Tag Archives: GCHQ

June 5, 2015 · 20:58

In reference to the router

Is this a case of Mythopoeia? Am I the JRR Tolkien of bloggers (I wish) and writer of facts by a non-journalist? It might be. You see, this is all about a mythological theme that is constant as war is, because war never changes! Its concept and construct is as old as the first ‘soldier’ who combined a flint and a stick and started to spear people. In this mindset it is all about the other person, an archaic approach to the issue that does not lie beneath, it’s in front of the person not seeing what is right in front of him/her.

It is also the first evidence that we consider the concept ‘old soldier never die, they simply fade away’ to be no longer a genuine consideration. In this day and age, the old soldier gets his/her references deleted from the database of considerations. We remain with nothing more than an old person that cannot connect or interact, the router won’t let him/her!

This is how it begins, this is about certain events that just occurred, but I will specify this momentarily, you see, it goes back to an issue that Sony remembers rather well they got hacked. It was a long and hard task to get into that place Login=BigBossKazuoHirai; Password=WhereDreamsComeTrue;

Soon thereafter no more firewall, no more routers, just the bliss of cloud servers and data, so much data! The people behind it were clever, and soon it was gone and the blame fell to the one nation that does not even have the bandwidth to get 10% past anything. Yes, North Korea got blamed and got fingered and in all that the FBI and other spokespeople gave the notion that it was North Korea. The people who understand the world of data know better, it was the only player less then least likely to get it done, the knowhow and the infrastructure just isn’t there. I did have a theory on how it was done and I published that on February 8th 2015 (at https://lawlordtobe.com/2015/02/08/the-next-cyber-wave/) in the article called ‘The next cyber wave’. It is only a theory, but it is a lot more reliable and likely than a North Korean incursion because of a movie no one cares about.

The FBI has plenty of achievements (FIFA being the latest one), but within the FBI there is a weakness, not a failing, but a weakness. Because the US has such a niche setup for NSA, CIA and other Intel officers, their offices are for the most still archaic when it come to the digital era. They go to all the events, spend millions on courses and keep up to date, but for the most, these people are following a wave that is one generation old, they follow, they do not lead. The entire Edward Snowden issue is clear evidence. I remain to regard him a joke, not a hacker, so far he is just placed on a pedestal by the press, who have created something unreal and whatever they do not to change it, it will only cut themselves. That is the fall-back of creating an artificial hero who isn’t one.

Yet, this is not about Snowden, he is only an element. Now we get to the concept of paleo-philosophy and how it hits government structures behind IT. This all started yesterday (at http://www.theguardian.com/technology/2015/jun/04/us-government-massive-data-breach-employee-records-security-clearances), where we see ‘OPM hack: China blamed for massive breach of US government data’. Now first of all, if one power can do this, than it is China! France, UK and a few others can do it too, but let’s just assume it is not an ally! Here is where the entire paleo-philosophy comes into play. You see, even though war remained constant, the players changed and for the most, it is no longer about governments. This is all about corporations. Even the movies are catching on, there is no true side to Russia or China as the enemy. Yes, their students might do it to impress their superiors/professors, but that would just be there defining moment. Ethan Hunt is not hunting a nation, it is now hunting conglomerates, large players who remain and require to be zero percent taxable. Those are the actual ream enemies for the UK, the US and China. You see, I am not stating it was not China, I am only questioning the reasoning and other acts. You see, I tried to get an answer from State Secretary John Kerry at +1-202-647-9572, who does not seem to be answering the phone, neither is his right hand man, Jonathan J. Finer at +1-7234 202-647-8633. This is not a secret, the State Department has the PDF with office numbers, locations and phone numbers in an open PDF and you can Google the little sucker! In the age where loads of stuff is open the right person can combine tonnes of data in a moment’s notice.

So can the larger players! The quote in the beginning is the kicker “the impact of a massive data breach involving the agency that handles security clearances and US government employee records“, you see loads of this information is already with intelligence parts and counter parts. I reckon Beijing and Moscow had updated the records within the hour that the next record keeper moved into the office. Yet, now in 2015, as the engine starts up for the presidential elections of 2016, that data is important to plenty of non-governments, that part is not seen anywhere is it?

Then we get “A US law enforcement source told the Reuters news agency on Thursday night that a ‘foreign entity or government’ was believed to be behind the attack“, which is fair enough, so how was the jump made to China? You see, only 5 weeks ago, the Financial Review gave us “US Treasury pressures Tony Abbott to drop ‘Google tax’” (at http://www.afr.com/news/policy/tax/us-treasury-pressures-tony-abbott-to-drop-google-tax-20150428-1mu2sg). So as the Obama administration ‘vowed’ to crackdown on Tax avoidance, they are really not the player who wants to do anything to upset those luscious donators of pieces of currency paper (loads of currency paper), so a mere 6 months later the US, is trying to undo what they promised, whilst still trying to push the TPP papers through the throats of consumers everywhere, what an interesting web we weave!

You see, for the large corporation that list of who has access to papers, and his/her situation is worth gold today, for the Chinese a lot less so. Yet, I am not writing China off as a possible culprit! Let’s face it, they are not North Korea, which means that they do not need to power their router with a Philips 7424 Generator! So at this point, I would tend to agree with Chinese foreign ministry spokesman Hong Lei who branded the accusations “irresponsible and unscientific” at a news briefing on Friday.

Now we get to the quote that is central to the entire paleo-philosophy matters: “DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion”, first of all, I am not having a go at the DHS. I have done so in the past with good reason, but this is not that case. I think that in many areas government in not just falling behind, it started to fall behind in 2005 and has been falling behind ever since. Not just them though, organised large corporations like Sony, CVS Health, Valero Energy and Express Scripts Holding are only a few of the corporations that do not even realise the predicament they are in. The Deep Web is not just a place or a community, some of the players there have been organising and have been sharing and evolving that what they know. A massive pool of information, because Data is money, governments know it, corporation know it and THE HACKERS know it too. For them it is all relative easy, they have been living and walking the cloud data with the greatest of ease they can conflict data points and flood certain shared data hosts, only to achieve to get behind the corridor and remain invisible whilst the data is available at their leisure. In that environment the intelligence community is still trying to catch up with the basics (compared to where the hackers are). You see, whilst people in corporations and government are all about politics, those hackers were bout mayhem and anarchy, now they are figuring out that these skills get them a wealthy and luxurious lifestyle and they like the idea of not having a degree whilst owning most of Malibu Drive, a 21st century Point Break, where the funds allow them to party all the time. Corporations got them into that thinking mode. So were the culprits ‘merely’ hackers or was it a foreign government? That is the question I am unable to answer with facts, but to point at China being likely is event less assuring. Consider who gains power with that data? This much data can be up for sale, it can be utilised. In the premise of both, China is not unlikely, but what is ‘more likely than not’ is also a matter, even though that question is less easily answered and without evidence (I have none) any answer should not be regarded as reliable!

Now we get to the quote “Embassy spokesman Zhu Haiquan said China had made great efforts to combat cyberattacks and that tracking such events conducted across borders was difficult” it is correct, it matters and it is to the point. In addition, we must accept that trackers can also be set on the wrong path, it is not easy, but it can be done, both the hackers and China have skills there, as do the NSA and GCHQ. Yet, in all that, with the Sony hack still fresh in memory, who did it, which is the interesting question, but WHY is more interesting. We tend to focus on clearances here, but what else was there? What if the OPM has health details? What is the value of health risk analyses of 4 million people? At $10 a month that is a quick and easy half a billion isn’t it?

You see, the final part is seen here: “DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion”, This is to be expected, but the intruders know this too, so how did they get past it all again? That is the issue, I gave in my earlier blog one possible solution, but that could only be done through the inside person, to be clear of that, someone did a similar thing in the cloud, or in the stream of data, in a way that it does not show. Perhaps a mere pressure of data in a shared cloud point is all it took to get past the security. How many data packages are lost? what intel is gained from there, perhaps it is just a pure replication of packages job, there is no proper way to monitor data in transit, not in cloudy conditions, so as we see that more data is ‘breached’ we all must wonder what the data holders, both government and non-government are not ready for. It is the data of you and me that gets ‘sold’ who does it get sold to?

So as we see an article of a data hack and a photo of routers and wiring, which looks geeky and techy, was this in reference to the router? Or perhaps it is in reference to a reality many in charge are not ready to face any day soon, and in light of the upcoming US elections of 2016, some of these politicians definitely do not want to face it before 2017. Like the Google Tax, let the next person fix it!

A preferred political approach that will allow them to lose exclusivity of your data real fast!

 

2 Comments

Filed under Finance, IT, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , ,

February 21, 2015 · 21:13

Spooky Spooky Mobile

Spooky Spooky Mobile
Hacking thyne own file
Upload and Download
And as you have your chatter
I met a Telco
That would not give its data
So I took their servers
And gave it a little patch
(Goosy, Goosy, Gander)

Yes, when we look at the article ‘US and UK accused of hacking Sim card firm to steal codes‘ (at http://www.bbc.com/news/technology-31545050) I seem to resort to nursery rhymes. There is method to my madness, just as my madness could be regarded as methodical (to the smallest degree). I read the article with other eyes, perhaps you did too? The first part is seen here “The Intercept alleges that the hack organised by Britain’s GCHQ and the US National Security Agency (NSA) began in 2010, and was organised by operatives in the “Mobile Handset Exploitation Team”. Neither agency has commented directly on the allegations“, now, I will continue on the premise that this fact is true (not whether it is correct). In 2010 there was still a massive hunt for this bearded dude underway named Osama something or other. For this part I need to take you on a side trip ‘Banking Giant HSBC Sheltered Murky Cash Linked to Dictators and Arms Dealers‘ (at http://www.icij.org/project/swiss-leaks/banking-giant-hsbc-sheltered-murky-cash-linked-dictators-and-arms-dealers). The issue might be ‘news’ now, but it had been known in the intelligence industry for some time. After 2008 several individuals with additional limitations on moral and ethics were willing to assist the grey area of free trading in setting up funds. This group had ALWAYS existed, greed is such an easy tool to grow under, yet, the fact that some would be willing to be the money orchard for terrorist organisations is decently novel. 2008 had made many hungry so some would be willing to get at what they wanted, more money. A problem that has existed for a long time, so the premise to get access to mobiles so that possible lines of communications would be uncovered make perfect sense.

