Tag Archives: Michael Edwards

The hack game continues

The press continues to assault Mohammad Bin Salman and Saudi Arabia, the same press that has ignored hostile acts by Iran, the same press who have knowingly and from my point of view ignored (read: and downplayed) several issues in Yemen caused by Hezbollah. 

So as I got to see (at https://www.theguardian.com/technology/video/2020/jan/22/jeff-bezos-phone-hacked-allegation-saudi-crown-prince-video-explainer) the video that was placed two weeks ago, in light of what I wrote yesterday. I thought that the video gives light to several questions that link to this. It is also important, because it shows a global FAILING of cyber security, not by the hairless man (Jeff Bezos) by the way, who in this is basically a consumer (one with deep pockets that is).

The video starts off with Stephanie Kirchgaessner, where she says (at 00:14) ‘who is somehow personally involved‘ (1). Then we get (at 00:32) ‘according to his own security team victim of some sort of hack by Saudi Arabia‘ (2) we get more accusations, but with the word ‘allegation’, as such she is in the clear. After that we get a clip from CBS This morning (at 1:08) with a followup and direct accusation towards the WhatsApp account ‘from the account of the Crown Prince of Saudi Arabia‘ (3), even as I am tempted to ignore ‘We can’t know what was going on in the mind of Mohammad Bin Salman‘ (at 1:55) (4)

After that there is a reference to ‘the experts that she spoke to‘ (at 2:12) and they point to the fact that he is the owner of the Washington Post, not the owner of Amazon or merely a rich dude. ‘It was an attack on the Press‘ is what seemingly comes out of this. 

We get a few more events, but nothing that is too interesting, not in this view.

Personally I actually do not care about Bezos and his needs, I do not give a hoot about a few items, and my personal view is that any person is innocent until PROVEN guilty and the attacks on Saudi Arabia as well as the Crown Prince are offensive to me as we should know and act better.

So as we get to the stage of the why, we need to see the stage we are entering. This is not (merely) a Criminal situation, this is a cyber ploy and that is where the focus is, I have written more than enough about the joke that is the FTI Consulting report, but in the end it is linked to all this. 

  1. Who is somehow personally involved

How? I am not referring to item 3, there is a larger stage here. The alleged infecting file was received on May 1st 2018. In this I am using alleged as the investigation did not start until February 2019. However, the FTI Consulting report on page 12, item 22 gives us that hours after the reception of a file resulting in egress data in excess of 29,000%. I do not question that, I do not question that Bezos got hacked. 

Why am I opposing here?

As I stated in ‘6 simple questions‘ (at https://lawlordtobe.com/2020/02/03/6-simple-questions/) yesterday. Other experts give us “Check Point Research, however, recently unveiled new vulnerabilities in the popular messaging application that could allow threat actors to intercept and manipulate messages sent in both private and group conversations, giving attackers immense power to create and spread misinformation from what appear to be trusted sources.” This is important when we consider ‘allow threat actors to intercept‘ as well as ‘spread misinformation from what appear to be trusted sources‘ as such Check Point research gives us that false information could be sent to a person from anyone claiming to be anyone else. The source of the infection cannot be verified in this. that is an important fact, one that was out in the open and FTI Consulting never went there.

  1. According to his own security team victim of some sort of hack by Saudi Arabia

So his security team are cyber experts? And they know somehow that Saudi Arabia did the attack? Based on what evidence? I showed in the previous point that this is optionally not the case and the FTI Consulting report is nothing short of a joke (as I personally see it), there is no path to where the data is going, there is no evidence on where the infection came from. 

  1. from the account of the Crown Prince of Saudi Arabia

Here is the larger issue and even as I debunked it in point one, we must not ignore this, there is one path that is not investigated and not one that can no longer be investigated. The mobile of the Crown Prince might be infected itself. My point one avoids it, but we cannot ignore it. The chances of Saudi Arabia or its officials in light of the attacks cooperating is close to zero and as such this point will remain on the books. From my point of view gathering intel and evidence before shouting foul would have been a much better approach and why the UN gets involved in this is still open to debate on a few sides. 

  1. We can’t know what was going on in the mind of Mohammad Bin Salman

In this we can speculate and debate until we are blue in the face, but the truth is that all this started 2 years ago and the evidence is largely missing, more important, whomever was involved has removed whatever sides they needed to and as such the actual guilty party will never be found. Yet the foundation of the accusation is larger.

He was being attacked by the press and we seemingly forget that the infection started BEFORE someone seemingly ended the life of some columnist named Jamal Khashoggi, as such we can argue that there was no attack on the Washington Post. To be more honest, at the time of the infection Jamal Khashoggi was some columnist most people on the planet had never heard of (apart from the Washington Post readers) 

Yet when we look at the Vice article (at https://www.vice.com/en_us/article/v74v34/saudi-arabia-hacked-jeff-bezos-phone-technical-report), there we see that former FBI investigator Anthony J Farrante gets into the fight and the report gives us ““to assess Bezos’ phone was compromised via tools procured by Saud al Qahtani,” the report states“, it is an interesting plot, especially when we consider another Vice article (at https://www.vice.com/en_us/article/8xvzyp/hacking-team-investor-saudi-arabia) where we saw “Hacking Team was thoroughly owned, with its once-secret list of customers, internal emails, and spyware source code leaked online for anyone to see“, so lets put this in the right frame, Anthony J Farrante is going out to prove that a tool procured by Saud al Qahtani, and as far as we can speculate is in the possession of thousands of hackers through ‘spyware source code leaked online for anyone to see‘ is the guilty perpetrator. How is that ever going to work? 

Well that is optionally still the case if we can examine the source of the problem, and that is basically already debunked by Alex Stamos, the former chief information security officer at Facebook who gave us “Lots of odd circumstantial evidence, for sure, but no smoking gun“, in this I also got to “several high-profile and respected researchers, highlights the limits of a report produced by FTI Consulting, the company Bezos hired to investigate the matter“, as well as “A key shortcoming of the analysis, Edwards said, was that it relied on a restricted set of content obtained from Bezos’s iTunes backup. A deeper analysis, she said, would have collected detailed records from the iPhone’s underlying operating and file systems. Other security experts characterized the evidence in the report as inconclusive“, and “a research group at the University of Toronto, offered a suggestion that could allow investigators to gain access to encrypted information that FTI said it could not unlock” (source: CNN), we see a whole range of experts giving out claims towards non-conclusivity, lack of expertise and optionally students in Toronto giving out solutions to a situation that FTI said it could not unlock. 

These are all matters that played out over time, some before the video report and it seems to me that the press is bashing with smoke signals as loud as possible hoping someone will scream ‘fire!‘. That is my view on the matter!

Now, all what I see and expose does not make any party innocent, it merely shows that there is no evidence to call anyone guilty on and that is what matters, because we want to turn this into an event where a person needs to prove that they are innocent, we must prove that anyone is guilty. In some cases beyond all reasonable doubt and in some cases on the setting of probability of guilt set against the average man. The entire cyber event fails on both terms and that is not merely me, and when we see ‘Other security experts characterized the evidence in the report as inconclusive‘ we need to realise that (apart from) FTI Consulting did a piss poor job in this case, the finding of actual and factual evidence is a lot harder in this day and age. The WhatsApp vulnerability showed that there is a larger problem and when we cannot determine the origin of any hack or virus, we are in for a much larger problem and this is happening before 5G is fully rolled out. That nightmare was brought nicely by Kenneth White, former advisor to DHS with “it can be extremely challenging to reconstruct the activities of a determined, well-resourced hacker“, this is what the Jeff Bezos team faced and from my view, they went about it the wrong way. Their report was never ready for release and the fact that basic parts were missed gives out a much larger problem, if billionaires rely on someone like FTI Consulting and this report is the standard, then the entire cyber setting in the United States could be regarded as a larger problem from beginning to end.

In this there is one highlight that Vice gave us that matters here, it is “The second obstacle regarded the password for the iTunes backup“, and “They apparently never obtained the password” that makes no sense, because the owner should have his backup, so unless Jeff was hit by the ID10T virus, we see a failing on more than one level and as such at what stage, in light of EVERYTHING out there in 2018 why was Crown Prince Mohammed bin Salman ever accused?

That is what angers me, not who was accused, but that an accusation came whilst there was a whole truckload of information out there making it a bad choice from beginning to end, so was the Washington Post owner hacked, or was the hack a way for the Washington Post to strike out to someone? That is the larger game that is now in the court of perception, a massive failing of properly assessing pieces of evidence by the media (and the UN). 

 

Leave a comment

Filed under IT, Media, Politics

Rulers of London

The times are changing, that has always been known, yet the events made me remember some political satire Newspaper comic. In it you see two Arabs, one stated “Did you get anything nice today”, and the other Arab stated smiling “I bought Bond Street, Regent Street and Piccadilly“. The image was clear, the Arabs had loads of cash and they were spending. That image remained for the longest of times and as oil went to $147 per barrel in 2008, the cash was good, because the US needed millions of barrels per day. Yet now the sands have shifted, the stage is set to what I personally call a very nice building has been sold to the Chinese. The controversial Walkie Talkie Tower has been acquired for £1.3 billion. It was purchased by the Lee Kum Kee condiment company, makers of Oyster sauce. (at https://www.theguardian.com/business/2017/jul/27/walkie-talkie-tower-stark-reminder-of-forces-that-rule-the-city) we can read all about it and about the infamous architect who brought Star Wars to London as the building had the ability to send a sun based death ray to the streets, and as quoted “succeeded in melting the bumper of a Jaguar, blistering painted shop fronts and singeing carpets“. Yes, the building became a little too futuristic. In opposition to Feargus O’Sullivan, I do not consider it to be the ‘the ugliest British structure‘, it is actually ‘very Apple‘. I would love to see the new Apple G6 Tower to look like that (preferably as a RISC system of course). Yet in his article (on https://www.citylab.com/design/2015/09/londons-worst-building/403684/), I see that there is no reason not to admire the Victorian buildings in the foreground. Weirdly enough, the photo he added to the article (by Frank Augstein), shows that there is place for the old and the new. It shows clearly that as residential shortages grow that there will be a transfer to different styles of buildings. I would never want to see the Victorian buildings leave the face of London, in opposite directions, we can look at the Battersea Power Station and see how this evolves, yet there is a side not reckoned with, for several reasons there needs to be the evolution and growth of social housing. I like the blend as an offering for developers, yet as the Malaysian consortium pulled a fast one to maximise profits and diminish the amount of social apartments, changes will need to be made.

We can wonder whether the current approach is the best one, or should we examine the options? There is another option that works for developers and the London city council. A company called Nearmap (at https://go.nearmap.com/desktop-assessment-empowers-appraisers), has a ‘Desktop Property Assessment that Empowers Appraisers‘, yet as I looked at the paper and some of the presentations, I figured out that it had other abilities too. In metropolitan areas, when you change the scope and add a dimension, you can do something entirely unexpected. The idea came with the quote by Mal Harrison, project manager at Zinfra. The quote was “Nearmap’s accurate photo imagery is extremely helpful when risk workshopping remote from site as well as reducing site visits required to plan the works“, this is a well stated compliment to the makers of Nearmap. I figured they missed something else, another larger player as a potential client. Not to their disadvantage mind you, but they missed a range of tycoons that could have been looking at as well (for the price of a 7 figure number per seat). You see, consider the current planning settings in London, now consider the Nearmap solution, not just with the London area mapped, with in addition, the roads, infrastructure and ‘plumbing’. Now consider that a developer would want to set up a new high-rise, the options are Poplar, Beckton and Rotherhithe. Now consider the elements, Nearmap could have the ability to ascertain risks that usually are done in person, with proper parameters set the data might reveal options not considered before. You see, most people will shy away from Beckton because it is by the airport, yet new buildings have the options of superior sound cancellations. In addition, when considering that housing prices fluctuate between £2200 and £11500 per meter, the risk factor becomes a more intense issue. Yes, we know that everyone wants to be a developer in Chelsea or Kensington, yet when the option is offered (as an example) as the building in either Beckton of Rotherhithe would get a profit close to £2100 per square meter, yet Poplar offers £2700 per square meter profit, yet when looking at the elements, the risk factor for Poplar might be up by 17%, in the long term, how will development costs and delays impact the choice? When the profit margins change, so does the risk to some extent, an expert can make all the calculations, yet with additional solutions, the risk could be anticipated in advance by a much better degree. That premise holds equal ground for councils, when they can see the evolution of risk, they can in equal measure take steps to lower the risk and become more appealing for the developers to approach them.

Good business is where you find it.

That becomes more and more of a slogan for London. It is no longer just, because it is London, it will become increasingly where the margins are. Even as we see that the Battersea location had hit snags and there was suddenly the twisting arms of local councils to concede in retrenching of 25% of the social housing offer, or else… Councils will soon no longer have that option to merely give in, there will be long term repercussions and they will count sooner rather than later. The rich don’t care and the councils can ill afford the consequences they would be confronted with. There is the chance that certain places like Los Angeles, Tokyo and Kolkata would get the effect of ghost towns and London is not that far away from that. It is so nice that a place like Kolkota has luxurious places like Rajahat new town, South Kolkota and Alipore, yet when the sun goes down, we will see that the infrastructure not merely flows away, it is reduced to zero. That seems peaceful, yet it is in actuality very dangerous. As the travel times increases, these people will more and more eagerly take any job that is closer to home and takes away elements in the cost of living (fuel and travel time). As the infrastructure remains absent, the value of these places will drop like a stone. In addition there would be an increasing chance of crime rise as the area remains empty at night. As people are pushed more and more away as we see in London, there is an increasing risk that not only the businesses go away, as these places are more and more settled with high end owners who are there less than 30% of the time, those remaining will find it harder to get the things they really like to have at a moment’s notice.

How real is that risk?

Well, at present it is really an unrealistic stretch to call London an upcoming Ghost town (read: Ghost Council), yet some areas are already too empty like Kensington, where an astounding amount of places are unused. They will not turn London into a ghost town, yet as the drop continues, having a house there seems fine, yet when you become dependent on businesses from Hammersmith and Shepherd’s Bush, taking a walk to get a few things becomes a much less rewarding event (at £10880 per square meter). Plenty of people do not feel that way, which is fair enough, but the changes will also change the vibe of a city, which has dangerous consequences in the long term, that is an issue for ANY city. That is also a real main reason to not decrease but to increase the social housing percentage in places like that. Those are the people who bring in the need for Pizza, for groceries on the corner, which brings in the restaurant getting the good stuff from shops like that. Growing the micro economies of life goods is what brings life and traffic to places like that, soon thereafter not the outrageous mega night clubs, the a few smaller bars, the places London was always famous for will re-erect themselves and soon a large complex becomes the magnet for a growing infrastructure. As long term empty houses (read: unsold places) have risen by 25% and in Newham (by London City Airport) has fallen 55%, we see another diminished risk of choosing Beckton. All this would be possible to set when we see this implemented as factors in mapping solutions like Nearmap.

It is a given that houses in transit with short terms become increasingly important to developers, and as such they will need to ascertain risk in different ways. there is a consideration that the Battersea Power House will be the last of the truly large development projects in London for some time to come, so the need to diversify and select something unexpected. Some state that Aldwych Station could become the premise for underground cycling, which also implies that as an underground place for student studios, it could be a place to revitalise the area. The idea of a path clear to Holborn, with apartments, studios and 1 bedroom places on 1.5 floors, could give rise to a lot more than merely revitalise the area. The fact that it is next to King’s College and halls of Justice as well as Inns of Court is almost weird that no one had moved into that area sooner.

Yet we digress, it started with the good businesses in London and the impact that foreign investors have on the place. As we see the increasing number of Asians who struck it rich move into London we also see a changing dynamic of London itself. A first connection here takes us back to 1999 (at http://discovery.ucl.ac.uk/1369585/1/LDPREPSUM%2026.11.99.pdf), when Sir Peter Hall and Michael Edwards of Bartlett School, University College London gave us the works with a slightly altered view of London’s spatial economy. In this the introduction gives us “The issues have been discussed in a practical way to help explore how far the proposals could be taken forward by the new London Government as real contributions to improving the working of the London economy, helping to provide more and better jobs, and to making transport more efficient“, which had traction and a level of importance in those years as the wild growth of London as Financial services brought billions to London, an issue partially ignored after the meltdowns of 2004 and 2008, both affecting the UK (read: London) economy, the plans have not (as far as I am aware) been picked up to the degree it should have. In addition, as the development game changed with foreign investors as we see it, the plan is not completely up to scrap to the degree the councils would need them to be. An element discussed in the ‘old’ paper is “PPG6 policies should restrict further Out of Town Centre growth in and around London. Within the framework of these policies there is scope – and an urgent need – to innovate ways which will give centres and local shops a new lease of life and reduce Londoners’ needs to travel“, yet (at https://www.london.gov.uk/sites/default/files/the_london_plan_2016_jan_2017_fix.pdf), which seems counterproductive to the need of London city, they are no longer actually valid, and more of a guideline, yet (at https://www.sepa.org.uk/media/60125/ppg-6-working-at-construction-and-demolition-sites.pdf), you will wonder on how it relates. We see with not merely the changing dynamics, but with the need to know the risks which starts at step 1 of their ‘presentation‘, with “Identify surface waters and groundwater on, under or adjacent to your site. This also includes any small (dry) ditches capable of transporting water” and “Find out if the groundwater is in a protected zone as you may need to take extra steps to prevent pollution“. Now, the consultants would know things like that, yet when were they last mapped? And this is merely one city, a solution like Nearmap has the ability to list the level of risks on several levels. the document from Sir Peter Hall (and others) gives us “The main questions here concern the spatial fields Market, where Life have dropped a major proposal after transferring from open outcry to electronic trading, and the very large Bishops gate Goods Yard site which is currently the subject of an architectural competition organised by the Architecture Foundation. The latter in particular suffers from poor accessibility, located half a mile north of Liverpool Street station although close to the present Shoreditch terminus of the East London Line“, yet it is merely one of close to 30 elements that could have been mapped and weighted as a risk in one mapping solution. In all this, the time that developers need to ascertain their possible margins of profit could be negated in one clear updated solution that moves the discussion from ‘possible margin‘ elements to ‘optional margin‘ available. That is quite the change of venue and with the capitalist Chinese population growing, attracting them To London to see if the social housing could be resolved to a better degree requires developers and councils to have a much better grasp of the risks. The nice part is that the Chinese have always been in favour of good business, as that also reflects the better margins of personal (read: family) gain. Even now as we see people write excellent materials on a Dynamic London, based on open data, we see in addition that most are not looking at the margins of risk and the additional risk of margins as they are impacted by this so called dynamic London, in this is see that there are additional paths of data requirement, not merely in mapping, but in the need for a predictive risk path, because it is not merely what is known today that matters, it is the need for considering the risk over the next 10 years that gives rise to the profitability of other new projects, or even more optionally rewarding are the options for the discarded and abandoned places that are in locations where new options will not come, on what the options are for those places.

Now we might be happy that there are foreign investors in the UK, yet the part we seem to ignore is that the Saudi investments alone was set to be worth £60 billion in 2016. That is just the Saudi side and that is not including the Qatari’s with massive contributions in Mayfair and other places. Now we see a growing Asian population investing and in all this the London Councils might have to consider that when £100 billion is invested, these people expect to get well above £150 out of that, that is how investments work so as such to keep the money flowing the councils would needed to consider some time ago where growth is optional and how to offer it, not merely in spoken work, but in the facilitation of solutions. Because no matter how sexy London seems to them (for now), the moment that Paris offers a much better deal, these people will take their billions 283 miles in a SSE (read: South South East) direction.

In this, no matter who the non elected ‘rulers’ of London are, if the profit moves, so do they and they will do it in a heartbeat!

 

Leave a comment

Filed under Finance, IT, Law, Media, Politics, Science