Tag Archives: Hackers

September 20, 2022 · 21:13

Equational parts

Today might take a moment. You see I was getting ready to write something else when my brain started to shout in my head. The phrase was ‘shifting sands’. I am uncertain what started that, but when the brain shouts, I tend to listen. I had to look it up as it was kinda familiar but the exact meaning wasn’t clear. The dictionary gave me “used in reference to something that is constantly changing, especially unpredictably” that did not completely helped me, yet a thought was getting hold there. You see, I offered part of my IP to the Kingdom of Saudi Arabia. And even as Amazon and Google decided to ignore the option, I saw the IP for what it was, a stage to something larger and the three elements that it did cover was a lot bigger then the sum of the individual parts, as such I thought I was sitting pretty, even  though I am not great at waiting. So as I was contemplating the individual parts, I suddenly realised that there are additional stages that interact. As such we get “used in reference to elements or parts that are constantly changing towards the engine that supports them, predictable or not” and if I am correct (still uncertain) then the IP picks up a few billion in value. Now, at this point I do not completely care about its total value, but the 20 year sales commission will take a leap forward. So let me try to explain it without compromising the IP. You have a game for example Skyrim, this came has locations and this game has clothing. You can see both as cosmetic parts, but when they become elements of the game they change application. For example cold Skyrim relies on warm clothing, we have (almost) never been been exposed to these elements, but what when that changes? What happens when the bad weather picks up? How useful will a bow be? All elements Skyrim ignored, but what if that is not the case? So what happens when you are dressed for Skyrim and you end up in a place like Valenwood? Now, you can see that when you are in a game like Elder Scrolls or Fallout. But what happens when we go into a game like Diablo? Or even more contextual, I saw today that someone is making Impossible Mission 3, a game franchise that flourished on the CBM64, so some people are picking up the ideas I had and they are evolving them. So what happens when we take the simple game below and make the terminals more interactive and more important, what happens when we do not have limited time, but limited access because elements are still unfound? 

Have you thought of that? I reckon Google did not and neither did Amazon, and no one cares what Microsoft thinks, but Apple remains an option. Now take THAT idea and add the game ‘V’. There on the CBM64, we merely ran from place to place and we were content, but what happens when we add the mini game of Impossible Mission to that game (or the other way round)? 

I had some thoughts in that direction in the past, but I never contemplated a larger stage but when the system is accepted by Saudi Arabia the larger stages become debatable and they become elements of discussion. They are not games, but the same setting applies. The shifting sands elements allow me to grow system one with system two and we get a much larger system 3. Systems like Facebook sort of gave it to you, but they basically added to the junk you had and called it novelty or ‘expanded opportunity’, but we could see that it was merely more for THEM. Yet when these systems are (partially) in YOUR control and you get to decide whether you want system two to enlarge system one? We get a form of system individuality, like a system SHOULD have been all along and that is at the back of my mind (without giving the IP away), as such we could optionally see that the application of shifting sands to a user system will make it truly user friendly, now consider that we add security like WE want it to be, whatever it is. Now we have a new setting, well optionally a new setting but these systems are up to US, like they should have been all along. I just never contemplated it because I was thinking like an American as the expression goes and now I see that more is possible, but the application is a new one, and it is not free of challenges. You see, how can we evolve a closed system? It has to be closed as there is too much cybercrime and cyber theft. There is not a way to make it zero, but we can make it so that only the top tier hackers might get away with it. So whomever the 80 people are that the NAB hires (see previous article), they are all about stopping hackers, whilst the access levels were the ones that required scrutiny. Should you doubt that then consider the news that we got merely an hour ago ‘Major crypto trader Wintermute hit by $160 million hack: CEO’, there we are being told “Decentralised finance platforms and software, which aim to provide crypto-based financial services without traditional gatekeepers such as banks, have been targeted by numerous heists in recent years. The sector is little-regulated and victims of crime rarely have recourse” yes, because hackers really take notice of rules and laws and a bank vault that is open is one they can access, and there is a reason that banks use traditional gatekeepers (pointless or not), the larger stage is that open systems are done for (like Microsoft) a new setting is required and that is what I figured out. I am certain that others have too, but the greed of Fintech is stopping them and as such they lose small amounts like $160,000,000 such is life. And as such the world turns, so congrats you hackers on getting enough to pay next year rent, but at some point Fintech will grow up (or they go out of business). It is merely a matter of time which of the two becomes the winner. 

Advertisement

Leave a comment

Filed under Finance, Gaming, IT, Science

Tagged as , , , , , , , , , ,

August 26, 2022 · 19:34

S.P.I.D.

Yes, we do love our acronyms. There was SPQR (Senātus Populusque Rōmānus), there is RADAR (Radio Detection and Ranging), there is FUBAR (Fucked Up Beyond All Recognition) and my favourite SPID (Stupid people in defence). The last one gets a new level of non-intelligence when we see the BBC article ‘Nato investigates hacker sale of missile firm data’ (at https://www.bbc.co.uk/news/technology-62672184). The article alerts us to “Nato is assessing the impact of a data breach of classified military documents being sold by a hacker group online. The data includes blueprints of weapons being used by Nato allies in the Ukraine conflict.” And to show you just how stupid this is, lets take a look at ‘What did they not see?’, which I wrote on May 1st 2021. There I wrote “Ransomware gangs are now routinely targeting schools and hospitals. Hackers use malicious software to scramble and steal an organisation’s computer data”, in addition to this we have ‘Exposing lies?’ Which I wrote on July 23rd 2019. There I gave the readers “The FBI send their cyber experts and behold, they too agreed that it was North Korea. Even as we were extremely aware that they had no way of doing it, the FBI stood firm on their findings.” These elements matter. They matter because on July 30th 2021 I wrote ‘In retrospect’ where I gave the readers “It goes back when I designed an intrusion system that stayed one hop away from a router table between two points and to infect one of the routers to duplicate packages from that router on that path, one infection tended to not be enough, 2-3 infections needed to be made so that the traffic on that route between two points could be intercepted, I called it the Hop+1 solution, I came up with it whilst considering the non-Korean Sony hack. That  thought drove me to think of an approach to find the links.