The trail goes further, you see, most people have a contract, or stay with the same provider for years, this not an issue for the hunters. You (roughly 99.99993243% of the mobile users) are not an issue, but how to find the rest? Hope on some random lucky draw? Governments rely on income from lotteries, not rely on getting a price in that same way. So getting a hold of ALL Sims is a much better solution. It made perfect sense. Do I like it? I actually do not care, I lead one of the dullest mobile lives and I believe that some people must be hunted down. So to go all out on ‘Yes’, hunt them down and ‘No’, you cannot monitor me, seems to be both hypocrite and sanctimonious all in one package. In addition, I tend to not break the law, which makes it even easier. So let’s get back to the article!

The next part is seen here “A Gemalto spokeswoman said the company was unable to verify whether there had indeed been a breach, and highlighted that other Sim manufacturers could also have been targeted. She added: “We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such highly sophisticated techniques to try to obtain Sim card data””, so we see two parts, one that the known provider is not the only provider, were they all targeted?

Linked to this is: “Eric King, deputy director of the campaign group Privacy International, said the NSA and GCHQ had “lost sight of what the rule of law means and how to weigh what is necessary and proportionate”“. This sounds nice in theory, but after taking a look at the Privacy International site, I see him as (only) slightly sanctimonious. all this on surveillance and SIGINT (the Five Eyes group), yet, they have ZERO visibility on the issue that I have on the exchange of data on a global scale by large corporations and how people are almost lulled into a sleepy state of just agreeing with it all, not to mention the other versions of the Lenovo ‘Superfish’ instances that we have not seen brought to daylight yet. It seems that governments are not allowed any options, whilst the propulsion of greed from large corporations and their data remains uninhibited by using the ‘US-EU Safe Harbor Framework‘ (at http://genomebiology.com/2014/15/8/430), when we consider the quote “A multinational seeking approval must submit its global policies and practices to a ‘lead’ EU data protection authority (DPA) – typically in the country of its European headquarters. Once the lead DPA gives its ‘stamp of approval’, a mutual recognition scheme among most EU member states facilitates approval by other relevant DPAs. To date, over 50 corporations have received BCR approval” When we see the list (at http://ec.europa.eu/justice/data-protection/document/international-transfers/binding-corporate-rules/bcr_cooperation/index_en.htm), we see NOVARTIS, which gives us a direct link to Natixis (and the massive amounts of links that they have). Ernst & Young and Motorola among others, so how can one satellite locations allow indirectly to move data across other borders, or make them accessible for query? Is it not interesting that Privacy International has not been looking at that (as far as I could tell), so do you see the issue I have with their ‘statement’?

Linked to the ‘alleged’ sim code heist is another article. This one is a lot older. It was from July 2013 and called “Millions of Sim cards are ‘vulnerable to hack attack’” (at http://www.bbc.com/news/technology-23402988), so, yes, when we see the quote “Karsten Nohl has said he has found a way to discover some Sims’ digital keys by sending them a special text message. He warned criminals could potentially use the technique to listen in on calls or steal cash“. So, yes getting the data from the sim makers directly would make a lot of sense (an ergonomically terrific solution), but this method might be less visible. So why was another method used. Now we get back to the beginning: “US and British intelligence agencies hacked into a major manufacturer of Sim cards in order to steal codes that facilitate eavesdropping on mobiles, a US news website says“, which News website? The fact that this news is followed by “The Intercept says the revelations came from US intelligence contractor turned whistle-blower Edward Snowden” gives another pause. What is actually happening? It seems to me that the Snowden stamp is making us chase ghosts (pun intended), but overall I see less and less reliability in these ‘spectacular revelations‘ and the press does not seem to be asking the questions they should be asking. The investigations that they should do, do not seem to be done. The ‘revelation‘ is made and then we see one party line response from GCHQ “However GCHQ reiterated that all its activities were “carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate”“, which is now linked to this, but there is no evidence that this has actually happened. The subtitle ‘Full investigation‘ seems to be a header without a factual link. That subtitle ends with some group shot and the by-line “Experts say that the alleged hack is a major compromise of worldwide mobile phone security“, is that actually the fact? Would phone security be compromised? It seems to me that the 2013 is a much larger threat to phone security and Google stopping its continued development to anything before Android KitKat is just an additional cause for alarm, how did the alleged government activities create more danger? It seems to me that the BBC has not illuminated parts that should have been illuminated. When we see “The UN’s telecoms agency – the International Telecommunications Union – said that it would now contact regulators and other government agencies worldwide to ensure they were aware of the threat“, is also an issue. When we consider the UK issue of telecom caps and the fact that nothing has been done for years, can we dimensionally see that awareness of the ITU could be regarded as a similar demure step is a valid question, yet the current article does not reflect on the earlier issue. The end of the latest article gives the one part that is important as I see it “But perhaps this latest leak has done more to highlight how a single company is in control of millions of people’s private data“. So was this an actual leak, or did someone figure out a possible issue with current technology and they added the ‘Snowden’ link to give it a little more fear. The last part could have been done by any decent technologist, no MIT degree required. So what about the one time mention of ‘a US news website says‘? Who was it and how come that this media courtier, depending on visibility is reduced to 5 words, which seemed a little odd to me from the very first time I read the message.

Leave a comment

Filed under IT, Media, Military, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , ,

February 15, 2015 · 23:09

A coin with more than two sides

Let us take a look at two of many more sides. The first side is given in this article: Google’s Vint Cerf warns of ‘digital Dark Age’ (at http://www.bbc.com/news/science-environment-31450389). The initial quote is “Vint Cerf, a ‘father of the internet’, says he is worried that all the images and documents we have been saving on computers will eventually be lost“. This sounds nice, but is that not the same as we have had forever? If we did not take care of our old photographs and our old negatives, than those pictures would be lost forever, so how is that different?

110mm_Agfa

See here, the picture of an Agfa Instamatic. It is almost identical to the camera I had in the late 70’s. So, how will you get those negatives developed? Where to buy film? Most will not care about it, many have bought new camera’s, but where to print the negatives you have? Nowadays with digital images, almost any printer will print it, almost every system will show them. How is that different? So are the words of Vint Cerf anything else but a sales pitch for some new ‘forever’ saved option, likely one that Google will offer and not unlikely in a way that gives Google shared ownership. Is that under the current feelings of ‘data collection’ such a sceptical view to have?

Now, I will state, that not unlike those old prints, the owner has the responsibility to keep the images safe, just like in the old days. Even if the originals (the digital negatives) are lost, as long as a print still exists, the image remains, just like the old photographs. Yet, his quote “But as technology moves on, they risk being lost in the wake of an accelerating digital revolution” holds truth, because that is not unlike the 110mm film issue. So as long as you have a data option that survives, like the 110mm negative holder, you can always get another print. So, CDROM’s in a writable version came in the late 90’s, so we only started to have a backup option for 20 years, yet affordable digital images would still need several more years. Yes, that market has grown exponential and now, we see the application of Common Cyber Sense in another way. Now, people will get confronted with the need to back things up. As the Digital disc evolved, so has the quality of these solutions. Now the discs last a lot longer, so backing up the old discs on new discs does make a whole lot of sense, so there is a side that makes perfect sense, but is that enough?

That part is shown in the following quote: “’I worry a great deal about that,’ Mr Cerf told me. ’You and I are experiencing things like this. Old formats of documents that we’ve created or presentations may not be readable by the latest version of the software because backwards compatibility is not always guaranteed’“. This is at the heart of what Vincent Serf is getting to, so he is definitely onto something. How many of you can still access all the WordPerfect files you created in 1992? Who can still access their FRED applications and their Ashton Tate’s Framework solutions? That list is slowly and surely getting close to zero. This is what Vincent is getting to and there list the crux, because this would have gone beyond mere images and what we currently still access. Consider the Digital VAX/VMS systems, the collected data that spans decades from 1982 onwards. The IBM series one (those 64Mb mainframes with 10 9” floppies), so Vincent is perfectly correct (as a man with his experience would be), but what solution to use? Yes, his idea is perfectly sound, but the issues that follows is the one that I have to some degree an issue with, you see, sometimes things get lost, which has happened throughout history, would our lives have been better if the Library of Alexandria survived? Would it be better, or would there be more and more incriminations? There is no way to know, but the issue can be explained in another way. This is a myth I heard in school a long time ago. The story is that a person could ask whatever he wanted for a created chess game. He asked for a grain in the first square, two in the second square and so on. By the time the board was half way through, the person paying for it would owe the person 2,147,483,648 grain seeds and that is just half way through. Now think of today’s world, where we collect everything. Like the chess board we collect every part and this just increased the junk we collect and that at a premium price. So what to keep? That is the hard part, it is interesting to keep on the side that sometimes we need to allow to lose things, but Vincent has a case. Now we look at one of the last quotes: “’Plainly not,’ Vint Cerf laughed. ‘But I think it is amusing to imagine that it is the year 3000 and you’ve done a Google search. The X-ray snapshot we are trying to capture should be transportable from one place to another. So, I should be able to move it from the Google cloud to some other cloud, or move it into a machine I have’“. Yes, there is the sales pitch. “Google search” and “move it from the Google cloud“, so there we have it, the Google cloud! Still, even though there is a sales pitch in here, does that make it a bad approach? Are we better because we save EVERYTHING? That is at the heart of this little conundrum. Now, those having their data on the old Cray might consider their data worthy, so do many who had their data on UNIX mini’s, but now consider every Novell edition, every desktop, now, it will be arbitrary if people decide to take these steps, yet what happens when all data can be baked up like this, what happens when some start ‘offering’ this for ‘free’? Who then co-owns that data, those solutions? Is that such a crazy thought to have?

