Tag Archives: Mandiant

July 25, 2025 · 14:19

Where should we look?

That is at times the issue, I would add to this “especially when we consider corporations the size of Microsoft” but this is nothing directly on Microsoft (I emphasize this as I have been dead set against some ‘issues’ Microsoft dealt us to). This is different and I have two articles that (to some aspect) overlap, but they are not the same and overlap should be subjectively seen.

The first one is BBC (at https://www.bbc.com/news/articles/c4gdnz1nlgyo) where we see ‘Microsoft servers hacked by Chinese groups, says tech giant’ where the first thought that overwhelmed me was “Didn’t you get Azure support arranged through China?” But that is in the back of my mind. We are given “Chinese “threat actors” have hacked some Microsoft SharePoint servers and targeted the data of the businesses using them, the firm has said. China state-backed Linen Typhoon and Violet Typhoon as well as China-based Storm-2603 were said to have “exploited vulnerabilities” in on-premises SharePoint servers, the kind used by firms, but not in its cloud-based service.” I am wondering about the quote “not in its cloud-based service” I have questions, but I am not doubting the quote. To doubt it, one needs to have in-depth knowledge and be deeply versed in Azure and I am not one of these people. As I personally see it, if one is transgressed upon, the opportunity rises to ‘infect’ both, but that might be my wrong look on this. So as we are given ““China firmly opposes and combats all forms of cyber attacks and cyber crime,” China’s US embassy spokesman said in a statement. “At the same time, we also firmly oppose smearing others without solid evidence,” continued Liu Pengyu in the statement posted on X. Microsoft said it had “high confidence” the hackers would continue to target systems which have not installed its security updates.” This makes me think about the UN/USA attack on Saudi Arabia regarding that columnist no one cares about, giving us the ‘high confidence’ from the CIA. It sounds like the start of a smear campaign. If you have evidence, present the evidence. If not, be quiet (to some extent). 

We then get someone who knows what he in talking about “Charles Carmakal, chief technology officer at Mandiant Consulting firm, a division of Google Cloud, told BBC News it was “aware of several victims in several different sectors across a number of global geographies”. Carmakal said it appeared that governments and businesses that use SharePoint on their sites were the primary target.” This is where I got to thinking, what is the problem with Sharepoint? And when we consider  the quote “Microsoft said Linen Typhoon had “focused on stealing intellectual property, primarily targeting organizations related to government, defence, strategic planning, and human rights” for 13 years. It added that Violet Typhoon had been “dedicated to espionage”, primarily targeting former government and military staff, non-governmental organizations, think tanks, higher education, the media, the financial sector and the health sector in the US, Europe, and East Asia.

It sounds ‘nice’ but it flows towards the thoughts like “related to government, defence, strategic planning, and human rights” for 13 years”, so were was the diligence to preventing issues with Sharepoint and cyber crime prevention? So consider that we are given “SharePoint hosts OneDrive for Business, which allows storage and synchronization of an individual’s personal work documents, as well as public/private file sharing of those documents.” That quote alone should have driven the need for much higher Cyberchecks. And perhaps they were done, but as I see it, it has been an unsuccessful result. It made me (perhaps incorrectly) think so many programs covering Desktops, Laptops, tablets and mobiles over different systems a lot more cyber requirements should have been in place and perhaps they are, but it is not working and as I see, it as this solution has been in place for close to 2 decades, the stage of 13 years of attempted transgression, the solution does not seem to be safe. 

And the end quote “Meanwhile, Storm-2603 was “assessed with medium confidence to be a China-based threat actor””, as such, we stopped away from ‘high confidence’ making this setting a larger issue. And my largest issue is when you look to find “Linen Typhoon” you get loads of links, most of them no older than 5 days. If they have been active for 13 years. I should have found a collection of articles close to a decade old, but I never found them. Not in over a dozen of pages of links. Weird, isn’t it? 

The next part is one that comes from TechCrunch (at https://techcrunch.com/2025/07/22/google-microsoft-say-chinese-hackers-are-exploiting-sharepoint-zero-day/) where we are given ‘Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day’ and this is important as a zero-day, which means “The term “zero-day” originally referred to the number of days since a new piece of software was released to the public, so “zero-day software” was obtained by hacking into a developer’s computer before release. Eventually the term was applied to the vulnerabilities that allowed this hacking, and to the number of days that the vendor has had to fix them.” This implies that this issue has been in circulation for 23 years. And as this implies that there is a much larger issue as the software solution os set over iOS, Android and Windows Server. Microsoft was eager to divulge that this solution is ‘available’ to over 200 million users as of December 2020. As I see it, the danger and damage might be spread by a much larger population. 

Part of the issues is that there is no clear path of the vulnerability. When you consider the image below (based on a few speculations on how the interactions go) 

I get at least 5 danger points and if there a multiple servers involved, there will be more and as we are given “According to Microsoft, the three hacking groups were observed exploiting the zero-day vulnerability to break into vulnerable SharePoint servers as far back as July 7. Charles Carmakal, the chief technology officer at Google’s incident response unit Mandiant, told TechCrunch in an email that “at least one of the actors responsible” was a China-nexus hacking group, but noted that “multiple actors are now actively exploiting this vulnerability.”” I am left with questions. You see, when was this ‘zero day’ exploit introduced? If it was ‘seen’ as per July 7, when was the danger in this system solution? There is also a lack in the BBC article as to properly informing people. You cannot hit Microsoft with a limited information setting when the stakes are this high. Then there is the setting of what makes Typhoon sheets (linen) and the purple storm (Violet Typhoon) guilty as charged (charged might be the wrong word) and what makes the March 26th heavy weather guilty? 

I am not saying they cannot be guilty, I am seeing a lack of evidence. I am not saying that the people connecting should ‘divulge’ all, but more details might not be the worst idea. And I am not blaming Microsoft here. I get that there is (a lot) more than meets the eye (making Microsoft a Constructicon) But the lack of information makes the setting one of misinformation and that needs to be said. The optional zero day bug is one that is riddles of missing information. 

So then we get to the second article which also comes from the BBC (at https://www.bbc.com/news/articles/czdv68gejm7o) given us ‘OpenAI and UK sign deal to use AI in public services’ where we get “OpenAI, the firm behind ChatGPT, has signed a deal to use artificial intelligence (AI) to increase productivity in the UK’s public services, the government has announced. The agreement signed by the firm and the science department could give OpenAI access to government data and see its software used in education, defence, security, and the justice system.”  Microsoft put billions into this and this is a connected setting. How long until the personal data of millions of people will be out in the open for all kinds of settings? 

So as we are given “But digital privacy campaigners said the partnership showed “this government’s credulous approach to big tech’s increasingly dodgy sales pitch”. The agreement says the UK and OpenAI may develop an “information sharing programme” and will “develop safeguards that protect the public and uphold democratic values”.” So, data sharing? Why not get another sever setting and the software solution is also set to the government server? When you see some sales person give you that there will be ‘additional safeties installed’ know that you are getting bullshitted. Microsoft made similar promises in 2001 (code red) and even today the systems are still getting traversed on and those are merely the hackers. The NSA and other America governments get near clean access to all of it and that is a problem with American based servers and still here, there is only so much that the GDPR (General Data Protection Regulation) allows for and I reckon that there are loopholes for training data and as such I reckon that the people in the UK will have to set a name and shame setting with mandatory prosecution for anyone involved with this caper going all the way up to Prime Minister Keir Starmer. So when you see mentions like ““treasure trove of public data” the government holds “would be of enormous commercial value to OpenAI in helping to train the next incarnation of ChatGPT”” I would be mindful to hand or give access to this data and not let it out of your hands. 

This link between the two is now clear. Data and transgressions have been going on since before 2001 and the two settings when data gets ‘trained’ we are likely to see more issues and when Prime Minister Keir Starmer goes “were sorry”, you better believe that the time has come to close the tap and throw Microsoft out of the windows in every governmental building in the Commonwealth. I doubt this will be done as some sales person will heel over like a little bitch and your personal data will become the data of everyone who is mentionable and they will then select the population that has value for commercial corporations and the rest? The rest will become redundant by natural selection according to value base of corporations. 

I get that you think this is now becoming ‘conspiracy based’ settings and you resent them. I get that, I honestly do. But do you really trust UK Labor after they wasted 23 billion pounds on an NHS system that went awry (several years ago). I have a lot of problems showing trust in any of this. I do not blame Microsoft, but the overlap is concerning, because at some point it will involve servers and transfers of data. And it is clear there are conflicting settings and when some one learns to aggregate data and connect it to a mobile number, your value will be determined. And as these systems interconnect more and more, you will find out that you face identity threat not in amount of times, but in identity theft and value assessment in once per X amount of days and as X decreases, you pretty much can rely on the fact that your value becomes debatable and I reckon this setting is showing the larger danger, where one sees your data as a treasure trove and the other claims “deliver prosperity for all”. That and the diminished setting of “really be done transparently and ethically, with minimal data drawn from the public” is the setting that is a foundation of nightmares mainly as the setting of “minimal data drawn from the public” tends to have a larger stage. It is set to what is needed to aggregate to other sources which lacks protection of the larger and and when we consider that any actor could get these two connected (and sell on) should be considered a new kind of national security risk. America (and UK) are already facing this as these people left for the Emirates with their billions. Do you really think that this was the setting? It will get worse as America needs to hang on to any capital leaving America, do you think that this is different for the UK? Now, you need to consider what makes a person wealthy. This is not a simple question as it is not the bank balance, but it is an overlap of factors. Consider that you have 2000 people who enjoy life and 2000 who are health nuts. Who do you think is set to a higher value? The Insurance person states the health nut (insurance without claims) or the retailer the people who spend and life live. And the (so called) AI system has to filter in 3000 people. So, who gets to be disregarded from the equation? And this cannot be done until you have more data and that is the issue. And the quotation is never this simple, it will be set to thousands of elements and these firms should not have access, as such I fear for the data making it to the outer UK grounds. 

A setting coming from overlaps and none of this is the fault of Microsoft but they will be connected (and optionally) blamed for all this, but as I personally see it the two elements that matter in this case are “Digital rights campaign group Foxglove called the agreement “hopelessly vague”” and “Co-executive Director Martha Dark said the “treasure trove of public data” the government holds” will be of significance danger to public data, because greed driven people tend to lose their heads over words like ‘treasure trove’ and that is where ‘errors are made’ and I reckon it will not take long before the BBC or other media station will trip up over the settings making the optional claim that ‘glitches were found in the current system’ and no one was to blame. Yet that will not be the whole truth will it?

So have a great day and consider the porky pies you are told and who is telling them to you, should you consider that it is me. Make sure that you realise that I am merely telling you what is out in the open and what you need to consider. Have a great day.

Leave a comment

Filed under Finance, IT, Law, Media, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

September 24, 2024 · 22:59

Two sides of technology

There are always two sides on any technology. The question is whether they are aligned or not. The first story is found at (at https://www.edgemiddleeast.com/ai/tsmc-and-samsung-consider-100-billion-uae-chip-projects) where the Edge Middle East gives us ‘TSMC and Samsung Consider $100 Billion UAE Chip Projects’, it all comes across as straight forward. We are given “Semiconductor giants TSMC and Samsung are in early talks to establish massive chip-making facilities in the UAE, potentially marking a significant expansion in global production.” It seems to me that this is a straight forward option, especially for the UAE. We are also given “develop potential chip projects in the United Arab Emirates, with investments that could exceed $100 billion. The discussions, which are still in the early stages, were first reported by The Wall Street Journal on Sunday” and this article ends with “Should these plans move forward, they would mark a significant milestone in the UAE’s efforts to position itself as a global technology hub.” The second article was initially from the Financial Times (but they are behind a paywall), as such I I cannot give the link, but the headline reads ‘UAE president meets Joe Biden in push for more US AI technology’ where we are given “Sheikh Mohamed bin Zayed al-Nahyan seeks to formalise fledgling partnership between both countries” as well as “The United Arab Emirates’ leader met US President Joe Biden in Washington on Monday to advance artificial intelligence co-operation as the Gulf nation tries to secure easier access to US-made technology” and “The UAE is one of the US’s most important allies in the Middle East, but relations have been strained at times in recent years. Talks for a formal security pact with Washington have stalled, and Abu Dhabi was infuriated by what it saw as a lukewarm US response to attacks on the UAE’s capital by Houthi rebels from Yemen in 2022.” This is a dangerous time for America. The trivialisation of the Houthi terrorists will cost America dearly, it has before and it will cost America more than they imagined. You see, as I personally see it. There is a bigger fish. The option that China will play nice with Taiwan when there is a larger part of the $100,000,000,000 could give China the edge they need. And in this setting China will have several bonus options that would fall away from American. That alone would entice China to play nice with Taiwan to a whole larger degree. Is it viable? I honestly cannot say as the media is massively anti-China. Ask Huawei is you doubt my view on this issue. 

How could this happen?
There are several options, but if I were a betting man China would offer Taiwan independence UNDER China. Would Taiwan accept this? I don’t know, but if China would enable a diplomatic solution via the United Arab Emirates it could happen. China is more interested in the collapse of America sooner and will hand an independence ‘option’ to Taiwan. And the setting with Sheikh Mohamed bin Zayed al-Nahyan gives China a larger option to manouver. It is my believe that the Biden administration is driven to not make my speculation happen and for that it needs a slice of the UAE AI business and America will offer whatever it has to to make their entrance a done deal. On the positive side if Microsoft gets involved there is every chance that their affinity to mediocrity will blow up in their faces and the American stance becomes a whole lot weaker. This is not ‘fear mongering’, this is merely the view I have on Microsoft and the blunders they have made in the recent past. The UAE embraces perfection, as such Amazon (AWS) or Google would be a much better fit. But this is not about bashing Microsoft (it is fun though). The AI investments that could be coming the way of the UAE, there is a larger field. We hear all about ‘AI’ and the developers (Amazon, Apple, Google, et al) but most forget that Huawei has its own system. The FusionMind AI platform. I don’t know how good it is. Whatever the media tells us, once Huawei gets to demonstrate their system. No matter what others think, if the UAE considers it good enough, the American race for revenues goes in the wrong direction (for America that is). Don’t ask me how good or how bad the Huawei system is, because I have never seen it, but I know about it and the media is doing its best to ignore Huawei, but I am not convinced that this is a good move to make. The IT people (like me) want to assist people with solutions that WORK. I do not think it is a good idea to ignore the Huawei system. And I believe that neither Saudi Arabia or the United Arab Emirates are ignoring the Huawei technology side of it all. For me the larger setting isn’t merely what works, but it is the dim witted view of accusing Huawei whilst not offering ANY clear evidence. That is the larger stage and if Huawei, or the Chinese government can convince Sheikh Mohamed bin Zayed al-Nahyan to allow Huawei to present their case, American will have additional worries to deal with. I personally think that Google AI with Mandiant would be personally the better option. That is merely because I have have limited exposure to AWS and no exposure to Amazon security solutions. So my view is slightly biased. In all this, Google needs to convince the UAE that they have what the UAE needs. After that Saudi Arabia should be shown these solutions too (likely they have already seen them).

When we see these sides, one side is the technology, the other side is the software and when we optionally see these chip solutions the bigger winner becomes whomever sets the premise of their software to the hardware provided. I personally hope for Google (I am biased here), but the end game is nowhere near concluded at present. I reckon the Biden administration is hoping for a memorandum of intent, but that is something we might see on Wednesday. So keep looking.

It is almost Wednesday here and Vancouver is following in 18 hours. So anything is possible. Have a great day.

Leave a comment

Filed under Finance, IT, Media, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , ,

April 1, 2023 · 18:54

Focal and blinders

We all face them at times, I am no different. The problem is when is what what. Let me be a little more clear, in my case Microsoft is an issue, as I personally see it, if they buy Blizzard, they will need $92,000,000 of profit a day just to break even with the purchase of 3 houses (Mojang, Bethesda and Blizzard), now this is not set correctly, they bought Mojang some time ago, as such the amount is a few million less, but it is not less by much. They already crashed Redfall PS5, which they are allowed to do. They are allowed to do whatever they need to with what they own. Yet, consider that the PS5 has well over 30,000,000 consoles in the field and they allegedly need $92 million a day, does the act make sense? So am I concentrating on a focal, or a blinder. Consider that a blinder lets you NOT see in a specific direction. We attribute all kinds of ‘evil’ towards Microsoft, are they blinders or are they seen as the result of a focal? That is actually a lot harder to answer than you think. When is one could also be the other.

As such I have been concentrating on my two IP projects. Project Graveyard and Project Cluster. Two very different software and hardware IP settings. They both fit the Amazon Luna and optionally whomever buys the Google Stadia, which is why Kingdom Holdings was on my radar. One will be a decent downfall for Microsoft the other no less, but also takes the steam out of Facebook, and as such Amazon was the logical path to take and not just merely logical, Amazon was about to get a whole new range of revenue because of it. Yet I try not to be smitten by either blinders or focal (no matter how much fun they are). As such I saw the appearance of Tencent on time and even as several players are willing to ignore Tencent, I cannot and I will not. Tencent has seemingly the ability to unite gamers. In addition it allows China to grow in one additional industry where Americans thought they would not exist and now Microsoft in particular will have a problem because of the required $92 million a day will become a nose grounded with an anchor around the neck of American economy. And there are plenty of nay sayer spinners on the internet. It is all Microsoft and they are all getting on top of things. So lets have a go at that list 

1. Microsoft would acquire Mandiant to solve their solarwinds issue
There was one news cycle and then suddenly it went dark, there was no more news. I raised it in ‘What we hope for’ on March 7th 2022 (at https://lawlordtobe.com/2022/03/07/what-we-hope-for/). It became part of Google and it is a Google solution now. After that Microsoft and cyber solutions went a little dark on the matter.

2. Microsoft had a new Tablet to WOW the world. No, it didn’t never got close to the Apple iPad and it got even less close to the iPad Air, two devices that were more able and had a larger following and it still does. It still has a lot more to offer, but the spinners came with the ‘with the keyboard it was a more complete laptop’. No, it was not and it will never be that more. I saw people howling with agony as they saw failure after failure on their Surface. I still see some people trying to spin that thing. A $1650 solution trying to win over a $500 iPad, all whilst Apple has the more versatile device.

3. Microsoft has the cloud solution, Azure. Smell it, it smells nice. Which is laughingly the biggest loser of them all. In clarity, Azure is not bad, it lacks and it has no business in gaming. Azure is the Microsoft solution and after 3 years it is nowhere near ready to take on the AWS (Amazon Cloud solution). Last month someone wrote (not me) “Azure is more costly. Azure is the finest alternative for a robust Platform-as-a-Service (PaaS) provider and even a Windows integration. If a company needs infrastructure-as-a-service (IaaS) or a wide range of tools, AWS may be the ideal option”, so where are the SAAS and GAAS comparisons? And when I look, there is always a hidden issue where the people are promoting THEIR solution, no matter whether it involves AWS or Azure (Google is falling behind too much). At the moment the marketshare of AWS is a lot larger and in some reports it seems like Google cloud and IBM cloud are underreported. What matters is that this is another field where Microsoft is not ahead. 

4. The Microsoft gaming console is the most powerful in the world. It might be true, but the weakest console of them all (Nintendo Switch) surpassed the Microsoft sales numbers by a lot and did it in half the time Microsoft with their X/S console were in the field. Even now, these numbers of X and S series consoles are aggregated, the loss is that defining. They are way behind  the PS5 with their X series console, but it is the most powerful in the world. In addition the PS5 has a whole range of next generation titles that goes into the dozen and the Microsoft console is lacking there, even after two years it is still lacking in Next generation titles. 

I will ignore issues 5,6 and 7. 4 fields where Microsoft will need to do a lot better and for years they were not able to do so. So where is that $92 million a day profit coming from? I cannot see it, can you? And that was merely to claw back the investments on gaming alone. Amazon is hungry and they are driving their AWS (and optionally their Amazon Luna too) making the pain for Microsoft larger. Apple has a firm grip on their devices and even as we might not like Apple, their devices are solid and Microsoft has no chance of driving a wedge there. And as I see it, they already lost the console war. In that environment Microsoft is bleeding revenue all over the field, their books are red with blood and red ink. And for their security I have not seen an alternative for Mandiant (owned by Google). So where are they now? When will we see another Solarwinds? It is not a given, but they lack in cyber security, so I fail to see how they will stop the next wave. 

And now the battle field changes further, Tencent is about to arrive, I merely wonder if that was one of the reasons why the E3 was cancelled (I honestly do not know). If Tencent arrives, it arrives with more options and more settings than the Microsoft console field will allow for, no matter how that plays out, it makes the Blizzard $65,000,000,000 a massive anchor around the neck of Microsoft and it will hurt them, no matter what ideas they have. Tencent has been funding a lot of Unreal engine 5 stuff, as such they could wow the gaming community and if they are going the direction I am speculating on, it will hurt both Microsoft and Amazon to a larger degree, in this the pain to Apple remains unknown, or it might be minor. And that is all before some figure out that Project Cluster will enable a lot more than anyone considered, it was meant for that, to be ready for national 5G implementations. How many of them did that off the bat and how many (implying Microsoft) stated “We will get to that when it is ready”, it is the short term focal point of a quarter by quarter BI person. In this none of them have a real long term focal point and that is why Tencent is a danger to them all, they are focussing on 2025 and 2026 (the year Microsoft allegedly collapses).

So is Microsoft my blinder? Is it my focal, or did I see the stage for what it was one that offers great options for some and not that much for others. They limited their abilities by hanging an additional $65,000,000,000 anchor around their necks. I am calling it as I saw it. Perhaps I am wrong, you tell me. I gave you the numbers and the works, you can do your own research.

Leave a comment

Filed under Finance, Gaming, IT, Media, Science

Tagged as , , , , , , , , , , , , , , , , , , , , ,

March 9, 2022 · 17:08

Microsoft, for cold laundry

Yes, there is a need to go there. You see there is the setting that we kick Microsoft as a civic duty, but how long do you need to kick them for it to be regarded as for personal pleasure? Yes, that is the question and it is more to the point than you think it is. Two days ago I wrote ‘What we hope for’ (at https://lawlordtobe.com/2022/03/07/what-we-hope-for/) there I gave the setting that Microsoft is in more trouble than we think they are. They are losing the gaming niche, the ‘tablet’ niche, the cloud niche, the SaaS niche and optionally the office niche as well. That is a lot of terrain to lose. I also stated there ““Microsoft is in talks to acquire cybersecurity research and incident response company Mandiant, according to people familiar with the discussions, a deal that would bolster efforts to protect customers from hacks and breaches”, you see, it is not merely “bolster efforts to protect customers”, it is about preventing and protecting the customers you have and as we are seeing several Microsoft issues”, a few hours ago I learned that they do not even have that. ArabNews gives us ‘Google buys Mandiant for $5.4 billion’, the article (at https://www.arabnews.com/node/2038611/business-economy) “Google is fortifying its cloud services with a $5.4 billion acquisition of the cybersecurity firm Mandiant, the companies announced Tuesday”, as such the clouds around Microsoft seem increasingly less secure soon enough. Microsoft will find someone (I think) and they need to find someone and set the stage to a stronger Microsoft. Yet as I see it they lose gaming to Amazon (I was happy to help Amazon do that), their Surface thingamajig will lose to the Apple iPad more and more, and the Mac Air book takes what is left and the cloud is increasingly less and less secure, as such they are losing market share to all the other cloud providers. The SaaS niche is different, it relies on the cloud, lose one and you tend to lose the other as well to some degree. So now the last straw for Microsoft is their good old Office backbone. It is firm (for now) but the cyber issues will affect their mail system and it already has had a few issues. But the big push could come from a very different angle. Adobe will be the largest player in several ways. There is additional consideration that when business aligns for Meta, Adobe will get a fair share of that business and should they push for the an ‘office setting’ they could clearly clean house. The last setting is pure speculation. There is no educated guess in play. They need their version of Excel, Word, Powerpoint and Mail versions to impact Microsoft even larger, but that is not outside of their abilities to do so and moreover, as Meta will go in 2024 Adobe will feel forced to go there. If only to cater to the millions of GoPro users who will see new business ventures in a Hybrid setting of the Web, Web3.0 and Meta. I think that Google lacks more elements than Adobe does so Adobe is in a good place. No matter how we think it will go, I feel more and more certain that Microsoft is about to lose a hell of a lot more than they bargained for. I wonder if they ever saw that part coming as they increasingly believed the spin they put out there as well. Consider their 2018 setting: ‘The most powerful console in the world’, it was surpassed by the weakest (Nintendo Switch), it will optionally also be surpassed by the Amazon Luna (if I get it my way, ha ha ha). At that point, what did $68.7 billion get them (as well as the $7.5 billion for Bethesda)? Seventy five billion to end up in 4th position in gaming? Google buying what they need for Cyber security? One could argue that soon the buzzards will circle Microsoft, but that might be a little too negative. 

I saw Microsoft grow from nothing to the behemoth that decided what we wanted. Now it is turning out that too many are eager to find someone else, in too many IT fields. There will be Microsoft lovers out there, eager to state that I am wrong. I could be, I freely admit it, but when you put the facts together, when you collect the information out there and the weaknesses that they show gives a larger rise to my version (which has speculative sides) and the largest setting is the one we do not have. What will Adobe do in 2023/2024. It will impact several players a lot.

1 Comment

Filed under Finance, IT, Science

Tagged as , , , , , , , , , , , , , , , , , , , ,

October 7, 2018 · 14:56

The price of identity

We all have needs, we all have identities. It is important to us, as it is for many others. No one debates or disagrees with it. Yet what to do when identity hinders us? When we see the Washington Post (at https://www.washingtonpost.com/world/national-security/former-nsa-deputy-is-mattiss-leading-choice-to-head-the-spy-service-if-it-splits-from-cyber-command/2018/10/05/1be8d7a8-c73d-11e8-b2b5-79270f9cce17_story.html) giving us ‘Former NSA deputy is Mattis’s leading choice to head the spy service if it splits from Cyber Command‘, we need to consider the impact of identity, corporate identity, governmental identity, military identity, projected and presented identity. They are not the same and can vary to a much larger degree. When someone is part of what used to be referred to ‘No Such Agency‘. We will get the impact of identity; we all know that and many faced it too. Look at any friend or co-worker you have ever known and ask him/her about the impact of a merger and they will tell you, there are changes. Some are subtly, some are not noticed, yet others are, usually in infrastructure and the way things were done. Now the change tends to be for the good in the long run but that is not a given.

So what gives?

It is my personal observation and a highly speculative one at that. Yet I believe that the Washington Post giving us: “The current head of both organizations, Gen. Paul Nakasone, has urged Mattis to keep the NSA and U.S. Cyber Command under one leader on the grounds that the nine-year-old military organization is not ready to stand on its own, these people said. In recent weeks, Mattis was close to a decision to separate the leadership arrangement, but Nakasone’s counsel has caused him to reconsider, according to two U.S. officials. The officials spoke on the condition of anonymity to discuss sensitive internal deliberations“, is not entirely accurate. I believe that ‘military organization is not ready to stand on its own‘ is not the setting that matter. I believe that Stratfor who gives us ‘A New, More Aggressive U.S. Cybersecurity Policy Complements Traditional Methods‘ is very much at the heart of that. I believe that the general is not ready or perhaps unwilling to set the offensive and aggressive part in motion. Now, this is no bad reflection on the general, let that be a first. He is well decorated, he has seen the field in many ways and he has done a fair share of field events. He has earned his rank. I merely wonder that a man who has seemingly played a defence and protection game is the man for the offense. I think that this is a football moment, and as a non-football expert (and a 49ers fan) I would compare the General to DeMarcus Lawrence from the Dallas Cowboys against what the US seems to demand is a Derrick Henry (Tennessee Titans), or even a Tom Brady (New England Patriots), roles that are not really moveable. Even as a Quarterback might become a really good Derick Henry that Quarterback will never become a DeMarcus Lawrence. The defence and offense game is that far apart. This is where Chris Inglis comes in. He is an analyst (at heart), he is used to counter offensive strategies and introduce strategies of his own (effective one’s mind you). I believe that this is the game that is in the open at present and these two will need to find a way to make it work. Not merely because it is good for the needed strategy, but because the segregation of the two elements might hurt U.S. Cyber Command in a few ways, not merely funding, but the elements that U.S. Cyber Command currently have access to will partially fall away and getting two infrastructures like the NSA is unyielding, unaffordable and in the end will introduce flaws and dangers on both sides of the isle making the setting (as I personally see it) a non-option right of the bat. Stratfor gives us a few other items.

One of them is “A best-case scenario for a U.S. cyberattack would be disabling computer systems and networks being used against U.S. interests to prevent an attack from happening or to disrupt an attack that is in progress“. The problem there is that some of the opponents are getting to be really good at what they do and a few of them are not state driven, not by any state changing the dynamics of the solution. Even as I discussed the hop+1 strategy almost three years ago, settings like that require an expert layer one knowledge and the players cannot both have these experts changing the needs of the infrastructure overnight.

The second consideration is: “Perhaps the main challenge to U.S. engagement in tit-for-tat cyberattacks is that the United States is by far the biggest target for such attacks“. That might be true but that goes beyond mere true enemies, it includes a truckload of students wanting to finger the man (or is that giving them the bird)? Do they really want to waste resources to those people whilst the US has actual enemies in the world?

The larger issue is seen with: “Discussing the strategy, national security adviser John Bolton hinted that the administration had already taken steps to bolster offensive efforts in recent weeks, warning that the United States is no longer just playing defense when it comes to cybersecurity. But despite the Trump administration’s more hawkish tone regarding cybersecurity, it will continue mainly to rely on traditional measures such as the legal process, regulations and cooperation with the private sector when it comes to cybersecurity” It is here when we get the consideration of the resources required. The defence, offense and legal sides of it all becomes a real mess if the two split up giving the chance that targets and issues walk away on technicalities. How does that help?

The strategy s even more profound when we consider “Clandestine, discreet attacks are certainly already key elements of U.S. cyber tactics. There have likely been more examples of U.S.-launched attacks that have not come to light, perhaps because they were never recognized as cyberattacks. While the less known about U.S. cyber capabilities, the more effective they will be when deployed, this by definition limits the deterrence value of U.S. cyber capabilities“, at this point is the setting of ‘discreet’ that comes into play. With the two separated they will get into each other’s fare waters and more important give accidental light to the discreet part of the operation, there will be no avoiding it, only the most delusional person would think that it does not get out when more than one player is involved, because that will always introduce a third item being the intermediary, the cold war taught many players that part of the equation. And that is even before we get to the statement: “recent cases like the September indictment of North Korean cyber operatives, which displayed heavy FBI reliance on private security firms such as Mandiant and Alphabet to collect technical evidence and carry out investigations“, now we see the folly as Mandiant and Alphabet are mentioned, the entire matter grows further as soon as Constellis becomes part of the equation. That is beside the point of realising (highly speculative on my side) that neither three Mandiant, Alphabet and Constellis have the required safe servers in place to prevent names, places and facts from going out into the open. I might not be able to get in, but there are dozens who will get in and that voids the security of the matter to a much larger degree. For arguments sake I will leave Booz Allan Hamilton out of that equation, they have been snowed on long enough.

And even as we see the instance of legal preference, the US must realise that any attack from state or non-state parties in China or Russia has close to 0% of being successful (outside of the exposure part), the entire matter in case of the OPCW in the Netherlands is one. An attack was thwarted, yet was it THE attack? The guardian article (at https://www.theguardian.com/world/2018/oct/04/visual-guide-how-dutch-intelligence-thwarted-a-russian-hacking-operation) reads nice, and we see all these facts and from my point of view, things do not add up. You see, I would have used the car that we see mentioned “In the boot of their car was uncovered an arsenal of specialist electronic Wi-Fi hacking equipment” as a fire and forget consumable, use it as an access point, segregating the hacker from the accessing unit. When you have (as they stated) “cash: €20,000 and $20,000” getting a second car far enough to access yet not be directly linked is seemingly easy enough. Then there is the setting of the photo at Amsterdam’s Schiphol airport. I am not debating the issue of the photo, it seems genuine enough. In this operation they did not fly to Germany and took the train, or take a car and cross at Oldenzaal, Emerich, or even via Belgium and enter via Antwerp, or Eindhoven. It almost read like they wanted to get noticed. They know that Amsterdam Airport is high tech and nothing escapes their camera eyes. To me (a paranoid me) it comes across as ‘Where did they not want us to look‘. A mere sleight of hand deception, and again the entire GRU mention. A phone outside of that building and they had the taxi receipt? No one merely driving them to the airport in Russia or even them taking a bus from any hotel in Moscow. No a taxi receipt of all things, is anyone buying that? So in this it is not the Dutch, it is the Russian side that makes no sense at all.

How did I get there?

This is the initial setting of offense and defence. The proper application of strategy in all this matters, because we seem to undervalue and underestimate the need of either in all this. Because we get to push a button anywhere and anytime we seem to underestimate on what is recorded, what is collected and what can we verify. That entire mistake is how any offensive strategy can optionally become folly from the moment the instigation of ‘press any key‘ to start gets us. Proper offensive is not about doing what needs to be done, it is about being able to prove who did what. Perhaps Sony remembers that part as they were given that it was North Korea did something, whilst their computers were not even close to PC gaming ready, the mere processor, which was about 25% (at best) of a 1994 Silicon Graphics Indigo system is not the system that gives you what you need to hack the night away. The tools are equally as important as the access and ability to negate identity. When you see that part, the entire hop+1 intrusion path makes a lot more sense.

This now gets us to the end of the Washington Post, where we were treated to: ““As the build of the cyber mission force wraps up, we’re quickly shifting gears from force generation to sustainable readiness,” Nakasone said in a statement in May. “We must ensure we have the platforms, capabilities and authorities ready and available” to carry out successful cyber-offensives. Some former senior intelligence and defense officials oppose separating the “dual-hat” leadership arrangement, including former NSA Director Keith Alexander, former Director of National Intelligence Mike McConnell and former Defense Secretary Robert Gates. This week, former CIA Director David Petraeus, a retired Army general, said during a Washington Post cyber summit that he’d keep the dual-hat arrangement “for the time being.”” It is not merely the ‘we have the platforms, capabilities and authorities ready and available‘, you see, when we get to capabilities we see the need of offensive players and even as Cyber command might be aces in their field, the offensive game differs to some degree and even as we see that they are way above the student levels, we get back to the Football equivalent you see the application of defence and offense. It is not DeMarcus Lawrence versus Derrick Henry, the question becomes can DeMarcus Lawrence be a Derrick Henry that is good enough, that is the battle within. The mere realisation that if you fail this when the offensive is broken into a train wreck that makes the limelight in every paper, that is the game that is the dilemma that Gen. Paul Nakasone faces as I personally see it.

And when we see Stratfor with the one little gem we did not consider, the mere proposed fact that North Korea has a mere 9,000 IP Addresses, do you really think that they could have done this all, or are we in a setting where someone had the ability to act on BGP hijacking and was able to mask it to the level it needed to be masked at, because that was the offensive play that needed to be considered and there was no way that the evidence had been uncovered to that degree with a backdoor could be removed with a simple reset of routers.

#FourtyNinersRule

 

Leave a comment

Filed under IT, Law, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

August 3, 2017 · 14:42

Your GCC resume

Qatar remains in the news, some are looking at the $5.9 billion deal in Italian dinghy’s, others look at the cancelled deal to become an American Airlines stake holder and others like me are focussing towards the GCC futures. According to the Defence minister Khalid bin Mohamed Al Attiyah this setting is not in an increasing danger. The problem is not merely the GCC in itself, it is what you will not see in many newspapers, it is the overhanging impact on OPEC. The news given by Oilprice.com is “All GCC countries depend on stability in the oil and gas markets, which is evident from the recent OPEC deal. A full-fledged confrontation will, without any doubt, put pressure on the current compliance rate of OPEC members to production cuts. Doha will be able to sabotage the current 6+3 production cut agreement between OPEC and non-OPEC members. If Doha decides to join the ranks of Iran and Iraq, OPEC’s future will be in doubt” it is at the very end of the article (at http://oilprice.com/Geopolitics/International/Clash-Between-Qatar-And-The-Saudis-Could-Threaten-OPEC-Deal.html), yet that in itself is not the bacon maker, or if pork is taboo, it is the lamb to the slaughter. When we see: “The Arab criticism may have been less harsh if U.S. officials would not have put oil on the fire. U.S. Secretary of Defense James Mattis openly warned Qatar that it should change its support of the Muslim Brotherhood. Mattis also stated that U.S. president Trump is considering classifying the Brotherhood as an international terrorist organization, which could have a very negative impact on the U.S.-Qatar economic-military cooperation in the coming months“, this reflects right back to the pressures that the American players where trying to establish through pressuring the WTO issues as written yesterday (at https://lawlordtobe.com/2017/08/02/a-big-tree-in-the-desert/). Another source (Leaprate.com) gives us the links to Iran and re-elected Hassan Rouhani. Here we see “America’s new-found protectionist outlook and open contempt for the JCPOA, has put a question mark against its future, while Iran’s ties with Qatar, currently the subject of embargos by many neighbouring states, is a further concern for investors“, this is the part that most do not get informed about. Partially the US has a valid point as the previous president of Iran was openly waging war towards the US and against the state of Israel. The dangers as I gave them years ago, especially in the light of the nuclear treaties is not how good or how reforming the newly elected President Hassan Rouhani was, it is the issue about the next person, who will get the presidential trophy in 2021 and what happens then? This is the long term worry, most will agree that one extreme leader on the edge of insanity is good enough and keeping that person in North Korea is for now the best place.

Yet, that was not what this is about, when we consider that the JCPOA (also known as Joint Comprehensive Plan of Action), we see the given by Ali Akbar Salehi with ““After JCPOA, our oil production has soared from 1 million barrels per day to 3.9 million bpd,” IRNA quoted Salehi as saying on Sunday, two days after the two-year anniversary of the action plan. This marks a success for Iran’s oil-based economy in reclaiming its market share lost over the years of sanctions“, the issue is that this directly opposes OPEC with “All GCC countries depend on stability in the oil and gas markets, which is evident from the recent OPEC deal. A full-fledged confrontation will, without any doubt, put pressure on the current compliance rate of OPEC members to production cuts” for the UAE and Saudi Arabia that is a problem, as Iran has increased its production by nearly 3 million barrels a day, the other players have to decrease even more, which means that they are hurting well $150 million a day or we will see the pressures shift all over the Middle East, which is not good for America (or the UK for that matter), because that impacts what Saudi Arabia can buy, and the monthly $4.5 billion is partially for the hardware delivered and expected before December 2017, so as these sales paths are impacted, we will see a level of hurt all over the weapons of mass consumer requirements market.

So we have valid and greed driven concerns regarding Iran, in this the Qatar issue does not help and the play that the US is making as we see it should not be considered as a beneficial path. No matter how valid the present situation is as we see it given through the Russian Academy of Sciences, Stanislav Ivanov is giving a present truth with “The main line of Tehran’s policy is to get out of sanctions and gradually restore its economic and financial potential“, we do not deny this, yet the past decades was about setting the pressures to Iran as the western nations had to deal with extremism, in addition to the funding that Iran gave Hamas as it kept on attacking the State of Israel, there are ample issues in all this as the strategic setting before 2021 (Iranian general elections) could face the US, Israel and Western Europe with an economic revitalised Iran, which will be pushing the players back to square one if that seat will become the sitting arrangement for another Mahmoud Ahmadinejad, which is not out of the question.

When that happens, those with a GCC resume, with or without references to OPEC might wonder where their employability resides. Now, if they have been smitten with a 7 figure annual income, they might not care, yet those without that part for at least 4 years might need to scrape by, having to live on $40K a month for the rest of their lives. I can advise these people that it can be done, if they shed the 4 luxury cars (Ferrari, Lamborghini, Maserati and Bentley), give up their membership in the Yas Links Golf Club, Almouj Golf and The Majlis, Emirates Golf Club as well as their 4 bedroom apartment in Riyadh and they are already half way there. So how serious is this? Well, it is actually a lot more serious than most people realise. When we consider that the GCC is a realistic target for cyber-attacks and cyber terrorists, Raytheon is setting up technological barriers to thwart to some degree these plans. the issue is not what the presentations give, whilst we do not oppose of attack the stance that CEO Thomas Kennedy has, the quote (source: Raytheon) “It has since reinforced its cybersecurity capacity with the purchase of 14 companies. In 2015, it acquired a company called Forcepoint (previously known as Websense and Raytheon|Websense) to enhance its commercial presence. This is now the world’s second-largest privately-held cybersecurity firm. Raytheon recently secured a five-year, $1bn contract for the US Department of Homeland Security to help defend “.gov” websites from cyber-attacks. Now the goal is to bring that working knowledge to the Gulf” is merely showing a deficit in the technology. Acquisition is a partial solution to any cyber given industry, the given premise to survive is not what can be bought today, but what must be developed for tomorrow. You see the firms that have that focus tend not to be for sale in the first place. Whilst Raytheon’s focus is very valid to catch up, it is much less a solution for those who are arming themselves for tomorrow, their own missile system department can teach them that part. It is not merely about the technology, it is the development of new systems in cloud and non-repudiation that will give the GCC and other gulf places the edge to be ahead of the cyber-attack curve. A partial issue is found with “We have one of the best data-leakage protection systems in the entire cybersecurity field, and we combine this with our insider-threat behaviour system, which detects suspicious activity and ensures IP and data is not compromised“, which might be non-false, yet the events as Sony has seen shows that the reflective comments are from a behind the wave assessment, with HBO being an example as they were hacked a few days ago. The one provider that relies on cyber security as it sells its value through Netflix is now giving Vanity Fair “When Netflix was hacked earlier this year, the cyber-criminals behind the attack demanded a ransom. But there was no such demand in the hack that struck HBO over the weekend, and the sheer amount of compromised data has led some to believe that video footage, internal documents, or e-mails could be leaked next. The premium-cable giant is working with the F.B.I. and cyber-security firm Mandiant to investigate the breach, in which hackers claimed to have stolen 1.5 terabytes’ worth of data“. This is what Raytheon is up against, not some access issue, but stopping the drain of terabytes, basically every part of the GCC removed in mere hours, whilst the cyber minders were in the dark until after the event and the quote that follows (at https://www.vanityfair.com/hollywood/2017/08/hbo-hack-seven-times-larger-sony) “A traditional business-grade D.S.L. link would take about two weeks at full blast to exfiltrate that much data,” Farsight Security C.E.O. Paul Vixie told T.H.R. “If not for video and sound, a corporation the size of HBO might fit [entirely] in a terabyte, including all the e-mail and spreadsheets ever written or stored.” Another expert added that the entire Library of Congress contains an estimate of 10 terabytes of print material—so it is almost certain that video and/or audio were stolen“, this directly reflects on Raytheon. It is not what we know it is what others have figured out that is the issue. Whether it was through frame leaking, through cloud replication, there are issues that remain non-secure, even as security is at the top of the salespersons mind. There is a need for a new designed system no longer merely on access, but on ‘bio wired’ non-repudiation that is driving the need for evolution and these sales forces have remained in denial as it is something that they cannot offer at present, so they reflect on it as being a non-solution, a non-reality. They stick to the solutions that they can sell now and that is where the GCC finds itself, the lack of visionary evolution of data systems.

So when Raytheon gives their next presentation and someone at the GCC asks “How can we assure that the Bolero electronic Bills of Lading are not stolen or corrupted?” what happens then? Will that person at GCC need to write his resume tout suite, or will his superiors realise that the question was valid and that this situation is an immediate threat to the GCC members? Because in this day and age where extremists are all about the attack on infrastructures, the Bolero Title Registry, the repository and application that manages the transfer of title of the eBL is a clear weak point. Ones the recipients are scrapped and the cargo gets locked down, the ship will have two issues. The first being that the ownership cannot be transferred, you might think that this could be solved in a few days, and that would be right. The direct consequence is that the transfer of oil stop would cost an additional $578,000 in port charges, twice the amount in addition for pilots and towage fees. And as they are moved around additional costs will be incurred, that is apart from the issue that the delays bring and when a visionary does find the way to reset ownership, the delivery of 1 million barrels comes down to a nice $50 million fee, that optionally went somewhere else.

The one place where cyber security was essential is as given in indications running behind and not catching up; the only way to do that is to get ahead of it all. Now, as stated, this is not an attack on Raytheon, this is merely the direct issue on the business need to set serious cash into evolving the new systems to be ahead of the curve and be in a state where the hackers learn that it is not merely about access, the nice part of adding a new ‘language‘ to the plot is not to delay their invasion, it become to take away their comprehension of what they see (hopefully for longer than short term). You see, I have loved Cisco solutions, but they all talk the same language and their precise documentation have been a real assist on those with no-good intentions, we merely need to ask Google ‘what does a cisco frame look like?‘ and we get so much information, enough for too many to get to the heart of the matter and in the early stages of the internet that was a really good thing, we need to move beyond certain settings and push towards dedicated systems that have additional layers of protection, now that might be a mere delay, yet consider what is being protected. How willing are you to keep data safe? Not merely oil data of ownership, in the age of Netflix whilst hackers are streaming the episodes by the dozen, depriving places like Sony and HBO from valid revenue, revenue they invested in, the game needs to be changed. We have seen the uselessness of some governments as they were facilitating towards the communication sellers on bandwidth; we need to change the game regardless of those players. One way to do that is remove their existence to impact. Google did that to some extent, but not to the extent needed. As we realise that providers are 15 dimes to the dollar, we need to set a different scope, not merely in the cloud, but in the need for dedicated non-repudiation. Only then can we make a first effort to push the boundary towards a safer zone. And perhaps Raytheon will bring that to the table, the fact is that we do not know the player that delivers the need of tomorrow today, we merely know that it will not be Beaker bringing it (a Muppet Show reference). In this the ‘evidence’ can be seen when we realise that Raytheon gives us John D Harris II and his view on how forward thinking Talon laser guided rockets are. Yes John this was really the need for Cyber safety! As we consider the issue beyond point-to-point communication. In addition the $100m development program reads sexy for your bonus, yet the issue is data, both at rest and in transit. There are the issues, not in the rocket man shooting by a member of the UAE air force. So as we moved from certain parts of the GCC, via Iran to other providers, we need to see and comprehend that there are several players, all with their own agenda, a perfectly sound and valid situation, yet when we see that stability is centre in all this, destabilisation will impact both the GCC members, the OPEC members and when the overlap is shown (those in both), we need to realise that Iran and Iraq will not care about the needs of the GCC, they are not part of that, which ties hands of the six GCC players and in that Qatar is the centre of the seesaw that the 6 members prefer to have in some level of balance, yet the issues as we are seeing them escalate will impact all the given needs for all the players having their ‘own’ needs to satisfy. None of that is likely to happen any day soon. We could see the US and both their needs towards JCPOA and the WTO as an opposing issue, one that is not beneficial to the GCC or the Qatar issues as they are playing. I cannot say what the GCC members should do next, but it seems to me resolving some parts and creating a new initial balance is the best way forward. This gets me back to the question phrase yesterday. If each of the 4 members could phrase one issue to resolve by Qatar, what would that be? If Qatar can get the conversation started on that, as merely a first show of good will, yet from my point of view, if they Promise to have a good look at Al-Jazeera and do some immediate reforms there as a first step of good will towards the four opposing parties, it might just be enough to reduce tensions and give time for non-escalations to settle and as such forward momentum in resolving issues will be found. In my view it would leave Qatar in a much better view by all other players and global non players. It will open the doors and perhaps that is a good beginning, merely a good beginning, but more than we have now.

And none of this, none of my views were set to painting any of the players as the bad people, merely a path to find the track towards profit and growth, profit for all the players and economic growth for all of them. In all this the one question that is forming in my mind is that Oman has been the one GCC member that is outside of the equation to some extent, could they be a mediating party in all this? I actually do not know the answer; I am merely voicing the question that I have not seen in the news. You see when you realise that Crown Prince Mohammed bin Salman has been the driving force behind Vision 2030, the economic diversification strategy. Is that something that a nation like Oman could see benefits in, when we consider diversification, when we realise that this impacts range of products as well as field of operation. Would it not be interesting how this view could be beneficial to the Middle East as a whole? In all this, as the driving force surpasses boundaries, is that not a field of economic diplomacy to see it grow? To push forward momentum is to find a place and subject of discussion, in my view it would be to find a topic many can agree on, a topic that is always a hard sell in most occasions and it seems to me that oil dependency is always a good option for those realising that it is the only thing they offer, by adding more options, any nation connected is merely opening paths to more stability and more opportunities, especially when these paths can be sold to nations seeking more than oil, which is close to every nation on the planet. Finding a place of stabile growth is the best product any player is ever likely to sell. In this stability is a lot more sexy than quick gain, especially on Wall Street and they are having too often too much to say on that matter. As we need a different language in the cyber world, it is clear that outside of that world a common language is the only solution. The question becomes what language and how to start the conversation, even those setting up their GCC resume right now. That is a fact as it is a resume that they want everyone to read, a comprehensible common ground is the first step in this.

 

Leave a comment

Filed under Finance, IT, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

September 27, 2015 · 00:26

What news is news?

There are several pieces, not just in the Guardian, the BBC, the Independent or the Times. They all tell us that they have news, but do they have any actual news? The Guardian shows us a tech article (in the Tech section) called: ‘the node pole: inside Facebook’s Swedish hub near the Arctic Circle‘, all innocent news, one could surmise that it is just a space filler. Or was it done to give extra view to the article ‘Facebook is making more and more money from you. Should you be paid for it?‘, or perhaps to give extra light to ‘Facebook case may force European firms to change data storage practices‘, which I gave my views on in my previous blog. You decide!

In the business section we see VW to get some centre stage, which makes perfect sense and that is just the Guardian. The independent also has a go at Facebook, but now has a go at its users, well, actually it is not the Independent, but the employee tribunal. Now the article shows all kind of signs of bullying, which is never OK and in that regard Rachael Roberts has a real case, but in light of the events, Mrs Bird does not seem to be a friend of Mrs Roberts, so why is the act of unfriending on Facebook the killer? Yet it is the quote “But employment lawyer Josh Bornstein told ABC news the unfriending incident was found to be workplace bullying in the context of several other issues“, which baffles me, if they are not friends, one or the other could unfriend the other party, that part seems clear cut to me, not bullying. So out of the 18 allegations of bullying in total, the unfriending in Facebook took the cake? It does not add up to me!

In addition we see two whole articles on Facebook being down and oh yes, the new iPhone is for sale! Let’s not forget the fact that the iPhone now allows for sextracking. So, parents buy your boy or girl on of these bad boys so you can find new ways on how you are about to become a grandparent! Really? You need to keep scores on your phone now? Didn’t Ashley Maddison teach you anything regarding sex that is on the internet, everyone will know soon thereafter?

Finally they also gave visibility to ‘Hospital apologises for removing RAF sergeant from A&E because uniform could ‘upset’ patients‘, which is a can of worms in its own right. In that light I expect the NHS to move all drug and binge drink casualties to their basement as not to invoke bad thoughts from the Presbyterian community. How insane was the idea to move a wounded RAF sergeant in the first place!

All these events, some are actually news, but no one seems to have any balls. No one is looking at Pricewaterhouse Coopers. Which of course ties in nicely with the words of the Dalai Lama ‘Dalai Lama on Britain’s policy towards China: ‘Where is morality?’’, the answer might not be such a high moral one, it goes a little like “Who is willing to suck the smallest extremity for the good of one’s career?

To some extent we can accept that the SFO is silent, only to the smallest extent. You see Tesco is dealing with a write-off of £6.4bn, which of course is massive. We have seen all the news on how some former Tesco entities are getting grilled (as they should) but the press on many levels in many nations keep on rehashing the old news and no one is digging into PwC. No one is digging there. Does that not sound awfully weird? Yet here is the kicker, we see more and more messages like ‘Multinational tax avoiders targeted’, with quotes like “while the American Chamber of Commerce in Australia warned about throwing up new hurdles in what is already a high-cost economy. The chamber’s board includes representatives from ConocoPhillips, GE, Boeing, PwC and Exxon Mobile“, yes it seems it is never a good time to go after tax avoiders (not to mention the impact it has on the bonus benefits for those working in that part of the financial branch).

Before you whisk this away as mere banter (which you are of course allowed to do), take a look at this article that is a little over a week old. It is from the Wall Street Journal, which I do not look into too often. The article (at http://blogs.wsj.com/cio/2015/09/15/the-morning-download-identity-theft-key-to-attack-on-cisco-routers/) called ‘The Morning Download: Identity Theft Key to Attack on Cisco Routers‘, starts with: “Good morning. The international attacks on Cisco Systems Inc. routers, disclosed earlier today by security firm FireEye Inc.’s Mandiant unit, began with the theft of legitimate network credentials. Securing and managing the identity of network users continues to be a massive challenge for CIOs and CISOs and ultimately, the CEO and the board. The attacks have been named ‘SYNful’ because of how the malicious software moves across routers using their syndication functions “Cisco said SYNful did not take advantage of any vulnerability in its own software. Instead it stole valid network administration credentials from organizations targeted in the attacks or by gaining physical access to their routers,” Reuters reports today. Mandiant said in a blog post that it had found 14 instances of router implants, which replace Cisco’s operating system

Now, to complement that statement, I will add the following. On June 5th (more than 3 months before the WSJ article), I wrote ‘In reference to the router‘ (at https://lawlordtobe.com/2015/06/05/in-reference-to-the-router/) , here I stated: “Soon thereafter no more firewall, no more routers, just the bliss of cloud servers and data, so much data!“, which reflected on the article I wrote on February 8th (more than 7 months before the WSJ), there I wrote “I think that ‘hackers’ have created a new level (as I mentioned before). I think that Cisco IOS was invisibly patched“, (at https://lawlordtobe.com/2015/02/08/the-next-cyber-wave/). I was literally accused by some to be insane, there was no way that this would EVER happen. Now we see in the Wall Street Journal: “Mandiant said in a blog post that it had found 14 instances of router implants, which replace Cisco’s operating system“, interesting how I am now proven correct. Are the members of the Baboon family (usually found in the FBI) reconsidering their North-Korean option? Let’s face it, this took top level skills, we can (as I pointed out in the past) find those boffins in the US, UK, FR, the FSB and Chinese Intelligence, however in North Korea not that much!

The Reuters article shows a lot more (at http://www.reuters.com/article/2015/09/16/us-cybersecurity-routers-cisco-systems-idUSKCN0RF0N420150916), however, they are just rehashing something I stated for almost a year, the quote ““That feat is only able to be obtained by a handful of nation-state actors,” DeWalt said, while declining to name which countries he suspected might be behind the Cisco router attacks” adds to my view that I was correct all along (finally another ‘I told you so!’ opportunity). The only difference is, is that DeWalt includes Israel, I have no real quality data on the Israeli cyber capabilities, so I am willing to give him that one. Finally we should consider the quote “Infected hardware devices include Cisco routers 1841, 2811 and 3825“, which is fair enough, yet in my article I offer the option that the CF unit found in nearly EVERY router could also open doors, so the danger could in theory go far beyond those three routers.

I also stated that my thoughts were based on sound speculation. You might wonder what sound speculation is. Basically, it means that even as I might not have them skills to program, I do understand that my solution is viable, the fact that routers are getting programmed with a new OS is clear evidence of that. In addition, it also gives weight to two infestation systems I speculated on as well as the weakness that those believing in the cloud are not realising at present. I was willing to look beyond the veil, a side everyone ignored. Yet when a router can be reprogrammed to the extent it was, also clearly means that data in motion is no longer safe, which means that pretty much any cloud data can be gotten too, the user only has to access the file to make that happen.

I even had a thought on dealing with the Iranian glow in the dark power plants when the time is there, just by thinking out of the box. It does involve a Piranha valve (which actually already exists in name, but mine is so much cooler). None of this is newsworthy, speculative opinion one might state. Yet in my speculation, I have shown solutions to be real in several occasions and in addition to that I also clearly outlined long before the press decided to show the minimalistic amount of balls (read testicles), that a look into Pricewaterhouse Coopers was adamant. It seems that apart from a December 2014 message from the SFO (rehashed by nearly all papers) not much happened, apart from that news, the press at large stayed clear of mentioning PwC and Tesco in one sentence. Is that not utterly weird?

Of course the luggage of someone’s mum in Tenerife (shipping at £122) gets front seat exposure, yet, the issue on £6.4bn getting lost due to assistance (better stated too weak opposition) by Pricewaterhouse Coopers seems too trivial to keep pressure on. Way to go Consumer Champions, Money! I actually mean that! They did do a good job and they have done so in the past, yet I fear that a letter by Dave Lewis on how his firm lost £6.4bn as the keeper of his books was not prudent, or is that tenacious enough to ring that bell very loudly when things looked too odd. Will Consumer Champions find that money? Will they write “Pricewaterhouse Coopers must accept responsibility for the signing off on books as the “accountant”?” Consumer Champions might not get this done, which is fair enough. It should not be on their plate, but the parties this should be very visible on are also not doing anything as far as we can tell, they remain silent, they remain this silent after 9 months.

Yet in all this there is one part both the Guardian and the Independent are getting right. It is the news on the NHS, there are massive problems and knowing them all is essential in finding a solution. In this matter the press has played a good role. In my view exposing former and current politicians a little more on the political game they play, so that we all understand that a proper solution is needed and taking the politicians out of that equation might not be the worst idea, the end result stays the same, the NHS is now too close on the edge of collapse to be acceptable, yet where lies the solution? Although I understand the issue the Independent shows, I partially disagree. The headline ‘New NHS junior doctor contract would discriminate against women, senior medics warn‘ is not incorrect (at http://www.independent.co.uk/life-style/health-and-families/health-news/new-nhs-junior-doctor-contract-would-discriminate-against-women-senior-medics-warn-10516885.html), yet in all fairness, the quote “Under the new contract, trainees who decide to work part-time would see their pay increase more slowly than their colleagues” is a can of worms! Why would my co-worker doing 32 hours get the same raise as myself working 60 hours? (Remember, I am not a doctor). A choice was made! Yet, there is a level of fairness here too. Which means that to tackle it should be done in another way. Even as there is a shortage, the burnout of physicians is a known issue and making a maximum of 40 hours a week a mandatory status could be close to the only solution. Perhaps we have been too indulged, perhaps some options should only be there during the week. Perhaps the change to healthcare is essential (like hiring 40% more staff), but we also accept that at current not one government remains to afford that change (well perhaps Easter Island where there are less than 10 doctors). In the end the system has been ignored for too long. Too many politicians are on the ‘let’s get the computers up and running‘ whilst they know that staff will remains a problem for a long time.

That is news! That is what matters, but too many papers and too many news broadcasts are about the emotions and not the actual news that matters. That might be an incorrect view and a very biased view. It might be that some news is more important than other news parts, I will instantly agree, yet in all that the complete silence from pretty much all the papers regarding Tesco and some involved book keeping parties remains a mystery to me, how is that part not news? We will see more events that will not get the proper light in newspapers, both in paper as well as online, I’ll let you decide how that measurement applies to an involved party to events that started a £6.4bn downgrade.

 

Leave a comment

Filed under Finance, IT, Law, Media, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

January 3, 2015 · 11:03

Slander versus Speculation

There is a lot wrong in this world, we cannot disagree with that. Soon we might see rental prices go down in London, because of Superman (the New Ecstasy), yay to those needing an apartment, being free of drugs was never so nicely rewarded! So is this speculation, or slander?

We could debate my sense in taste (many have for decades), yet in the firm juridical ground, when can speculation be regarded as slander?

That part is more and more a question when we consider the US sanctions against North Korea. Oh, and perhaps we forgot to mention that Sony Is a Japanese firm (even though the crime was on US soil), giving additional spotlights to the reasoning of certain actions. Consider the following sources. First let’s take the BBC (at http://www.bbc.com/news/world-us-canada-30661973). Here we see sanctions against organisations and individuals. First there is “Jang Song Chol: Named by the US Treasury as a Komid representative in Russia and a government official“, then there is “Kim Yong Chol: An official of the North Korean government, according to the US, and a Komid representative in Iran” and last there is “Ryu Jin and Kang Ryong: Komid officials and members of the North Korean government who are operating in Syria, according to the US“. Now the article ends with the most hilarious of all quotes “White House officials told reporters the move was in response to the Sony hack, but the targets of the sanctions were not directly involved“.

So the White House is within this part confessing to the breach where they are targeting innocent civilians (of that crime at least)? Can anyone explain to me how this is anything less than legalised slander? Consider that if (not when, but if) they ever figure out who exactly was responsible for the Sony hack (the actual individuals involved), how the US government could be held responsible in any court of law for this. Consider this part (source was the APA of all places, at http://www.apa.org/about/gr/issues/violence/hate-crimes-faq.pdf). “Current federal law defines hate crimes as any felony or crime of violence that manifests prejudice based on “race, colour, religion, or national origin” (18 U.S.C. §245). Hate crimes can be understood as criminal conduct motivated in whole or in part by a negative opinion or attitude toward a group of persons. Hate crimes involve a specific aspect of the victim’s identity (e.g., race)“. If we clinically look at the facts, then these acts are a hate crime against North Korea.

Now, let’s be fair as well. Most will not care, I reckon that the North Koreans might not even care, but this act does remain a legal transgression!

Let me show you why (because without reason, there is nothing), part one is found in yesterday’s news in the Guardian (at http://www.theguardian.com/technology/2015/jan/02/sony-hackers-may-still-access-computer-systems-the-interview).

Here we see the following parts:

  1. Sony Entertainment is unable to confirm that hackers have been eradicated from its computer systems more than a month after the film studio was hit by a debilitating cyber-attack, a report says

So not only has the hack occurred, it is very possible that the transgression and the damage is currently still ongoing, in addition, one of the most watched and scrutinised nations is still accessing Sony? Not one press agency is asking the questions that matter. For example, there was some visible Press Tour into North Korea (must have been around when Kim Jong-Un was elected big boss in 2011), when we saw some of the filmed events there, we saw North Korean officials in total disbelieve that a smartphone could take photographs and these people walked over Sony’s cyber security?

Now we get to the Chief Executive of Sony himself, his quote gets us the following:

  1. “It took me 24 or 36 hours to fully understand that this was not something we were going to be able to recover from in the next week or two,” Lynton told the Wall Street Journal

So this was not a mere grab for data, this is a system paralyses of sizeable renown, the hack was so complete, high paid executives could not get their minds around the events. So, are we still looking at North Korea? Basically this requires an evolved form of ‘stuxnet’, the hack was seemingly more complete then the stuxnet virus could achieve. We now have only three players left. Russia, China and whatever hacking organisation walks around within the US and its allied nations. How is North Korea anything else but a mere puppet for slander? Whilst some people are possibly hiding their lack of skills, and likely other people linked to all this are trying to cover up issues that have been ignored ever since the first hack of 2011 (the Sony PSN hack). By the way, I am using stuxnet as a comparison, I have zero knowledge how the transgressions was done, but we can all agree it was way beyond a normal level of sophistication.

Yes there is another scenario and I will get to that soon, North Korea is not off the hook yet!

You see we have been looking at the event, but not at the capital involvement that is two tiered at present.

  1. Sony’s network is expected to be fully operational within the next two months but hackers have so far released only a tiny fraction of the 100 terabytes of data they claim to have stolen“, so not only will it take months to repair security measures, the fact that the new fences are there are still no guarantee that the data remains safe.

When gets us to the first tier. Data! Someone streamed 100 Tb, which is more than just a number; it would require every PlayStation 3 on the planet to download up to 2Mb. The fact that this is not monitored, or that is got through to this extent, is a first view that this was no mere trifle event. And even though 100,000 Gigabytes seems small when compared to the PSN issues, it becomes interesting when we consider that the PSN had been hit more than once, but as those members did not all download, where did all this data get syphoned to?

Now we get to the one part that might be regarded as tier two. You see, it is not just the amount taken, which takes a good server park to store, it goes back to issues I discussed in regards to piracy and the parts I mentioned in my blog ‘For our spies only!‘ on September 26th 2014. There I stated “in the end this is NOT about copyright, this is about bandwidth“, the big players all knew it and they were all very concerned if such events would start to get measured and logged. Now someone casually walked away with 100,000 gigabytes of data?

Before I restate, it was not North Korea, let us take a look at another article by the Guardian in that regard. The title is ‘North Korea may have hired outside hackers for Sony attack, says US‘ (at http://www.theguardian.com/world/2014/dec/30/north-korea-hackers-sony-pictures-cyber-attack) and it was written on December 30th. Now we must consider the following: “US investigators believe that North Korea most likely hired hackers from outside the country to help with last month’s cyber-attack against Sony Pictures, an official close to the investigation has said“. The operative word is ‘believe‘, they just do not know. As a speculation that would be my guess as North Korea does not have the skill needed for this, not even close. By the way, those hackers might want to get paid, how will North Korea do that, or perhaps that is beyond US oversight too, because it would be a sizeable amount for something this complete.

The next part is the part that opens the discussion ““The FBI has concluded the government of North Korea is responsible for the theft and destruction of data on the network of Sony Pictures Entertainment,” it said in a statement“. The first question: What evidence?  As stated before, North Korea is lacking in many ways, the fact that they hacked past Sony to this extent, whilst at present no guarantee can be given that the systems are secure at all, whilst North Korea has been watched 24:7 for a long time now gives rise to the demand of evidence showing the guilt of North Korea. So, they are seemingly better than the cyber divisions of both Russia and China? I am not buying it, in addition, the fact that the article implies that outside help was engaged for a hack this thorough leaves us with two thoughts.

  1. If true, where is the real balance of power in cyberspace, because this now implies that North Korea is a real player, even though no one (including people a lot more intelligent than me) have concurred that North Korea does not count when it comes to the internet and cyberspace.
  2. If false, what incompetence is the US hiding from us all and is that not the true crime?

Consider this quote (from the Guardian article too): “Some private security experts have begun to question whether Pyongyang was behind the Sony cyber-attack at all. The consulting firm Taia Global said the results of a linguistic analysis of communications from the suspected hackers suggested they were more likely to come from Russia than North Korea. The cyber security firm Norse said it suspected a Sony insider might have helped launch the attack

I cannot disagree with Taia Global, as this could be Russia hitting back at US sanctions, but that would be speculation on my side, I also very much agree with Norse. Consider that if someone walks into a bank vault and it is empty. There was no sign of break in, the doors were not forced. At this point the police and the FBI will initially look at ‘the insider’ plot. It makes perfect sense. To get past the Sony server parks to this degree someone was giving aid in some way. Initial passwords, the network structure, because if that was not the case there would be a lot more logging evidence to giver clear view whether North Korea was guilty (or not involved).

Mark Rasch hits the nail on the head with this quote ““I think the government acted prematurely in announcing unequivocally that it was North Korea before the investigation was complete,” said Mark Rasch, a former federal cybercrime prosecutor. “There are many theories about who did it and how they did it. The government has to be pursuing all of them.”” there is the crux, the mention of theries on who did it. Even if it is outside help, Russia would still make more sense, the Russian Mafia could be the front for cashing in on selling the data, they pay commission to the people ‘hurt’ through US sanctions, they are looking at the least likely suspect because of a comedy, one that I (and many others) had not even heard of before these events.

It is the last quote that is food for thought from Kevin Mandia of Mandiant “Mandia, who has supervised investigations into some of the world’s biggest cyber-attacks, said the Sony case was unprecedented. “Nobody expected when somebody breaks in to absolutely destroy all your data, or try to anyway, and that’s just something that no one else has seen,” he said

That part is not entirely true, I remember the DBase virus of 1988, I remember some people who had fallen victim to them, a garble parser that does not show until the virus is removed, it leaves your data garbled from that point forward. There was also a data virus in the 80’s. I forgot the specifics, but whilst most viruses would attack ‘.com’ and ‘.exe’ files, this one would attack data files, until that day a truly scary moment. So, it is not entirely unprecedented. Consider, if you copy someone’s data, the best sale is to sell it to the competitors, yet, what happens if the owner no longer has that data, does that not drive up the price? Yet, it is bad tactics, to copy in secret and resell it all makes perfect sense, the fact that these events happened, whilst Sony IT, the Cyber divisions of the FBI and others are not able to track the events is something very novel. It is a first to this degree, do you now understand why it makes no sense to accuse the one nation where we see this as their highlight: “Aug 6, 2013 – North Koreans hungry for tech skills are buying up used desktops on the black market, these desktops smuggled in from China have become a much sought-after item in North Korea“, this is the nation that thwarted one of the biggest cyber power players?

People please wake up. The question becomes what was real? I call my version insightful speculation. I have been involved in IT since the 80’s, this level of hacking requires serious system skills with in depth knowledge of all layer one components (hardware layer), if we ignore the inside job part, this takes North Korea out of the loop, it also removes a massive amount of hackers of the table too. It requires the skills we would require to see from people at the NSA and other high tiered cyber firms. From these facts I come to three options:

  1. The hackers are a new level of hacker with the ability to get past the security of nearly any large firm and government data system.
  2. Sony has been criminally negligent and the US is willing to ‘aid’ this Japanese firm for a price.
  3. A simple inside job (possibly even a disgruntled employee) with links to organised crime.

Please feel free to give me a valid fourth alternative.

 

1 Comment

Filed under Finance, IT, Law, Media, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , ,