Tag Archives: hacking

Can’t stop the message

That is the name of the game, at times, no matter the source, we cannot stop the message, we can optionally reduce the impact, that is as good as it gets and that has been the centre stage, not for a day, a month, a year, a decade, but for several centuries. The message will get across, history is filled with examples of that all over the world.

So when I wrote “the same model could optionally be used to misinform (or disinform) the person through links that have ‘altered headlines’ One party could use it to flame to larger base of the other party and no matter what claims Facebook makes, the PDF report shows that they are seemingly clueless on how to stop it.” In ‘Presidents are us’ (at https://lawlordtobe.com/2020/07/11/presidents-are-us/) I knew what I was talking about, as such it gives me great pleasure to see the BBC give us ‘ISIS ‘still evading detection on Facebook’, report says’ (at https://www.bbc.com/news/technology-53389657) with the added text “One network’s tactics included mixing its material with content from real news outlets, such as recorded TV news output and the BBC News theme music. It also hijacked Facebook accounts, and posted tutorial videos to teach other Jihadists how to do it. Facebook said it had “no tolerance for terrorist propaganda”.”” They are basically all stages we have seen before and stages we will see again. History has shown that you can not stop the message, you can merely delay the spread and optionally the impact. That is as good as it can get and the fact that we still see: “The researchers believe that at the centre of the network was one user who managed around a third (90 out of 288) of the Facebook profiles. At times, this user would boast of holding 100 ‘war spoils’ accounts, saying: “They delete one account, and I replace it with 10 others.”” People basically never learn. 

And it is not better, not gets to be worse, I wrote in 2013 “This technology should also include Microsoft services including their search engine Bing. Tracking in mobile devices remains a key point. The big advantage of Microsoft’s emerging technology is that it could track a user across a platform.” In the article ‘Patrons of Al-Qaeda’ (at https://lawlordtobe.com/2013/10/22/patrons-of-al-qaeda/) that was more than 6.5 years ago, do you think that these people sit on their laurels?  So if big-tech can be flaccid and automated to keep track of nearly anyone, what do you think that Trolls and Terrorists will use to get their message across and this is not new, it is not news, it is the situation that has been out in the open for years. As the BBC gives us “another key to the survival of ISIS content on the platform was the way in which ISIS supporters have learned to modify their content to evade controls.” Yes! And that is news how? Consider that the top 10 technical universities graduate close to 15,000 every semester, so 3 teams a year. Now consider that these parts can only persuade 0.1% (which is massively low), that implies that these players gain 15 tech savvy experts every 4 months and that is before we add those who cater to organised crime, in that numbers game we see that the government’s involved are not in a place to compete, their infrastructure had been downplayed for close to a decade and as salespeople from big-tech come around on the ease of automation we see that the mess merely gets worse and that INCLUDES several defence departments in Europe, the Commonwealth and America. That is the situation and there will be no release any day soon (except for the tech person on the help desk relying on his right hand, plenty of release there). So when you consider that I was merely looking at 10 schools, and the mess is actually a lot larger, how much of a joke is the entire ‘dealing with election bias’? If players like Facebook cannot stop or largely diminish a group that nearly all want gone, how about a situation where a larger group is in doubt of acting? How many backdoors will be given to the Cambridge Analytica minded people? That question becomes a lot more important when we consider the LA Times giving us less than 5 hours ago ‘How Facebook keeps its biggest advertisers happy’ with the quote “The social media company made nearly all of last year’s $71 billion in revenue from advertising and has worked hard to build relationships with both brands and advertising companies through a clubby network of invitation-only groups called client councils”, do you think that people spending $71 billion are kept happy with “offering everything from birthday cakes to ski trips, and dinners at the Silicon Valley home of its chief operating officer, Sheryl Sandberg.” Do you think that is all it takes? So the people ending up having dinner at that place will also get access and that is where some will be looking, the people with access and that is why the message cannot be stopped, that is why some will persevere and that is before my 5G IP hits the markets. I honestly have no idea to stop some, because some will not be stopped, I can only minimise the dangers, but I am also at the mercy of some Telecom minimisers (or was that mini-misers). Anyway, if Trolls and Terrorists get through 0.5% of the time, those with election needs and other message needs are likely to get through 20-40 times as often and any of the Big-Tech players will remain unable to stop them, unless we employ the bullet through the back of the head solution, this will not ever stop, history has proven me right and the fact that I saw this well over 6 years ago and the BBC got up to speed just now (OK, that was an exaggeration) gives wind to a much larger problem. 

You can never stop the message. Wake up! It is actually that simple.

 

 

Leave a comment

Filed under Finance, Media, Military, Politics, Science

Some small bits

We all see them, we all face them and even as there is no overwhelming story out there, I think it was time to set up a look at the small bits, the parts I have already given view to and now I am adding to them. 

Huawei

The first part is ‘Huawei row: Trump chief of staff to meet Dominic Cummings‘, here we see another media driven attempt to ban Huawei from the UK, the UK is now as much a bitch as the Australian government. So far the US has not given any evidence that the Huawei hardware can be used to spy on people by the Chinese government, so far the US is not even sending that person with a really bad haircut, so that he could compare barbers with Boris Johnson, no he is sending his acting White House chief of staff, Mick Mulvaney. Even after Richard Grenell gives us “to make clear that any nation who chooses to use an untrustworthy 5G vendor will jeopardize our ability to share intelligence and information at the highest level“, in my response ‘what intelligence?’ at present the CIA is regarded as one of the least trustworthy intelligence providers, we could argue that Facebook has better intelligence than the CIA does (hurts doesn’t it?)

Now, if the US had provided intelligence on Huawei several Cyber experts would nitpick that intel, yet the setting is out there, there is no evidence whatsoever, the US is fearing for its life and its economy. The backdraft is also there, any nation will get an advantage over whatever paperback spinal cord is supporting the US without evidence. All because the US cannot control its national corporations, we all must pay.

We can treat “A group of backbench Conservatives also wants Johnson to commit to remove all Huawei kit from British phone networks over time” with optional disgust as well, even as there is no stage set on ‘over time‘, as I personally see it these acts are profit driven, not national security driven, even as some will make a claim in that direction. 

Jeff Bezos

You know the man, the intelligent man with the really long forehead (read: bald), was hacked, it happened in 2018 and the media keeps on blaming the Crown Prince of Saudi Arabia, yet there is no evidence. In light of all that had happened, the idea that any Crown Prince is THAT hands on with an issue is overlooked on several levels. The FTI report reads like a joke and personally, if Mr. Bezos pays THAT much for what I personally see as trash, than I have optionally 4 IP stages, one unfinished book and over a 1000 articles for same for the mere price of $50,000,000 post taxation (50% for the IP and the rest is a gimmick), you see at least I am willing to say that upfront. In addition, his own paper gives us on January 28th “Indeed, in October 2018, Michael Sanchez and AMI entered into a nondisclosure agreement “concerning certain information, photographs and text messages documenting an affair between Jeff Bezos and Lauren Sanchez,” according to three people who have reviewed the agreement. The existence of the contract was first reported by the New York Times. One of those people also confirmed a Wall Street Journal report that federal prosecutors who are investigating whether the Enquirer tried to extort Bezos have reviewed the text messages that Lauren Sanchez allegedly gave to her brother and that he then provided to the tabloid.” as I personally see it several parties owe Crown Prince Mohammad bin Salman bin Abdulaziz Al Saud a few apologies and all kinds of Saudi catering hoping that it will appease his royal highness. On a personal note, I reckon he will be jealous of my yacht by the CRN ship wharves, so as we see the wealth of Jeff Bezos, he might just want to say ‘Sorry!’ to his royal highness and spend 0.5% of his wealth to appease that rather rich party with a yacht (so that mine will remain optionally safe, when it is completed). And no matter how it all get spinned, the UN report needs to be nitpicked and rather quickly, too many questions remain and even as we see that a person with knowledge of the investigation who was not authorized to speak publicly about its progress, or as the Washington Post is skating around the trandsetting term ‘anonymous source‘, which would place them on the same scale as the Enquirer, they give us “It’s possible that the Saudis hacked Bezos’s phone and Michael Sanchez independently got the photos from his sister and some people were trying to get paid and some people were trying to get Bezos,” all whilst there is no actual evidence that the hacker was Saudi, I did away with that quite nicely in ‘6 Simple questions‘ (at https://lawlordtobe.com/2020/02/03/6-simple-questions/), whilst the 6th question ‘Why on earth is the UN involved in an alleged Criminal investigation where so much information is missing?‘ was never answered by any media EVER! (OK, as far as I know).

Yet there is a reason why we bring this all, it is seen (at https://www.inc.com/jason-aten/facebook-says-apple-is-to-blame-for-hacking-of-jeff-bezos-phone.html) where we get introduced to ‘Facebook Says Apple Is to Blame for the Hacking of Jeff Bezos’s Phone‘, with the optional part “Nick Clegg, said that the hacking of Jeff Bezos’s phone wasn’t the fault of WhatsApp, pointing instead to the Apple iOS that powers the iPhone X Bezos was using. Or, at least, that’s presumably what he was trying to say, though his answer when asked by the BBC was largely incomprehensible“, as well as “he argued, “It sounds like something on the, you know, what they call the operate, operated on the phone itself.” To be clear, he didn’t specifically mention Apple by name, however it had been previously known that Bezos was using an iPhone X at the time he was hacked“, I find it debatable, but it takes the court away from the Saudi Crown Prince and a few others, if that hack is not one that NSO Group’s Pegasus or Hacking Team’s Galileo uses, then we have a much larger issue, one that is not identified and even as it takes the Saudi players off the board, it does not take the issue away. The NSO group has loudly denied the entire issue and this gives them the option to do that, so far the FTI report is too shabby, it does not seem to warrant or deny the optional allegations. So as we see: “someone actually took advantage of a vulnerability that WhatsApp itself has already acknowledged was an issue and issued a fix. It’s even more confusing that he attempted to pass the blame to Apple“, I personally feel in agreement with the writer, the entire WhatsApp feels like to comfortable solution, yet that vulnerability was out in the open and there is still no evidence that it was done by Saudi hands, even now, the list of perpetrators is growing, pushing the optionally (and alleged) Saudi players to the bottom of that list. I would advise Brainy Smurf Jeff Bezos that he pays up as fast as possible (and sizeable) before it becomes a behemoth of an issue that a mere sorry and a box of chocolates will not solve. 

Yemen

You might have heard of that place, apparently there are a few humanitarian issues playing and even as we now see ‘UN Condemns ‘Shocking’ and ‘Terrible’ US-Backed Saudi Coalition Bombing That Killed 31 Yemeni Civilians‘, we are given “Those who continue to sell arms to the warring parties must realize that by supplying weapons for this war, they contribute to making atrocities like today’s all too common“, yet the EU and the US are happy that this all continues. My evidence? Well consider that we see today ‘The EU has agreed to deploy warships to stop the flow of weapons into Libya‘, all whilst a similar action in Yemen would have diminished the dangers over two years ago, so how many ships had the EU to set up a blockade to stop weapons going into Yemen? As far as I can tell, there is an unwritten consensus to give as much freedom to Iran as possible. I gave that part in ‘Media, call it as it is!‘ (at https://lawlordtobe.com/2018/11/03/media-call-it-as-it-is/) almost 18 months ago, so why exactly is Yemen not an issue and Libya is? It is oil and everyone is dancing around the stage hoping for a barrel full of the substance. Yet the Yemeni don’t matter, if you doubt that you merely have to read the articles, all about complaints and condemning, not about action packed events, are they? And in all this Xavier Joubert, director of aid group Save the Children Yemen is equally to blame, does he give the stage in a proper setting? Does he give any information on the actions that Houthi forces have been eager to take forward (including those on children)? Nope! So when we see “after Houthi rebels claimed to have shot down a Saudi Tornado jet Friday in Al-Jawf province“, as well as ““possibility of collateral damage”—a common euphemism for civilian deaths“, yet how many enemy troops were there? that part is not given as it takes the power away from their own story, yet the story they give us is out of whack. So whilst people like Lise Grande come up with “it’s a tragedy and it’s unjustified“, all whilst for well over two years a blockade could have optionally limited the damage that could have occurred, yet no one is willing to skate that track, are they?

All whilst we see (at https://www.timesofisrael.com/pompeo-calls-for-action-against-iran-after-us-navy-seizes-weapons-sent-to-yemen/) ‘Pompeo calls for action against Iran after US Navy seizes weapons sent to Yemen‘, a stage that was set this week, we see the laughingly entertaining ‘World’s silence has emboldened Saudi-led war crimes in Yemen: Iran‘, all whilst we see Iranian Foreign Ministry spokesman Abbas Mousavi giving a speech on what he calls War Crimes, at the same stage where they send hundreds of missiles into Yemen, there is only so much hypocrisy I can stomach and Iran is handing us way too much. So whilst the Islamic Republic of Iran continues to defy the UN Security Council, we need to start being honest about the Yemen situation, the EU does not care about Yemen, it has nothing to offer, yet the US has on this occasion stopped one of several Iranian supply ships. I wonder how many were missed, the ongoing war clearly gives rise to the fact that this war will not be over soon and as such more civilians will die, it is the clear consequence of a war.

These are three of the small bits that I am adding today, there have been a whole range of issues I touched on in the last few days, yet these small bits are important parts to other information I gave out. 

Have a great day, see you all tomorrow

 

Leave a comment

Filed under Finance, IT, Media, Military, Politics

6 simple questions

I have written about it before, yet the article last friday forces me to take more than another look, it forces me to ask questions out loud, questions that should have been investigated as this case has been running for two years, lets not forget the hairy Amazon owner had his smartphone allegedly hacked in 2018.

My article ‘The incompetent view‘ (at https://lawlordtobe.com/2020/01/28/the-incompetent-view/) was written on January 28th. I kept it alone for the longest of times, yet the accusations against Saudi Arabia, especially as that French Calamari UN-Essay writer is again involved forced my hand and the article last friday gives me the option to lash out and ask certain questions that the investigation optionally cannot answer, as such two years by these so called experts should be seen as 2 years by whatever they are, but I have doubt that expertise was part of the equation.

as such we begin with the Guardian (at https://www.theguardian.com/technology/2020/jan/31/jeff-bezos-met-fbi-investigators-in-2019-over-alleged-saudi-hack), here we see the following

NSO said: “we have not been contacted by any US law enforcement agencies at all about any such matters and have no knowledge or awareness of any investigative actions. Therefore, we cannot comment further.”“, which is a response towards the FBI who had been investigating NSO since 2017, which is based on the setting of “officials were seeking information about whether the company had received any of the code it needed to infect smartphones from US hackers

Yet it is the quote “Two independent investigators at the United Nations, Agnes Callamard and David Kaye, revealed last week that they have launched their own inquiry into allegations that Bezos’s phone was hacked on 1 May 2018 after he apparently received a video file from a WhatsApp account belonging to Mohammed bin Salman, the Saudi crown prince“, in this, can anyone explain to me why the UN is involved? I do not care how wealthy Jeff Bezos is and this has nothing to do with the Washington Post, either way this would be an initial criminal investigation, optionally running through the FBI.

  1. Why is the UN involved?

In defence we must observe “WhatsApp has said it believed NSO has violated criminal laws, including the Computer Fraud and Abuse Act, a federal law that is used to prosecute hackers. WhatsApp has claimed 1,400 users were hacked using NSO technology over a two-week period in April-May last year, after NSO was allegedly able to exploit a WhatsApp vulnerability that was later fixed

And again, we see that NSO technology is involved, yet FTI Consulting makes no mention of that part of the equation, more important whether the same atack was used, and in light of all this, we might see ‘NSO was allegedly able to exploit a WhatsApp vulnerability that was later fixed‘, yet when exactly was it fixed? That too is part of the equation.

When we look at the FTI report, other issues become surface materials. Like the quote “The phone maintained an unusually high average of 101MB of egress data per day for months thereafter, including many massive and highly atypical spikes of egress data. Forensic artifacts demonstrated that this unauthorized data was transmitted from Bezos’ phone via the cellular network.” What data was sent exactly? The report gives us: “they provide the ability to exfiltrate vast amounts of data including photos, videos, messages, and other private or sensitive files. It should be noted that spikes resembling these might occur legitimately if a user enabled iCloud backup over cellular data service. Bezos. however. had iCloud backups disabled on his device. Other legitimate causes of spikes in egress data could be if a user willingly uploaded or transmitted large amounts of data via a chat or messaging app. email client, or cloud storage service, but none of these activities were corroborated by GDBA or Bezos.

As such, as FTI Consulting gives us “Advanced mobile spyware. such as NSO Group’s Pegasus35 or Hacking Team’s Galileo,36 can hook into legitimate applications and processes on a compromised device as a way to bypass detection and obfuscate activity in order to ultimately intercept and exfiltrate data. The success of techniques such as these is a very likely explanation for the various spikes in traffic originating from Bezos’ device.” Yet is that what happened? lets not forget that the FTI Consulting report on page 16 states “The following investigative steps are currently pending.

  1. Intercept and analyze live cellular data from Bezos’ iPhone X“, as well as “2. Jailbreak Bezos’ iPhone and perform a forensic examination of the root file system.” steps that are seemingly incomplete and optionally not done at all, as such how did anyone in Saudi Arabia get fingered as the guilty party? It could be the German Cracking Service for all we know stating to Jeff Bezos ‘Copy me, I want to travel‘.
  2. Where is the evidence on the hack and the destination of the hacked data?

There are two parts in this, as I explained earlier, Vice.com gave an earlier consideration with ““Hacking Team was thoroughly owned, with its once-secret list of customers, internal emails, and spyware source code leaked online for anyone to see”” yet the stage that we see here, is merely a footnote in the FTI Consulting report and is given no weight at all.

This leads to the question 

  1. How was the phone of Jeff Bezos infected and where is that evidence?

This could lead to 3a. Who actually infected the iPhone of Jeff Bezos?

Which leads to the last part of last friday’s article and perhaps the biggest smear of all time “New revelations about the alleged hacking of Bezos’s phone have caught the attention of a handful of politicians in Washington who have sought more information about the alleged hack, including whether there was any evidence that Saudi Arabia had infected phones of any members of the Trump administration.” and because of this (as well as more) we get to:

  1. What exactly are the new revelations, as the FTI Consulting report is incomplete.
  2. Where is the evidence that Saudi Arabia infected ANY phones?

You see, someone infecting another person by claiming that they are someone they are not is at the core of this, as such any person in the room could have infected Jeff Bezos’s phone and optionally other phones too. Claiming to be MBS and being MBS are two separate parts. 

In this it was CNN who gave us “The report’s limited results are a reminder that it can be extremely challenging to reconstruct the activities of a determined, well-resourced hacker” and if hat is the setting, we again get to the stage where we cannot tell who infected the system of Jeff Bezos in the first place. As such Kenneth White (formerly with DHS) as well as  Chris Vickery (Director UpGuard) who gives us “other evidence provided by FTI increased his confidence that Bezos was being digitally surveilled“, we do not question that, we merely question the lack of evidence that points to Saudi Arabia as a perpetrator, basically the guilty party is not seen, because no evidence leading there is given, the fact that essential tests have not been done is further evidence still of the absence of any guilty party.

As that stands I merely end with the question:

  1. Why on earth is the UN involved in an alleged Criminal investigation where so much information is missing?

When we realise the small line in the Guardian “An analysis of the alleged hack that was commissioned by the Amazon founder has not concluded what kind of spyware was used” we are given a much larger consideration, if the spyware used is unknown, how can the data spy be seen? This gets an even larger mark towards the question when we consider “Check Point Research, however, recently unveiled new vulnerabilities in the popular messaging application that could allow threat actors to intercept and manipulate messages sent in both private and group conversations, giving attackers immense power to create and spread misinformation from what appear to be trusted sources.” (at https://research.checkpoint.com/2018/fakesapp-a-vulnerability-in-whatsapp/), and another source (at https://www.bleepingcomputer.com/news/security/whatsapp-vulnerability-allows-attackers-to-alter-messages-in-chats/) gives almost the same information and also has the text “Using these techniques, attackers can manipulate conversations and group messages in order to change evidence and spread fake news and misinformation“, the FTI Consulting report gives us nothing of that, and as it does not set the stage of disabling that these were options that were disregarded, we see that this mobile situation might not now or not ever see the light of day with an actual reference to an attacker that will hold water in any court. 

As such the UN will have a lot to explain soon enough, I got there through 6 simple questions, 6 questions that anyone with an application of common sense could have gotten to, I wonder why the UN did not get there, I wonder why FTI Consuilting handed over a report that was failing to this degree.

 

3 Comments

Filed under IT, Law, Media, Politics

The incompetent view

I’ll admit, there are other things to write about, yet this is a larger issue than anyone thinks it is. The previous writers did not ponder the questions that were adamant, and Stephanie Kirchgaessner follows suit (at https://www.theguardian.com/us-news/2020/jan/27/nsa-faces-questions-over-security-of-trump-officials-after-alleged-bezos-hack) when we consider that the focus here is the NSA in ‘NSA faces questions over security of Trump officials after alleged Bezos hack‘. You see, it is not merely the fact that they got the stage wrong, it is the fact that everyone is looking at the stage, whilst the orchestra is missing, so how about that part of the equation and that leads to very uncomfortable question towards WHY the US is tailing on 5G and why it is trying to tailgate into the 5G room. They forgot what real innovation is and Saudi Arabia is seemingly passing them by, a nation that has forever been seen as a technological third world is surpassing the US and it is upsetting more and more people.

The US National Security Agency is facing questions about the security of top Trump administration officials’ communications following last week’s allegations that the Saudi crown prince may have had a hand in the alleged hack of Jeff Bezos“, with this the article opens and basically nothing wrong is stated here, yet when seen in the light of the byline which was “Democratic lawmaker asks agency if it is confident the Saudi government has not sought to hack US officials“, as such it becomes an issue. first off, the question is not wrong, because the US administration has a duty to seek the safety of communications for its coworkers (senators and such), yet in all this, it does become a little more clear when we see “Ron Wyden, a senior Democratic lawmaker, asked the director of the NSA whether he was confident that the Saudi government had not also sought to hack senior US government officials“. You see in the first, Saudi intentional involvement was NEVER established, moreover, the report (I looked at that last week) has several hiatus of a rather large kind, as such the formulation by this 70 year old person is quite the other issue. 

It is my personal conviction that a Fortune 100 company should consider the danger they open themselves up to when letting cyber issues be investigated by FTI Consulting. The entire matter of how infection was obtained (if it was infection), and that the entire matter was instigated by any third party who had gained access to the phone of Jeff Bezos, and in all this enough doubt was raised who got access and more importantly that there was no evidence that this was ANY Saudi official, as such the short sighted “whether he was confident that the Saudi government had not also sought to hack senior US government officials” by a 70 year old who shows issues of lack of critical thinking, no matter what which school he went to when he was half a century younger.

And again we see the reference towards “The senator from Oregon is separately seeking to force the Trump administration to officially release the intelligence it collected on the murder of Jamal Khashoggi, the Washington Post journalist who was killed in a state-sponsored murder in October 2018“, which is another flaw as there was never any clear evidence that anyone in Turkey was “killed in a state-sponsored murder in October 2018“, more importantly, the French UN Essay writer who was seemingly involved in both reports is showing a lack of critical thinking all by herself.

All this whilst Paul Nakasone (director NSA) is confronted with “was believed to have been the victim of a hack that was instigated after he allegedly received a WhatsApp message from the account of Crown Prince Mohammed bin Salman“, the problem is twofold, in the first I personally see the report by FTI Consulting as a hack job, not a job on a hack. There are several sides that give doubt on infection source and moreover there is additional lack of evidence that the source was a Saudi one. More importantly other sources gave away issues on WhatsApp some time overlapping the event, exploits that made it into the press from all sides giving the weakness that any unnamed party could have played to be a Saudi delivery whilst the file was not from that delivery point. Issues that were out in the open and the report gives that FTI Consulting ignored them. It could read that a certain French Essay writer stated ‘I Have a Saudi official and an American phone, find me a link, any link‘, I am not stating that this happened, but it feels like that was the FTI Consulting case. When was the last time you saw an intentional perversion of justice and truth?

And when we see: “The issue is now the subject of an investigation by two independent UN investigators“, we see an almost completed path. When we see all this lets take a step back and consider. 

  1. An American Civilian had his mobile allegedly (and optionally proven) hacked.
  2. The hacker is not found, the one accused cannot be proven (at present) to be the hacker.
  3. This ends up with the UN?

And I am not alone here. Three days ago (after my initial findings) I see (at https://edition.cnn.com/2020/01/24/tech/bezos-hacking-report-analysts/index.html) the headline ‘Bezos hacking report leaves cybersecurity experts with doubts‘, there we see “independent security experts, some of whom say the evidence isn’t strong enough to reach a firm conclusion” as well as “several high-profile and respected researchers, highlights the limits of a report produced by FTI Consulting, the company Bezos hired to investigate the matter“, so basically, the hair lacking CEO, who owns the Washington Post (where Khashoggi used to work) is allegedly hacked, he seemingly hires FTI Consulting on what I personally believe to be a hack job on hacking phones and the UN is using that biased piece of work to slam Saudi Arabia? Did I miss anything?

Yes, I did, the quote “The report suggested the incident bore hallmarks of sophisticated hacking software“, the problem here is that there is no way to see WHERE IT CAME FROM. Yet other sources give out several pieces on WhatsApp and how other sources could have a free go at infesting people. All whilst we also see “the paper revealed a lack of sophistication that could have been addressed by specialized mobile forensics experts, or law enforcement officials with access to premium tools“, all this whilst the entire setting went around the existence of cyber divisions. There is a link Jeff Bezos – Amazon – FTI Consulting – United Nations. At no point in this do we see any police department, or the FBI, why is that?

As such when we see “A key shortcoming of the analysis, Edwards said, was that it relied on a restricted set of content obtained from Bezos’s iTunes backup. A deeper analysis, she said, would have collected detailed records from the iPhone’s underlying operating and file systems. Other security experts characterized the evidence in the report as inconclusive“, I would state that this is merely the beginning.

Rob Graham (CEO Errata security) gives us “It contains much that says ‘anomalies we don’t understand,’ but lack of explanations point to incomplete forensics, not malicious APT actors” and Alex Stamos, the former chief information security officer at Facebook and a Stanford University professor gives us “Lots of odd circumstantial evidence, for sure, but no smoking gun“, in all this the extreme geriatric Ron Wyden (Oregon) is asking questions from the NSA with the text “asked the director of the NSA whether he was confident that the Saudi government had not also sought to hack senior US government officials” with the emphasis on ‘also‘, a stage that is not proven, and more importantly is almost redundant in the hack job we got to read about. As such I am not surprised to see “FTI Consulting declined to comment“, I wonder why?

It is even more fun to see the CNN article have the stage where we see “a research group at the University of Toronto, offered a suggestion that could allow investigators to gain access to encrypted information that FTI said it could not unlock“, as such we see that there are skill levels missing in FTI, for the simple reason that this report was allowed to leave the hands of FTI Consulting, a Firm that is proudly advertising that they have 49 of the Global 100 companies that are clients. If I had anything to say about it, those 49 companies might have more issues down the road than they are ready for, especially as they have over 530 senior managing directors and none of them stopeed that flimsy report making it to the outside world. I would personally set a question mark to the claim of them being advisor to 96 of the world’s top 100 law firms. I would not be surprised if I could punch holes in more cases that FTI Consulting set advice to, in light of the Bezos report, it might not be too hard a stage to do.

CNN also has a few critical points that cannot be ignored. With “The report’s limited results are a reminder that it can be extremely challenging to reconstruct the activities of a determined, well-resourced hacker, said Kenneth White, a security engineer and former adviser to the Defense Department and Department of Homeland Security“, I do not disagree with that, but the stage where WhatsApp had a much larger problem, is a given, and the report does not bring that up for one moment, that report was all about painting one party whilst the reality of the stage was that there was an open floor on how it was done, yet the report silenced all avenues there. In addition, Chris Vickery (Director UpGuard) gives us “other evidence provided by FTI increased his confidence that Bezos was being digitally surveilled“. that is not in question, core information directs that way, yet the fact that it was a Saudi event cannot be proven, not whilst Jeff Bezos is around hundreds of people in most moments of the day, that part is the larger setting and FTI Consulting knowingly skated around the subject, almost as it was instructed to do so.

One expert who wanted to remain anonymous gave us all “There’s an absurd amount of Monday morning quarterbacking going on” as well as “This isn’t a movie — things don’t proceed in a perfect, clean way. It’s messy, and decisions are made the way they’re made“, that expert is not wrong, and he/she has a point, yet the foundation of the report shows a massive lack in critical thinking whilst the report relies in its text on footnotes (as one would) yet on page 3, the text is “Al Qahtani eventually purchased 20 percent ownership in Hacking Team, apparantly acquired on behalf of the Saudi government. 8

all whilst footnote 8 gives us “https://www.vice.com/en_us/article/8xvzyp/hacking-team-investor-saudi-arabia” so not only does the FTI Consulting Job rely on ‘apparantly‘, the article gives in the first paragraph “Hacking Team was thoroughly owned, with its once-secret list of customers, internal emails, and spyware source code leaked online for anyone to see” as such we see ‘spyware source code leaked online for anyone to see‘, how did FTI Consulting miss this? That and the WhatsApp issue in that same year opens up the optional pool of transgressors to all non state hackers with considerable knowledge, as such the amount of transgressors ups to thousands of hackers (globally speaking). 

FTI Consulting missed that! and it missed a lot more. The article also sets a link to David Vincenzetti and for some reason he is not even looked at, there is no stage in the FTI report that his input was sought out, which in light of all this is equally puzzling. He might not have had anything to report, or perhaps he had enough to report taking the focal point away from Saudi players, we will never know, the joke (read: report) is out in the open in all its glory on limitation. 

In light of all this, did the question by Ron Wyden to the NSA make sense? As far as I can see, I see several points of incompetance and that has nothing to do with the one expert stating that this is a messy, the entire setting was optionally incompetent and for certain massively incomplete. 

More importantly, the last paragraphs has more funny parts than a two hour show by Jimmy Carr. The quote is “Anyone who has had communication with either MBS or his brother Khaled should assume their phone is hacked. Congress needs to get answers from NSA on what it knew about the hack of Bezos phone, when it knew it, and what it has done to stop Saudi criminal hacking behavior” and it comes from CIA analyst Bruce Riedel. Now, the quote is fine, but the hilarious part is how it was phrased (expertly done). Lets go over it in my (super subtle) way: “Anyone who has had communication with either MBS or his brother Khaled should assume their phone is hacked by Saudi, US or Iranian officials. Congress needs to get answers from NSA for a change on a matter that they were never consulted on whilst the report ended up with the UN on what it knew about the hack of Bezos phone, a person who has a few billion and a lack of hair but beyond that has no meaning to the US economy, he keeps all his gotten gains, when it knew when the phone of a civilian was allegedly hacked and, and what it has done to stop Saudi criminal hacking behavior which is not proven at present other than by people who have something to gain from seeing the Saudi’s as the bad party (like Iran), all in a report that is lacking all levels of clarity and proper investigation“, this is an important setting here. Just like the disappearance of a Saudi columnist writing for the Washington Post (another Jeff Bezos affiliate), we do not proclaim Saudi Arabia being innocent, merely that the lack of evidence does not make them guilty, in the present the hacking issue does not make Saudi Arabia guilty, the irresponsible version of the FTI Consulting report shows a massive lack of evidence that makes any Saudi Arabian party more likely than not innocent of all this and as both reports have one UN Female French Essay writer in common, it is more and more like a smear campaign than an actual event to find out what actually happened. Who signed up for that? I wonder if the NSA did, I feel decently certain that until they get all the actual evidence that they do not want to get involved with political painting, their left foot is busy keeping them standing up in a world of hunkered and crouched idiots.

Yet that is just my simple personal view on the matter.

 

1 Comment

Filed under IT, Media, Military, Politics

Heaven is coming

Last weekend some (including me partially) decided to look at the Deep Dive Video of the upcoming Cyberpunk 2077 release. The video (at https://www.youtube.com/watch?v=FknHjl7eQ6o) gives fair warnings, and to be honest, I initially decided to not watch all of it. Not because of anything negative. What I saw blew me away in several ways. If you think that CD Project Red broke the mold with Witcher 3, think again, I am watching something that could establish a totally new level of gaming excellence in RPG, optionally an entirely new level of gaming experience altogether. The video gives two play styles, direct and brutal, as well as stealth and hacking. It also gives caution that footage was edited to minimise spoilers, you get to see an advanced stage of the game, seeing characters ahead of schedule, and so I stopped watching soon thereafter the first time around. The little I saw overwhelmed me. This is what gaming excellence looks like; this is what EA, Ubisoft and several others never learned. To get a game this perfect takes time and even now in pre beta mode, this game surpasses anything brought to gaming before. If the story surpasses God of War 4 (and I have no doubt it might) this could optionally be the game of the decade.

The little I saw was that amazing at present; I watched a little more second time around and saw a little more and a lot I never expected. It is in part the Netrunner side that has so many options and both sides that have so much freedom that this game is not merely a game; it is what some might regard replay heaven, two different sides with different ways to get from one place to another. It seems that CD Project Red has taken time to maximise this world.

I would love to know how William Gibson values this game (the writer of the original Neuromancer), I wold love to see him play this game anywhere and comment on the game and how it aligns with his cyberpunk vision (he is after all the father of cyberpunk). I got into his book when EA created Neuromancer, that game on CBM64 was my introduction to Cyberpunk, so to see that concept mature in Cyberpunk 2077 into something beyond I thought possible, and the fact that any game could surpass the expectations of the imagination of any person to this degree is pretty much unheard of.

Yet, that is how it seems to unfold. For the most I will avoid spoilers to the max and I will when commenting on the game, it will be to the engine and control of gameplay and avoid (whenever possible) leaving any spoilers untouched. I believe that games like this require that as a game unfolds shaping the story, the way I saw it as an option also implies that one person’s spoiler is not another one, the implied impact of solo person (visceral combat) versus netrunner (hacker stealth) could be that large and it is rare to see that unfold. There is one additional part and that makes me happy. Cyberpunk is expected to be released 5 months after Death Stranding and that makes me happy (I feel certain that Kojima agrees), never before has Kojima faced an opponent on his level of gaming experience. The fact that there is genuine concern whether Death Stranding (Kojima) or Cyberpunk 2077 (CD Project RED) is the best is a new level of gaming. Never before was there any competitor going up against Kojima at the same time. The fact that CD Project RED could seemingly equal and optionally surpass Japanese gaming excellence is a new bar on gaming standards and it has been set to the highest possible level, the final days of XB1 and PS4 are going to be awesome, especially in 4K, what a way to end a console cycle!

Be properly alerted that only non-gamers and those who cannot game would avoid these two titles, or better stated the titles that will be on their system only (Death Stranding is exclusive PS4), and let’s not forget that as it seems to be now, the makers of Witcher 3 surpassed what they did there and that game ended up being a 93% result. A stronger message towards Ubisoft to focus more clearly on gaming excellence could not exist.

 

Leave a comment

Filed under Gaming

What did I say?

Last night I got a news push from the Washington Post. It took me more than a second to let the news sink in. You see, I have been advocating Common Cyber Sense for a while and apart from the odd General being ignorant beyond belief, I expected for the most that certain players in the SIGINT game would have their ducks in a row. Yet, the opposite seems to be true when we see ‘NSA contractor charged with stealing top secret data‘ (at https://www.washingtonpost.com/world/national-security/government-contractor-arrested-for-stealing-top-secret-data/2016/10/05/99eeb62a-8b19-11e6-875e-2c1bfe943b66_story.html), the evidence becomes blatantly obvious that matters in the SIGINT industry are nowhere near as acceptable as we think they are. The quote “Harold Thomas Martin III, 51, who did technology work for Booz Allen Hamilton, was charged with theft of government property and unauthorized removal and retention of classified materials, authorities said. According to two U.S. officials familiar with the case, he is suspected of “hoarding” classified materials going back as far as a decade in his house and car, and the recent leak of the hacking tools tipped investigators to what he was doing“, so between the lines we read that it took a mistake after a decade for the investigators to find out? No wonder the NSA is now afraid of the PLA Cyber Division!

In this light, not only do I get to tell you ‘I told you so‘, I need to show you a quote from July 1st 2013, where I wrote “So if we consider the digital version, and consider that most intelligence organisations use Security Enhanced Unix servers, then just accessing these documents without others knowing this is pretty much a ‘no no’. EVEN if he had access, there would be a log, and as such there is also a mention if that document was copied in any way. It is not impossible to get a hold of this, but with each document, his chance of getting caught grows quicker and quicker“, so I questioned elements of the Edward Snowden case, because my knowledge of Security Enhanced Unix servers, which is actually an NSA ‘invention’, now it seems to become more and more obvious that the NSA has no flipping clue what is going on their servers. They seem to be unaware of what gets moved and more important, if the NSA has any cloud coverage, there is with this new case enough doubt to voice the concern that the NSA has no quality control on its systems or who gets to see data, and with the involvement of a second Booz Allen Hamilton employee, the issue becomes, have they opened up the NSA systems for their opponents (the PLA Cyber division being the most likely candidate) to currently be in possession of a copy of all their data?

If you think I am exaggerating, then realise that two people syphoned off terabytes of data for the term of a decade, and even after Snowden became visible, Harold Thomas Martin III was able to continue this for an additional 3 years, giving ample worry that the NSA needs to be thoroughly sanitised. More important, the unique position the NSA had should now be considered a clear and present danger to the security of the United States. I think it is sad and not irony that the NSA became its own worst enemy.

This is seen not in just the fact that Harold Thomas Martin III moved top secret data home, whilst he was at work a mere FSB or PLA intern could just jimmy the front door and copy all the USB devices. So basically he was potentially giving away data on Extremely Low Frequency (ELF) systems, which would be nice for the PLA Cyber Unit(s), as they did not have the capacity to create this themselves. So whilst they were accused for allegedly trying to get a hold of data on the laptop of Commerce Secretary Carlos Gutierrez (2008), they possibly laughed as they were just climbing into a window and taking all day to copy all the sweet classified data in the land (presumption, not a given fact). So he in equal measure pissed off the US, India and Russia. What a lovely day that must have been. In that regard, the Affidavit of Special Agent Jeremy Bucalo almost reads like a ‘love story’. With statements like “knowingly converted to his own use, or the use of another, property of the United States valued in excess of $1,000“. Can we all agree that although essential and correct, the affidavit reads like a joke? I mean that with no disrespect to the FBI, or the Special agent. I meant that in regard to the required personal viewed text: “Harold Thomas Martin III, has knowingly and intentionally endangered the safety and security of the United States, by placing top secret information and its multi-billion dollar value in unmonitored locations“, I do feel that there is a truth in the quote “The FBI’s Behavioural Analysis Unit is working on a psychological assessment, officials said. “This definitely is different” from other leak cases, one U.S. official said. “That’s why it’s taking us awhile to figure it out.”“. It is my personal view that I agree with this, I agree because I think I speculatively figured out the puzzle. He was a reservist, Reserve Navy and a Lieutenant at 51. So the Navy might not see him as ‘full’ or ‘equal’, this might have been his way, to read these documents at night, knowing that they will never have this level of clearance for such an amount of Top Secret information. With every additional document he would feel more in par with Naval Captains and Admirals, he would feel above all the others and if there was ever a conversation with people who did know, he had the option to leave the slightest hint that he was on that level, perhaps stating that he was also an NSA contractor. He star would suddenly be high with Commanders and higher. It is a personal speculation into the mind of Harold Thomas Martin III.

When we look at 18 U.S. Code Chapter 115 – TREASON, SEDITION, AND SUBVERSIVE ACTIVITIES. We see at paragraph 2381 “Whoever, owing allegiance to the United States, levies war against them or adheres to their enemies, giving them aid and comfort within the United States or elsewhere, is guilty of treason and shall suffer death, or shall be imprisoned not less than five years and fined under this title but not less than $10,000; and shall be incapable of holding any office under the United States“, now if we see the following elements ‘giving them aid and comfort within the United States‘ and the other elements are clearly stated as ‘or’ a case of treason could be made. In my view a person like that was guilty of treason the moment Top Secret materials were removed or copied from there assigned location and without proper clearance moved to an unsecure location. As an IT person Harold Thomas Martin III should have known better, there is no case of presumption of innocence. The fact that I made a case that he might have a mental issues does not mitigate it in any way, to do this in excess of a decade and even more insidious to do this for years after Edward Snowden got found out is also matter of concern.

The NSA has a sizeable problem, not just because of these two individuals, but because their servers should have has a massive upgrade years ago, in addition, the fact that contractors got away with all this is in equal measure even more insulting to a failing NSA. I can only hope that GCHQ has its ducks properly in a row, because they have had 3 years to overhaul their system (so tempted to put an exclamation mark here). You see, we have all known that for pretty much all of us, our value is now data. No longer people, or technologies, but data and to see 2 cases at the NSA, what was once so secret that even the KGB remained clueless is now, what we should regard as a debatable place. This should really hurt in the hearts of those who have faithfully served its corridors in the past and even today. In addition, the issues raised around 2005 by the CIA and other agencies regarding the reliability of contractors is now a wide open field, because those opposing it and those blocking data integration are proven correctly.

This now gets us to a linked matter. You see, it is not just the fact that the government is trailing in this field, because that has been an eternal issue. The issue is that these systems, due to the likes of Harold Thomas Martin III and Edward Snowden could be in danger of intrusions by organised crime.

For those thinking that I am nuts (on the road to becoming a Mars bar), to them I need to raise the issue of USB security, an issue raised by Wired Magazine in 2014. The fact that the USB is not just used to get data out, if malware was added to the stick, if it was custom enough, many malware systems might not pick up on it and that means that whomever got into the house, they could have added software, so that on the next run to copy a project, the system might have been opened up to other events. There is no way to prove that this happened, yet the fact remains that this is possible and the additional fact that this was happening for over 10 years is equally disturbing, because it means that the NSA monitoring systems are inadequate to spot unauthorised activities. These elements have at present all been proven, so there.

I think it is time for TRUSIX to convene again and consider another path, a path where USB sticks get a very different formatting and that its embedded encryption require the user, the location and the hardware id to be encrypted within the stick, in addition the stocks need to work with a native encryption mode that does not allow off site usage. Perhaps this is already happening, yet it was possible for Judas tainted Highwayman Harold to walk away with the goods, so something is not working at present. I am amazed that a system like that was not in place for the longest of times. I certainly hope that Director Robert Hannigan at GCHQ has been convening with his technology directors. In addition that there are some from Oxford and some from Cambridge, so that their natural aversion to the other, will bring a more competitive product with higher quality, which would serve all of GCHQ. #JustSaying

The one part where this will have an impact is the election, because this has been happening during an entire Democratic administration, so that will look massively sloppy in the eyes of pretty much every one, too bad Benghazi emails were not left that much under the radar, because that could have helped the Clinton election campaign immensely. Still, there are technology and resource issues. The fact that Booz Allen Hamilton gets mentioned again is unfortunate, yet this should only be a partial focus as they have 22,000 employees, so statistically speaking the number of transgressions is in that regard insignificant. What is significant is how these two got vetted and passed all their clearances. In addition to this there is the issue of operation centres. You see, if there has been data breaches, have there been system breaches? The question derives directly from the fact that data was taken off site and there were no flags or alerts for a decade. So at this point the valid question becomes whether NSOC and NTOC have similar flaws, which now places US Homeland Security in speculated direct data dangers. My consideration in this regard came from earlier mentions in this article. If any US opponent has a clue in this regard, what would be the repercussions, in addition, the question (due to my admitted ignorance) would be, did Edward Snowden have any knowledge of Harold Thomas Martin III, if so, was this revealed in any conversation Snowden would have had with a member of the FSB (there is absolutely no doubt that they had a ‘conversation’ with Edward Snowden whilst he was in sunny Moscow. If so, what data dangers is Homeland Security facing? If data was copied, it is not impossible that data was moved. If that has happened, any data event with any specific flag?

Now the next example is purely fictional!

What if conditionally an <!important> (or whatever flag the NSA uses in their data sets) was added or removed? If it was used to give weight to certain data observations, like a cleaning pass, the pass would either be useless, or misdirecting. All possible just because Harold Thomas Martin III had to ‘satisfy’ his ego. This is not whether it happened or not, this is about whether it was possible, which would give added voice to the NSA issues in play and the reliability of data. This is a clear issue when we consider that false journalistic stories give way to doubt anything the journalist has written, any issue with a prosecutor and all those cases need reviewing, so do you think it is any different for IT people who have blatantly disregarded data security issues? This is not some Market Researcher who faked response data, this is collected data which would have been intervened with, endangering the people these systems should protect. As stated, this is speculative, but there is a reality in all this, so the NSA will need to sanitise data and sources from the last 10 years. There is no telling what they will dig up. For me it is interesting to see this regarding Snowden, because I had my issues with him and how he just got data away from there. Now there is a chance that the NSA gets to rename their servers to NSA_Siff_01 to NSA_Siff_nn, wouldn’t that be the rudest wake up call for them? I reckon they forgot the old rules, the one being that technology moves at the speed of your fastest employee + 1 and the human ego remain the most dangerous opponent when it involves security procedures.

 

 

Leave a comment

Filed under IT, Law, Media, Military, Politics

Fraud, deception or Ignorance in IT Safety?

Fraud, deception or Ignorance in IT Safety?
Again it was the Dutch NOS last night that gave me the idea of reflection on today’s blog. Their newscast and articles on NOS.nl is all about cybercrime. The news was that last year (October 2012), cyber criminals using the botnet Citadel was able to acquire over 750 GB of data. The data is coming from computers involving the Energy industry, Media corporations, Hospitals, Universities and airlines. The data seems to have gone to eastern European cyber criminals. Over 150.000 computers infected in the Netherlands alone.
Watching it, you could see login details, passwords, network layouts, detailed notes from a doctor and the medication prescribed. The amount of information was staggering! I looked a little further into this botnet. Its name is Citadel. It seems to be an ingenious piece of work. This is something the NSA, GCHQ or the FSB and several other Boy Scout units of a governmental type. When looking at the info, there was an implied strength that it could go passed and ignores many anti-virus systems. When looking at my own provider, there was an interesting lack of information regarding this botnet.
So we are looking at a three edged sword.
Are anti-viral protectors committing fraud? When looking at a Norton protection plan, and I see the green ‘Secure’ sign. Am I really secured? Tracy Kitten from Bankinfo security wrote: “Segura notes that hackers claim PCs relying on anti-virus solutions from Microsoft Security Essentials, McAfee, and Norton were infected. ‘That’s kind of worrisome,’ he says. ” So, am I paying for security I am not receiving?
It seems that this secure statement is also a case of deception. My Norton anti-virus states a secure setting, yet, citadel was initially designed to collect bank information for cyber criminals. From the two facts earlier, I must also conclude that the banks have been insincere to me on more than one occasion (big surprise I know). They claim safety and security, whilst 150.000 computers in the Netherlands seem to prove the opposite. Especially considering that banks have been trimming down on staff because much more goes on-line, yet there is no clear information that the cyber divisions of the financial industry is making any kind of strong progress. The BBC stated on Oct 10, 2012, that GBP 341 million was acquired through card fraud in 2011. The events involving Citadel imply that the losses in 2011 are not likely to go down any day soon.
Last is about Ignorance. That would be you the reader and me. These anti-viral dealers leave us with a false sense of security while we are charged $70-$100 a year, whilst it lowers intrusions, but not remove the threat. I must confess that we are all likely a lot safer with then without anti-viral protection. So stopping anti-virus protection is the worst of ideas.
I feel slightly safer as I have always refused any kind of on-line banking option. From the 90’s I knew that their X-25 protocols had several weak spots, which is now getting me to the last part of this.
If Windows is so weak, volatile and easily transgressed upon, then the dozens of security updates seem little more than a smoke screen. I reckon a lot of us should seriously consider moving to another system like Linux. Linux has proven to be a very secure system. We used to consider Apple to be very secure as it was a Unix based system, which has all matters of security or a much higher level than Windows ever had. However, that it is now an INTEL based system with Microsoft attachments makes me wonder if it remained that secure.
What is my issue with this all is that Yesterday’s news on Citadel was known with the Dutch cyber security for months, and little was done, the newscast even mentioned that many had not been alerted to this danger. I reckon that IF there is truth on transgression on ‘secured’ systems, we need to consider the dangers of connected networks. This likely endangered the infrastructure, and it definitely endangered personal information of millions. With that state of mind, how should we see the security of corporate and personal systems in the UK, US and Australia?
Consider that the implied ignoring of Cyber security is mentioned (but unproven as far as the validity of sources go). Yet, when I seek places like Norton, I get no answer (connection was reset). If we can believe people like Tracy Kitten then the financial sector that relies on massive internet presence, we are in serious trouble. On the other side is the opinion showing on the NOS site by Professor Michel van Eeten from the TU Delft. It is not really created to a directed attack. He compared it to a buck shot into the internet. It was designed to acquire login, passwords and bank details.
My issue is the fact that 150.000 systems were infected! The one flaw in the NOS newscast is the absence of the cyber safety factor. Whether Common Cyber Security was used by those infected. If so, then why are these questions not openly directed at the makers of Norton Anti-Virus, McAfee, Kaspersky and a league of other Cyber Safety providers?

2 Comments

Filed under IT