Here is the last part: “And that’s the key issue here – how do I ensure in the distant future that the standards are still known, and I can still interpret this carefully constructed X-ray snapshot?” This is the part that is interesting; his concept of Digital Vellum is an interesting one. Yet, how should we move forward on that? What happens when these snapshots link up, when they connect, perhaps even interact? There is no way of knowing; perhaps this would be the beginning of a new evolution of data. Is that such a weird concept? Perhaps that is where we need to look at other sides too. Consider our insight, into our memories, our ‘wisdom’ and our ability to filter and extrapolate. Is this solution a primal step from near ‘artificial-intelligence’ to possible cyber/digital intelligence? The question becomes, if intelligence is grown from memories, what do we create when we give it everything we ever collected? I have seen the stories, the way some people think that the dangers of an artificial intelligence is so dangerous. We might consider the thoughts from the ‘Cyberdyne’ stories (Terminator series), but in the end, what if the digital intelligence is the beginning of our legacy? What if we learn to preserve ourselves, without leaving a carbon footprint, without being the deadly blight on nature? At some point we will stop to exist, we die; it is a simple consequence of nature, but what happened, if our wisdom is preserved? Many come with stories and nightmares of the loss of identity, but what happens if we can store intelligence? What happens if the next century Albert Einstein would be there to help us create progress, inspire innovation for all time? Is that such a bad thing? Some of these questions are beyond my ability to answer but there is a dangerous dark side too, what happens when this becomes commercial Intellectual Property? I am all for IP, yet, should cloned intelligence become the property of anyone? I feel that I might be alive long enough to actually see that question go to court. I hope that those making that decision are a lot wiser than I currently feel.

This now gets me to story two, which also came from the BBC (at http://www.bbc.com/news/technology-31440978), the story here is ‘Cybersecurity: Tech firms urged to share data with US‘, which gave me the initial scepticism regarding the Vint Cerf story. So, I am not linking them perse, they are separate stories. The initial quote is “Private tech firms should share more information with government and with each other to tackle cybercrime, according to US President Barack Obama“, I do not disagree with this thought, however, there is a side to this that is not addressed. The given quote is “Senior Google, Yahoo and Facebook executives turned down invitations to the summit, held at Stanford University“, so is this about not sharing, or about keeping the data non-sharable. There is part that we see when we look at the quote “Mr Obama is backing the creation of information sharing and analysis organisations (ISAOs) to help firms and government share material on potential threats“, yes, if we consider that Snowden fellow there could be issue, but is that a valid path? You see, consider how some do NOT want the cyber threat to reduce for the largest extent, consider how many software ‘solutions’ are out there, for viruses, phishing attacks, identity theft and several other parts. There are two dangers, at one part we have a possible solution to theoretically start solving and decently diminish the danger, the other side is on how all that data gets linked, that part in the wrong hands is a lot more dangerous than many could imagine.

The following quote adds to the worry: “Government cannot do this alone. But the fact is that the private sector can’t do it alone either because its government that often has the latest information on new threats” My issue is that this should not in the hands of any private part, it could be seen as the execution of the premise ‘absolute power corrupts absolutely’, those who face that lesson will not have an option. I would see a solution if there was collaboration between NSA, GCHQ, DGSE and a select few more. Reasoning? Cybercrimes have a distinct impact on national income and also national tax donations. They have all the drive to get it resolved. I have less faith in private companies, their allegiance is to profit, their board of directors and more profit. This is the issue as they will do what they need, someone falls on a sword and many get extremely wealthy, the data goes everywhere and many become exploitable, classifiable and re-sellable. I have been in data for decades, I think that governments can do what needs to be done, and it is time to change the cycle of re-iterated profit. Governments have made themselves the bitch of the private industries, the three mentioned initially is not enough, consider the quote down the line “Facebook, Yahoo, Google and Microsoft have all sent less senior executives to the conference“, so why was Microsoft not mentioned earlier? What is going on? The interesting part is that Bloomberg mentions Microsoft several times, the BBC article just twice. It is clear that something needs to be done on several levels, but it takes a different scope and a different approach, I feel decently certain that keeping the private touch out of this will be essential, for the reason that private companies have a mere commercial scope. I feel uncertain that this approach will work, it has not worked for a long time; I have seen ego and political play and personal reasoning interfere with results, in more than one nation. Whatever is done, it needs to be done, it needs to be done a lot faster than many consider and even though taking the politician out of a government seems to be impossible, we need to make sure that an approach is considered that does not allow for political exploitation, but how to get that done is another matter entirely.

 

1 Comment

Filed under IT, Law, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , ,

February 8, 2015 · 23:08

The next cyber wave

The news is almost two weeks old. There was no real reason to not look at it, I just missed the initial article. It happens! This is also at the heart of the issue on more than one level. Consider the quotes “The first 13-week programme for Cyber London (CyLon) will kick off in April, with a group of startups drawn from industries including defence, retail, telecoms and health services” and “On the one hand, the government is keen to invest in cyber-security startups: witness chancellor George Osborne’s announcement that GCHQ is investing “£3bn over nine years into developing the next stage of national cyber intelligence”“. So is this just about getting your fingers on a slice of this yummy slice of income? You see, this issue skates on problem that I (many others too) saw that Common Cyber Sense existed, but the bulk of companies treated it as an overhyped requirement. Yes, those managers were always so nervous when they got introduced to ‘costs’. I reckon that the Sony hack will remain the driving force for some time, in addition several business units are more and more in need for some better up to data encryption, so this cyber wave is getting some decent visibility. So as we look at the title ‘Cyber London aims to make the UK a launchpad for cyber-security startups‘ (at http://www.theguardian.com/technology/2015/jan/28/cyber-london-accelerator-cyber-security-startups).

There is no denying that the call of 9,000 million is a strong one, especially in this economy. More important, as more companies are gripped by a decent amount of fear regarding their own future, this event will be at the foundation of several longer running projects and corporations. There is of course question on what is real. That question becomes an issue when we see that even now, rumours still emerge on what happened in regards to who did the works on Sony and how it was done, especially in light that the article in Business Insider claims that the hackers still have access. The latter part will be speculated on by me later in this article.

For the most, the next cyber wave is a good thing, especially when thousands of data holders realise that their corporate future depends on keeping these systems decently safe. I use the term decently safe, because ‘complete’ safety is not something that is achievable, not on budget levels that many depend upon. Yes, security can be better and a lot of companies will invest, they will raise the threshold of many companies, yet will they raise it enough? That is at the foundation of what is about to come.

I predict that these startups are all about consultancy and some will offer products, some on safety and some on encryption. Encryption will be the next big thing, the question becomes how will encryption be properly managed? There are plenty of people who enthusiastically encrypt files and after that forget the password. So what then, all data lost? So, you see that clever solutions are needed, which will bring forth a new wave of solutions, new barriers and new bottlenecks. I wonder if these new startup firms have considered a trainings division, not one that is all about ‘their’ solutions and ‘their’ products, but all about raising proper awareness for Common Cyber Sense.

Training that is meant to give long term knowledge to people working at a firm as well as setting a proper initiation of knowledge with these companies, so that a wave of change will not start a rollercoaster of people jumping from firm to firm, a risk many companies will predict to hit them.

Now it is time for some speculation. I have been thinking on how Sony was hit. I came up with a possible idea on New Year’s Eve. When I wrote this part: “In my view of Occam’s razor, the insider part is much more apt”, my mind started to wander on how it was done.

Speculation on the Sony Hack

The inside story is on the hack of Sony, yes, there was a hack at some point, but, in my view, that is not what actually happened. a destruction was started, but that is not what started it, that is how it all ended. When I did my CCNA (2011), I had the initial idea. You see, hacking is about data at rest, so what happens when the hack is done when data is in motion? That part is often not considered, because it seemingly unmanageable, but is it? You see, when you buy the Cisco books on CCNA you get all the wisdom you need, Cisco is truly very thorough. It shows how packages are build, how frames are made and all in great detail. That wisdom can be bought with a mere $110 for two books.  Now we get to the good stuff, how hard is it to reengineer the frames into packages and after that into the actual data? Nearly all details are in these CCNA books. Now, managing hardware is different, you need some decent skills, more than I have, but the foundation of what is needed is all in the Cisco IOS. The hack would need to achieve two things.

  1. The frame that is send needed to be duplicated and ‘stored’.
  2. The ‘stored’ data needs to be transmitted without causing reason to look into spikes.

I think that ‘hackers’ have created a new level (as I mentioned before). I think that Cisco IOS was invisibly patched, patched, so that every package would be stored on the memory card in the router, in addition, the system would be set to move 2% during the day to an alternative location, at night, that percentage would be higher, like 3-5%. So overnight, most of the data would arrive at its secondary location. Normally CCNP technologists with years of experience will look into these matters, now look and investigate how many companies ACTUALLY employ CCNP or CCSI certified people. To do this, you would need one insider, someone in IT, one person to switch the compact flash card, stating 64Mb (if they still have any in existence) and put the sticker on a 512Gb Compact Flash card. Easy peasy! More important, who would ACTUALLY check the memory card for what was on it? The Cisco people will look at the startup file and only that one. The rest is easily hidden, over time the data is transferred, in the worst case, the culprit would only need to restart the routers and all activity would be completely hidden, until the coast is clear, afterwards the memory cards would be switched (if needed) and no trace of what happened would ever be there. What gave me the idea? Well I wondered about something similar, but most importantly, when I did my CCNA, the routers had 64Mb cards, I was amazed, because these suckers are no longer made, go to any shop and I would be surprised if you can even find any compact flash card smaller than 16Gb. Consider a place where Gb’s of data could be hidden under the eyes of everyone, especially as Cisco IOS has never been about file systems.

When the job was finished, the virus could be released damaging whatever they can, when cleanup starts, every aspect would be reset and wiped, whatever the culprit might have forgotten, the cleaning team might wipe.

So this is my speculation on how it was done, more importantly, it gives credibility to the claims that the hacks are still going on and the fact that no one has a clue how data was transferred, consider that this event was brokered over weeks, not in one instance, who else is getting their data syphoned? More importantly have these people involved in this next cyber wave considered this speculated path of transgression? If not, how safe would these systems end up being?

Let’s not forget that this was no easy feat. The system had to be re-programmed to some extent, no matter how enabling Cisco IOS is, this required top notch patches, which means that it required a CCSI or higher to get it done, more important would be the syphoning of the data in such a way that there would be no visible spike waking any eager beaver to prove themselves. That would require spiffy programming. Remember! This is all speculation; there is no evidence that this is what happened.

Yes, it is speculation and it might not be true, but at least I am not pointing the finger at a military force that still does artillery calculations with an abacus (another assumption on my side).

There are a few issues that remain, I think upping corporate awareness of Common Cyber Sense makes all the sense in the world, I reckon that the entire Cyber Security event in London is essential and it is good to have it in the Commonwealth. This industry will be at the foundation of growth when the economy picks up, having the UK play a centre role is good strategy and if it does evolve in the strongest way, a global financial node with improved cyber protection will lead to more business and possible even better business opportunities. This event also gives weight and view to my writing on January 29th and a few other occasions “As small innovators are given space to proceed and as larger players are denied blocking patents to force amalgamation of the true visionary into their moulding process that is the moment when economies will truly move forward. That is how you get forward momentum!“, this is something I have stated on several occasions and I truly believe that this will be the starting pulse to a stronger economy. It seems that the event creators Alex van Someren of Amadeus Capital Partners, Grace Cassy and Jonathan Luff of Epsilon Advisory Partners, and advisors Jon Bradford of startup accelerator TechStars and Eileen Burbridge of venture capital firm Passion Capital are on such a path. No matter how it is started, they are likely to get a first leg up as these startups will truly move forward. As the event stated: ‘No equity taken’, but it seems to me that on the receiving end of implementing working solutions, finder’s fees and linked contracts could be very very profitable and let’s face it, any surfer will tell you that being at the beginning of the wave gives you the best ride of all.

Let’s see what 2015 brings us, startups tend to be not too boring. Not unlike startups, so will be more waves of speculations on how Sony was hacked, the US government will likely continue on how North Korea was involved and at the centre of it all.

 

2 Comments

Filed under IT, Media, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , ,

November 26, 2014 · 23:50

Perception from the outside

It is hard to write about this. Not because of the topic, but because of the implications that derive from the thoughts I have. You see, I have thus far always had faith in the intelligence branch. When we look beyond the implied Hollywood drama of all matters, the intelligence branch is a dedicated underpaid group trying to keep its nation and its citizens safe. Yet, what lies beneath the veneer when we look deeper into certain matters. Are they for real or are we all played by the press to some extent?

This is at the foundation, as we cannot rely on any first-hand information, especially when the press is part of it, we are left with a question mark. One that might not need answering, but one that should not be ignored, this is at the core of me, for better or worse, I seek answers.

This all started yesterday when I got wind of a Guardian article at the earliest of dawn, as a final paper was due, I just left it to look at later (that later is now). The article is ‘Lee Rigby murder: internet firm could have picked up killer’s message – report‘ (at http://www.theguardian.com/uk-news/2014/nov/25/lee-rigby-murder-internet-firm-could-have-picked-up-killers-message-report-says).

Now, this should be a shock, especially to the family members of Lee Rigby, so why is this even a story? It starts with the first paragraph “Internet companies face intense demands to monitor messages on behalf of the state for signs of terrorist intent after an official report into the death of Fusilier Lee Rigby said one of his killers wrote on a website – later named as Facebook – of his desire to slaughter a soldier, without the security services knowing“, was this written by someone who had a clue? If we consider CNet (at http://www.cnet.com/news/facebook-processes-more-than-500-tb-of-data-daily/), we see that Facebook processes 500 Tb a day, now this is all manner of data, yet consider another indirect connection when we see ‘Tesco director facing questions about lobbying government over dirty chicken report‘ (at http://www.theguardian.com/world/2014/nov/25/-sp-tesco-director-facing-questions-lobbying-government-dirty-chicken-report), the first paragraphs says it all (as far as information goes) “Former FSA chief Tim Smith understood to have warned Department of Health that revealing food poisoning contamination rates could provoke a food scare and damage the industry“, so when we add the text “Tim Smith is understood to have warned the Department of Health in June that FSA proposals for publishing results, which included naming and shaming individual supermarkets, could provoke a food scare and damage the industry“, so when was all this released to the media? how much delay was there? Consider the implication of the statement in there that “it kills around 100 people and makes an estimated 280,000 sick each year“, now we get back to the implied message that might have saved Lee Rigby, if we take that a message in total is no more than 60Kb (it is a lot smaller, but could include graphics), we are looking at 8 billion messages each day (those we make, we forward or share, those we get offered as advertisement). Now, there is more, Facebook has applications with within that application message options. Not one or two, but a few dozen, which means additional messages, like simple online messengers, all that data, now also consider the implied message that the Guardian mentioned. “The report said the authorities were never told that one of the killers, Michael Adebowale, wrote of his murderous intent six months before he and his accomplice, Michael Adebolajo, brutally attacked Rigby in May 2013 in a street near his military barracks and attempted to behead him“, so finding the message, investigating it and acting on it. In well over 2.5 billion optional threats, the National lottery in the UK has better odds of winning a big price in it, so how did all this come about?

Here we get to the issue “The ISC chair, Sir Malcolm Rifkind, accused internet companies of providing a “safe haven” to terrorists but said a despite a string of failings by the security services, which had repeatedly monitored both men before the attack, there was nothing they could have done to prevent the murder of Rigby“, here I start having an issue, particularly with Sir Malcolm. Consider one sincere threat in a place where there are millions of threats, boasts and pranks, all claiming something pretentiously grandiose. It is my believe that Sir Malcolm is all about trying something different and he going about it the wrong way, he is trying to get to Damascus, via Washington and Los Angeles. Not the brightest route to take. Apart from the approach he is implying to take, he is also forgetting about a series of events that he needs to take, which will fail and in the process will enable commercial companies to actually hammer down on consumers in the wrong way. Does Sir Malcolm realise that, or did he intentionally forget about that part?

What did I mean by that? You see, the intelligence branch has access to enhanced statistical algorithms; they match it via other created profiles. Now, normally such a profile is only created when a person has too many flags in his/her name. For example members of an extreme faction, people with links to organised crime and those with additional political agendas. There is a bunch of reasons which will result on the eye of the intelligence community on you. For the most they are checked every now and then and if nothing happens, nothing happens, it is that simple, which an accumulative approach to sifting data tends to be. This is all good and proper; it is a way to protect national interests. For the most they end up verifying that you are not a threat, or not a concern to them, it comes with their territory.

The intelligence branch has resources, they are there, but they are finite. Sir Malcolm seems to be pushing for a change that is extremely dangerous, you see, at some point, Facebook, Google and others will all be shanghaied into becoming ‘volunteers’ in data oversight. They will get all kinds of tax breaks, so there will be interesting benefits for these data farms, but now we get to the real dangers. At one point, they want more and push for a change that will allow these farms access to those advanced algorithms, now we get a new problem, now we see a change where those farms will get to analyse US ALL! they will have the algorithms and the linked data no commercial enterprise should ever be allowed to have, now we will all be set into those who get access (viable as retail commodity) and those who do not matter, we will get marketed into oblivion, but now directly into the realms we use to love, it will be a push to sway us into a direction we never wanted to go, our freedom becomes a point of pressure. Consider, you might love ‘the Office’, once social media digs deep, how much will you enjoy getting 10-20 sales pitches a day on your personal interests? How long until you stop sharing interests?

Now consider the following:

The ISC said in its report: “Whilst we note that progress has started to be made on this issue, with the Data Retention and Investigatory Powers Act 2014 (Drip) and the appointment of the special envoy on intelligence and law-enforcement data-sharing, the problem is acute. The prime minister, with the National Security Council, should prioritise this issue”.

The part not mentioned or looked at is data retention. I wrote about it on October 2nd 2014 in ‘Advice from the press?‘ there I wrote “I am still convinced that if data retention becomes a larger issue, the intelligence community will be lacking in hardware, knowledge and staff to deal with these massive amounts of data, which leaves us open to other issues, yet this is just my view!“, now we see a push that social media will do more scanning.

The next two paragraphs illustrate certain dangers down the track: “Adebolajo, the more dominant of the two, had featured in five MI5 investigations and Adebowale in two, but none found evidence of an attack. The ISC said MI5 made errors and was plagued by delays, but even if corrected none of this would have helped the security service to spot the level of danger posed by the attackers before they struck“, so how could we have kept Lee Rigby alive? The information to the better extent is stating that this would not have been the case and I am not the only one thinking this.

When we consider “The Guardian understands senior figures in MI6 expressed anger at the criticisms in the report. One source familiar with the committee’s work said: “It is fair to say that the chaps across the river are not happy at all.”“, we see another part. This is not just within the UK, the UK needs to protect itself, especially with the ISIS acceleration we see all over North Africa and in the Middle-East; this all requires a new strategy. Data is at the centre of it, that part is correctly seen by Sir Malcolm Rifkind, chairman of the ISC. Yet, my issue is the view the man seems to have in regards to integrity. Commercial enterprises have no integrity and to a larger extent, neither do internet providers. So we have an upcoming issue. The next part you the reader might observe is the part that was not clearly seen in the article and it has been part of the events that miss one item as we see these discussions.

What time is it?