So when we see ‘now’ (8 hours ago) that “The pan-European company, which is headquartered in France, said its information was hacked from a compromised external hard drive, adding that it was cooperating with authorities in Italy, where the data breach took place. It is understood investigations are centred around one of MBDA’s suppliers.” This is important because I learned basic issues like data at rest and data in movement A DECADE AGO, as such, how stupid were these people? And that is before we start digging into the ‘compromised external hard drive’ part, who got it compromised, where was IT, how did SE-Unix fail, or are these people even more stupid and they relied on Microsoft? So whilst we understand “a Nato spokesperson said: “We are assessing claims relating to data allegedly stolen from MBDA. We have no indication that any Nato network has been compromised.”” Yes, because admitting to a faulty network is a bad gig for all around. I reckon that this gets shovelled under any carpet as soon as possible, and the criminals? They get to fill their pockets. A stage that has a few issues from the get go and that is before we start digging into “Cyber criminals, operating on Russian and English forums, are selling 80GB of the stolen data for 15 Bitcoins (approximately £273,000) and claimed to have sold the stash to at least one unknown buyer so far.” There is still the issue whether the claim is true, who was the culprit and where did it all go? There are all kind of questions and that is not on the BBC or their fault. What one person claims is another person’s believe and yet another man’s doubt. But there is a rather large problem, the fact that there was an external hard drive, the fact that it allegedly was compromised implies that there are failing policies in place, there are failing IT divisions in play and there is a large amount of military IP in the open. There is a lack of questions and the fact that it is not front page news in EVERY paper is yet another matter. So when we take notice of “A former Nato official said: “There’s a lot of over-classification in Nato but these labels matter. They are applied by the originator of the information and NATO SECRET is not applied lightly.

“This really is the kind of information Nato doesn’t want out there in the public.”” We seem to see the change of a dance, what direction and which tempo is unknown to me. It gives a speculated view that there might be additional damage, but that is speculated and in light of one compromised device the question becomes how was this one undetected for so long and whatever more could be compromised? So when you take a dab at my hop+1 solution, consider that a compromised device indicates that some people of rank in that place were especially stupid. But that could just be me and I merely wonder how the relationship of mundane workers at place X versus the amount of SPID’s in that place becomes an interesting investigation. Merely because there are a whole range of players who would want that data and they are all willing to pay, so these hackers could end up with 10-50 times what they have now. 

Enjoy the day!

Leave a comment

Filed under IT, Military, Science

Tagged as , , , , , , , , , , ,

May 3, 2022 · 04:12

Return of Common Cyber Sense

So, is it the return of CCS, is it Son of CCS? With all the 60’s movie references it can go either way, like Son of Blob, Return of the Predator, the Swamp Man strikes again, take your pick. We can go in any direction. And it all starts with the NOS (Dutch News) article of ‘Hackers stole 3 gigabytes of data from Spanish Prime Minister’s phone’ (at https://nos.nl/l/2427306). There we get exposed to “The hackers who used Pegasus spyware to access the phone of Spanish Prime Minister Pedro Sánchez last year were able to extract 3 gigabytes of information from the device. They also managed to penetrate the telephone of the Minister of Defense, although less data was stolen from it. The hack of the Spanish Prime Minister’s phone came to light by chance during a routine check, it turned out today. The government was informed this weekend. The telephones of all cabinet members are now being searched for the espionage software.” As such we now have two settings, the first one is linked to ‘State of what?’ (at https://lawlordtobe.com/2022/04/24/state-of-what/) where some attacked the NSO on Catalan settings. Now we see that two Spanish governmental targets were out in the open, and its Prime Minister was not too intelligent and lacking Common Cyber Sense. 

So in what universe is it a good idea to put 3GB of data on your mobile? I have (by choice) 224MB of data on my phone (over 6 years) and well over 80% are ASCII files (a collection of articles I have written). 

A mobile phone is a transmitter at rest, no matter how much you run, as such it is a trove of information for any hacker with anti-Spanish sentiments. So in what universe should we see “Spanish opposition parties speak of “a very big coincidence” that the burglary into government telephones is just now becoming known. Others speak of a smoke screen. Already two weeks ago it became clear that 63 Catalan politicians and activists had Pegasus on their phones. Among them were members of the European Parliament, Catalan regional presidents, lawyers and political organisations”? Well the answer is none. You see the setting that we are a witness of shows a massive lack of Common Cyber Sense. And in this consider “Pegasus is sent via apps, a WhatsApp message from friends or acquaintances or an email. When the recipient clicks on such a message, the spy program settles in the phone. Secret services have access to all possible data such as passwords, telephone conversations, location or photos” You see, this is a side that might be on me. People like that have a work phone and a private phone. The work phone has no need for WhatsApp, Facebook, or a whole range of other social apps. Having them on your work phone is folly, extremely stupid and massively shortsighted. When you are a governmental tool (of any kind) you need to adhere to Common Cyber Sense. It applies to any Prime Minister, Defense minister, minister and that list goes on for a while. The only exception might be the cultural minister, but then that person tends to not have any classified data, or classified data of a limited stretch. So when we see “The organisation Citizen Lab, which previously revealed that the 63 Catalans were targeted, is drawing no conclusions about who is responsible for the covert operations against the Catalans. “But the circumstances indicate involvement of the Spanish government,” the authors of the report believe.” OK, that is fair, we are all seemingly nodding towards the Spanish team, but it is assumption. And when we have that stage, the lack of Cyber Sense is making it all into a farce. So whoever hacked the Spanish, might through that have gotten access to two teams for the price of $100,000 per phone. A good deal if any. 

