Tag Archives: MI6

September 11, 2014 · 22:28

Enabling cybercrime!

Yes, we are all in the unintentional habit to enable cybercrime. Yet what complications do we face when the one enabling it is not you, me or Joe Worker, but Microsoft or Apple? Where do we stand when we are confronted by companies, so driven by what I consider the useless drive of greed through Marketing, whilst ignoring the technical support department? Do not claim that it does not happen, because I have been witness to such events (though not personally at Microsoft or Apple).

It did not just start with the affair of the 101 nude celebrities, yet it is at the core of the visibility that it drives. It is not with the push by so many to get forced towards Google Search and Facebook Messenger, but that is definitely the debatable event pushing the worry, fear and quite honestly the total distrust of greed and marketability that is overtaking what some seem to laughingly refer to as ‘technological improvements‘.

In this age, we see a growing drive for ease and ‘comfort’, yet a lot seems to be enabling cybercrime and exploitation.

We got the ‘Fear Google‘ event and the expose with a non-dressed Jennifer Lawrence has been cancelled (at http://www.independent.co.uk/news/people/jennifer-lawrence-and-kate-upton-nude-photos-exhibition-cancelled-after-artist-finally-concedes-the-images-were-stolen-property-9723751.html).

Perhaps I am too much of a cynic, but the text “Though not, says the artist behind it, due to legal reasons. But instead because he’s had a moral change of heart“, how about the truth (as I consider it to be), ‘the pressure of Jennifer Lawrence has given my expose ALL the publications I needed‘. Seems to be more honest, also, the fact that her lawyer Lawrence Shire, especially if he is the Shire related to Grubman Shire, might have taken away whatever courage he thought he had to continue. I leave it up to the reader to form their own mind.

Yet this is not about that, but it could be.

Consider the following issue, which I witnessed myself today. The setting is simple. She uses her smartphone and for the most never ever uses Skype. Yet, she has a Skype account on her notebook. She needed Skype on her mobile, which was easy enough, yet after installing it, we have lost 4 hours and half a dozen attempts to reset her password.

Skype1

 

 

 

 

 

  1. We enter Skype.
  2. Password lost, which means another browser.
  3. We enter mail details.
  4. We use the received code to enter a new password
  5. We go to Skype, yet the linked identity does not work.
  6. We start again from step 2.

As you can see in the diagram, for some reason, the Skype name and the android Skype are not updated or linked. Even as a technologist it took me a while to see through this and Microsoft is not much help either. If we consider I had dozens of attempts without any repercussions, how long until someone starts trying to get into someone that actually matters?

The issue I showed two days ago (at http://thenextweb.com/apple/2014/09/01/this-could-be-the-apple-icloud-flaw-that-led-to-celebrity-photos-being-leaked/) gave some indications of what is going on. Now we see another level on Skype that calls certain matters into question, more important that the Skype android cannot get updated for some reason, so there is even more going on now, especially as the issues surrounding android Skype seem to have been around since 2012.

This is not the only issues that are out on the works; it seems that Microsoft OneDrive has similar issues of security. There we see that you cannot limit the one drive to be ONLY accessible by certain devices, with cyber-crime on the rise to this degree, we see another mass collecting point, where the people behind it seem to be dancing to the music of Marketing and the mere simplistic need of the matter, as a technologist would mention it is not there. It is likely the same kind of answer I heard in the past “We will get to that in the next edition” or “Let’s get this ‘solution to’ (read revenue from) the customer first“, solutions where the technologist is not at the centre of it all.

Only AFTER some got to admire the Jennifer Lawrence’s chest section do we now see the headline “Apple Says It Will Add New iCloud Security Measures After Celebrity Hack” (at http://bits.blogs.nytimes.com/2014/09/04/apple-says-it-will-add-new-security-measures-after-celebrity-hack/), so is this Marketing waking up, or was IT slamming their fist on the table? Either way, those pushing people and business alike to cloudy places of automatic public revelations should now seriously wake up and smell the intrusion on their networks.

Several of these solutions are still not completely up and running, and the ‘patch’ like solutions in place now, are likely no more than a temporary option, whilst the cyber-criminal goes on exploiting other venues of weaknesses. Let’s not forget that the 101 celebrities list sounds nice, but there are globally at least 399 more women who are beautiful beyond believe, and those not into that kind of information are likely interested in the files of Sir Iain Robert Lobban (GCHQ), Andrew Parker (MI5), John Sawers (MI6). Guess what! They are likely to have very secure solutions in their possession, yet can the same be said for Ewen Stevenson (CFO-RBS) or Simon Henry (CFO Lloyds Banking group)? These people all use solutions for presentations, memo’s and other items. In some cases they need connections to keep up and running. How long until we see the power of Cyber criminals as they influence the market? It just takes one unconfirmed message to make a shift in any direction. If people are scared of what a Lone Wolf can do by blowing up things, think of the damage of disclosed financial events bring. We have seen the smallest of restraint in the press in the case of Jennifer Lawrence (but only by using a super computer and exposing the deeds of the members of the press to the Lyapunov stability algorithm), but is that enough?

There is a growing sense of fear and massive distrust. We have seen it start with Facebook Messenger on the mobile, we have seen some people whisk it all away, yet not unlike the laughable Sony Troll, as they mentioned the ridiculousness of the changed terms of service from Sony, we have seen too much blatant abuse from the greed driven data collectors and now, as trust is gone, more people are starting to wonder why their own local governments aren’t truly looking into it and they fear the same flaccid indecisiveness from them when the Financial sector left a large group of the population (not just in America) in utter destitution.

It goes beyond mere ethics; it is an absolute absence of dedication towards consumer protection for the prospering board of directors, which is at the essential fearing heart of many, both wealthy and utterly non wealthy alike.

This all is getting now more and more visibility as we see the growing amount of people in their ‘right to be forgotten‘, yet as we see at the Guardian (at http://www.theguardian.com/technology/2014/sep/10/google-europe-explain-right-forgotten-eric-schmidt-article-29) we see the following quote “Google is currently conducting a grand tour of Europe, with the ten members of its Advisory Council touring seven cities to gather evidence on the developments in the so-called “right to be forgotten” ruling“, in addition we see “The one thing that everyone agrees about this case is that the label it has been given – the “right to be forgotten” – is a very poor descriptor. More accurately, it is about the right to obscure or suppress personal information“, so is that it, or is there more? Well we can consider the part where the absence of any legal obligation on Google to reveal its processes, which renders Google judge, jury, and executioner. So in combination that it is not about forgetting (read deleting), but about obscuring (read less easy to find) will leave an open field for those with better data comprehension. A market where Google is trying to cash in, so instead of everyone finding it, only those paying for certain levels will more easily acquire information. That is not what ‘right to be forgotten‘ was about. Now again we see the press, yet in this case they are not really placed in any blame, however there is a (sizeable) missing level of clarity on what EXACTLY is requested from more than one side, the un-clarity leads to uncertainty with that leading to nothing getting done. So what is in play?

We know that Google’s fortunes are also linked to data, which means that any additional ‘forget me now’ request is impacting the business of Google, not the one, or the 5, but consider every postcode in the world and 5-10 requests from each of those to be forgotten, now it becomes a massive task, requiring thousands of people, working thousands of hours, paid from the at that point medium slim lined coffers of Google, whilst at the same time having to hold onto those records for later reasons, likely including journalistically and/or juridical. So as we look at all these escalations, then Skype, OneDrive and iCloud are not just three identities, they become three entities of threat of the collected data of all, the privacy of them and whether forgotten or not, they are aware of where they kept their information, passwords and snapshots.

The view of technology every person needs to start comprehending, because they all forgot that ease and comfort come at a price, they just did not consider the currency that was linked to that price. Some of this can be seen in the Lifehacker who in February 2013 (at http://www.lifehacker.com.au/2013/02/why-cloud-services-are-so-easy-to-hack/) write “In most cloud environments, there’s no concept of intrusion detection or prevention, and if they are there people don’t know how to use them“, in itself not that amazing a quote, even though it is a year old and in one year many people tend to not educate themselves that much because of the declining comfort levels. Yet at the end he states a more powerful issue: “This week, I’m in London for Data Centre World, paying particular attention to how to maximise efficiency and lower costs in the data centre“, which is at the heart of my issue. Often these factors involve automation and scripting, which when it comes to issues like speed and the prominence of reduced cost tends to leave security in the backdrop. So if you had any reason to fear any of these solutions, then consider one issue “If all your cloud data became public knowledge at 23:00 and in the 8 hours following you had ZERO control“. Would you be worried? If not then sleep on and sweet dreams, if the answer is ‘Yes’, then you need to take some serious time and get educated on the risks and the consequences. I cannot answer the question for you, but when was the last time you actually had such a conversation with your IT person, or with the sales engineer of the sales person who sold you the cloud solution?

Data is currency, when it is open knowledge for all; you end up only having goodwill and an empty hard drive, which is valued at the price of the empty hard drive.

 

Leave a comment

Filed under IT, Law, Media, Science

Tagged as , , , , , , , , , , , , , , , , , , , , ,

August 23, 2014 · 11:26

A spooky situation

It is another day and another article from the Guardian graces us. The headline ‘Isis beheading video brings calls for rethink of UK domestic terrorism fight‘ (at http://www.theguardian.com/politics/2014/aug/21/james-foley-isis-beheading-uk-counterterrorist-fight-in-crisis), was what called my attention. If ISIS events are now making Twitter change its policy, then I definitely need to take another look at the other articles. Yet, what is the Guardian article actually about? The article goes into several events, but has two parts that do matter. The first one is “The UK government was under pressure to rethink its approach to tackling domestic extremism as security services, led by MI5“, which is only part of an ’emotional sentence’ to rile the public. The second one was “Some 500 Britons are believed to have gone to Syria and Iraq and joined Islamist groups fighting there. Some 200 are estimated to have returned to the UK“, the rest are nice titbits, but the meat is there, now for the funny part. I already highlighted that need and that issue on June 8th 2013 in my blog ‘Privacy and (fake) fears‘, where I wrote:

They need these abilities to fight the existing and growing threat called ‘the lone wolf terrorist’. These people are guided by sources like ‘Inspire’ magazine, which is created by AQAP (al-Qaeda in the Arabian Peninsula). It is however not that simple. The real lone wolves get their ‘guidance’ remotely from sources most do not know and all that under the eyes of the Intelligence Community. To have a grip on stopping these people, monitoring the internet is essential to keeping us the common people safe.

This is why all these false ‘privacy’ driven issues. I personally still believe that a fair bit is scared to be caught out as they are doing the girl in the office, the neighbour’s wife of have a few dodgy fake investments lined up. Lust and Greed tend to be excellent bringers of worries.

I did like this quote “Former officers from MI6, the UK’s foreign intelligence service, have downplayed the threat to British security, while MI5 and the police have emphasised the threat“. I think they are both right, let me explain. ISIS has other fish to fry, for the most it wants to extent through Jordan into Sinai, when they have three sides pushing Israel and mounting up pressure to Egypt, possible hoping to radicalise the members of the Muslim Brotherhood that are in hiding now. That would be their first interest in setting off the ‘tinderbox of agony’ (sorry, I was playing Diablo 3 last night). So, that proves MI6, but what about MI5? Well, the 200 returned soldiers are still in the UK and it is very likely that part of that group is more in league with the vision of ISIS then the safety and comfort that the UK had offered them as they grew up in the UK. These people can convey messages, set up new ways to deliver news (like trough private channels in a MMORPG game in Facebook or freely downloaded, which is impossible to monitor) and recruit new people who have not left the UK, which would be a disadvantage to MI5. Now it is important to know that this is all speculation on my side. I cannot prove that this is happening, but is it not more likely than not that an extremist would like to propel his ‘rightness’ onto others? In that regards it might be nice to read ‘Avoiding the Traps of Extremism‘ by Samuel López De Victoria, Ph.D (at http://psychcentral.com/blog/archives/2011/10/07/avoiding-the-traps-of-extremism/). It is a decent piece, it is easy to read and it gives you a view that many can easily relate to. It also highlights on the dangers why extremism would be too easily brought to the hearts of the younger followers. No matter how much better life is in the UK, people there have had a very hard decade and only now, slowly is there the chance, not the assurance of economic relief. These recruiters are here in the twilight of a recession recruiting those who are at the end of their patience and that is what MI5 can clearly see (and with them a few others).

So they are both right, but there is a third part to this. This is again pure speculation, but from the events, when proven true, we could come to the conclusion that ISIS is playing a different game again. It is almost like someone took a look at American football and we see that they do not have one tactician in charge but two. Almost like offense and defence, but in the case of ISIS it is the daytime war commander for armies and open warfare and a night-time tactician, who is setting up the play for the lone wolf tactics. Perhaps the death of Osama Bin Laden taught them to not leave it all with one man and if that is true, what other changes did they make?

This is where I agree and disagree with Dr Erin Saltman who stated that the best way to identify the lone wolf is that if this person makes a mistake and tells one family member then they might call the police. I reckon that Erin is on the same train I am on. My disagreement is because I think that the chance of that is extremely unlikely and if we want to stop these lone wolves, we need an entirely new playbook, because the current approach is unlikely to work. I still believe that in the end it will be GCHQ that will need to bring forth the innovation that will allow MI5 to complete its mission, because message traffic has forever been the only weak link in any war that required communication.

A few come to mind, but none will be revealed here. Good hunting!

 

1 Comment

Filed under Military, Science

Tagged as , , , , , , , , , ,

August 18, 2013 · 11:56

Milking a global event again

Sky News reported during the night a new ‘revelation’ involving the death of the late Princess Diana. If we consider the clinical part, then it makes every bit of sense that the police do not throw information away at a moment’s notice. Yet, here I think the time has now come to take a critical look at certain events.

What pushed these events to come forward now? It is time that certain individuals are held accountable for acts they undertake and the time has come to hold certain choices accountable for prosecution.

I would even go as far as to make this now a mandatory actionable situation for both MI-5 and MI-6, taking this beyond the scope of normal parties like the Metropolitan police (or their special units) and those involved in operation Paget.

The article at http://news.sky.com/story/1129902/dianas-death-police-passed-new-information states “It was passed to the police by the former parents-in-law of a former soldier, according to Sky sources.” Operation Paget had taken 3 years and costed 3 million pounds. Personally, I think that the 3 million pounds are not the issue, the fact that in those days, the press was so happy to get every nut job with a new conspiracy theory their 15 minutes in the spotlights to fuel more and more publications. I believe that family and friends of Miss Diana Spencer have suffered for far too long and as such I hope that the following happens.

If the information is strong enough, then the parties involved MUST be prosecuted for perverting the course of Justice.

The elements are:

  •      does an act (a positive act or series of acts is required; mere inaction is insufficient)
  •      which has a tendency to pervert and
  •      which is intended to pervert the course of public justice.

For the UK the precedence is Murray (1982) 75 Cr. App. R. 58

The allegation gives weight that a member of the British military was involved in the killing of a former member of the Royal family, which means that the accusation alone brings shame to members of the military forces and even a wider group of other parties.

Do these in-laws realise that if proven intentionally brought wrongly that their act holds a possible life sentence in prison?

considering the case Cotter [2002] 2 Cr. App. R. 762, where at [10] was stated “How could the jury infer, in particular, that what the defendants embarked upon was likely to lead to any sort of criminal proceedings or investigation which would have a tendency to pervert and bring about an injustice?

I believe that there should be in addition the investigation whether the press had ANY involvement in this. The simple truth is that this is no longer about ‘freedom of the press‘, this could now become an issue regarding ‘conspiring with another to pervert the course of justice‘, if any member of the press would be found involved then this becomes an entirely new deck of cards to deal with.

There are others who would have a case if the information is proven to be fabricated.

There are the family members of Sir David Rolland Spedding who passed away in 2001. Sir David was running MI6 at that time and in view of the importance of the deceased, MI6 would have had to have investigated this for the reason that if the event was not an accident, then it stood to reason that there could have been a danger to the Royal family.

The three year investigation through Operation Paget led by Lord Stevens of Kirkwhelpington as well as a truckload of members of Scotland Yard, all working hard to find out what had happened. Even though I reckon that they wasted months and months disproving hundreds of fabricated stories that fuelled the press. The fact that this is happening again should be unacceptable to anyone connected to the United Kingdom in any way.

All these persons could have a case of defamation under the UK Defamation act 1996.

If the information is genuine then it must be investigated, if proven that the allegations were false, there must be a prosecution. I personally belief that the CPS has no option to ignore this, consider that under common law ‘perverting the course of Justice’ has the attached label of a maximum life in prison means that this is a crime as seriously regarded as murder. This circus has gone on long enough and in the end it is important that a clear message is given.
The message is “Enough is enough!

Leave a comment

Filed under Law, Media

Tagged as , , , , , , , , , , , ,