spreadsheets (read: Board of Directors) are in equal measure naive and blatantly unaware that data security is essential and not the $99 version in this case. The cost of secure data is ignored and in many cases blatantly disregarded. The Yahoo case is inferior to the Verizon data transgressions that have been reported in this year alone. It is so nice to read on how the health industry is hit by organised crime, yet the amount of theft from their own systems is a lot less reported on. I find most amusing the text that the Verizon Data Breach Investigation Report shows: “Yes. Our vulnerability management solutions identify and fix architectural flaws in POS and other patientfacing systems“, “Yes. Our identity and access management solutions prevent the use of weak passwords, the main cause of data breaches in the healthcare industry” and “Yes. Our intrusion detection and threat-management solutions help detect and mitigate breaches more quickly, limiting the damage caused” (at http://www.verizonenterprise.com/resources/factsheet/fs_organized-crime-drives-data-theft-in-the-healthcare-industry_en_xg2.pdf), I reckon that a massive overhaul of their own systems has a slightly higher priority at present. In addition there is no information on how secure the Verizon Data Cloud is. It doesn’t matter who provides it (as I see it), and I reckon we see that iteration hit the news the moment we learn that the UK Ministry of Defence Cloud gets tweaked to another server that is not under their control. It is important to realise that I am NOT scaremongering, the issue is that too many players have kept the people and corporations in the dark regarding monitoring options, intrusion detection and countermeasures, with the cloud, any successful intrusion has the real danger that the data hack is more complete and a lot larger in data loss. Moreover, Microsoft and Microsoft employees have one priority, Microsoft! Consider that any Microsoft employee might not be as forthcoming with Cyber transgressions, no matter what agreed upon. After the agreement, any internal memo could sidestep a reportable transgression. It is a reality of corporate life. In this, until the proper military staff members get trained, the Ministry of Defence (read: as well as GCHQ to some extent) will be catching up through near inhumane levels of required training, which gets the Ministry burnout issues soon enough.

Hackers

No matter how small, these attacks (yes plural) required serious hardware and access to tools that are not readily available. So whomever involved, they are either organised crime, or people connected to people with serious cash. This all gets us a different picture. I am not stating that some hackers work for reasons other than ideological. The rent in mum’s basement and hardware needs to be paid for, if not that, than the electricity bill that will be in excess of $130 a month. It might be trivial to mention, yet these little things add up. Hardware, electricity, storage, it gives the rising need of a sponsor for these hackers. There is no way to tell whether this is ideological (to show it can be done), technological (selling the flaws back to the makers of the solution), or criminal (to sell the acquired data to a competitor or exploiter). We can assume or speculate, but in reality, without additional evidence it is merely a waste of words.

So even if we know the name of the sponsor, this hopefully shows that the need to divulging information on data transgression has been way too light. In the past there was a ‘clarity’ that it was onto the firm to give out, but as they seemingly see it as a hazard to their wealth, too many victims are kept in the dark and as such, the financial danger to those victims is rising in an unbalanced way. If you would doubt my words, consider the article at http://www.geek.com/games/sony-psn-hack-is-only-the-4th-largest-data-breach-of-all-time-1390855/, which was set in June 2009. Geek is not the news cycle you might desire, but the summary is fine and confirmable. The hack to the Heartland Payment Systems January 20th, 2009 might be one of the more serious ones, the 130 million records was more complete and could have a more devastating effect on the US population then most others. From my point of view, a massive shift to proactive data security should have been law no later than 2010, I think that we can safely say that this never happened to the extent required, which is another nice failure of the political parties at large and as such, this could get a lot uglier soon enough. The article also shows a massive Sony failing as there have been 6 large breaches in 2011 alone, so the Sony hack of 2012 shows to be a continuing story of a digital firm who cannot get their act together. That was never in question, in combination with the latest revelations, there is the added pressures that this cannot be allowed to continue and these firms need to start being held criminally negligible for transgressions on their systems. Just like in torts regarding trespass, it should be actionable perse. In addition, the hackers should be held in that same way, with the bounty changed to no less than double digit jail with no option for parole. The mere realisation that there is a high price for these transgressions might be the only way to stop this and in this age should not be a distinguishing factor, so any teenager hoping for an adventure with a nice pay package could end up not getting laid until they turn 30. The last part is unlikely to be a reality ever, but the fact that this is where we should have been going needs to be stated, for the mere reason that a shown failure of nearly a decade is no longer an option to ignore, not when the stakes are getting to be this high.

Leave a comment

Filed under IT, Law, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , ,

September 24, 2016 · 14:51

Room for Requirement

I looked at a few issues 3 days ago. I voiced them in my blog ‘The Right Tone‘ (at https://lawlordtobe.com/2016/09/21/the-right-tone/), one day later we see ‘MI6 to recruit hundreds more staff in response to digital technology‘ (at https://www.theguardian.com/uk-news/2016/sep/21/mi6-recruit-digital-internet-social-media), what is interesting here is the quote “The information revolution fundamentally changes our operating environment. In five years’ time there will be two sorts of intelligence services: those that understand this fact and have prospered, and those that don’t and haven’t. And I’m determined that MI6 will be in the former category“, now compare it to the statement I had made one day earlier “The intelligence community needs a new kind of technological solution that is set on a different premise. Not just who is possibly guilty, but the ability of aggregation of data flags, where not to waste resources“, which is just one of many sides needed. Alex Younger also said: “Our opponents, who are unconstrained by conditions of lawfulness or proportionality, can use these capabilities to gain increasing visibility of our activities which means that we have to completely change the way that we do stuff”, I reckon the American expression: ‘He ain’t whistling Dixie‘ applies.

You see, the issue goes deeper than mere approach, the issue at hand is technology. The technology needs to change and the way data is handled requires evolution. I have been in the data field since the late 80’s and this field hasn’t changed too much. Let’s face it, parsing data is not a field that has seen too much evolving, for the mere reason that parsing is parsing and that is all about speed. So to put it on a different vehicle. We are entering an age where the intelligence community is about the haulage of data, yet in all this, it is the container itself that grows whilst the haulage is on route. So we need to find alternative matters to deal with the container content whilst on route.

Consider the data premise: ‘If data that needs processing grows by 500 man years of work on a daily basis‘, we have to either process smarter, create a more solutions to process, be smarter on what and how to process, or change the premise of time. Now let’s take another look. For this let’s take a look at a game, the game ‘No Man’s Sky’. This is not about gaming, but about the design. For decades games were drawn and loaded. A map, with its data map (quite literally so). Usually the largest part of the entire game. 11 people decided to use a formula to procedurally generate 18 quintillion planets. They created a formula to map the universe with planets, planet sized. This has never been done before! This is an important part. He turned it all around and moreover, he is sitting on a solution that is worth millions, it could even be worth billions. The reason to use this example is because games are usually the first field where the edge of hardware options are surpassed, broken and redesigned (and there is more at the end of this article). Issues that require addressing in the data field too.

Yet what approach would work?

That is pretty much the ‎£1 billion question. Consider the following situation: Data is being collected non-stop, minute by minute. Set into all kinds of data repositories. Now let’s have a fictive case. The chatter gives that in 72 hours an attack will take place, somewhere in the UK. It gives us the premise:

  1. Who
  2. Where
  3. How

Now consider the data. If we have all the phone records, who has been contacting who, through what methods and when? You see, it isn’t about the data, it is about linking collections from different sources and finding the right needle, that whilst the location, shape and size of the haystack are an unknown. Now, let’s say that the terrorist was really stupid and that number is known. So now we have to get a list of all the numbers that this phone had dialled. Then we get the task of linking the information on these people (when they are not pre-paid or burner phones). Next is the task of getting a profile, contacts, places, and other information. The list goes on and the complexity isn’t just the data, the fact that actual terrorists are not dumb and usually massively paranoid, so there is a limit to the data available.

Now what if this was not reactive, but proactive?

What if the data from all the sources could be linked? Social media, e-mail, connections, forums and that is just the directly stored data. When we add mobile devices, Smartphones, tablets and laptops, there is a massive amount of additional data that becomes available and the amount of data from those sources are growing at an alarming rate. The challenge is to correctly link the data from sources, with added data sources that contain aggregated data. So, how do you connect these different sources? I am not talking about the usage, it is about the impaired data on different foundations with no way to tell whether pairing leads to anything. For this I need to head towards a 2012 article by Hsinchun Chen (attached at end), Apart from the clarity that we see in the BI&A overview (Evolution, Application and Emerging Research), the interesting part that even when we just look at it from a BI point of view, we see two paths missing. That is, they seem to be missing now, if we look back to 2010-2011, the fact that Google and Apple grew a market in excess of 100% quarter on quarter was not to be anticipated to that degree. The image on page 1167 has Big Data Analytics and Mobile Analytics, yet Predictive Interactivity and Mobile Predictive Analytics were not part of the map, even though the growth of Predictive Analytics have been part of BI from 2005 onwards. Just in case you were wondering, I did not change subject, the software need that part of the Intelligence world uses comes from the business part. A company usually sees a lot more business from 23 million global companies than it gets from 23 intelligence agencies. The BI part is often much easier to see and track whilst both needs are served. We see a shift of it all when we look at the table on page 1169. BI&A 3.0 now gets us the Gartner Hype Cycle with the Key Characteristics:

  1. Location-aware analysis
  2. Person-centred analysis
  3. Context-relevant analysis
  4. Mobile visualization & HCI

This is where we see the jump when we relate to places like Palantir that is now in the weeds prepping for war. Tech Crunch (at https://techcrunch.com/2016/06/24/why-a-palantir-ipo-might-not-be-far-off/) mentioned in June that it had taken certain steps and had been preparing for an IPO. I cannot say how deep that part was, yet when we line up a few parts we see an incomplete story. The headline in July was: ‘Palantir sues investor Marc Abramowitz for allegedly stealing company secrets‘, I think the story goes a little further than that. It is my personal belief that Palantir has figured something out. That part was seen 3 days ago (at http://www.defensenews.com/articles/dcgs-commentary), the two quotes that matter are “The Army’s Distributed Common Ground System (DCGS) is proof of this fact. For the better part of the last decade, the Army has struggled to build DCGS from the ground up as the primary intelligence tool for soldiers on the battlefield. As an overarching enterprise, DCGS is a legitimate and worthwhile endeavour, intended to compute and store massive amounts of data and deliver information in real time“, which gives us (actually just you the reader) the background, whilst “What the Army has created, although well-intentioned, is a sluggish system that is difficult to use, layered with complications and unable to sustain the constant demands of intelligence analysts and soldiers in combat. The cost to taxpayers has been approximated at $4 billion“, gives us the realistic scope and that all links back to the Intelligence Community. I think that someone at Palantir has worked out a few complications making their product the one winning solution. When I started to look into the matter, some parts did not make sense, even if we take the third statement (which I was already aware of long before this year “In legal testimony, an Army official acknowledged giving a reporter a “negative” and “not scientific” document about Palantir’s capabilities that was written by a staff member but formatted to appear like a report from the International Security Assistance Force. That same official stated that the document was not based on scientific data“, it would not have added up. What does add up (remember, the next part is speculative), the data links required in the beginning of the article, have to a larger extent been resolved by the Palantir engineers. In its foundation, what the journal refers to as BI&A 3.0 has been resolved by Palantir (top some extent). If true, we will get a massive market shift. To make a comparison, Google Analytics might be regarded as MSDOS and this new solution makes Palantir the new SE-Linux edition, the difference on this element could be that big. The difference would be that great. And I can tell you that Google Analytics is big. Palantir got the puzzle piece making its value go up with billions. They could raise their value from 20 billion to 60-80 billion, because IBM has never worked out that part of analytics (whatever they claim to have is utterly inferior) and Google does have a mobile analytics part, but limited merely as it is for a very different market. There have always been issues with the DCGS-A system (apart from it being as cumbersome as a 1990 SAS mainframe edition), so it seems to me that Palantir could not make the deeper jump into government contracts until it got the proper references and showing it was intentionally kept out of the loop is also evidence that could help. That part was recently confirmed by US Defense News.

In addition there is the acceptance of Palantir Gotham, which offered 30% more work with the same staff levels and Palantir apparantly delivered, which is a massive point that the Intelligence groups are dealing with, the lack of resources. The job has allowed NY City to crack down on illegal AirBnB rentals. A task that requires to connect multiple systems and data that was never designed to link together. This now gets us to the part that matters, the implication is that the Gotham Core would allow for dealing with the Digital data groups like Tablet, mobile and streaming data from internet sites.

When we combine the information (still making it highly speculative) the fact that one Congressman crossed the bridge (Duncan Hunter R-CA), many could follow. That part matters as Palantir can only grow the solution if it is seen as the serious solution within the US government. The alleged false statements the army made (as seen in Defence News at http://www.defensenews.com/articles/dcgs-commentary) with I personally believe was done to keep in the shadows that DCGS-A was not the big success some claimed it to be, will impact it all.

And this now links to the mentions I made with the Academic paper when we look at page 1174, regarding the Emerging Research for Mobile Analytics. The options:

  1. Mobile Pervasive Apps
  2. Mobile Sensing Apps
  3. Mobile Social Networking
  4. Mobile Visualization/HCI
  5. Personalization and Behavioural Modelling

Parts that are a given, and the big players have some sort of top line reporting, but if I am correct and it is indeed the case that Palantir has figured a few things out, they are now sitting on the mother lode, because there is currently nothing that can do any of it anywhere close to real-time. Should this be true, Palantir would end being the only player in town in that field, an advantage corporations haven’t had to this extent since the late 80’s. The approach SPSS used to have before they decided to cater to the smallest iteration of ‘acceptable’ and now as IBM Statistics, they really haven’t moved forward that much.

Now let’s face it, these are all consumer solutions, yet Palantir has a finance option which is now interesting as Intelligence Online reported a little over a week ago: “The joint venture between Palantir and Credit Suisse has hired a number of former interception and financial intelligence officials“, meaning that the financial intelligence industry is getting its own hunters to deal with, if any of those greedy jackals have been getting there deals via their iPhone, they will be lighting up like a Christmas tree on those data sets. So in 2017, the finance/business section of newspapers should be fun to watch!

The fact that those other players are now getting a new threat with actual working solutions should hurt plenty too, especially in the lost revenue section of their spreadsheet.

In final part, why did I make the No Man’s Sky reference? You see, that is part of it all. As stated earlier, it used a formula to create a planet sized planet. Which is one side of the equation. Yet, the algorithm could be reversed. There is nothing stopping the makers to scan a map and get us a formula that creates that map. For the gaming industry it would be forth a fortune. However, that application could go a lot further. What if the Geospatial Data is not a fictive map, but an actual one? What if one of the trees are not trees but mobile users and the other type of trees are networking nodes? It would be the first move of setting Geospatial Data in a framework of personalised behavioural modelling against a predictive framework. Now, there is no way that we know where the person would go, yet this would be a massive first step in answering ‘who not to look for‘ and ‘where not to look‘, diminishing a resource drain to say the least.

It would be a game changer for non-gamers!

special_issue_business_intelligence_rese

 

Leave a comment

Filed under Finance, IT, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , ,

September 22, 2016 · 12:18

Targeting the FBI

Do not worry, the FBI is not under attack from any hostile force, in this particular case it is me who will be on the offensive regarding statements made in 2014. Let me explain why. To get to the start of this event, we need to take a step back, to be a little more precise we need to turn to the moment 645 days ago when we read that Sony got hacked, it got hacked by none other than North Korea. It took me around an hour to stop laughing, the stomach cramps from laughter are still on my mind when I think back to that day. By the way, apart from me having degrees in this field. People a lot more trustworthy in this field, like Kim Zetter for Wired Magazine and Kurt Stammberger from cyber security firm Norse. The list of sceptics as well as prominent names from the actual hacking world, they all had issues with the statements.

We had quotes from FBI Director James Comey on how tightly internet access is controlled there (which is actually true), and (at https://www.fbi.gov/news/pressrel/press-releases/update-on-sony-investigation) we see “the FBI now has enough information to conclude that the North Korean government is responsible for these actions“. I am pretty sure that the FBI did not expect that this would bite them down the track. This all whilst they rejected the alternate hack theory that Cyber Intelligence firm Norse gave (at http://www.politico.com/story/2014/12/fbi-rejects-alternate-sony-hack-theory-113893). Weirdly enough, the alternative option was no less than ten times more possible then the claim that some made. Another claim to have a giggle at came from Homeland Security, the quote was “The cyber-attack against Sony Pictures Entertainment was not just an attack against a company and its employees. It was also an attack on our freedom of expression and way of life“, which is a political statement that actually does not say much. The person making it at the time was Jeh Johnson.

You see, this is all coming to light now for the weirdest of reasons. The Guardian (at https://www.theguardian.com/world/2016/sep/21/north-korea-only-28-websites-leak-official-data). The subtitle gives us “Apparent error by a regime tech worker gave the world a rare glimpse into the few online sources of information available“, so one of these high profile worldly infamous hackers got a setting wrong and we get “But its own contribution to the world wide web is tiny, according to a leak that revealed the country has just 28 registered domains. The revelation came after one of North Korea’s top-level name servers was incorrectly configured to reveal a list of all the domain names under the domain .kp“, you see, here we see part of the fun that will now escalate.

In this I invite NSA director Admiral Michael Rogers and FBI Director James Comey to read this, take note, because it is a free lesson in IT (to some extent). It is also a note for these two to investigate what talents their agencies actually have and to get rid of those who are kissing your sitting area for political reasons (which is always good policy). When  the accused nation has 28 websites, it is, I agree not an indication of other internet elements, but let me add to this.

The need to prototype and test any kind of malware and the infrastructure that could actually be used against the likes of Sony might be routed via North-Korea, but could never originate there. The fact that your boffins can’t tell the difference is a clear given that the cyber branch of your organisations are not up to scrap. In that case it is now imperative that you both contact Major General Christopher P. Weggeman, who is the Commander, 24th Air Force and Commander, Air Forces Cyber (AFCYBER). He should most likely be at Lackland Air Force Base, and the phone number of the base is (210) 671-1110. I reckon setting up a lunch meeting and learn a thing or two is not entirely unneeded. This is not me being sarcastic, this is me telling you two that the case was mishandled, got botched and now that due to North Korean ‘expertise’, plenty of people will be asking questions. The time requirement to get the data that got taken was not something that happened overnight. For the simple reason that that much data would have lit up an internet backbone and ever log alarm would have been ringing. The statement that the FBI made “it was unlikely that a third party had hijacked these addresses without allowance from the North Korean government” was laughable because of those pictures where we saw the Korean high-command behind a desktop system with a North Korean President sitting behind what is a mere desktop that has the computation equivalent of a Cuisena Egg Beater ($19.95 at Kitchen Warehouse).

Now, in opposition, I sit myself against me. You see, this might just be a rant, especially without clarification. All those North Korean images could just be misdirection. You see, to pull of the Sony caper you need stimulation, like a student would get at places like MIT, Stanford, or UTS. Peers challenging his solutions and blocking success, making that person come up with smarter solutions. Plenty of nations have hardware and challenging people and equipment that could offer it, but North Korea does not have any of that. The entire visibility as you would see from those 28 domains would have required to be of much higher sophistication. You see, for a hacker, there needs to be a level of sophistication that is begotten from challenge and experience. North Korea has none of that. Evidence of that was seen a few years ago when in 2012 in Pyongyang I believe, a press bus took a wrong turn. When some reporters mentioned on how a North Korean (military I believe) had no clue on smartphones. I remember seeing it on the Dutch NOS News program. The level of interaction and ignorance within a military structure could not be maintained as such the military would have had a clue to a better extent. The ignorance shown was not feigned or played, meaning that a technological level was missing, the fact that a domain setting was missed also means that certain monitoring solutions were not in place, alerting those who needed to on the wrongful domain settings, which is essential in regards to the entire hacking side. The fact that Reddit and several others have screenshots to the degree they have is another question mark in all this last but not least to those who prototype hacking solutions, as they need serious bandwidth to test how invisible they are (especially regarding streaming of Terabytes of Sony data), all these issues are surfacing from this mere article that the Guardian might have placed for entertainment value to news, but it shows that December 2014 is a very different story. Not only does it have the ability to exonerate the

We see a final quote from Martyn Williams, who runs the North Korea Tech blog ““It’s important to note this isn’t the domain name system for the internal intranet,” Williams wrote. “That isn’t accessible from the internet in any way.”” which is true to some extent. In that case take a look to the PDF (at https://www.blackhat.com/presentations/bh-usa-07/Grossman/Whitepaper/bh-usa-07-grossman-WP.pdf) from WhiteHat security. On page 4 we get “By simply selecting common net-block, scans of an entire Class-C range can be completed in less than 60 seconds“, yes, I agree you do not get that much info from that, but it gives us to some extent usage, you see, if something as simple as a domain setting is wrong, there is a massive chance that more obscure essential settings on intranet level have been missed, giving the ‘visitor’ options to a lot more information than most would expect. Another matter that the press missed (a few times), no matter how Time stated that the world was watching (at http://time.com/3660757/nsa-michael-rogers-sony-hack/), data needs to get from point to point, usually via a router, so the routers before it gets to North Korea, what were those addresses, how much data got ported through?

You see, the overreaction from the FBI, Homeland Security, NSA et al was overly visible. The political statements were so out in the open, so strong, that I always wondered: what else? You see, as I see it, Sony was either not the only one who got hacked, or Sony lost something else. The fact that in January 2015 Sony gave the following statement “Sony Entertainment is unable to confirm that hackers have been eradicated from its computer systems more than a month after the film studio was hit by a debilitating cyber-attack, a report says“, I mentioned it in my article ‘Slander versus Speculation‘ (at https://lawlordtobe.com/2015/01/03/slander-versus-speculation/). I thought it was the weirdest of statements. Basically, they had almost 3 weeks to set up a new server, to monitor all data traffic, giving indication that not only a weird way was used to get to the data (I speculated on an option that required it to be an inside job), yet more important, the fact that access had not been identified, meaning it was secured gave way to the issue that the hackers could have had access to more than just what was published. That requires a little bit more explanation. You see, as I personally see it, to know a transgressor we need to look at an oversimplified equation: ‘access = valid people + valid systems + threats‘ if threats cannot be identified, the issue could be that more than one element is missing, so either you know all the access, you know all the people and you know the identity of valid systems. Now at a place like Sony it is not that simple, but the elements remain the same. Only when more than one element cannot be measured do you get the threats to be a true unknown. That is at play then and it is still now. So if servers were compromised, Sony would need a better monitoring system. It’s my personal belief (and highly speculative) that Sony, like many other large companies have been cutting corners so certain checks and balances are not there, which makes a little sense in case of Sony with all those new expansions corners were possibly cut and at that point it had an IT department missing a roadmap, meaning the issue is really more complex (especially for Sony) because systems are not aligned. Perhaps that is the issue Sony had (again this is me speculating on it)?

What is now an issue is that North Korea is showing exactly as incapable as I thought it was and there is a score of Cyber specialists, many of them a lot bigger then I will ever become stating the same. I am not convinced it was that simple to begin with, for one, the amount of questions the press and others should have been asking regarding cloud security is one that I missed reading about and certain governmental parts in the US and other nations have been pushing for this cheaper solution, the issue being that it was not as secure as it needed to be, yet the expert levels were not on par so plenty of data would have been in danger of breaching. The question I had then and have now a lot louder is: “Perhaps Sony showed that cloud server data is even less secure than imagined and the level required to get to it is not as high as important stakeholders would need it to be“. That is now truly a question that matters! Because if there is any truth to that speculation, than the question becomes how secure is your personal data an how unaware are the system controllers of those cloud servers? The question not asked and it might have been resolved over the last 645 days, yet if data was in danger, who has had access and should the people have been allowed to remain unaware, especially if it is not the government who gained access?

Questions all worthy of answers, but in light of ‘statements made’ who can be trusted to get the people properly informed? Over the next days as we see how one element (the 28 sites) give more and more credible views on how North Korea was never the culprit, the question then becomes: who was? I reckon that if the likely candidates (China, Russia, UK and France) are considered there might not be an issue at all, apart from the fact that Sony needs to up their Cyber game, but if organised crime got access, what else have they gotten access to?

It is a speculative question and a valid one, for the mere reason that there is at present no valid indication that the FBI cyber unit had a decent idea, especially in light of the official response towards cyber security firm Norse what was going on.

Could I be wrong?

That remains a valid question. Even when we accept that the number of websites are no indication of Intranet or cybersecurity skills, they are indicative, when a nation has less websites than some third world villages, or their schools have. It is time to ask a few very serious questions, because skills only remain so through training and the infrastructure to test and to train incursions on a WAN of a Fortune 500 company is not an option, even if that person has his or her own Cray system to crunch codes. It didn’t make sense then and with yesterday’s revelation, it makes even less sense.

Finally one more speculation for the giggle within us all. This entire exercise could have been done to prevent ‘the Interview’ to become a complete flop. You know that movie that ran in the US in 581 theatres and made globally $11,305,175 (source: Box Office Mojo), basically about 10% of what Wolf of Wall Street made domestically.

What do you think?

 

Leave a comment

Filed under IT, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

January 19, 2016 · 21:54

Calling a centre

It seems that BT is one of the first one making a step back, a step towards the old times. They are moving away from those bulk cheap Indian call centres. I wonder if they are just the first. The title ‘BT hires 1,000 UK staff after complaints over Indian call centres‘ is not wrong, but I feel it is misleading. The article (at http://www.theguardian.com/business/2016/jan/18/bt-hires-1000-uk-staff-after-complaints-indian-call-centres),

I have had my share of experience with Indian call centres. The quote “The recruitment drive follows reports from customers that they preferred speaking to people in UK call centres rather than Indian staff based in Bangalore and Delhi. BT said the new jobs would be “frontline roles” in customer care“. You see, there are many places where the solution might to some degree work, yet the UK is different in many ways. They excel in dialects and expressions, so when an Indian call centre has an employee that would speak ‘English’, the idea that all versions of English are the same, they will come back from a cold turkey dinner with an added icy cold shower.

The fact that 80% of the call must be repeated because the friendly voice on the other side did not understand it is at the core of what is wrong, and it is one of two massive issues. In all fairness, none are actually the fault of the friendly voice on the phone, they are the core of the issue the flaw of the boss of his/her boss, likely even one level higher. Talking to someone in England in BBC English works perfect for the person on the non-Indian side of the phone conversation, the person responding is for the most ignorant of the BBC English condition and before the Indian call centre operator realises it.

So when the call starts and that person hears “I needed a bullseye before going off to Bedfordshire, now the fast sausage and mash machine has gone bollocks and ate me card!

How long until the call centre operator gets a clue that the man is trying to get $50 from the ATM and it swallowed his bank card? It could take 10 minutes just to get that sentence translated. I know it is an exaggeration, but consider how inaudible some dialects are especially from people in places like Hounslow or Cardiff. Now most UK people have a small problem comprehending people from there, so how will someone in India have a clue? These examples are a little out there, yet considering the vast wealth of expressions and dialects, the issue remains and for BT and some banks, the Indian call centres are not a solution, they never were and I personally talked to people in the late 90’s where that prediction was clearly given, yet it was all about cutting costs and getting a solution where people could live with a degradation from 100% service to 80% service, not just in the UK, this issue is nearly global.

The second issue is even more of a problem, again, the kind Indian voice should not be blamed, for the simple reason that this was all management. To get a certain path, people were ‘taught’ scripts and clear paths of choices. Almost like the automated system when you call places like Telstra, Optus, Vodafone (and Vodafail too) and many others. The system that takes you from choice to choice, a path with 1-5 choices, the call centre person got a similar path, and for 70% it works, for 70% of the issues, that they are receiving a call for, that gets resolved. Yet the other 30% are out of luck. The system is unrelenting and the call centre was not allowed to deviate. Having have worked as a Technical Account Manager in the service field, I saw and have been through many iterations where the customer has that 1% flaw, a dozen a day, data fields can be a relentless one and as more systems interact, more flaws creep into the connectivity. Now add the language to the procedural part and yes, now 1 in 3 would have an issue and the call centre would see new escalations on how one would infect another and soon the system was unworkable, the call centre person never had a clue on how things went from bad to worse and the worst part is that this is not some average count, in this system, the issues stack, so we get issue on issue with an ever increasing population who go from ‘tolerating’ to ‘extremely oppositional’.

A flawed system that came into play from the need of cost suppression. A sales driven industry that would never properly value the power of quality service, interesting is that it took this long to realise it. or is the issue not really costs, but the need for having home shaped jobs, more and more are needed in a current economy where local jobs are essentially more important.

In all this, we now need to consider the following: “But while BT performed badly overall, data on how quickly telecoms firms resolved complaints undermine reports that customers find it hard to communicate with Indian call centre staff“. Here we see two parts, the first one is ‘how quickly telecoms firms resolved complaints‘, there was not a technology part, for the most the issue was communication, clear communication both ways, when you consider that the UK population side does not speak BBC English (apart from perhaps those in the BBC building, and those in that large London donut), so as far as I can tell, most issues could be easily resolved though ‘proper’ English and the actual issue when identified would be resolved almost immediately. The part ‘hard to communicate with Indian call centre staff‘ gives the other part from the resolution, but overall there is another question, how do the numbers hold up when every case from beginning to end is checked on timeframes and quality? The given statement might not hold up, for the simple reason that the operational system is still an issue that path will not be the greatest issue when it is all in the UK, but overall there is an operational side that is not addressed. What operational call centre solutions will become part of the BT frame? Because the data that follows will need to be monitored and even as places are ‘preparing’ for the new solution, the question that follows is ‘are the right metrics being considered?‘ When we take that into consideration, we would need to see who will be looking at those metrics. A sales person will look at different metrics than a solution, service or consultancy manager, even though the consultancy manager is about sales, it will be about the satisfaction of the sold solution, so there will be a much stronger overlap.

The question now becomes, what will be the next hurdles for BT?

The infrastructure and the technology is one, the IT and the call centre system will require different solutions today than most solutions offered a decade ago, are those solutions up to speed to remain scalable, evolutionary and easily deployable? You see, the Indians who developed those solutions have created a decade of infrastructure expertise, that knowledge is partially lost to the UK solution industry.

the final quote to consider is “It said staff had recently agreed to more flexible working hours, to make sure calls could be answered from the UK at the weekend and in the evenings. “This demonstrates the commitment from everyone at BT to work together to improve customer service and to make things easy for our customers,” said Barr“, part of this has always existed, many places, including in the late 90’s required solutions to be working for a longer time. In that part there are two solutions, one is the variable times, which are at the current core of the solutions, in some cases (possibly not in the case of BT) is to have a time zone coverage, where large corporations have coverage in Europe, the US and Australia, creating a near perfect 24 hour coverage. When one call centre shuts down, the other one starts, or has been operating a few hours, meaning that any issue not dealt with in call centre one, the one to the east will pick up those issues as well as the ones they receive until they shot down, this moves forwards and in that solution a global service system comes to play, that level of service is now more and more required, because saving money was only an option where sales is king, in a system where sales is no longer staying up to speed, services needs to create a pillow for new sales and new steps to higher revenue.

That time is now returning, or perhaps better stated, the core of business needs to return to their home fields. In a state where mobiles rule, where Telco’s can be started from a living room with the mere need to have access to bandwidth to sell on, the home field advantage relies on service and interactive response, that step is now the place for the larger home players to get back their consumer base and from that step, reclaim the foundation of income to return to those large players. The sharks are returning and they are getting rid of the pilot fish that have been feeding themselves on too much food, the shark has been hungry for too long.

In that example, we all understand that in the healthy environment the shark will need, allow and even require the pilot fish. Yet as its food supply has been reduced to a mere fraction of what it was, the shark needs to evolve into being better and more efficient in devouring the food it gets, as there is less. So it sucks to be the pilot fish, but for too long every shark had not one but 5-10 pilot fish around its teeth, that part can no longer continue, whether those 5-10 were ‘validly’ there. In the end, cutting costs for those banks might have been a jump that is a lot more expensive than they bargained for, which will be at the centre of the numbers that the new call centre solutions would be trying to show in the pursuit of growing their grades, qualities and key result areas. So where is the flaw in my last statement?

You see, past the shark we get the issue that it was about cheap that was not, which is not completely correct, it is the change towards the new location that is the new cost, not the lack of old profits. We can argue that the not predicting that change is short sighted, but is that the flaw of the past, or our obsessive need to lay blame in the now?

It seems to me that BT is only the first in many, for those who have the quality and the knowledge, this will be an evolving field of need. Personally I see that this could be a potential job bringer to places like Scotland and Wales. When this evolves into a separate global call centre with a global coverage, those who have it will come to a decent growing field, a field of need where for the last few years there was none.

You see, there is another side in this, in the last few weeks there have been reports from places like Digital India we see titles like ‘Digital India will take off on the strength of call centres in small towns‘ (at http://indianexpress.com/article/business/business-others/digital-india-will-take-off-on-the-strength-of-call-centres-in-small-towns-ravi-shankar-prasad/) which makes perfect sense for their local market, a local market that has been evolving for some time now. Now consider the quote “There is enough data work available in the country (to be handled by these centres)”, which remains a fair call, yet the article is absent of international parts, which is a little odd, considering that this is about Ravi Shankar Prasad, Minister of Communications and Information Technology. Yet, in that same line of thinking we now get lines like ‘Serco on the road to recovery with £250m sale of Indian call centre business‘, Serco seems to be on a road, leaving that outsourcing solution to Blackstone.

The issue is a little hard to set, as Serco has had its fingers in so many pies, many failing to a larger extent, so that issue on Call centres is not easily settled here, but consider the dive they took by ridding themselves of it at this time and at the massive discount it was sold at, it starts to form a speculated pattern. You see, the fact that Indian call centres are all growing in their local market, and ‘speculated’ must remain the operative word here, because the needs of one Telco, does not give way to an early summer feeling in the employment market. For that we need to take one additional look to the BBC article (at http://www.bbc.com/news/magazine-31762595), called ‘The country training people to leave‘, the quote there is ““British companies love us because our English is not accented. The brightest graduates from our universities fight to get a job here. We only take the smartest kids. And after we’ve finished training them they even get your British sarcasm,” says Tubbs“, which is actually at the heart of the matter for one of the Indian issues, yet the part that is not addressed is that India had grown a strong infrastructure. That part was shown in the NY Times a year earlier, “The 2.2 million vehicles a day that grind away on Manila’s crumbling road system cost the country 876 billion pesos a year, or more than $20 billion, in lost productivity and wasted energy, according to a recent study by the Japan International Cooperation Agency. That is a serious drain on an economy of about $250 billion“, now add to that “Manila is plagued by power failures, chronic water shortages and an antiquated telecommunications system“, I am taking the airport out of that equation, which remains an issue too. The bottleneck was not addressing the growing options that required a massive overhaul, now it is too late, the power from Manilla in language was shown, making the move back to the UK an easy step. Consider the earlier BBC article, which gave “the government teaches thousands of people the skills they need to get jobs abroad“, we now have a rolling economy moving back to the UK, with additional options for workers who could be relocated to the UK should the call centres run dry on willing staff, even more optional is getting a hold of all that call centre staff, should the UK market not be providing enough early on, the UK has options to home grow a market they had lost, even more important is that this is a service filed Scottish workers could be trained in, giving additional solutions when the cost of corporate costs in the greater London area falls short, that is providing Birmingham does not pick up this opportunity.