So at what time will governmental teams (on a global setting) decide to embrace Common Cyber Sense, with the added realisation that apps like WhatsApp and several other have no business being on your work mobile? 

In this, my message to these politicians is as follows: You are (for the most) not an A-lister, a movie star or a social media revelation. For the most, you are all governmental tools and you need to take responsibility for the stupidity you employ. Keep personal stuff OFF your work phone, give the hackers a challenge, not a trip to easy street, Common Cyber Sense has reason, take it seriously.

Leave a comment

Filed under Law, Politics, Science

Tagged as , , , , , , ,

February 1, 2022 · 16:07

That first step

We have all heard it, the first step is admitting you have a problem. There is of course debate on WHAT the problem is. I am not any different. I hate stupidity, hypocorism and bot to mention short sighted issues. One of these issues is ‘Tax the rich’, we see all these stupid people screaming ‘tax the rich’ whilst the system is set, there is a tax system, there are tax laws and instead of all screaming to adjust the tax system we see the empty gesture to tax the rich, the rich do not care, they adhere to tax laws, so these laws will PROTECT them. Another issue was seen in ‘Greed and Law helping each other’, I wrote it on July 9th 2021 (at https://lawlordtobe.com/2021/07/09/greed-and-law-helping-each-other/). There I set out the short sighted setting of the Oxycontin setting. I wrote “Yes, there are culprits in this story. You see some sources give us that in 1996 316,000 prescriptions were dispensed, it grew to an impressive amount topping over 14 million prescriptions with an estimated value of $3,000,000,000. The issue we see everyone painting over is ‘prescriptions dispensed’, this is not something that a person can get, it needs a doctor and it needs a pharmacist.” You see there are laws and rules, and they were massively broken by doctors and pharmacists. So when do they go to court? 

It is Reuters who give us today (at https://www.reuters.com/legal/transactional/sacklers-near-deal-contribute-more-opioid-settlement-purdue-pharma-bankruptcy-2022-01-31/) the story of ‘Sacklers near deal to increase opioid settlement in Purdue bankruptcy’, I personally do not believe that members of the Sackler family who own Purdue Pharma LP were completely innocent, yet that is not the setting is it? SOMEONE handed a paper to dispense Oxycontin, a pharmacist handed over the drugs. Yet nearly all of them banked the money and did not ring the alarm bell (some really did that) and those who cashed in on 14,000,000 prescriptions? Why are they not in court? Members of the Sackler family cannot hand over prescriptions, they cannot dispense drugs to people, they can merely distribute to pharmacies. So I do not believe that they are completely innocent, but to go after them and not after the doctors and pharmacies is (as I personally see) immoral. 

Yes, I know that in Torts you go after the money.

So in that setting: “Jeff Bezos, I do believe you owe me $50,000,000 post taxation, pay up please!

But is any of that fair? You might say that fair has nothing to do with it and it is not incorrect but it is wrong. So when Reuters gives us “An agreement involving members of the Sackler family and several state attorneys general could potentially end a legal challenge that has prevented Purdue from exiting bankruptcy, and clear the way for a plan aimed at helping to abate the opioid crisis” my personal thoughts are wondering how many of these state attorney generals went after the doctors and the pharmacies? Justice handed in August 2021 a verdict, ‘Doctor Sentenced To More Than 15 Years In Prison For Conspiring To Distribute Thousands Of Oxycodone Pills Illegally’, there is no way in hell that only ONE doctor did that, so how many are serving 15 years? 

It is U.S. Attorney Audrey Strauss who gives us “Dr. Emmanuel Lambrakis wrote medically unnecessary prescriptions for thousands of oxycodone pills – an addictive and potentially fatal opiate.  Instead of abiding by his oath to ‘do no harm,’ Lambrakis pumped deadly drugs into the community.  Lambrakis put his own greed before his duties as a medical professional, and for that he will now spend a lengthy term in federal prison.” And as stated before, there is no way that there was merely one doctor guilty of that, in addition, there are truckloads of pharmacies that require the same amount of attention and that too is not being done to the degree it had to be done, it is my personal opinion that some state attorneys general’s were lazy and decided to go after the money, go for the easy conviction. Yes, the Sackler family benefitted, but who prescribed? Who handed them over? I see close to nothing on that. It is a simple tax the rich approach to a failing in law and a failing to observe the law and there are clearly a vast amount of doctors and pharmacies more guilty than any of the Sackler family. But we do not get to see that, do we?

As I see it, it started with that first step and the law has a problem, it cannot properly dispense justice to the wrongdoers. It merely went to the richest person and found them guilty. So what happens when it becomes about something more problematic? What happens when someone figures out that any Ponzi scheme can be done online handing the mess to Apple or perhaps Epic systems? So what happens when the hackers find the weakness in something like Nvidia’s GeForce Now service? What happens when 300,000,000 people lose $10-$35 and Epic goes ‘Not my Problem’, and Nvidia goes ‘We know nothing’? Who will end up with that bill of $3,000,000,000-$9,000,000,000 because the people will demand payment and as I see it the Justice departments will be globally clueless on how to proceed. The nice part here is that the court setting makes Apple automatically innocent, they had to open up the system and the people will merely lose their money. 