Yes, the timeline! That is part of all this. No matter how lovely that ‘donut’ looks in London, the people there have been delaying with an increased amount of data. I personally would consider it to be in excess of 30% in growth per year, which means that the data collectors and analytical group grows over 100% in size in a little over 3 years, the accumulated requirement for the UK, and beyond that the Commonwealth requires growth beyond that. In my view, letting places like Facebook crunch that data and giving them access to some of these algorithms is clearly a bad idea. In addition, consider that these firms could harbour ‘sympathisers’ to chaos. Once these algorithms gets into other hands, how long until those supporting ISIS and like-minded extremists will get a handle on lowering their profile even further, making this entire approach pointless?

That danger is twofold, storage, which is the non-essential part. As storage seems to become cheaper and cheaper, that part will be decently manageable overall, the other part is the issue, processing power. We can want for all the processors we can, but the power processors of tomorrow are less and less equipped to deal with such a growing load of data. Now consider that this is just Facebook, how much additional data will we need to see mail providers, twitter, Instagram and loads of other multi Gigabyte collecting options. There is no denying that data needs to be looked at, yet direct data crunching is less and less an option. The question becomes how to tackle it, can or even the question should it be tackled like this at all?

That is the dangerous side, isn’t it? When we are confronted with such an abundance of data, why seek the pressured solution? Let’s not forget that the example taken here, namely Lee Rigby, would not have been saved. So why try to seek a solution in such a pressured environment? Consider the lottery example; if 1,000 out of the 5 billion are death threats, we get a number one in 5 million, now we need to tackle these 1000 messages, which ones are genuine? Consider that some are below the radar, which means that some could be WRONGLY disregarded. Add to that the danger of a prank jest where a group and all THEIR friends send one threat regarding a VIP, politician or regent. It would drown out intelligence resources in mere minutes.

So yes, no one denies that something must be done, yet giving social media these responsibilities is not the best idea, giving them access in some way to other algorithms is less a solution, we are in a shift of dimensions, an interaction of data dimensions and profiling intelligence. Consider the NSA data center in Utah, costing over 5 billion in total, in addition, the cost of electricity, manpower and other costs, taking it to an additional 50 million a year (for just one location). Now consider that this centre will need to grow processing power in excess of 50% within two years, how much additional costs will it require? Add to this the energy needs, well over 60 Megawatts, yet within 2 years, that could be closer to 80 megawatts. That means in excess of 10 wind turbines, just for one location, the equivalent of 15,000 households of energy. I think that certain parties are not thinking in the right location, if we disregard the lack of expertise and an offer (in abundance) of revenue based (read commission seeking) expertise, it seems to me that even though data should never be ignored, certain approaches will require a different hand.

Perhaps it is not a new solution they need, but to reinstate a very old one.

Leave a comment

Filed under IT, Law, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , ,

November 14, 2014 · 15:01

Who is guilty?

This is a question we all seem to know, when we hear the words MH-117 and Ukraine. However, is that position a given fact? You see, we all seem to blame and to some extent I also blamed, but it seems to me that I am the only one who is asking the questions that need answering.

Let’s take a look at the events and the sides.

Malaysia Airlines Flight 17 crashed on July 17th 2014. The first fact given and already it is an incorrect one. MH-117 was shot out of the sky. Let’s not beat around the bush, it was shot down with advanced technology. No shoulder held equipment could have done this; it required serious hardware to achieve this. It happened over Donetsk, an area under control of pro-Russian separatists. The only information that seems correct is that this was done by pro-Russian separatists. After this, the press takes a gander and accusations are flying all over the place, several of them pretty wild ones.

The first issue is found here: Evidence from open sources indicated that separatists in Ukraine were in control of a BUK missile launcher on 17 July and transported it from Donetsk to Snizhne (at http://www.kyivpost.com/content/ukraine/journalists-find-solid-russian-ties-to-missile-that-hit-mh17-371161.html). I have a few issues with the Bellingcat report! It can be found (at https://www.bellingcat.com/wp-content/uploads/2014/11/Origin-of-the-Separatists-Buk-A-Bellingcat-Investigation1.pdf).

I think the reader will need to make up their own minds, but let me elaborate on my reasoning. My issue here is that there is no clear confirmation on the photos. Faking social media events is too easy, some pictures are too grainy, the chances and danger of photo editing is too high. The report should have listed all the particulars of EVERY photo, where it was found, when downloaded and then we have other issues, data on a JPG can be manipulated, who took the photo and when.

These events give one clear view in my mind, the Russians are not proven guilty and the separatists are not innocent.

The second issue I have with all this are the Americans. They claim to have evidence, but will not release it. In my mind, if you held the Dutch and Australians in actual high regard, you would have released all footage and data. The next part is pure speculation on my part (just warning you ahead of it all). I think that the Americans have clear evidence and that evidence is that the BUK never came from Russia. I will elaborate on this a little later on in this article. In addition, I am amazed that both UK (GCHQ) and France (DGSE) have not stepped forward with satellite data either. Do you actually believe that in an area, so important for the near future would not keep their eyes on this all? Let us not forget that the Iraq debacle with these satellite pictures, not revealing WMD’s is the reason why most Europeans, actually most non-Americans do not trust America at present. To restore some credibility, they should have released this data, especially as this was a civilian aircraft, shot down by unlawful combatants, meaning non-combatants who directly engage in armed conflict. They are non-combatants as the pro-Russian separatists are members, not part of any recognised national army. So, they are unlawful combatants at best, terrorists at worst (shooting down a civilian plane is regarded as a terrorist act).

It is my personal believe, (again, an assumption, but a likely one) that the fault lies DIRECTLY with the Ukrainian government. Let me explain my reasoning. We know that the Ukraine has BUK units; there is additional information (non-reliable) that former Ukrainian soldiers are part of the pro-Russian separatists. One statement (again non-reliable) is “one militant told reporters that they originated ‘from a military warehouse'”. Yet is this such a stretch?

A linked quote is “The Minister of Interior Affairs Arsen Avakov gave orders to blow up the warehouse with arms and ammunition of military unit 3037 of the National Guard of Ukraine in Donetsk, to prevent the capture of remaining stock of arms and ammunition by separatists” (at http://igcp.eu/hronika-prestupleniy/military-warehouse-burned-down-donetsk?language=en).

Now it is time for my theory (again it is an assumption based upon information I found).

Russian separatists got hold of hardware (weapons, ammunition and vehicles) when they sprang into action. One of the vehicles (a set of three) was a BUK. Now this is not the full answer. You see, to properly operate a BUK you need a trained team, if not then there are a dozen things that will go wrong and as such MH-117 would never have been shot down with one missile, perhaps not even with 4 missiles. Here are my thoughts on the guilt of Ukraine.

The moment this was known, or even suspected that warehouses were raided, the Ukrainian government would have needed to alert all people, especially airlines. This was not done (as far as I know). When the BUK did its job, those in the Ukrainian government went into a blame game mode. More concerning is the chance that America has conformation of my theory, but they desperately need to do business with the Ukraine and this issue would make Ukraine not happy. So there we have it, because ego prevented people from ringing the alarm bell, a plane was shot down. If those power-hungry ‘commanders’ had rung the alarm bell, it is almost certain that MH-117 would have taken another path and these people would be alive today. Ego was the biggest killer, not the missile.

Again, this is based on a theory with limited data, now consider the facts. Do you think that Russia would hand over a BUK with a firing team to separatists? A situation that could escalate so fast, more important, do you think that these soldiers would shoot down a civilian airliner? All answers as I see them are a clear ‘NO!’ in my mind.

However, there were apparently ‘phone calls’ and as far as I saw, only the Daily Mail had them, which means that the ‘evidence’ is worthless, especially considering claims they made regarding FIFA in the past.

Another part comes from the Guardian (at http://www.theguardian.com/world/2014/jul/20/mh17-crash-kerry-evidence-pro-russia-separatists-responsibility) “‘we have enormous input about this that points fingers’ Kerry told CNN’s State of the Union, ‘it is pretty clear that this was a system from Russia, transferred to separatists. We know with confidence that the Ukrainians did not have such a system anywhere near the vicinity at that point of time’” something that was published on July 20th.

It is the last part “We know with confidence that the Ukrainians did not have such a system anywhere near the vicinity at that point of time”. This MIGHT have been true, but where were they all? where is the list of tally for ALL the BUK systems Ukraine has, because the Ukraine does have them. Where are ALL the missiles? you see, i think that pro-Russian separatists did make plans and they needed hardware to create a win. With Crimea there was a bottleneck and pretty much all Crimean’s seem to have wanted to be returned to Russia, Donetsk is another matter, not all seem to prefer Russian return and as such it required military actions. Now, it is definitely possible (more likely than not is the legal term) that Russia would like to ‘assist’ to some extent with the separatists, because they look good if this happens, the idea that some people feel uneasy to join the EU and America is not everybody’s joyous idea. So if Donetsk becomes independent, it would be a good blow for Russia, yet I feel unable to believe that the Kremlin is so moronic (no other word fits the bill), to give access and control of Russian BUK systems to separatists, the backlash would be too hard.

So here we are, America might have evidence and refuses to release it, and we know for certain that separatists are guilty, but Russian guilt at present is not proven. There are too many issues and America keeping ‘evidence’ away is just too unreliable. Where lies the truth?

I have no clear answer, my assumptions are based on logic and factual interpretation of events, but I will admit firstly that I could be wrong too. It is up to you the reader to consider why three large players either have no satellite data or are unwilling to release it. Why?

The other path open now is that Russia could release all their satellite data, but are they willing to do this? Such evidence could exonerate the Russians, but they also have a stake in the fire, for as they give out the separatists, that connection would also be under fire, but would it be to the same extent? Consider that the units responsible are handed over to The Hague and that Donetsk would become a separate state, what would be the dynamic then? This is not a part that needs answering, but it should be looked at.

It will take a lot of time to figure out where the BUK exactly came from, but the louder some shout over the origin of the missile, whilst not handing over the evidence is a worry all by itself.

 

Leave a comment

Filed under IT, Military, Politics

Tagged as , , , , , , , , , , , , , , , ,

October 25, 2014 · 19:08

Price Waterfall Blooper

I am sad to say, I am sorry to report
we have not seen any fraud of this sort
not a win or a gain, but just sadness and pain
are the man plainly vain, they do not travel by train
it will not go to court, yet the profits fall short

as my profits progress to the basement below
as executives go, with no exit fee show
we will wonder awhile, what results they proclaim
as we now still decide, should we name, should we shame
where is the pee double you sea and its dough

So, yes, is this the beginning of arts, the limericks and the consequences of non-accountability?

You see, there is no doubt in my mind that the initial investigation is only the beginning for both Tesco and PwC. Whatever we may think, we can be certain that if Dave Lewis had NOT rung the bell, the mess would be a lot larger then it is at present. I think we should also ring the bell of honour for the whistle blower, because without it Christmas would have been the grimmest of experiences in the UK.

Let’s take a look to the last two days, when Deloitte got its report out (to some extent) as reported (at http://www.theguardian.com/business/2014/oct/23/tesco-profits-black-hole-bigger), we see a few things that do not add up.

  1. He dismissed the idea that fraud may have been involved in the accounting blunder: “Nobody gained financially as a consequence of the overstatement of performance.”“, is that so? You see, there are a few issues that we have; I will step over one of them because I prefer to tackle that part a little further down.
  2. Laurie McIlwee (former CFO) as well as Mike Iddon require closer scrutiny. Mike was a group finance director, planning, treasury and tax. When we see tax, we see a person who will dig, trying to find any cent that is deductible, as a good FD should be, and in 13 years at Tesco, he had not seen anything? Seems rather clumsy doesn’t it? The fact that the accounting hole is a little bigger (15 million is not much when you say it fast), also came with the knowledge from Deloitte that the hole was there for a longer while, so basically, the inflated 265 million, means an inflated payment of taxation, how is that ever a good idea?
  3. So consider Tesco, the size and scope of it. They lose a CFO and a FD, and all along NO ONE at Tesco, I state again, NO ONE seemed to offer to pick up the baton for those months? Even if it was at no extra pay and only for 3-4 months, 99% of the financial industry would be chomping at the bit to pick up the baton, so that they can add this to their resume, it gets even better. It is a win won for whomever picks it up, because if that person does well, then the value of that person goes up by a lot and his/her future, whether within or not with Tesco would be a few steps on the large corporate ladder, even with nothing to gain it ends up being a win/win.

Let’s just face it, I am nowhere near next in line to take command of the 591 Signals Unit at Digby, but if I get the chance because the current commander was on the list to become Air vice-marshal, I would get there running, even if I was still in my pyjamas and was holding only a toothbrush. No matter how well my performance would be, if I made it I would be eligible for a nice challenge at GCHQ, a seriously cool way to skip half a dozen steps on that ladder, now consider that NO ONE had these levels of ambition at Tesco? I truly believe that beside the whistle blower a few more had a clear picture that taking that seat from within would turn out to be nothing less than poisoning their career.

  1. He dismissed the idea that fraud may have been involved in the accounting blunder: “Nobody gained financially as a consequence of the overstatement of performance.”“, now we get to the issue that I have had since day 1.
  2. Consider that PwC had (a reported by the Guardian in an earlier blog) last year; PwC was paid £10.4m by Tesco for its auditing services and a further £3.6m for other consultancy work (a newer version at http://www.theguardian.com/commentisfree/2014/oct/23/guardian-view-tesco-auditing-debacle-pwc-systemic-shambles). This article now shows the following quote: “At the very least, this is a very cosy and lucrative relationship“, which slightly debunks the statement of Dave Lewis via Deloitte regarding ‘Nobody gained financially’; it depends on ‘how’ we regard ‘gain’, when the alternative is losing revenue, remaining at status quo is clearly a gain.
  3. So as we see these two numbers, let’s do a little math, let’s say an auditor makes £65,000 a year (a little less usually), so we now see that the annual fee gives us 153 auditors for a year and an additional 46 auditors for the consultancy for a year, that gives us 199 people going over the books, checking it all. No one saw anything? Now, the reality is not exactly like this, but considering that PwC is one of the big 4, we now have a clear case for some serious questions for 25% of all the large audited companies in the UK, how much taxation was not collected, how many large bonuses and incomes were honoured in such a symbiotic incestuous relationship? No wonder George Osborne has such a hard time, the deck seems to be seriously stacked against him.
  4. There is one more thought that comes to mind, but this one is, as I will happily admit, based on shallow grounds. This was all found by Deloitte in a little over a month, mainly because they knew WHERE to look. But, it is entirely plausible that the whistle-blower just knew about that one thing, what else is there and what has not been found yet?

This is important for two reasons. The first is that it then debunks the statement from Lewis, likely via Deloitte who said ‘He dismissed the idea that fraud may have been involved’, I am not convinced! It took Deloitte to find the obvious over the period of a month. We can consider that the fact brought by a whistle-blower gives weight to intently hiding, if not than this person would have stepped forward internally and the old crowd would have solved it, that did not happen. It is not unlikely that those involved hoped for a quick brush under the carpet, this circus was unlikely anything they ever desired. What was signed off on, by the equivalent of 199 auditors remains a serious issue.

This part we can see in the Guardian quote “The making up of the profits figures was not in a report signed off by PwC. That happened in August – three months after PwC had given the supermarket chain’s figures a clean bill of health. Even then, it noted that there was something potentially funny with the numbers, and expressly warned about “the risk of manipulation” – but allowed them to pass anyway“, so something potentially funny does not warrant digging? Let’s not forget they had the equivalent of 199 people for the year, so plenty of digging resources. If we add the following “It is one of the primary ways in which investors, business partners and regulators can tell the true state of the company they are dealing with“, so not only is there a link to possible fraud, the implied length of this gives reason to suspect intentional misdirection towards investors, which makes the news releases all over the papers on class actions against Tesco a plausible worry for some time to come.

It becomes a much finer point of debate when we consider the following abstract ‘Misreporting in our model covers all actions, whether legal or illegal, that enable managers of firms with low value to make statements that mimic those made by firms with high value. We show that even managers who cannot sell their shares in the short-term might misreport in order to improve the terms under which their company would be able to raise capital for new projects or acquisitions‘ (at http://www.law.harvard.edu/faculty/bebchuk/pdfs/2003.Bebchuk-Bargill.Misreporting.pdf). It comes from a paper by Oren Bar-Gill and Lucian Bebchuk, published at Harvard in 2003.

Now we add what they wrote on page 21 “3.4 Creating Opportunities to Misreport, at T=1 managers decide how much to invest in creating opportunities to misreport earnings. The equilibrium level of this investment decision is characterized in the following proposition“. after that it becomes increasingly mathematical, but behold, the initial text ‘whether legal or illegal’, so if the old Tesco gang focussed on ‘legal’, was that the reason they needed to pay an additional 3 million in consultancy (a clear and admitted assumption on my side), yet is that really too weird a thought? Let’s face it PwC signed off on books containing an additional quarter of a billion, which took some time to create.

I know that incestuous is all about keeping it in the family, but the fact that this could possible all be legal is just a little too hard to swallow.

Could it be that both Corporate Law and Taxation Law within the Commonwealth are in dire need of an overhaul? Some might say that it could be an idea to do this before Christmas, to them I say “Bah! Humbug!“, Monday the 5th of January 2015 will be soon enough. It will give Lord Blackwell, Lord Goodhart, Baroness Goudie and Lord Haskel something to look forward to as some might be enjoying a large roast with potatoes, Yorkshire pudding and thick gravy. The Rt Hon Lord Millett has done more than his share in his long career and his Lordship, as right honourably retired can enjoy a second helping of Christmas plum pudding with custard (unless his lordship prefers the challenge of making corporations a little more accountable then the currently seem to be). I would, as blogger Lawlordtobe be happy to lend a helping hand, but I never studied economy or taxation laws, so I would only get in the way, yet I remain available for assistance if need be. I do reckon that the members of the House of Lords who are members of the Joint Committee on Tax Law Rewrite Bills should consider their calendars, especially if the investigation turns out that the Financial Reporting Council (FRC) will be unable to press any criminal charges, to me and likely to all it should be clear that such levels of orchestration must be addressed!

 

Leave a comment

Filed under Finance, Law, Media, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

October 2, 2014 · 11:51

Advice from the press?

So, as we look at the Guardian, we see someone stating that we need an independent monitor. So, what is going on? To be quite honest, at first I thought I was reading a cartoon. The fact that the spokespersons name is Julian Disney did not help matters (and I so love my Disney movies).

Yet, this is not me having a go at a respectable person. I do not know Prof Julian Disney AO; he is a professor of Law at UNSW. Even though those from UTS will always happily have a go at their academic brethren (Australian graduates regard the rivalry between Oxford vs. Cambridge and Harvard vs. Yale to be mere child’s play), we do keep all professors in high regard!

Yet, that does not mean that we will not oppose them when needed and this is as I see it such a moment!

I have been very vocal in the past in regards to the press, their actions and their flaws, their massive flaws. It seems that the press all about ‘self-regulating’ and beyond that it is all about public advocates (so that they will have access to materials. Yet, the intelligence field does not operate in this way. I had a few concerns, which I addressed as “I would have preferred that a clear location would be there to alert someone, even if it was a special appointed judge“, which allows for whistle blowers to the smallest extent, but not one that is open to all. I want to be certain that the information is properly vetted for ‘misuse’ (read: whinge to promote one’s self agenda and career).

So yes, I have issues with the article (at http://www.theguardian.com/australia-news/2014/oct/02/australian-press-council-spy-powers-independent-monitor). My first issue is “The Greens senator Scott Ludlam announced on Wednesday the Greens would not be supporting the next tranche of legislation, which will force telecommunications companies to keep the personal details of Australians for two years“. We have two options here, either the DSD (Australian version of GCHQ) gets all the data, or they get access to the data when properly needed. They opted for option two, which means that telecoms need to hold on to data. Listen up people, this means that your data is safe until there is a direct known threat, which will allow for a ‘data warrant’. So if you did nothing, you will never show up in their lists. To be clear, in America, the NSA opted for solution one, which gives them all your actions and as such you were ‘mined’ for flags. This means that in 99.999657% likelihood (roughly), they never saw you, they mined you with processes, but no person ever saw your actions.

The second quote is “He added that it was critical for the inspector general of intelligence and security, journalists and the community to continue to monitor how the new laws were implemented“, I agree with most of this view, but let’s change ‘, journalists and the community‘ into ‘a special appointed and security cleared judge‘. I have nothing against the proper person monitoring what happens and as I am still in favour of a legal approach, it should be a special appointed judge and let’s keep the journo’s out of that part, for several reasons. Let’s not forget that the Sunday Mirror entrapment sting is less than a week old and we have seen our share of issues, especially when there was some free for all against Julia Gillard, with the questions aimed at Tim Mathieson to be the ‘Ruddy’ cake, the icing and the candles. There are several more issues. I admit we are not as bad as that island on the other side of the planet, but when it comes to trusting the press, we should all have issues, especially as the Sony issue was ignored by ALL!

So, as it stands, at present I will oppose the Australian Press Council on this.

There is however something in the quote “This will affect every man, woman and child and every device in the country. Now the government has rammed the Asio laws through the Parliament today it is now turning its sights on every internet user in the country“, this statement is not incorrect, yet the people (read the press and politicians) are both dancing around one issue, whilst another issue is the real threat. It is not that the Intelligence community has access. They are merely there to stop the dangers of terrorism. My issue from the very beginning has been ‘who else gets to have access‘. Here we see the real danger, which the press seems to be unwilling to voice. Why? Is a company like Telstra too able to ‘uproot’ your careers? That fear was voiced by me in the blog ‘For our spies only!‘ which I wrote on the 26th of September, the issue is not what should get access, but what will end up having access too that is to a larger degree a concern. I am still convinced that if data retention becomes a larger issue, the intelligence community will be lacking in hardware, knowledge and staff to deal with these massive amounts of data, which leaves us open to other issues, yet this is just my view!

Now consider the impact!

What impact could there have been? Well, to understand that, we have to take a look at yesterday’s news (at http://www.heraldsun.com.au/news/law-order/jihadist-sponsor-accused-may-have-made-one-fatal-error-that-led-to-his-arrest/story-fni0fee2-1227075746698). The issue here is not how they got him, but how they almost did not get him. The issue was luck, if the FBI did not have a record on all 12 Americans in Syria, we would not know. Hassan El Sabsabi was allegedly funding people to join Islamic State. He would still be in business, and your money on pizza would have gone to support Islamic State. What a lovely meal you would be having then. Was it perhaps the peperoni supreme?

If ASIO had the data and the scripts would have been running, it is likely that he would have been known earlier, more important, who else is doing this? If they funded a non-American they could still be in business and perhaps they still are. There is no evidence that there was only one person doing this, there is evidence that he is unlikely to be the only one. Did you sign up for your Pizza, your Salad or your Sushi to be the foundation for another terrorist? No! So let ASIO do their job! In this case the press will only advice on the things that further their OWN cause, which tends to be circulation and advertisement. That part has been in the foreground in such a blatant way, that I feel no other option then to oppose the view Professor Disney is offering. Possible we will see more information on what happens next and perhaps the Professor will sway my view. I do not think so, but ignoring voices of wisdom tends to be silly and polarising, which serves no one, not even me, myself and I.

What other issues are there?

Well for me that is pretty much it. I believe that access needs to be monitored and no one beside the Intelligence community should have access and that will, at present not be a given. However, I am very much in favour of the press not getting access at all. Yet, the article by Paul Farrell seems to be written with the ‘intent’ to instil fear. A fear we should not get into, for the very reason that it is fear that they are trying to remove and is achieved by people not looking over their shoulder, especially a group of journalists who seem to give into appeasing advertisers, the one group we do not want to see anywhere near these amounts of data.

 

Leave a comment

Filed under Law, Media, Politics

Tagged as , , , , , , , , , , , , , , , ,

September 24, 2014 · 21:12

Are they the real losers?

Yes, it is a nice new day and to be quite honest, I feel ashamed that fellow gamers and fellow men on the internet are starting to show that many are the type of person, real man are disgusted to know.

Let’s have a look at the facts lately. First we get the 101 naked celebrities, which, fair enough could have been done by any over enthusiastic (read: horny) teenager. That does not make it OK or any way acceptable. Then we get the persecution of Anita Sarkeesian and Zoe Quinn for the most ridiculous of reasons and now, because an actress speaks out for all women, you know, through that usage of ‘freedom of expression‘, she now gets haunted by hackers, posting her stolen images (because she was wearing not that much) to scare her and to ridicule her and finally there was Caroline Criado-Perez who had a really nice idea and got threatened because of voicing the idea.

You see, I am very willing to do something about it, but I am not that good a hacker. I can remove them with a sniper rifle pretty efficiently, but that gets me into hot water (the Crimes Act of NSW 1900 gets a bit iffy at this point) the police seems unable to do anything about the victims, but the hackers will apparently have all the rights to protection and privacy. I am willing to test these rights.

So, here I throw down the gauntlet! Because, I am sick of these cowards feeling safe and secure. I challenge these groups of so called ‘greater than life‘ hackers to prove their greatness and find those hackers who did this to Anita Sarkeesian, Zoe Quinn, Emma Watson and Caroline Criado-Perez. I think the people (and me) have a right to know, so I challenge the hackers to find them, post the evidence as well as their identity and address on all places, as well as 4chan. If the press is so into ‘the people have a right to know‘ then let’s find out who they are. It would also be nice to know who hacked the celebrity mobiles and add those names and identities too.

Let us find out whether there are real men amongst those hackers, who would like to get recognised as the man who gave us the names of these hiding cowards. If these people claim a right to ‘privacy’, let us recall a tweet that was send to Caroline Criado-Perez. The tweet ended with “NO MEANS YES“, let us test that theory!

You see, I reckon that once they are out in the open, the game changes. Their neighbours will point at them. Those guys in school who were always smitten with Hermione Granger will want to prove to their hero actress that they will stand up for her. These fathers living nearby who have seen their darling daughter cry because she got bullied, will feel the rage of violence boil their blood when they spot them. I wonder how secure their confidence is during the day when they all know who they are.

Did you, the threatener and abuser consider that?

When we look at the piece in the Guardian (at http://www.theguardian.com/women-in-leadership/2014/sep/23/hackers-tried-silence-emma-watson-naked-photos-but-made-her-voice-louder), we see an article that is decent, but substandard. It gives us a psychology part and some referencing, which is how I saw it. Of course the daily star front cover was there. There was a part I did really like. The quote was “Emma Watson did not talk to the UN about the need for equality because all forms of gender discrimination have been eradicated from our world. She spoke about it because every day, in every country, women face violence, abuse or just plain old ignorance”, yet this was countered by the quote that follows “Much as we’ll cheer for the underdog in a sports match, in real life we don’t want them to defend themselves”, which I found offensive. Of course the debate then becomes whether that statement has any truth. You see, if we truly believed that, we would be outspoken about it. The reality is that those acting out against it are cowards, like those old white men in white outfits with burning crosses (KKK reference). These people hold their believe in the dark corners, where no one can see who they truly are, which is why I want these ‘hackers’ out in the open. I am truly curious what we will find and whether we see some crying father on how his son was misled and it was all one big misunderstanding.

The second article http://www.theguardian.com/film/2014/sep/23/feminists-rally-emma-watson-4chan-nude-photo-threats is also decent, but I had a huge issue with the title ‘Feminists rally round Emma Watson after 4chan nude pictures threats‘. I personally believe that the title ‘All real man and real women go to bat for UN spokesperson under siege‘. That would be the title that wakes up nations! Let’s be clear, this is not because she looks nice, is pretty or an actress. I felt the same way when we saw the utter injustice that befell Caroline Criado-Perez.

The question is how to deal with these people, because they are tearing at the foundation of our freedom, not just the woman, the men are in equal danger. If you doubt this, then ask the father of Emma, the parents of Caroline. Do you have a daughter? It could even be a son, what happens when your child speaks out against injustice? Then what do we do? Let them be victims to some coward, who does not believe in their freedom of speech, their freedom of expression or their support to a person they ‘hate’.

I believe that they fear the light and accountability, so let’s give them some bright light to bake under. Even though the intelligence community has a few other priorities, can you guys (NSA, GCHQ, DSD, DGSE and FAPSI) make it into a competition (perhaps for your interns)? The first correct publication is worth 4 gold stars, second place gets 2 gold stars and third gets one star and the rest will have to fend for the next round. Like a hacker Olympics for signal intelligence.

Seems like a harmless enough sport and let’s face it, the hacker wants a challenge, he/she is baiting you to find them! Are you, the upcoming SIGINT officers of the future up to the challenge?

But I very much liked the quote in the end: ““All I can say Emma, is: fuck them,” wrote Rhiannon Lucy Cosslett“, she took the words right out of my mouth!

UPDATE:

At 21:00 the games changed a little. It seems that the threats against Emma Watson were a viral marketing ploy. (at http://www.abc.net.au/news/2014-09-24/emma-watson-threats-actually-stunt-to-shut-down-4chan/5766882). In my mind there is no change, the others were victims of harassment and psychic assault. Yet, these issues have other issues too. You see, the origin of 4chan was nice, clean and pure. It was altered by some to be used in other ways. It was the brainwave of the then 15 year old Christopher Poole who was into Japanese comics and anime. there is a lot more to 4chan. I found a reference to ‘A 21-year-old man was arrested after 4chan had provided the police with the IP address of the poster.’, so 4chan is more then just trollers and hackers. Which makes the actions of the company Rantic more then just a little dubious. Yet all is not clear there either as the ABC has one excellent quote “The #shutdown4chan hashtag gained some momentum on Twitter, but some users raised concerns that it aimed to eclipse conversation about Watson’s gender equality speech“, which beckons the thought, what exactly is going on and perhaps 4chan is not the nuisance, but the saviour for the message that prevails with #heforshe and whether they could do something extra to spread the message Emma Watson had for all people visiting the internet.

So was my article right or wrong? In the end, the issue I had remains and remains clearly. The press acted directly and corrected as soon as they had the information, the question becomes what about the other victims?

Leave a comment

Filed under Gaming, Law, Media, Military

Tagged as , , , , , , , , , , , , , , ,

September 11, 2014 · 22:28

Enabling cybercrime!

Yes, we are all in the unintentional habit to enable cybercrime. Yet what complications do we face when the one enabling it is not you, me or Joe Worker, but Microsoft or Apple? Where do we stand when we are confronted by companies, so driven by what I consider the useless drive of greed through Marketing, whilst ignoring the technical support department? Do not claim that it does not happen, because I have been witness to such events (though not personally at Microsoft or Apple).

It did not just start with the affair of the 101 nude celebrities, yet it is at the core of the visibility that it drives. It is not with the push by so many to get forced towards Google Search and Facebook Messenger, but that is definitely the debatable event pushing the worry, fear and quite honestly the total distrust of greed and marketability that is overtaking what some seem to laughingly refer to as ‘technological improvements‘.

In this age, we see a growing drive for ease and ‘comfort’, yet a lot seems to be enabling cybercrime and exploitation.

We got the ‘Fear Google‘ event and the expose with a non-dressed Jennifer Lawrence has been cancelled (at http://www.independent.co.uk/news/people/jennifer-lawrence-and-kate-upton-nude-photos-exhibition-cancelled-after-artist-finally-concedes-the-images-were-stolen-property-9723751.html).

Perhaps I am too much of a cynic, but the text “Though not, says the artist behind it, due to legal reasons. But instead because he’s had a moral change of heart“, how about the truth (as I consider it to be), ‘the pressure of Jennifer Lawrence has given my expose ALL the publications I needed‘. Seems to be more honest, also, the fact that her lawyer Lawrence Shire, especially if he is the Shire related to Grubman Shire, might have taken away whatever courage he thought he had to continue. I leave it up to the reader to form their own mind.

Yet this is not about that, but it could be.

Consider the following issue, which I witnessed myself today. The setting is simple. She uses her smartphone and for the most never ever uses Skype. Yet, she has a Skype account on her notebook. She needed Skype on her mobile, which was easy enough, yet after installing it, we have lost 4 hours and half a dozen attempts to reset her password.

Skype1

 

 

 

 

 

  1. We enter Skype.
  2. Password lost, which means another browser.
  3. We enter mail details.
  4. We use the received code to enter a new password
  5. We go to Skype, yet the linked identity does not work.
  6. We start again from step 2.

As you can see in the diagram, for some reason, the Skype name and the android Skype are not updated or linked. Even as a technologist it took me a while to see through this and Microsoft is not much help either. If we consider I had dozens of attempts without any repercussions, how long until someone starts trying to get into someone that actually matters?

The issue I showed two days ago (at http://thenextweb.com/apple/2014/09/01/this-could-be-the-apple-icloud-flaw-that-led-to-celebrity-photos-being-leaked/) gave some indications of what is going on. Now we see another level on Skype that calls certain matters into question, more important that the Skype android cannot get updated for some reason, so there is even more going on now, especially as the issues surrounding android Skype seem to have been around since 2012.

This is not the only issues that are out on the works; it seems that Microsoft OneDrive has similar issues of security. There we see that you cannot limit the one drive to be ONLY accessible by certain devices, with cyber-crime on the rise to this degree, we see another mass collecting point, where the people behind it seem to be dancing to the music of Marketing and the mere simplistic need of the matter, as a technologist would mention it is not there. It is likely the same kind of answer I heard in the past “We will get to that in the next edition” or “Let’s get this ‘solution to’ (read revenue from) the customer first“, solutions where the technologist is not at the centre of it all.

Only AFTER some got to admire the Jennifer Lawrence’s chest section do we now see the headline “Apple Says It Will Add New iCloud Security Measures After Celebrity Hack” (at http://bits.blogs.nytimes.com/2014/09/04/apple-says-it-will-add-new-security-measures-after-celebrity-hack/), so is this Marketing waking up, or was IT slamming their fist on the table? Either way, those pushing people and business alike to cloudy places of automatic public revelations should now seriously wake up and smell the intrusion on their networks.

Several of these solutions are still not completely up and running, and the ‘patch’ like solutions in place now, are likely no more than a temporary option, whilst the cyber-criminal goes on exploiting other venues of weaknesses. Let’s not forget that the 101 celebrities list sounds nice, but there are globally at least 399 more women who are beautiful beyond believe, and those not into that kind of information are likely interested in the files of Sir Iain Robert Lobban (GCHQ), Andrew Parker (MI5), John Sawers (MI6). Guess what! They are likely to have very secure solutions in their possession, yet can the same be said for Ewen Stevenson (CFO-RBS) or Simon Henry (CFO Lloyds Banking group)? These people all use solutions for presentations, memo’s and other items. In some cases they need connections to keep up and running. How long until we see the power of Cyber criminals as they influence the market? It just takes one unconfirmed message to make a shift in any direction. If people are scared of what a Lone Wolf can do by blowing up things, think of the damage of disclosed financial events bring. We have seen the smallest of restraint in the press in the case of Jennifer Lawrence (but only by using a super computer and exposing the deeds of the members of the press to the Lyapunov stability algorithm), but is that enough?

There is a growing sense of fear and massive distrust. We have seen it start with Facebook Messenger on the mobile, we have seen some people whisk it all away, yet not unlike the laughable Sony Troll, as they mentioned the ridiculousness of the changed terms of service from Sony, we have seen too much blatant abuse from the greed driven data collectors and now, as trust is gone, more people are starting to wonder why their own local governments aren’t truly looking into it and they fear the same flaccid indecisiveness from them when the Financial sector left a large group of the population (not just in America) in utter destitution.

It goes beyond mere ethics; it is an absolute absence of dedication towards consumer protection for the prospering board of directors, which is at the essential fearing heart of many, both wealthy and utterly non wealthy alike.

This all is getting now more and more visibility as we see the growing amount of people in their ‘right to be forgotten‘, yet as we see at the Guardian (at http://www.theguardian.com/technology/2014/sep/10/google-europe-explain-right-forgotten-eric-schmidt-article-29) we see the following quote “Google is currently conducting a grand tour of Europe, with the ten members of its Advisory Council touring seven cities to gather evidence on the developments in the so-called “right to be forgotten” ruling“, in addition we see “The one thing that everyone agrees about this case is that the label it has been given – the “right to be forgotten” – is a very poor descriptor. More accurately, it is about the right to obscure or suppress personal information“, so is that it, or is there more? Well we can consider the part where the absence of any legal obligation on Google to reveal its processes, which renders Google judge, jury, and executioner. So in combination that it is not about forgetting (read deleting), but about obscuring (read less easy to find) will leave an open field for those with better data comprehension. A market where Google is trying to cash in, so instead of everyone finding it, only those paying for certain levels will more easily acquire information. That is not what ‘right to be forgotten‘ was about. Now again we see the press, yet in this case they are not really placed in any blame, however there is a (sizeable) missing level of clarity on what EXACTLY is requested from more than one side, the un-clarity leads to uncertainty with that leading to nothing getting done. So what is in play?

We know that Google’s fortunes are also linked to data, which means that any additional ‘forget me now’ request is impacting the business of Google, not the one, or the 5, but consider every postcode in the world and 5-10 requests from each of those to be forgotten, now it becomes a massive task, requiring thousands of people, working thousands of hours, paid from the at that point medium slim lined coffers of Google, whilst at the same time having to hold onto those records for later reasons, likely including journalistically and/or juridical. So as we look at all these escalations, then Skype, OneDrive and iCloud are not just three identities, they become three entities of threat of the collected data of all, the privacy of them and whether forgotten or not, they are aware of where they kept their information, passwords and snapshots.

The view of technology every person needs to start comprehending, because they all forgot that ease and comfort come at a price, they just did not consider the currency that was linked to that price. Some of this can be seen in the Lifehacker who in February 2013 (at http://www.lifehacker.com.au/2013/02/why-cloud-services-are-so-easy-to-hack/) write “In most cloud environments, there’s no concept of intrusion detection or prevention, and if they are there people don’t know how to use them“, in itself not that amazing a quote, even though it is a year old and in one year many people tend to not educate themselves that much because of the declining comfort levels. Yet at the end he states a more powerful issue: “This week, I’m in London for Data Centre World, paying particular attention to how to maximise efficiency and lower costs in the data centre“, which is at the heart of my issue. Often these factors involve automation and scripting, which when it comes to issues like speed and the prominence of reduced cost tends to leave security in the backdrop. So if you had any reason to fear any of these solutions, then consider one issue “If all your cloud data became public knowledge at 23:00 and in the 8 hours following you had ZERO control“. Would you be worried? If not then sleep on and sweet dreams, if the answer is ‘Yes’, then you need to take some serious time and get educated on the risks and the consequences. I cannot answer the question for you, but when was the last time you actually had such a conversation with your IT person, or with the sales engineer of the sales person who sold you the cloud solution?

Data is currency, when it is open knowledge for all; you end up only having goodwill and an empty hard drive, which is valued at the price of the empty hard drive.

 

Leave a comment

Filed under IT, Law, Media, Science

Tagged as , , , , , , , , , , , , , , , , , , , , ,