As stated, it is speculated, but I see that BT has opened a door, a door that remains ajar for others to consider. Even if they are not in the UK, large US and Japanese corporations requires more and more the need for service solutions in the European timeline, the Indian solution was not the success they expected and the Manilla crises will continue at least 4-5 years, that is, if the infrastructure gets a massive overhaul as per immediate, if not, they lose the market too and Europe is hungry for real revenue, revenue that requires a service solution, one they had abstained form for too long.

Will this pan out correctly?

Even as the Philippine government is projecting a 15% growth from 2014 onwards, getting it from $11 billion, to $15 billion this year, the issue remains infrastructure, they have no real solution and the issues started to play in 2014, whilst no true overhaul had commenced, which means that it needs to address a near 32% growth and need in resources, whilst Manilla has no way to deal with it. This means that the summer drains will leave systems collapsing, something that we would start to see soon enough, it also means that those with Manilla support choices will need an alternative they did not bargain for. So the BT move is timely (in Philippine terms), if not essential to their path to repair.

Whatever comes next will be interesting to watch, because when that move does go forward, it becomes interesting to see how the larger corporations deal with their vested interest in places like Germany and France. In that regard, BT’s step (as stated by the Financial Times) comes with additional needs, as Sir Mike Rake saw the outsourcing as an ‘Achilles heel’, which might have been an understatement. In all that, Deutsche Telekom, who is connected in all this, might be seeing new trends to insourcing (pushing for could be a better word), as it also closes the door for the UK to leave the EEC as insourcing becomes more and more successful, which means many business players will be pushing for this success.

That part has additional reasons when we see that Sir Mike Rake, possibly UK’s largest Europhile in history gets to voice on how UK business at large does not want any form of Brexit, a move that can be given strength as call centres will grow in need within the EEC, which is just what the UK Conservatives hoped for, they just never expected to get saved by a call centre, which is amazingly hilarious in its own right.

 

Leave a comment

Filed under Finance, IT, Media, Politics

Tagged as , , , , , , , , , , , , , , , , , , ,

November 21, 2015 · 11:54

Was there a clear failure?

There was an article that crossed my eyes as I was preparing to have another go at Microsoft (likely tomorrow). With Paris clearly on the retina of all who open their eyes, those who hear the word Paris, will not think of Miss Hilton (except for one Journalist), they will not think of the city of love, or the city of lights. They will think of the 6 terror attacks that have dealt a massive blow to France and those living in Paris, which is to be expected. The French have nothing to be ashamed of, they have a proud heritage and a few mad man tried to deal it a body blow.

Now round two begins and the Guardian gives us: ‘How French intelligence agencies failed before the Paris attacks’, and article by Ewen MacAskill (at http://www.theguardian.com/world/2015/nov/19/how-french-intelligence-agencies-failed-before-the-paris-attacks). Of course the title woke me up, because it is interesting that the limited Intel is already leading to the blame game.

The first blame part is given: “In other words, the failure of the French intelligence agencies is not that they did not have enough data – but that they did not act on what they had“, yet is that correct? Let’s take a look at a few facts.

  1. The lack of cooperation between France and Belgium, where some of the attackers were based“, so is that a failing for France or Belgium? Let’s not forget that Belgium houses the Supreme Headquarters Allied Powers Europe (SHAPE), so as blame goes, the fact that these extremists could decently freely plot next to one of the biggest military big wig places in the world is reasonable cause for alarm.
  2. The police had a file on Omar Ismaïl Mostefai even before he traveled to Syria in 2013“, there are two issues here. In the first not every Islamic person is a terrorist, so there is one issue, yet what was known of his move to Syria and how did he get back? Did he get back to France or was he also in Belgium, or did he return via Lyon from Stockholm? There are loads of questions and not enough data. I know at least half a dozen ways to not create flags whilst travelling. In all these situations Omar Ismaïl Mostefai would not have landed on the grid and as such French Intel would remain in the dark for a longer time frame, was this properly investigated by Ewen MacAskill?

Now for his jab against data collection: “Tracking such suspects does not require the collection of the communications data – phone records, emails, Facebook postings, chat lines – of every French citizen, only the suspects“, the problem is that there is no way of knowing, who was in contact with whom else. That data is lacking, in addition, the way the average boy and girl regards their mobile phone, the simple act of stealing a mobile phone is not that much a stretch, so how will data then be available?

  1. lack of cooperation between European intelligence agencies“, which is actually a fair point, yet it is not just the lack of cooperation here, in addition there was the statement by Panos Kammenos, the Greek defence minister, which is still remaining unattended by journalists all over the place. Now, in my view the statement was stupid, but was it incorrect? The danger that Jihadists are getting into Europe vie Greece or Italy is a realistic threat, but how to deal with them? The fact that one has a Syrian passport is also a tinderbox as it could light up many national borders at present. Which goes far beyond the French borders.

In addition the last paragraph is also an issue: “Such failures are where the French and US intelligence agencies should be looking, rather than exploiting the tragedy to make the case for bulk data surveillance“, let’s take this to the rationale. 150,000 refugees have declared asylum in Europe, finding 10-20 people within that lot is impossible without a massively improved data capturing system, as well a good support system from their partners all over Europe. That list becomes a lot more complex once we look beyond for these people on less stable parameters, so the French can’t really continue without a massive overhaul of DGSE and I don’t mean this in a negative way. The UK has a much more compartmentalised system. The UK, just like Australia is ‘home is girt by sea’, which gives them an advantage. France does not have this and as we realise that Belgium intelligence is not that operational, additional methods must be employed. Even as GCHQ is in service towards both MI5 and MI6, the French system (DGSI and DGSI) need to merge with a more powerful version of their ‘upgraded’ version of GCHQ. So as Ewen MacAskill, as the intelligence correspondent of the Guardian fails to enlighten its readers of that part, as well as smooth over the European terrain by leaving out the Panos Kammenos we must all consider these parts. Now in this case it is not about having a go at Panos Kammenos (even though it is good fun to do that), the issue Greece does have is not one they can counter because of their weakened economic state. It is a side we cannot ignore. Greece is not alone, as hundreds of thousands of refugees cross the borders all over Europe, the reality of hundreds of Islamic state passing the borders in similar ways is a given. The first issue is data, it starts with collected papers and biometrics. Ewan fails in addition with the statement “rather than exploiting the tragedy to make the case for bulk data surveillance“, I am willing to entertain the thought, but data is key here. Not just on the people involved, but also on the people they interact with.

That part can be found when we consider the events around the honourable Mr. Wissam H. Fattouh, Secretary General of the Union of Arab Banks. In his YouTube speeches, in one of them we see: ‘Microenterprises projects due to the importance of these enterprises in the future of the Arab region‘, which is an essential need, because all nations need growth, and if the Arabian nations become stagnant, we will see an escalation that Europe cannot counter. Yet there is another side here. This was shown by the Egyptian Daily News (at http://www.dailynewsegypt.com/2015/09/19/concerns-over-islamic-state-funds-entering-arab-banks-for-terrorist-operations-uab-secretary-general/), where we see the quote: “The Union of Arab Banks (UAB) is worried about militant ”Islamic State” (IS) funds entering banks and being used to attract young people to carry out terrorist operations, said Wissam H. Fattouh, Secretary-General of the UAB“, in addition there is “the movement of funds across the border is uncontrolled, due to a lack of international laws to regulate this process“, so again, here is where Ewen failed. In all his rhetoric regarding French Failure, the fact that this needed serious funding, the fact that the funding crossed several European borders, an issue given to us by at least two white haired lame duck presidents who did not achieve ANYTHING regarding serious overhaul of banking and finance laws. They cannot be held responsible for Europe, but Europe took their pages from Wall Street, where the US presidents (plural) could have made a massive impact (but did not), in the state of debt the US is, this would never be a successful venture. These elements are all affecting France, because the money flows and it flows in many unmonitored ways, which is also part of the problem.

So after one week, we see pain, anguish and blame, the only resolve is coming from the French who are standing up proudly for THEIR France, Christians and Muslims alike, or did we all forget that it was 24 year old Muslim Lassana Bathily who kept the customers safe during the Charlie Hedbo attacks!