How a spindled world wide web we weave.

Leave a comment

Filed under Gaming, IT, Law, Media, Politics, Science

Tagged as , , , , , , , , , , , , , ,

October 21, 2021 · 16:45

Political tools

We all daydream and I am no exception. Yet I believe that my brain is bonkers (probably related to the casing it is in). This all started last week when I saw Official Secret (2019), now I need no encouragement to watch anything with Keira Knightley, so when I saw the name, I picked up the title. I saw it was a spy story based on actual events. It was seeing the film that overwhelmed me. The movie was amazing, one that John Le Carre would have ben proud of if he had written it (it was written by history). It was still in the back of my mind when it crossed tracks with an event that started to play out two weeks ago. A man named Sywert van Lienden had allegedly “send a series of critical tweets to ensnare the Dutch health ministry, the tweets were arranged to create pressure”. From my side (not the most popular one) I believe that the Dutch Health department was foolish on a few levels. In the first Twitter is not a reliable source, so ego driven politicians jumped up fast and they did not do their homework by testing the tweet origins. Trolls have been using that method for years, so I think that Sywert was aggressively creative, some will call him deviously sneaky. Yet the two parts gave me an idea. In the proposed setting of all these honourable military complex vendors. You see, hackers are always the ones copying data FROM servers. Now consider the setting that an ammunition maker has devised a new kind of shell, a .50 shell that works like a drill, it might only in part get through bulletproof glass, but the delay and impact pressure will change the course. So the inner part like a mercury exploding bullet, there are a few items that [secret patent content deleted from story

So here we are, a manufacturer who has the inside track that no one else has. However, the Pentagon is not willing to buy it, because there is no need. So the maker engages with hackers to insert a secret file into the RFARP (Russian Foundation for Advanced Research Projects) server. The department also known as “Фонд перспективных исследований” will be hacked (the makers arranged that via another channel), so the hackers upload a similar but not identical one, it even has a fixed flaw that the makers left untouched. So when the CIA makes enquiry the report is given (a little) praise with the setting that they will incorporate that design in the next batch for testing. Now with the Russian data the maker secures an initial order of 50,000 bullets with a larger order coming if the first order proves its worth (and of course it does). A station where the CIA is ‘used’ as a tool for selling hardware the Americans never really needed. 

Now consider the setting as the hackers overwrite the server with an inserted trojan over a seemingly empty damaged file. Now they are in the clear and it becomes a CIA versus GRU game. The stage of what some think they need whilst the deciding players never correctly did their homework. A setting that could make for an entertaining (thrilling) 97.2 minutes.

Just an idea.

P.S. To any Russian investigator, I have no idea how this story got on my blog. (Nudge nudge wink wink)

Leave a comment

Filed under Media, Military, movies, Politics

Tagged as , , , , , , , , , ,

October 3, 2021 · 10:09

The balance of one and zero

I just woke up from the weirdest dream, so take my word on this, this is not about reality, this is entertainment (or the future). The dream was nice and ‘uplifting’ there is nothing not sexy about a dozen women in tight outfits defending a location killing anything in sight. I am sitting in a chair (I think), the women are patrolling the place, there are at least 4-5 women in my room and a lot more outside. But the difference between peace and the other thing is a mere switch. From one moment to another all the women change from tranquil to deadly, waves of attacks start and the women kill whatever comes in view and there is a lot coming their way, yet in the end it does not matter, nearly all are killed, the exercise is over. It was a training, but not one you would see. This was the training of a true AI. You see, AI’s lean differently. They had similar training a child has, but the AI becomes mature a lot faster, a thousand times faster and to teach an AI they get pointers. They literally get data points and point references. This is called aggregated evolution. 

This specific AI is owned by the CIA and the year is 21xx something. 

The evolution happens through what will call an Exabyte drive. The parsing of that data takes a little while and it is done in the background, and the AI takes in every aspect of the training. It makes the AI the dangerous thing it is, and it is truly dangerous. So at this time there are only a few true AI’s, some are economic, some are logistic, some are tactical, some are operational. And only the big players can afford them, a true AI is not some server, it is like making the 1984 comparison between an IBM model 36 mainframe to an IBM PCXT. There are other AI’s, they are not true AI’s, but are a lot similar. They are a lot smaller and they are evolved deeper learning systems. They bring the bacon but only to a degree and the world is in a stage to create stronger AI’s, and as people find cheap ways to evolve their AI, a hacker team is dedicated to finding and hacking streams with data from Exabyte drives. They cannot comprehend the data, but any AI can and the evolution of an AI is worth a lot of money, so as these hackers seek they find the wrong Aggregation file. They find the one that was highly secure, but still someone found a way and got the stream of the CIA and there the problem starts. At some point the wrong one is pushed into a zero (yes, it had to be a sexual reference). But here we get a new lesson, one that as out there, but not the one we envisioned. When you were young, you tried to play with matches and your parents stopped you, just like you were stopped playing with knifes. You were told danger, and evil, bad and dangerous. It was how we learn. An AI does not learn, it does not merely learn the game of chess, it gets handed the history of EVERY chess game ever played. It gets pointers and create the experience, free of morality, free of ‘burden’, so when it gets data it never had it learns in its own way and has no morality baggage, yet what it learns could be anything. The pointers the AI creates evolves it and it makes it worth a lot more. 

So as we turn a page to another time we see a young woman dressed in retro miniskirt (70’s) and tight tank-top, she is looking in a store for a 4K movie, she picks up the Notebook (off course she did) and walks to the counter to pay, but now the stage changes, the operational AI in that mall was fed the CIA drive and recognises the woman, it sees a danger and EVERY system in the mall is now out to kill her and her kind (basically all women overly nicely dressed). The woman has no problems dealing with any attack, the security guards were easily dispersed but it suddenly happens all over the mall, and the security guards and the police accept the alarms that AI’s give them, the AI locks down the mall to protect the people outside but the mall becomes a deathtrap and all the other nice women who have no idea what’s going on are killed almost instantly. Those women who were not alone are suddenly seen as group dangers and women, men and children are executed, the AI never understood foundational stages and disperses as it was taught that a transgressing danger must be killed. And it happens all over the place, not merely in one mall, in any mall that had the same operational AI. 

It becomes over time the dangers that short cuts, hackers and greedy overseers represent, it is not some avoidable setting, when we consider Solarwinds, Microsoft and a few other hacked places, they all gave the goods, but we need to understand that true AI’s have foundational differences. We have seen this in many movies, but did we learn anything? 

You see, we saw periodic tables of what one day might be an AI, we see ‘Knowledge refinement’, we see ‘Relationship learning’ but they are separated entities, and the AI is supposed to operate like this and it does not matter what you think or say, someone will come, someone will be stupid enough to enlarge any AI for a lot of cash and there lies the rub, once we give any true AI the exabyte drive it is out of our hands, we do not get to become ‘caring’ parents, we merely unleash what we have wrought and there is no cautionary tale, because the greed driven will not care. In this the news is already there. Bloomberg gave us a week ago ‘Trained in the American intelligence community, cyber-contractors are now making their expertise available to governments around the world’, and today the Financial Times give us ‘Hackers stole cryptocurrencies from at least 6,000 Coinbase customers’ (at https://www.ft.com/content/43ab875b-2e96-48b7-926d-be17e925f1c3) there we see “by exploiting a flaw in its two-factor authentication system. The news, first reported by Bleeping Computer, comes just a week after the company had to drop its plans to launch a new lending product following the threat of legal action from US securities regulators.” It is followed by a lot of yaba-yaba and with “Coinbase said it had “immediately” fixed the flaw, but it did not reveal when it had discovered the vulnerability or the hacking campaign” we see that whatever it fixed was AFTER the fact and the use of ‘immediately’ indicates that no one was cruising their system trying to find optional defects, so it could happen again. All this whilst there is a debatable situation on the timeline that was out there getting to 6000 clients, so now consider a CTO using hackers to make its system a lot more valuable. 

Are you catching on yet?

Yes, the story I started with was merely the setting for entertainment, a movie or a TV episode, but it is founded on the dangerous premise we see every day, we use servers, we are online and hackers are a danger, yet what happens when we see the adaptation from Bloomberg, who gave us “To meet the surging demand for their services, these firms recruited cyber-operatives and analysts from U.S. intelligence agencies, offering what one former Federal Bureau of Investigations agent described to me as “buy-yourself-a-Ferrari” salaries. For some, their job description evolved from playing defence against hackers to going on the offence, heading attackers off at the pass. Others were assigned to counterterrorism operations, doing for their new clients what they had previously done for their country, and often using the same tools.” These nations evolved their systems with the experts that they could afford. Were they wrong? We seem to forget that US greed allowed for this setting to evolve and everyone wants people with top notch cyber skills. As I see it they did nothing wrong, they merely went where the financial security takes them and when we see the US as bankrupt as it presently is, all those nations get to go on a shopping spree and start a digital brain-drain of the US (and Europe too). 

We are seeing the impact of billion in damage and an almost absent stage of stopping it from happening. Close to a dozen events in this year alone and how long until the damage ends at our desk, the insurance and banks can no longer foot the bill, and that is happening now. We are handed phrases like “Potential future lost profits. Loss of value due to theft of your intellectual property. Betterment: the cost to improve internal technology systems, including any software or security upgrades after a cyber event”, so consider the dangers we saw with solarwinds, at this point there is still debate whether the full extent of that damage is known and it has been more than 6 months. So change back to the AI story I had, when it is an exabyte of data (which is 1,000,000,000 gigabyte), how long until this is parsed? That is before you realise that there is almost no rolling back from that setting, the cost would be?

This is the balance of one and zero, we need a larger change in what people are allowed to do, not because we want to, but because we have to, a change that final needs to pushed to a larger station, and this is not merely against hackers, the greed driven need to be held to account, optionally doing double digits in a holiday location known as Rikers Island. We have entertained ‘fines’ for too long, it only fuelled what needs to be seen as a wave of enriching crime, but that might be merely my point of view on the matter.

Leave a comment

Filed under Finance, IT, Military, Politics, Science

Tagged as , , , , , , , , , , , ,

December 26, 2020 · 01:18

Historic view versus reality

We all seem to have views, it is not wrong, it is not bad it is not evil, it merely is. I saw in 1998-2002 how governments sat on their hands, how lawmakers sat on their hands (and optionally on their mistresses) and they all vocally agreed that hackers were nothing more than a nuisance, and as I see it the traitor Bradley Edward Manning (aka Chelsea Elizabeth Manning) gave up secrets that it was not allowed to reveal and gave it to the world. There is no doubt on guilt, there was no doubt on treason, there merely was the act and that was that, it was the first moment where governments got the first clear hint that hackers were a much larger danger. After that came Julian Assange and Edward Snowden. Julian might be many things, but technically he was not a traitor. Edward Snowden was one, and the law again disregarded the steps that were taken, he went intentionally to a place where he might get the most value out of his deeds, Russia picked him up, just to piss of the US, which they were speculatively allowed to do, yet the stage is rather large, more hackers, all under the guise that the law saw them as a mere nuisance, we all got introduced to ransomware, now we see governments hacked through a sunny breeze (Solarwinds), and the voyage does not end. Now we see less than a day ago ‘Hackers threaten to leak plastic surgery pictures’, as well as ‘National Security Agency warns hackers are forging cloud authentication information’, now I do not care for the plastic surgery part, but it is another case where personal and person inclined data is no longer free, the two elements also give a rather large stage for us to place a new premise. One could now argue that hackers are the clear and present danger to personal and corporate needs and as such they can be hunted down and put t death. So from nuisance to global danger, as such when all these mommies cry that their little boys did not know what they were doing, I have no issues putting a HK model 23 to their foreheads and executing them (optionally with silencer as to not scare the neighbours). 

I think it is time for lawmakers and government administrative types to wake up and smell the situation, and in this, perhaps some remember the words of Martin C. Libicki in Newsweek (2015) where he pushed the view ‘Cyberattacks Are a Nuisance, Not Terrorism’, well that is not really true, is it? When we see the definition of terrorism we see “The unlawful use of violence and intimidation, especially against civilians, in the pursuit of political aims”, there we see two parts up for debate, the fist is that ‘mental violence’ is still violence and the setting of intimidation is already achieved, the stage we still need to address ‘the pursuit of political aims’, not all terrorism is set to political aims, unless if you call self-enrichment the pursuit of political aims. 

And with ‘National Security Agency warns hackers are forging cloud authentication information’ we see an initial stage where commerce will come to a screeching halt. My IP does not cover for that, darn. But there is the old way (1981-1991), just kill them, be done with it. 

Now some (especially in law) will state that I am overreacting, yet am I? It is the lawmakers that could optionally be seen as cowards, hiding behind their golden calf called jurpisprudence. The law, for the most does a good job, it is not perfect, so be it, but for the most, it is OK. This covers the never trespassers and the limited trespassers, they make up for 75% of all people, then there are the criminals, 24.99%, the law takes care of them, they are repeat offenders, career criminals and as such the law was designed to deal with them, then there is the remaining 0.01%, these criminals are in it for the kill, to create a maximum amount of cadavers physically, mentally and financially, to make life for nearly all impossible, and that golden calf, the law cannot deal with them and we accept that, so we remove them in other ways. We hunt them down and put them to death, and when it is some 16 year old claiming he didn’t know what he was doing, we know, he did it to seem cool, he was willing to make all others suffer, just to look cool, to get the tits, to rub the vagina, his friends never could, as such there is a 9mm solution that solves it, if only his parents had raised him right. 

You think I am kidding?
You forget the poverty line is shifting massively because of COVID-19 and soon the insurances will not cover the impact, the media will merely snigger and cash in on all those clicks they got from the $x donation to an unnamed source, and it is now time to make the long overdue change, before governments are pushed to take away more and more of our freedoms, which will push us into the dark-web, a situation these criminals would love. And it is close to 15 years too late, but in this case it is better to be late to the party than not get there at all. 

Am I overreacting?
That would remain a fair question, I do not believe so as this step is well over a decade overdue, it is not something that was pushed to the top in the last few days, and it is partially due to governments and lawmakers not acting when they could have and especially when they should have, now the dike is levied and people are soon to be drowning and something must be done. From my point of view, to hit terrorists, you hit them harder, so the more extreme you hit these hackers, the clearer the message becomes. And a clear message is years overdue.

In this there is a two step setting, there are the “cool wannabe’s” who are mot likely teenagers, some of them are easy to find and after the first examples a lot of them will hide like cockroaches, but the second tier, the one the media and governments intentionally ignore are those in organised crime, they will be the real challenge and as most governments have nothing on stopping them, at best they can limit the damage, which is basically no solution, that gap will take time, but with ‘hackers are forging cloud authentication information’ less than a week old, there is now a chance that the NSA and other intelligence networks will realise that compromised clouds will have global commercial implications, as such governments must now act, the moment any cloud is openly seen compromised, it will be too late for well over a decade. It becomes a clearer situation  when you consider that global e-commerce was set to ‘Global e-Commerce hits $25.6 trillion’, by the United Nations Conference on Trade and Development (UNCTAD), s how much losses must global commerce endure before we act? Oh and if you think that this is the end? How much more powerful will organised crime become if they only get their fingers on 0.1% ($25,600,000,000)? It will become a sliding scale that goes from bad to worse, and governments knew that, they knew for well over a decade, but their delusions saw other non-solution, like perhaps, it will go away on its own, so tell me when was that ever a solution?

Leave a comment

Filed under Finance, IT, Law, Media, Military

Tagged as , , , , , , , , , , , , , , , , , , ,

August 25, 2020 · 05:21

Games on two levels

The BBC set us in the light of games being played, they are played n two levels, the first one is seen (at https://www.bbc.com/news/technology-53888148) where we see ‘‘Creepy men’ message women on Scrabble Go app’, now in itself it does not raise flags, these things happen, but we see a lot more when we consider “When enabled, players will only receive chat notifications and messages from players they already know and are connected with as a Facebook friend, favourite, or via their synced contacts”, did you pick up on that little part? ‘or via their synced contacts’ is a dangerous step, some people want to play scrabble and not having to deal with the BS, so why did the game not include a mute ALL speech from the very beginning? I will hazard a guess that synching your contacts will be pleasing to the makers of the scrabble game for a few reasons, but that question is not coming from the BBC is it? And “it had also received two about the previous EA app during the first half of 2020” is perhaps a little giveaway. It is all about our contacts. Basic personal security does not see to be the stage gamers are considering when they are offered free games. So even as the BBC ends with “Lisa Forte, from Red Goat Cyber-security, said: “As individuals, we really need to start treating unsolicited online contact with people we don’t know as suspicious until it’s proven otherwise”” and in all this the questions on gathered data is not coning from the BBC, so I am asking it. ‘What data is gathered and who profits?’ It is an essential question, but it is not asked, is it? I see this as a failure to protect consumers and as such there is a failure from government and media to take it into account. The government has a pass. It is not their responsibility to protect people who blatantly install stuff at their own leisure, but in the same side, we see that Apple and Google could be held to account to make sure that NO and I mean NO data is to be gathered via apps in their store, is that the case, or is it not? It is not the app maker that worries me, it is the hacker who uses the app to gather data for their personal needs, that is the larger setting and if the uses would be kind enough to wake up and smell the data they are giving up we might have the start of something sane. Yet the larger issue still plays, the stage of muting ALL from the start would have solved the issue, so why is it not in the app? The story gives out that this is not possible, why is that?

The second level is a little more serious (or so I hope), it is seen in ‘Danish military intelligence head Lars Findsen suspended’ (at https://www.bbc.com/news/world-europe-53889612), well on one side, I was looking for a new job, so I’ll take his, but my Danish is really bad, my Swedish is fine though. But back to the reality, when we see “the Defence Intelligence Service is accused of failing to investigate allegations of espionage in the armed services. It has also been accused of obtaining and passing on information about Danish citizens”, we see the repetition of a two edged sword, the first story implies that the people (including the Danish) have no problem handing over their security and data to any app designer, so when we realise that, what are we doing inspecting the actions of Danish Intelligence? It sounds nice that they have an Intelligence Watchdog, but with data being handed over left, right and centre, the setting is a larger stage and we need to see that we are measuring events to two different standards and we need to wake up because this has been going on for years now and we need to wake up. Oh and by the way, why was Danish Intelligence doing what it was doing? Perhaps it was to keep the Danish people safe (an assumed  speculation), all this whilst I am decently certain that the apps do not have anyones safety in mind, if so the chat would have a mute button from the very beginning, not on the required need to synch contacts. 

 

Leave a comment

Filed under Gaming, IT, Media, Science

Tagged as , , , , , , , ,

June 5, 2015 · 20:58

In reference to the router

Is this a case of Mythopoeia? Am I the JRR Tolkien of bloggers (I wish) and writer of facts by a non-journalist? It might be. You see, this is all about a mythological theme that is constant as war is, because war never changes! Its concept and construct is as old as the first ‘soldier’ who combined a flint and a stick and started to spear people. In this mindset it is all about the other person, an archaic approach to the issue that does not lie beneath, it’s in front of the person not seeing what is right in front of him/her.

It is also the first evidence that we consider the concept ‘old soldier never die, they simply fade away’ to be no longer a genuine consideration. In this day and age, the old soldier gets his/her references deleted from the database of considerations. We remain with nothing more than an old person that cannot connect or interact, the router won’t let him/her!

This is how it begins, this is about certain events that just occurred, but I will specify this momentarily, you see, it goes back to an issue that Sony remembers rather well they got hacked. It was a long and hard task to get into that place Login=BigBossKazuoHirai; Password=WhereDreamsComeTrue;

Soon thereafter no more firewall, no more routers, just the bliss of cloud servers and data, so much data! The people behind it were clever, and soon it was gone and the blame fell to the one nation that does not even have the bandwidth to get 10% past anything. Yes, North Korea got blamed and got fingered and in all that the FBI and other spokespeople gave the notion that it was North Korea. The people who understand the world of data know better, it was the only player less then least likely to get it done, the knowhow and the infrastructure just isn’t there. I did have a theory on how it was done and I published that on February 8th 2015 (at https://lawlordtobe.com/2015/02/08/the-next-cyber-wave/) in the article called ‘The next cyber wave’. It is only a theory, but it is a lot more reliable and likely than a North Korean incursion because of a movie no one cares about.

The FBI has plenty of achievements (FIFA being the latest one), but within the FBI there is a weakness, not a failing, but a weakness. Because the US has such a niche setup for NSA, CIA and other Intel officers, their offices are for the most still archaic when it come to the digital era. They go to all the events, spend millions on courses and keep up to date, but for the most, these people are following a wave that is one generation old, they follow, they do not lead. The entire Edward Snowden issue is clear evidence. I remain to regard him a joke, not a hacker, so far he is just placed on a pedestal by the press, who have created something unreal and whatever they do not to change it, it will only cut themselves. That is the fall-back of creating an artificial hero who isn’t one.

Yet, this is not about Snowden, he is only an element. Now we get to the concept of paleo-philosophy and how it hits government structures behind IT. This all started yesterday (at http://www.theguardian.com/technology/2015/jun/04/us-government-massive-data-breach-employee-records-security-clearances), where we see ‘OPM hack: China blamed for massive breach of US government data’. Now first of all, if one power can do this, than it is China! France, UK and a few others can do it too, but let’s just assume it is not an ally! Here is where the entire paleo-philosophy comes into play. You see, even though war remained constant, the players changed and for the most, it is no longer about governments. This is all about corporations. Even the movies are catching on, there is no true side to Russia or China as the enemy. Yes, their students might do it to impress their superiors/professors, but that would just be there defining moment. Ethan Hunt is not hunting a nation, it is now hunting conglomerates, large players who remain and require to be zero percent taxable. Those are the actual ream enemies for the UK, the US and China. You see, I am not stating it was not China, I am only questioning the reasoning and other acts. You see, I tried to get an answer from State Secretary John Kerry at +1-202-647-9572, who does not seem to be answering the phone, neither is his right hand man, Jonathan J. Finer at +1-7234 202-647-8633. This is not a secret, the State Department has the PDF with office numbers, locations and phone numbers in an open PDF and you can Google the little sucker! In the age where loads of stuff is open the right person can combine tonnes of data in a moment’s notice.

So can the larger players! The quote in the beginning is the kicker “the impact of a massive data breach involving the agency that handles security clearances and US government employee records“, you see loads of this information is already with intelligence parts and counter parts. I reckon Beijing and Moscow had updated the records within the hour that the next record keeper moved into the office. Yet, now in 2015, as the engine starts up for the presidential elections of 2016, that data is important to plenty of non-governments, that part is not seen anywhere is it?

Then we get “A US law enforcement source told the Reuters news agency on Thursday night that a ‘foreign entity or government’ was believed to be behind the attack“, which is fair enough, so how was the jump made to China? You see, only 5 weeks ago, the Financial Review gave us “US Treasury pressures Tony Abbott to drop ‘Google tax’” (at http://www.afr.com/news/policy/tax/us-treasury-pressures-tony-abbott-to-drop-google-tax-20150428-1mu2sg). So as the Obama administration ‘vowed’ to crackdown on Tax avoidance, they are really not the player who wants to do anything to upset those luscious donators of pieces of currency paper (loads of currency paper), so a mere 6 months later the US, is trying to undo what they promised, whilst still trying to push the TPP papers through the throats of consumers everywhere, what an interesting web we weave!

You see, for the large corporation that list of who has access to papers, and his/her situation is worth gold today, for the Chinese a lot less so. Yet, I am not writing China off as a possible culprit! Let’s face it, they are not North Korea, which means that they do not need to power their router with a Philips 7424 Generator! So at this point, I would tend to agree with Chinese foreign ministry spokesman Hong Lei who branded the accusations “irresponsible and unscientific” at a news briefing on Friday.

Now we get to the quote that is central to the entire paleo-philosophy matters: “DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion”, first of all, I am not having a go at the DHS. I have done so in the past with good reason, but this is not that case. I think that in many areas government in not just falling behind, it started to fall behind in 2005 and has been falling behind ever since. Not just them though, organised large corporations like Sony, CVS Health, Valero Energy and Express Scripts Holding are only a few of the corporations that do not even realise the predicament they are in. The Deep Web is not just a place or a community, some of the players there have been organising and have been sharing and evolving that what they know. A massive pool of information, because Data is money, governments know it, corporation know it and THE HACKERS know it too. For them it is all relative easy, they have been living and walking the cloud data with the greatest of ease they can conflict data points and flood certain shared data hosts, only to achieve to get behind the corridor and remain invisible whilst the data is available at their leisure. In that environment the intelligence community is still trying to catch up with the basics (compared to where the hackers are). You see, whilst people in corporations and government are all about politics, those hackers were bout mayhem and anarchy, now they are figuring out that these skills get them a wealthy and luxurious lifestyle and they like the idea of not having a degree whilst owning most of Malibu Drive, a 21st century Point Break, where the funds allow them to party all the time. Corporations got them into that thinking mode. So were the culprits ‘merely’ hackers or was it a foreign government? That is the question I am unable to answer with facts, but to point at China being likely is event less assuring. Consider who gains power with that data? This much data can be up for sale, it can be utilised. In the premise of both, China is not unlikely, but what is ‘more likely than not’ is also a matter, even though that question is less easily answered and without evidence (I have none) any answer should not be regarded as reliable!

Now we get to the quote “Embassy spokesman Zhu Haiquan said China had made great efforts to combat cyberattacks and that tracking such events conducted across borders was difficult” it is correct, it matters and it is to the point. In addition, we must accept that trackers can also be set on the wrong path, it is not easy, but it can be done, both the hackers and China have skills there, as do the NSA and GCHQ. Yet, in all that, with the Sony hack still fresh in memory, who did it, which is the interesting question, but WHY is more interesting. We tend to focus on clearances here, but what else was there? What if the OPM has health details? What is the value of health risk analyses of 4 million people? At $10 a month that is a quick and easy half a billion isn’t it?

You see, the final part is seen here: “DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion”, This is to be expected, but the intruders know this too, so how did they get past it all again? That is the issue, I gave in my earlier blog one possible solution, but that could only be done through the inside person, to be clear of that, someone did a similar thing in the cloud, or in the stream of data, in a way that it does not show. Perhaps a mere pressure of data in a shared cloud point is all it took to get past the security. How many data packages are lost? what intel is gained from there, perhaps it is just a pure replication of packages job, there is no proper way to monitor data in transit, not in cloudy conditions, so as we see that more data is ‘breached’ we all must wonder what the data holders, both government and non-government are not ready for. It is the data of you and me that gets ‘sold’ who does it get sold to?

So as we see an article of a data hack and a photo of routers and wiring, which looks geeky and techy, was this in reference to the router? Or perhaps it is in reference to a reality many in charge are not ready to face any day soon, and in light of the upcoming US elections of 2016, some of these politicians definitely do not want to face it before 2017. Like the Google Tax, let the next person fix it!

A preferred political approach that will allow them to lose exclusivity of your data real fast!

 

2 Comments

Filed under Finance, IT, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , ,