Tag Archives: North Korea

The missing ingredient

We all have that. It does not matter whether it is food, drinks, series, movies, games. When an ingredient is missed, it counts, especially when it is an ingredient we thought highly of. In Assassins Creed it became Ezio Auditore. In Tekken it was your favourite character, in NCIS for some it was Tony DiNozo, for Charmed it was Shannen Doherty. And movies have their own crosses to bare (or was that bear?). Anyway, these thoughts came up as we lost Fred Ward to Eternity. I saw him first in Escape from Alcatraz. I always considered hm a good actor and I enjoyed watching his works, especially tremors. But my mind suddenly set on Remo Williams: The Adventure Begins, which was shown in the Netherlands as Remo: Unarmed and Dangerous. There are a few issues with this movie. It would be the first time I saw Kate Mulgrew (Captain Janeway of the USS Voyager). It was not the greatest film made, but it had humour, which made the movie fun to watch. Joel Grey as Master of Sinanju Chiun was slightly too much over the top, but still fun. What was interesting was the plot. There we see an investigation of a corrupt weapons procurement program within the US Army. You see, that plot was new, or at least I had not seen it before and then the cogs started turning. Why does Netflix buy these rights and overhaul it into a mini series? You see a movie is nice, but 4-8 one hour episodes leading to a much larger, deeper and darker story might be a lot more rewarding in the long haul. And lets face it with the non functional weapons out there (USS Zumwalt, most of the Russian tanks) the setting for a large increased plot theme (especially when we pull the EU (Strasbourg) front and centre, the story could be appealing to a much larger audience, of course we will miss Fred Ward as a key ingredient, but nature tends to be unrelenting in these matters.

It is after-all about the weapons procurement program, and the stage where someone walks away with billions on a model that never went anywhere is a nice touch. It is even better if some elements are kept as close to the truth as possible. You see, Forbes gave us (at https://www.forbes.com/sites/thomasbrewster/2019/10/30/an-82-year-old-is-suspected-of-decades-long-scam-selling-dangerous-weapons-parts-to-us-military/) ‘An 82-Year-Old Is Suspected Of Decades-Long Scam Selling Dangerous Weapons Parts To U.S. Military’, then there is ‘Metallurgist admits faking steel test results for US Navy subs’ (at https://www.bbc.com/news/world-us-canada-59186655) and there is more where that came from, but consider the second part, consider the idea that the North Koreans (and Russians get a hold of that and a list of Los Angeles attack class submarines that have that steel? Now consider the play that could be made to get a submarine to a specific location and scuttle it ‘accidentally’ because the flaw was unknown. The story that some could write might keep the TV audience on the tip of their seat for the entire mini series, and the bulk of that work was already done. So as Netflix is trying to cut cost, here is an idea that they could use. But I think that they owe it to Fred Ward to have his picture somewhere (as an admiral) or as a father pic of the hero of that story, there are all kinds of ways where we can have a silent tip of the hat to a person who should not be forgotten like yesterdays news, but that applies to so many actors, I will be happy to admit that. When you know your games and consider Sir Alec Guinness as the CEO of Tri-Optimum, you know exactly what I mean. A simple setting of a series done in a few hours, Netflix get to work!

Leave a comment

Filed under Gaming, Media, Military, movies, Stories

This is weird!

Yup, it is weird and you will see what I talk about soon enough. You see, not unlike the Sony fiasco, some players are all about blaming the one we all see as a boogeyman, it happens and it lulls us all to sleep. Yet when the BBC gave us 18 hours ago ‘North Korea hackers stole $400m of cryptocurrency in 2021, report says’ (at https://www.bbc.com/news/business-59990477) I took a little time to mull a few things over. You see, it is nice that we are given a (state) hacker and a setting what apparently gave them $400,000,000, yet the danger is different. For me it started with the Sony hack, it gave me an idea to create a new hack that was never done before and the nice part is that it could be implemented in several ways and in several places. Yet then I started to think: “How can a nation observed by so many agencies pull this off, all whilst we saw evidence, journalist supported evidence, that military officers in North Korea had NEVER seen a smartphone, or one of its base functionalities?” This thought matters, because that lack tends to seep through the fabric of ANY organisation (to some degree). So I felt certain that the Sony hack was never done by North Korea, and several accredited and more capable cyber people than me felt the same way. 

So here when I see “From 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven, and the value extracted from these hacks grew by 40%,” Chainalysis said in a report” I feel that I am in a stage where I am watching a blame game develop, all whilst the fault is somewhere else. And there is more, the report the BBC talks about gives us “These complex tactics and techniques have led many security researchers to characterise cyber actors for the Democratic People’s Republic of Korea (DPRK) as advanced persistent threats (APTs). This is especially true for APT 38, also known as “Lazarus Group,” which is led by DPRK’s primary intelligence agency, the US- and UN-sanctioned Reconnaissance General Bureau. While we will refer to the attackers as North Korean-linked hackers more generally, many of these attacks were likely carried out by the Lazarus Group in particular.” It is an issue, because “cyber actors for the Democratic People’s Republic of Korea (DPRK) as advanced persistent threats (APTs)” implies an infrastructure, one that a lot of open nations do not get to have. I am not stating North Korea is innocent (well, they might be of this), I am stating that someone wants us to think it is North Korea, so that others stop looking in THEIR direction. You see, the reference to the Lazarus group (one I personally take offence with) and the DPRK gives a rather large voice, but in that it could only be if senior ranking North Korean officers knew what a smart phone was and that part is weird as some journalists who were in North Korea (2019, I believe) saw the opposite. This does not make sense. As such we cannot ignore hackers, optionally hackers who for a fee took shelter in or near North Korea, yet that puts them in the most watched part of the internet by at least half a dozen players. Personally it makes much more sense if they were working from China. 

And now we get to the good stuff. This is seen in “Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” the report on last year’s cyber attacks added. A United Nations panel that monitors sanctions on North Korea has accused Pyongyang of using stolen funds to support its nuclear and ballistic missile programmes as a way to avoid international sanctions.” I reckon that laundering is not beyond the abilities of North Korea. Yet the setting of “accused Pyongyang of using stolen funds to support its nuclear and ballistic missile programmes” something that is possible, but the knowledge North Korea has stops this, moreover, their ballistic programmes are set upon failure after failure. Which with $400,000,000 in merely 7 operations sounds goofy to say the least. 

It is my personal feeling that the hackers might be anywhere but in or near North Korea. The Sony hack is optionally a slice of evidence towards that. Consider that Russia has now Arrested REvil, yet no one is wondering how this group had “more than 426 million rubles (£4m), including about £440,000 worth of crypto-currency”, including 20 premium cars. These things get noticed, as such I believe that REvil had some massive levels of protection, a setting North Korea cannot do, it is too unbalanced. With REvil, there was a Russian valve of protection, a state player that is on the top tier, a place where North Korea has no access. When you see these elements questions rise and a lot more questions rise that one would expect. So who did steal that $400,000,000? I have no idea, but consider that someone offering North Korea in its current state is offering $100,000,000 for denying the blame, is that good business practice? It would allow the perpetrators months to set safe 75% and a nice settlement in a very nice place. I would definitely consider such a move and with the world searching, getting the not look in the wrong place is a good place to start.

In all this, I could be wrong, but am I? How much evidence of advanced computer technology (outside of Olympus has fallen) regarding North Korea have we seen? We saw the images of a North Korean president and his top staff looking amazed at a 3 year old Dell computer, one we see in many households. Where is the advanced hardware needed to remain undetected? All questions in addition to the dozens watching their every digital move. If they get away under these conditions, they would be more able than the NSA, DGSE, or FSB. How likely is that? When you look at the larger frame, too much of this is weird. On the other hand, it gave me the idea to create the Hop+1 listening systems, just a little idea I had to scare the Pentagon a little (I need my amusement too). So perhaps this will set me on track for another piece of IP, I have done more with less, so here is hoping.

Leave a comment

Filed under Finance, IT, Military, Politics, Science

Turmoil of doubt

We all have it, at times and some more often we doubt. Whenever I see such doubt I think back to a story that I heard in primary school. It was about Lakshmi and the greedy beggar. You might have guessed it, or perhaps you know the story. The beggar just wants in the end one coin more and ends up with nothing. This is a setting we know where it goes, but now let’s change the premise. I could end up with $3.7 billion over 3-5 years of Google, Amazon or Huawei buys my IP. I could optionally make $250,000 if I publish an idea of intrusion I have. An idea they all overlooked and could give a certain wall street player the insight on certain patents that would be accepted within 30 days. With this method I speculatively could make another 3 million, yet that would also mean that I can no longer rely on the larger amount to ever become mine. What would you do? The small amount now or hoping for the best? I am not breaking any laws, because I am showing a flaw, two actually and the law has close to no chance of finding substantiative evidence. So I am basically in the clear. So what to do?

Well, I am also a story teller, so here goes (it was a simple riddle).

Between a larger technology firm and a patent office is a link, they mail and they take all the precautions. The messages go from router 1 to router 2 via what some might know a router table. Now no matter what the path is, at some point it will go via router N1. That is how the beans take the high or low road. So I got the idea to place a listener to ANY router one jump away from Router N1, so it could be almost anywhere. That place we call Router X0, it was my idea for the Hop+1 solution. There is a second part, this part means we need to get to that router somehow, whether it is internal solutions of intrusion. The idea was to replace the CF card in that router with an identical one, but there is one difference, it might state 64MB, but it has 256GB and one small internal component sets the 64MB apart and the rest is a floating drive. The floating drive has its own dynamic and it installs a small program in the memory of Router N1, that program will copy EVERY packet directed to Router 2 towards Router X0. There is almost no chance to detect it, when someone resets it, the program is gone, the evidence is gone. The memory card will unless dissected not show anything and there too is nothing to show what is going on, the CF card will know when it can forward packets to the end station when it can hide in other traffic, unless a System administrator reads the ENTIRE log, there is nothing to see. The receiver now has a collection of packets of traffic from Router 1 to Router 2, which also includes a message that Patent acceptance was achieved, the Wall Street Firm now has an advantage to place the right options and stock ahead of all the others and when the rest catches on the larger profits are raked in. 

A setting of not so speculative anticipation of profit and when the deed is done, both routers are reset and the evidence is gone forever. There is one remaining part, that is the CF card, yet id that went to an empty mobile station that might not be the problem, the only issue is getting the card back, leave no evidence behind. These System administrators are often underpaid, so that might not be an issue either. 

An idea that I had when I was wondering how Sony was transgressed upon, because there was no way that North Korea had that level of know how. In this setting it was an internal setting, optionally a disgruntled employee, but it was all speculative from my side, it felt more realistic than North Korea with its lack of technology. 

So will I doubt? Yup, I will remain hopeful the three true innovators will take my IP, if not, ah well. Still time to make it all public domain, what Wall Street tends to call pubic domain, not sure why but there you have it. Have a great Monday!

Leave a comment

Filed under Finance, IT, Science

A political stage of nowhere

Less than an hour ago the BBC gave us ‘EU reveals plan to regulate Big Tech’, apart from the discriminatory nature of the stage, are they doing anything else than merely fuelling their own gravy train? Consider the news from last July, there we were given ‘Apple has €13bn Irish tax bill overturned’, a case that started in 2016, had Apple and the government of Ireland in a twist, when you consider “The Irish government – which had also appealed against the ruling – said it had “always been clear” Apple received no special treatment”, I am on the fence, and in this the European Commission wasted 4 years in going nowhere, in the light of that revelation, can we even trust the approach the EU has? When we look at the first option, we see ‘Online harms law to let regulator block apps in UK’, this means an almost immediate blocking of Twitter, Facebook, WhatsApp and a few more. Local laws have been ‘accomodating’ to large corporations for such a long time, that social media is caught in the middle (and yes they benefitted too), so they re now pushing for changes that end privacy, because that is a conclusion. If we hunt down the perpetrators, we need to coat the materials in identity revealing codes, in addition, the EU government will have to adjust laws to make the poster responsible for what they post and that will lead to all kinds of privacy adjustments (that does not worry me), yet when insurance companies will use that setting to see transgressions on social media and they demand adjustment by handing over the posted evidence, how long until people like Margrethe Vestager start realising that they were clueless from the start? The BBC article gives us “The law would give local officials a way to ask Airbnb and other apps to hand over information or remove listings”, which now puts some players on the dark-web and the chaos (and organised crime involvement) merely increases. For example, when we see “not use data gathered via their main service to launch a product that will compete with other established businesses”, how will that be proven and tested? By handing all data over to the government? How many frivolous cases will that grave train launch? How is it impossible to stop advantage seekers a stage where they use Margrethe Vestager and her gang of idiots to do the bidding of (optionally) organised crime?

Even though I spoke of the Accountability Act, a legal direction that could thwart a few issues from the start in June 2012, 8 years later and this group is hardly even on the track of resolving anything, only to get their grubby greedy fingers on data, the new currency. And in this, the tech companies have their own games to play as Facebook shows with “Apple controls an entire ecosystem from device to app store and apps, and uses this power to harm developers and consumers, as well as large platforms like Facebook”, what Apple does, IBM did for decades, what Apple does Microsoft did for decades, so where is that train station? So even as we see “And they may influence other regulators – in the US and elsewhere – which are also planning to introduce new restrictions of their own” we also need to realise that after a decade, the local and EU laws have done little to nothing to hold the poster of information to criminal account, it seems to me a massive oversight. And in all this there is no view that the EU will wisen up any day soon. 

So as I see it, this will soon become a political stage that goes nowhere and in all this these layers merely want their fingers on the data, the currency that they do not have. How is that in any way acceptable?

Oh and when we see the blocking of apps and localisation, how long until people find an alternative? An alternative that the EU, the UK and the US have no insight over? Will they block apps that interact with data centres in China, Saudi Arabia and optionally other locations too? I raised it in other ways in ‘There is more beneath the sand’ in 2019 as well as some issues in 2018, a setting that was almost two years ago, as such is it not amazing that we see a shortsighted approach to this issue, whilst I gave the option EIGHT YEARS AGO and the laws are still not ready? They are ready to get the data from Google, Facebook, Apple, Amazon and Microsoft, as such when the trial goes wrong, hw will these people be compensated for the loss of uniquely owned data, data that they collected over the decades? Will the stupid people (Margrethe Vestager et al) compensate per kilobyte? How about $25,000,000 per kilobyte? Perhaps we should double that? What will be the price and in this, we should demand that Margrethe Vestager and her teams will be criminally liable for those losses, or will the gravy train decide that it is a little too complex to hold one station to order, and let face it, that gravy train has 27 stops to make, all with their own local needs, their local incomes and their local digital wannabe’s.

When a setting like that goes nowhere, you better believe that there is someone behind the curtain pulling strings for their own enriching needs, that is how it always has been, as such, let me give you the smallest example from January 2020, there we see “‘DIGITAL CROSS-BORDER COOPERATION IN CRIMINAL JUSTICE’ CONFERENCE”, with the nice quote “The e-Evidence Project led by the European Commission, DG Justice and Consumers, provides for the e-Evidence Digital Exchange System that manages the European Investigation Order/Mutual Legal Assistance procedures/instruments (e-Forms, business logic, statistics, log, etc.) on European level. The Reference Implementation Portal is the front-end portal of the e-Evidence Digital Exchange System and is also provided by the EC”, yet this is only step one. In all this we can also include the EC (at https://ec.europa.eu/home-affairs/what-we-do/policies/cybercrime/e-evidence_en), where we see: “However, present-day solutions too often prove unsatisfactory, bringing investigations to a halt”, I get it, you will say, will this not resolve it? Well, consider “provide legal certainty for businesses and service providers: whereas today law enforcement authorities often depend on the good will of service providers to hand them the evidence they need, in the future, applying the same rules for access to all service providers will improve legal certainty and clarity”, in this we need to look in detail at ‘provide legal certainty’, which at present under privacy laws is a no-no, and the poster cannot be identified and cannot (and will not) be held to account. As well as ‘applying the same rules for access to all service providers’, still the poster remains out of reach and the local and EU laws have done NOTHING for over a decade to change that, as such, when we consider this, why should Google, Facebook, Apple, Amazon and Microsoft suffer the consequences, in addition we see the absence of IBM, why is that? Does it not have data collection software, it has data centres, it has cloud solutions, so why are they absent?

And in light of earlier this year, as we were told ‘Google starts appeal against £2bn shopping fine’, how will that end? The law remains untested in too many aspects, in this the entire data stage is way too soon and in that the blowback will be enormous, all whilst the EU (UK too) is unable to do anything about data driven organised crime, other than blame state operators Russia and China, consider the Sony Hack of 2011, I was with the point of view by Kurt Stammberger (before I even knew about Kurt Stammberger), North Korea lacks infrastructure and a whole deed of other parts. I also questioned the data, like “former hacker Hector Monsegur, who once hacked into Sony, explained to CBS News that exfiltrating one or one hundred terabytes of data “without anyone noticing” would have taken months or years, not weeks”, I even considered an applied use of the Cisco routers at Sony to do just that, all issues that North Korea just could not do and in that environment, when we see these levels of doubt and when we get “After a private briefing lasting three hours, the FBI formally rejected Norse’s alternative assessment”, which might be valid, but when we see a setting where it takes three hours to get the FBI up to speed, can we even trust the EU to have a clue? Even their own former director of German Intelligence, gave us recently that they did not fully comprehend Huawei 5G equipment, and they will investigate the data owners, al before the posters of the messages are properly dealt with? I think not!

Leave a comment

Filed under IT, Politics, Science