Yes, I believe that France must overhaul its systems and data is at the centre of it all, because if both DGSI and DGSE are working on the premise that their neighbours are unable to keep their streets clean, France better get prepared with a better data system, in that bulk data surveillance will be an essential need. In addition, that need is escalating because there is a second side to all this. There was a reason that Mr. Wissam H. Fattouh and Wall Street were mentioned. You see, three weeks ago the Financial Times reported on the break-up powers regarding banks (at http://www.ft.com/cms/s/0/06d6f790-7e53-11e5-a1fe-567b37f80b64.html). The quote “A controversial European Union bid to hand regulators more power to break up big banks has been given a shot in the arm after Brussels legislators agreed a preliminary deal following months of deadlock and fierce lobbying from the financial industry“. This is a problem on a few sides when we regard the lack of scruples bankers tend to have. If they are pushed in a corner they will take any deal that brings them wealth. If that requires an ISIS brokerage, the chance that some banker will take his 13% is not that far-fetched and as ‘easy’ as it was not for those funding ISIS, it seems to me that they will get additional options in the future, something Ewan did not reveal (which was not what his article was about), yet in light of the French events that item is a lot more important and visible than the emotional fishing expedition regarding a French failure, something I am not convinced of, even less when we watch the Belgium intelligence failure (the fact that Belgium never detained some of the French terrorists, nor did the Belgians inform French authorities of their concerns), a fact that we get from the quote: “We knew they were radicalized, and that they could go to Syria,” said Eric van der Sypt, spokesman for the Belgian federal prosecutor’s office. “But they showed no sign of possible threat. Even if we had signaled them to France, I doubt that we could have stopped them” (source: politico.eu), I reckon that a hundred plus fallen French citizens might disagree with Mr van der Sypt there.

My assessment is that there was no clear failure from France, there was a European Failure to properly communicate issues across borders, which is a lot more dangerous when we consider the 150,000 refugees all over the place, not to mention the 2 million plus in refugee centres all over the Middle East. So when I stated in 2014 that there is a clear and present danger in Jordan, I was not kidding. Too bad certain elements are not considering the whole picture, just the part that can be fingered for a few quick points, which will get plenty of other people killed sooner rather than later.

 

Leave a comment

Filed under Finance, Media, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , ,

June 5, 2015 · 20:58

In reference to the router

Is this a case of Mythopoeia? Am I the JRR Tolkien of bloggers (I wish) and writer of facts by a non-journalist? It might be. You see, this is all about a mythological theme that is constant as war is, because war never changes! Its concept and construct is as old as the first ‘soldier’ who combined a flint and a stick and started to spear people. In this mindset it is all about the other person, an archaic approach to the issue that does not lie beneath, it’s in front of the person not seeing what is right in front of him/her.

It is also the first evidence that we consider the concept ‘old soldier never die, they simply fade away’ to be no longer a genuine consideration. In this day and age, the old soldier gets his/her references deleted from the database of considerations. We remain with nothing more than an old person that cannot connect or interact, the router won’t let him/her!

This is how it begins, this is about certain events that just occurred, but I will specify this momentarily, you see, it goes back to an issue that Sony remembers rather well they got hacked. It was a long and hard task to get into that place Login=BigBossKazuoHirai; Password=WhereDreamsComeTrue;

Soon thereafter no more firewall, no more routers, just the bliss of cloud servers and data, so much data! The people behind it were clever, and soon it was gone and the blame fell to the one nation that does not even have the bandwidth to get 10% past anything. Yes, North Korea got blamed and got fingered and in all that the FBI and other spokespeople gave the notion that it was North Korea. The people who understand the world of data know better, it was the only player less then least likely to get it done, the knowhow and the infrastructure just isn’t there. I did have a theory on how it was done and I published that on February 8th 2015 (at https://lawlordtobe.com/2015/02/08/the-next-cyber-wave/) in the article called ‘The next cyber wave’. It is only a theory, but it is a lot more reliable and likely than a North Korean incursion because of a movie no one cares about.

The FBI has plenty of achievements (FIFA being the latest one), but within the FBI there is a weakness, not a failing, but a weakness. Because the US has such a niche setup for NSA, CIA and other Intel officers, their offices are for the most still archaic when it come to the digital era. They go to all the events, spend millions on courses and keep up to date, but for the most, these people are following a wave that is one generation old, they follow, they do not lead. The entire Edward Snowden issue is clear evidence. I remain to regard him a joke, not a hacker, so far he is just placed on a pedestal by the press, who have created something unreal and whatever they do not to change it, it will only cut themselves. That is the fall-back of creating an artificial hero who isn’t one.

Yet, this is not about Snowden, he is only an element. Now we get to the concept of paleo-philosophy and how it hits government structures behind IT. This all started yesterday (at http://www.theguardian.com/technology/2015/jun/04/us-government-massive-data-breach-employee-records-security-clearances), where we see ‘OPM hack: China blamed for massive breach of US government data’. Now first of all, if one power can do this, than it is China! France, UK and a few others can do it too, but let’s just assume it is not an ally! Here is where the entire paleo-philosophy comes into play. You see, even though war remained constant, the players changed and for the most, it is no longer about governments. This is all about corporations. Even the movies are catching on, there is no true side to Russia or China as the enemy. Yes, their students might do it to impress their superiors/professors, but that would just be there defining moment. Ethan Hunt is not hunting a nation, it is now hunting conglomerates, large players who remain and require to be zero percent taxable. Those are the actual ream enemies for the UK, the US and China. You see, I am not stating it was not China, I am only questioning the reasoning and other acts. You see, I tried to get an answer from State Secretary John Kerry at +1-202-647-9572, who does not seem to be answering the phone, neither is his right hand man, Jonathan J. Finer at +1-7234 202-647-8633. This is not a secret, the State Department has the PDF with office numbers, locations and phone numbers in an open PDF and you can Google the little sucker! In the age where loads of stuff is open the right person can combine tonnes of data in a moment’s notice.

So can the larger players! The quote in the beginning is the kicker “the impact of a massive data breach involving the agency that handles security clearances and US government employee records“, you see loads of this information is already with intelligence parts and counter parts. I reckon Beijing and Moscow had updated the records within the hour that the next record keeper moved into the office. Yet, now in 2015, as the engine starts up for the presidential elections of 2016, that data is important to plenty of non-governments, that part is not seen anywhere is it?

Then we get “A US law enforcement source told the Reuters news agency on Thursday night that a ‘foreign entity or government’ was believed to be behind the attack“, which is fair enough, so how was the jump made to China? You see, only 5 weeks ago, the Financial Review gave us “US Treasury pressures Tony Abbott to drop ‘Google tax’” (at http://www.afr.com/news/policy/tax/us-treasury-pressures-tony-abbott-to-drop-google-tax-20150428-1mu2sg). So as the Obama administration ‘vowed’ to crackdown on Tax avoidance, they are really not the player who wants to do anything to upset those luscious donators of pieces of currency paper (loads of currency paper), so a mere 6 months later the US, is trying to undo what they promised, whilst still trying to push the TPP papers through the throats of consumers everywhere, what an interesting web we weave!

You see, for the large corporation that list of who has access to papers, and his/her situation is worth gold today, for the Chinese a lot less so. Yet, I am not writing China off as a possible culprit! Let’s face it, they are not North Korea, which means that they do not need to power their router with a Philips 7424 Generator! So at this point, I would tend to agree with Chinese foreign ministry spokesman Hong Lei who branded the accusations “irresponsible and unscientific” at a news briefing on Friday.

Now we get to the quote that is central to the entire paleo-philosophy matters: “DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion”, first of all, I am not having a go at the DHS. I have done so in the past with good reason, but this is not that case. I think that in many areas government in not just falling behind, it started to fall behind in 2005 and has been falling behind ever since. Not just them though, organised large corporations like Sony, CVS Health, Valero Energy and Express Scripts Holding are only a few of the corporations that do not even realise the predicament they are in. The Deep Web is not just a place or a community, some of the players there have been organising and have been sharing and evolving that what they know. A massive pool of information, because Data is money, governments know it, corporation know it and THE HACKERS know it too. For them it is all relative easy, they have been living and walking the cloud data with the greatest of ease they can conflict data points and flood certain shared data hosts, only to achieve to get behind the corridor and remain invisible whilst the data is available at their leisure. In that environment the intelligence community is still trying to catch up with the basics (compared to where the hackers are). You see, whilst people in corporations and government are all about politics, those hackers were bout mayhem and anarchy, now they are figuring out that these skills get them a wealthy and luxurious lifestyle and they like the idea of not having a degree whilst owning most of Malibu Drive, a 21st century Point Break, where the funds allow them to party all the time. Corporations got them into that thinking mode. So were the culprits ‘merely’ hackers or was it a foreign government? That is the question I am unable to answer with facts, but to point at China being likely is event less assuring. Consider who gains power with that data? This much data can be up for sale, it can be utilised. In the premise of both, China is not unlikely, but what is ‘more likely than not’ is also a matter, even though that question is less easily answered and without evidence (I have none) any answer should not be regarded as reliable!

Now we get to the quote “Embassy spokesman Zhu Haiquan said China had made great efforts to combat cyberattacks and that tracking such events conducted across borders was difficult” it is correct, it matters and it is to the point. In addition, we must accept that trackers can also be set on the wrong path, it is not easy, but it can be done, both the hackers and China have skills there, as do the NSA and GCHQ. Yet, in all that, with the Sony hack still fresh in memory, who did it, which is the interesting question, but WHY is more interesting. We tend to focus on clearances here, but what else was there? What if the OPM has health details? What is the value of health risk analyses of 4 million people? At $10 a month that is a quick and easy half a billion isn’t it?

You see, the final part is seen here: “DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion”, This is to be expected, but the intruders know this too, so how did they get past it all again? That is the issue, I gave in my earlier blog one possible solution, but that could only be done through the inside person, to be clear of that, someone did a similar thing in the cloud, or in the stream of data, in a way that it does not show. Perhaps a mere pressure of data in a shared cloud point is all it took to get past the security. How many data packages are lost? what intel is gained from there, perhaps it is just a pure replication of packages job, there is no proper way to monitor data in transit, not in cloudy conditions, so as we see that more data is ‘breached’ we all must wonder what the data holders, both government and non-government are not ready for. It is the data of you and me that gets ‘sold’ who does it get sold to?

So as we see an article of a data hack and a photo of routers and wiring, which looks geeky and techy, was this in reference to the router? Or perhaps it is in reference to a reality many in charge are not ready to face any day soon, and in light of the upcoming US elections of 2016, some of these politicians definitely do not want to face it before 2017. Like the Google Tax, let the next person fix it!

A preferred political approach that will allow them to lose exclusivity of your data real fast!

 

2 Comments

Filed under Finance, IT, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , ,

February 21, 2015 · 21:13

Spooky Spooky Mobile

Spooky Spooky Mobile
Hacking thyne own file
Upload and Download
And as you have your chatter
I met a Telco
That would not give its data
So I took their servers
And gave it a little patch
(Goosy, Goosy, Gander)

Yes, when we look at the article ‘US and UK accused of hacking Sim card firm to steal codes‘ (at http://www.bbc.com/news/technology-31545050) I seem to resort to nursery rhymes. There is method to my madness, just as my madness could be regarded as methodical (to the smallest degree). I read the article with other eyes, perhaps you did too? The first part is seen here “The Intercept alleges that the hack organised by Britain’s GCHQ and the US National Security Agency (NSA) began in 2010, and was organised by operatives in the “Mobile Handset Exploitation Team”. Neither agency has commented directly on the allegations“, now, I will continue on the premise that this fact is true (not whether it is correct). In 2010 there was still a massive hunt for this bearded dude underway named Osama something or other. For this part I need to take you on a side trip ‘Banking Giant HSBC Sheltered Murky Cash Linked to Dictators and Arms Dealers‘ (at http://www.icij.org/project/swiss-leaks/banking-giant-hsbc-sheltered-murky-cash-linked-dictators-and-arms-dealers). The issue might be ‘news’ now, but it had been known in the intelligence industry for some time. After 2008 several individuals with additional limitations on moral and ethics were willing to assist the grey area of free trading in setting up funds. This group had ALWAYS existed, greed is such an easy tool to grow under, yet, the fact that some would be willing to be the money orchard for terrorist organisations is decently novel. 2008 had made many hungry so some would be willing to get at what they wanted, more money. A problem that has existed for a long time, so the premise to get access to mobiles so that possible lines of communications would be uncovered make perfect sense.

The trail goes further, you see, most people have a contract, or stay with the same provider for years, this not an issue for the hunters. You (roughly 99.99993243% of the mobile users) are not an issue, but how to find the rest? Hope on some random lucky draw? Governments rely on income from lotteries, not rely on getting a price in that same way. So getting a hold of ALL Sims is a much better solution. It made perfect sense. Do I like it? I actually do not care, I lead one of the dullest mobile lives and I believe that some people must be hunted down. So to go all out on ‘Yes’, hunt them down and ‘No’, you cannot monitor me, seems to be both hypocrite and sanctimonious all in one package. In addition, I tend to not break the law, which makes it even easier. So let’s get back to the article!

The next part is seen here “A Gemalto spokeswoman said the company was unable to verify whether there had indeed been a breach, and highlighted that other Sim manufacturers could also have been targeted. She added: “We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such highly sophisticated techniques to try to obtain Sim card data””, so we see two parts, one that the known provider is not the only provider, were they all targeted?

Linked to this is: “Eric King, deputy director of the campaign group Privacy International, said the NSA and GCHQ had “lost sight of what the rule of law means and how to weigh what is necessary and proportionate”“. This sounds nice in theory, but after taking a look at the Privacy International site, I see him as (only) slightly sanctimonious. all this on surveillance and SIGINT (the Five Eyes group), yet, they have ZERO visibility on the issue that I have on the exchange of data on a global scale by large corporations and how people are almost lulled into a sleepy state of just agreeing with it all, not to mention the other versions of the Lenovo ‘Superfish’ instances that we have not seen brought to daylight yet. It seems that governments are not allowed any options, whilst the propulsion of greed from large corporations and their data remains uninhibited by using the ‘US-EU Safe Harbor Framework‘ (at http://genomebiology.com/2014/15/8/430), when we consider the quote “A multinational seeking approval must submit its global policies and practices to a ‘lead’ EU data protection authority (DPA) – typically in the country of its European headquarters. Once the lead DPA gives its ‘stamp of approval’, a mutual recognition scheme among most EU member states facilitates approval by other relevant DPAs. To date, over 50 corporations have received BCR approval” When we see the list (at http://ec.europa.eu/justice/data-protection/document/international-transfers/binding-corporate-rules/bcr_cooperation/index_en.htm), we see NOVARTIS, which gives us a direct link to Natixis (and the massive amounts of links that they have). Ernst & Young and Motorola among others, so how can one satellite locations allow indirectly to move data across other borders, or make them accessible for query? Is it not interesting that Privacy International has not been looking at that (as far as I could tell), so do you see the issue I have with their ‘statement’?

Linked to the ‘alleged’ sim code heist is another article. This one is a lot older. It was from July 2013 and called “Millions of Sim cards are ‘vulnerable to hack attack’” (at http://www.bbc.com/news/technology-23402988), so, yes, when we see the quote “Karsten Nohl has said he has found a way to discover some Sims’ digital keys by sending them a special text message. He warned criminals could potentially use the technique to listen in on calls or steal cash“. So, yes getting the data from the sim makers directly would make a lot of sense (an ergonomically terrific solution), but this method might be less visible. So why was another method used. Now we get back to the beginning: “US and British intelligence agencies hacked into a major manufacturer of Sim cards in order to steal codes that facilitate eavesdropping on mobiles, a US news website says“, which News website? The fact that this news is followed by “The Intercept says the revelations came from US intelligence contractor turned whistle-blower Edward Snowden” gives another pause. What is actually happening? It seems to me that the Snowden stamp is making us chase ghosts (pun intended), but overall I see less and less reliability in these ‘spectacular revelations‘ and the press does not seem to be asking the questions they should be asking. The investigations that they should do, do not seem to be done. The ‘revelation‘ is made and then we see one party line response from GCHQ “However GCHQ reiterated that all its activities were “carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate”“, which is now linked to this, but there is no evidence that this has actually happened. The subtitle ‘Full investigation‘ seems to be a header without a factual link. That subtitle ends with some group shot and the by-line “Experts say that the alleged hack is a major compromise of worldwide mobile phone security“, is that actually the fact? Would phone security be compromised? It seems to me that the 2013 is a much larger threat to phone security and Google stopping its continued development to anything before Android KitKat is just an additional cause for alarm, how did the alleged government activities create more danger? It seems to me that the BBC has not illuminated parts that should have been illuminated. When we see “The UN’s telecoms agency – the International Telecommunications Union – said that it would now contact regulators and other government agencies worldwide to ensure they were aware of the threat“, is also an issue. When we consider the UK issue of telecom caps and the fact that nothing has been done for years, can we dimensionally see that awareness of the ITU could be regarded as a similar demure step is a valid question, yet the current article does not reflect on the earlier issue. The end of the latest article gives the one part that is important as I see it “But perhaps this latest leak has done more to highlight how a single company is in control of millions of people’s private data“. So was this an actual leak, or did someone figure out a possible issue with current technology and they added the ‘Snowden’ link to give it a little more fear. The last part could have been done by any decent technologist, no MIT degree required. So what about the one time mention of ‘a US news website says‘? Who was it and how come that this media courtier, depending on visibility is reduced to 5 words, which seemed a little odd to me from the very first time I read the message.

Leave a comment

Filed under IT, Media, Military, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , ,

February 15, 2015 · 23:09

A coin with more than two sides

Let us take a look at two of many more sides. The first side is given in this article: Google’s Vint Cerf warns of ‘digital Dark Age’ (at http://www.bbc.com/news/science-environment-31450389). The initial quote is “Vint Cerf, a ‘father of the internet’, says he is worried that all the images and documents we have been saving on computers will eventually be lost“. This sounds nice, but is that not the same as we have had forever? If we did not take care of our old photographs and our old negatives, than those pictures would be lost forever, so how is that different?

110mm_Agfa

See here, the picture of an Agfa Instamatic. It is almost identical to the camera I had in the late 70’s. So, how will you get those negatives developed? Where to buy film? Most will not care about it, many have bought new camera’s, but where to print the negatives you have? Nowadays with digital images, almost any printer will print it, almost every system will show them. How is that different? So are the words of Vint Cerf anything else but a sales pitch for some new ‘forever’ saved option, likely one that Google will offer and not unlikely in a way that gives Google shared ownership. Is that under the current feelings of ‘data collection’ such a sceptical view to have?

Now, I will state, that not unlike those old prints, the owner has the responsibility to keep the images safe, just like in the old days. Even if the originals (the digital negatives) are lost, as long as a print still exists, the image remains, just like the old photographs. Yet, his quote “But as technology moves on, they risk being lost in the wake of an accelerating digital revolution” holds truth, because that is not unlike the 110mm film issue. So as long as you have a data option that survives, like the 110mm negative holder, you can always get another print. So, CDROM’s in a writable version came in the late 90’s, so we only started to have a backup option for 20 years, yet affordable digital images would still need several more years. Yes, that market has grown exponential and now, we see the application of Common Cyber Sense in another way. Now, people will get confronted with the need to back things up. As the Digital disc evolved, so has the quality of these solutions. Now the discs last a lot longer, so backing up the old discs on new discs does make a whole lot of sense, so there is a side that makes perfect sense, but is that enough?

That part is shown in the following quote: “’I worry a great deal about that,’ Mr Cerf told me. ’You and I are experiencing things like this. Old formats of documents that we’ve created or presentations may not be readable by the latest version of the software because backwards compatibility is not always guaranteed’“. This is at the heart of what Vincent Serf is getting to, so he is definitely onto something. How many of you can still access all the WordPerfect files you created in 1992? Who can still access their FRED applications and their Ashton Tate’s Framework solutions? That list is slowly and surely getting close to zero. This is what Vincent is getting to and there list the crux, because this would have gone beyond mere images and what we currently still access. Consider the Digital VAX/VMS systems, the collected data that spans decades from 1982 onwards. The IBM series one (those 64Mb mainframes with 10 9” floppies), so Vincent is perfectly correct (as a man with his experience would be), but what solution to use? Yes, his idea is perfectly sound, but the issues that follows is the one that I have to some degree an issue with, you see, sometimes things get lost, which has happened throughout history, would our lives have been better if the Library of Alexandria survived? Would it be better, or would there be more and more incriminations? There is no way to know, but the issue can be explained in another way. This is a myth I heard in school a long time ago. The story is that a person could ask whatever he wanted for a created chess game. He asked for a grain in the first square, two in the second square and so on. By the time the board was half way through, the person paying for it would owe the person 2,147,483,648 grain seeds and that is just half way through. Now think of today’s world, where we collect everything. Like the chess board we collect every part and this just increased the junk we collect and that at a premium price. So what to keep? That is the hard part, it is interesting to keep on the side that sometimes we need to allow to lose things, but Vincent has a case. Now we look at one of the last quotes: “’Plainly not,’ Vint Cerf laughed. ‘But I think it is amusing to imagine that it is the year 3000 and you’ve done a Google search. The X-ray snapshot we are trying to capture should be transportable from one place to another. So, I should be able to move it from the Google cloud to some other cloud, or move it into a machine I have’“. Yes, there is the sales pitch. “Google search” and “move it from the Google cloud“, so there we have it, the Google cloud! Still, even though there is a sales pitch in here, does that make it a bad approach? Are we better because we save EVERYTHING? That is at the heart of this little conundrum. Now, those having their data on the old Cray might consider their data worthy, so do many who had their data on UNIX mini’s, but now consider every Novell edition, every desktop, now, it will be arbitrary if people decide to take these steps, yet what happens when all data can be baked up like this, what happens when some start ‘offering’ this for ‘free’? Who then co-owns that data, those solutions? Is that such a crazy thought to have?

Here is the last part: “And that’s the key issue here – how do I ensure in the distant future that the standards are still known, and I can still interpret this carefully constructed X-ray snapshot?” This is the part that is interesting; his concept of Digital Vellum is an interesting one. Yet, how should we move forward on that? What happens when these snapshots link up, when they connect, perhaps even interact? There is no way of knowing; perhaps this would be the beginning of a new evolution of data. Is that such a weird concept? Perhaps that is where we need to look at other sides too. Consider our insight, into our memories, our ‘wisdom’ and our ability to filter and extrapolate. Is this solution a primal step from near ‘artificial-intelligence’ to possible cyber/digital intelligence? The question becomes, if intelligence is grown from memories, what do we create when we give it everything we ever collected? I have seen the stories, the way some people think that the dangers of an artificial intelligence is so dangerous. We might consider the thoughts from the ‘Cyberdyne’ stories (Terminator series), but in the end, what if the digital intelligence is the beginning of our legacy? What if we learn to preserve ourselves, without leaving a carbon footprint, without being the deadly blight on nature? At some point we will stop to exist, we die; it is a simple consequence of nature, but what happened, if our wisdom is preserved? Many come with stories and nightmares of the loss of identity, but what happens if we can store intelligence? What happens if the next century Albert Einstein would be there to help us create progress, inspire innovation for all time? Is that such a bad thing? Some of these questions are beyond my ability to answer but there is a dangerous dark side too, what happens when this becomes commercial Intellectual Property? I am all for IP, yet, should cloned intelligence become the property of anyone? I feel that I might be alive long enough to actually see that question go to court. I hope that those making that decision are a lot wiser than I currently feel.

This now gets me to story two, which also came from the BBC (at http://www.bbc.com/news/technology-31440978), the story here is ‘Cybersecurity: Tech firms urged to share data with US‘, which gave me the initial scepticism regarding the Vint Cerf story. So, I am not linking them perse, they are separate stories. The initial quote is “Private tech firms should share more information with government and with each other to tackle cybercrime, according to US President Barack Obama“, I do not disagree with this thought, however, there is a side to this that is not addressed. The given quote is “Senior Google, Yahoo and Facebook executives turned down invitations to the summit, held at Stanford University“, so is this about not sharing, or about keeping the data non-sharable. There is part that we see when we look at the quote “Mr Obama is backing the creation of information sharing and analysis organisations (ISAOs) to help firms and government share material on potential threats“, yes, if we consider that Snowden fellow there could be issue, but is that a valid path? You see, consider how some do NOT want the cyber threat to reduce for the largest extent, consider how many software ‘solutions’ are out there, for viruses, phishing attacks, identity theft and several other parts. There are two dangers, at one part we have a possible solution to theoretically start solving and decently diminish the danger, the other side is on how all that data gets linked, that part in the wrong hands is a lot more dangerous than many could imagine.

The following quote adds to the worry: “Government cannot do this alone. But the fact is that the private sector can’t do it alone either because its government that often has the latest information on new threats” My issue is that this should not in the hands of any private part, it could be seen as the execution of the premise ‘absolute power corrupts absolutely’, those who face that lesson will not have an option. I would see a solution if there was collaboration between NSA, GCHQ, DGSE and a select few more. Reasoning? Cybercrimes have a distinct impact on national income and also national tax donations. They have all the drive to get it resolved. I have less faith in private companies, their allegiance is to profit, their board of directors and more profit. This is the issue as they will do what they need, someone falls on a sword and many get extremely wealthy, the data goes everywhere and many become exploitable, classifiable and re-sellable. I have been in data for decades, I think that governments can do what needs to be done, and it is time to change the cycle of re-iterated profit. Governments have made themselves the bitch of the private industries, the three mentioned initially is not enough, consider the quote down the line “Facebook, Yahoo, Google and Microsoft have all sent less senior executives to the conference“, so why was Microsoft not mentioned earlier? What is going on? The interesting part is that Bloomberg mentions Microsoft several times, the BBC article just twice. It is clear that something needs to be done on several levels, but it takes a different scope and a different approach, I feel decently certain that keeping the private touch out of this will be essential, for the reason that private companies have a mere commercial scope. I feel uncertain that this approach will work, it has not worked for a long time; I have seen ego and political play and personal reasoning interfere with results, in more than one nation. Whatever is done, it needs to be done, it needs to be done a lot faster than many consider and even though taking the politician out of a government seems to be impossible, we need to make sure that an approach is considered that does not allow for political exploitation, but how to get that done is another matter entirely.

 

1 Comment

Filed under IT, Law, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , ,