Tag Archives: NSA

A waste of space

Yes, some people are that, I believe that the tool ICIJ director Gerard Ryle is such a person (he will clim it is me). Yet how did I get there? That is important too. Those who read the previous articles will remember that I stated that a top-line display would give us the parts we initially needed. But no, after all this time, with 600 journalists at his back, Ryle never walked the walk. However I see ABC, the Guardian, BBC and others all do the motion of jabs, to create flames, to create click bitches. In a dying light they want to grab any digital dollar they can. Even the useless leader of the Democratic Party (President Joe Biden) via his administration gives us today “The Biden administration said it would “crack down on the unfair schemes that give big corporations a leg up” in the wake of the Pandora disclosures.” It is a pointless exercise in a waste of time, it is merely the prequel to something much worse.

You see the top-line would give us a better look at the “130 billionaires from 45 countries, including 46 Russian oligarchs. Bollywood actors, soccer stars, corrupt sports officials, a king’s lover, feuding princesses, movie directors and stars, supermodels, acclaimed designers and world-famous singers, 330 politicians and high-level public officials in more than 90 countries and territories, including 35 current and former country leaders” and this is linked to the even less useful quote “By some estimates 10 per cent of the world’s total economic output is parked in offshore financial centres, costing governments billions of dollars in lost revenue” 

Why is this?
The top-line would give us where the impact is. The 130 billionaires? You see there are 165 in Dubai and they are in the 0% bracket. I stated the dangers two days ago. Then from all these numbers, how many are in which nation, ho many are governmental versus non-governmental. When we see those numbers, we will likely see a created a storm in a teacup. 

And this is linked to the first setting proving that Gerard Ryle is a useless and optionally corrupt tool. “The source of the documents hasn’t been revealed to media partners but made it clear to the ICIJ he wanted the public to see where dirty money is really flowing. Ryle says the source had two conditions for leaking the documents. “First of all the source wanted anonymity. I presume for safety reasons,” he says.” Presume my ass! When we investigate the sources we see that some have well above decent protection, in my view there are only two players involved here, the CIA and the NSA. Both Russian and Chinese investigations would stopping their local laundry, as such there would be nothing on oligarchs outside of Russia. 

I believe this all to be a well managed (speculative) ruse. When it all comes out, we will get a flame of ‘tax the rich’ and that is what that useless democratic leader needs, his land is BANKRUPT and when the default hits grabbing (not taxing) whatever the American billionaires have is on the short list, reparations come later and if it all goes to shit the politicians will run for cover in any nation that will put up with them (Australia and UK). 

And when you truly read the articles you will see statements like “the documents reportedly tied prime minister Andrej Babis to a $22 million estate near Cannes, France. Speaking in a television debate, Babis, who was a billionaire before he entered politics, denied any wrongdoing.” 600 journalists and not one has added evidence of wrongdoing, merely a billionaire doing what he is allowed to do, buy a house in the south of France and France is not even a 0% tax land, so where are the incriminating papers? 

All the flames I see are about people no one cares about (the King of Jordan), yes Jordanians care about him and that is OK, people in the UK less so. And the truckloads of articles are just that small jabs to keep the readers angry, but no one is taking too much notice of “ICIJ director Gerard Ryle says the Pandora Papers reveal that some international leaders who could tackle offshore tax avoidance have themselves secretly moved money and assets beyond the reach of tax and law enforcement authorities as their citizens struggle” as such I reply “Gerard you fuck, why did the press not do enough over 30 years to make politicians tackle tax laws?” And in HIS statement we see ‘could’ and ‘secret’, but if a person buys a house in Monaco or Dubai they can have money there, it would be legal and it would be tax exempt. You (as I personally see it intentionally) overlooked that part, there is also the Caymans and a few other places, but it does not match the need of the governmental hacker who got into 14 systems, 5 of them had good security, and you could have seen that from day one, but you need click bitches, you need digital revenue and you need to make sure you are not obsolete. So where is that part of the equation?

Leave a comment

Filed under Finance, Media, Politics

DARPA and NSA versus little old me

Yes, that is the stage I am setting. After designing a stealth system to sink the Iranian navy, a novel approach to melt down Iranian nuclear reactors it is time to challenge the US Technology boffins and the US intelligence boffins to a nice little game set and match (advantage me). Yes, my ego is so big that I am willing to take on these to players at the same time (suicidal ego tends to be funny at times).

The idea that formed in me came from an idea from the past (90’s) and is altered to to deal with intrusive crypto miners, a way that will set these people back to the stone age. The stage is that with the additional crypto currencies, these intrusive miners will become a lot more than a nuisance and with energy prices spiking, we need to do something sooner rather than later.

90 something
It was in the early 90’s that someone made the dBase virus. The virus was brilliant, it was a data virus which was rare, but the foundation was awesome (from an academic point of view). The virus was introduced and started to change the data, more importantly whilst the virus was there no one was the wiser. Yet when the virus was removed all dBase data became useless. The virus was a filter to read and write it and it was almost unique for any user, so there was no replicating and for a while it was a nightmare for some.

Now
So what happens when we introduce a self monitoring program in the PC that is linked the the GPU?  A program that is unique and set to THAT GPU but will not interfere with anything. Yet when crypto miners uses your system remotely the program will turn data into garbage and soon these crypto miners will have to investigate all the garbage they collected

A simple solution for a nuisance that will soon out of hand. So you two boffins, I created to elements to stop Iran and now I challenge you to do something for nearly everyone else. I wonder if they can make it happen. In the second part, there is an upside, the creation of personal non interfering floating programs could have a much larger implementation on a much wider field than most (including me) could comprehend, the question is can we do it safely?

This was the idea that was floating inside me as I was considering a few other things, so I reckon that I will have more for you quite soon, optionally linked to new gaming, or is it entertainment? I still cannot tell at present.

Leave a comment

Filed under IT, Military, Science

Speculative design

Many do this at times. We look at something and we think ‘What if we move part N to location X?’ It is a perfectly valid idea and it keeps a brain active and in creative mode, which tends to be good for several reasons. So I was busy thinking things out, in one it is the side of pushing another IP towards public domain, it is too soon, but not by much. So the mind started to wander. The first part was the new trojan that the NSO group is suspected off (see previous story), the second was a line in the West Wing (which I am watching again during the lockdown plus curfew. There we hear about a pen designed for NASA that works upside down, one mentions that Russia solved it by using a pencil. You might not think it, but it is actually an important part. So as these elements rolled in my mind, I wondered on adding a setting (just to piss off the Iranians) in a stage to get two for the price of one, they do use Russian hardware. As such I thought that we need a few clever boffins and as such the people should call on the NSA (No Such Agency). What if we find a way to introduce a hippocampus to the hardware? A hippocampus is a trojan that is submerged (in this case) into the firing solutions. You see at some point a target needs to be setup and that moment the link becomes a weak link. You see not all systems have additional redundant systems and I am willing to bet that Iran has the latest hardware, but not every internal system is up to the latest standard. Implying that we can add something. So what if these missiles would then automatically start to be set to point X plus 1-10 miles? A submerged trojan horse might pull that off. There are a few questions that require me to have a lot more firing system knowledge. Yet when we consider the elements rocket-firing solution-guidance, we might see that the firing solution will be the easiest transgression and these systems do require to get to a base. A solution  that will hit EVERY firing system by infecting all the systems and the infection stays where it is until it fires and then it becomes a nice 4th July showtime. And there is a nice secondary part, the person firing is the one hitting ones self. Passive aggression in full view. 

So is my view realistic? I do not know, I do not care. I merely try to design a way to stop players like Iran and I will use any way possible. All whilst politicians make claims to do something and after spending truckloads on funds on long exclusive trips that tends to include a few 5 star hotels, I on the other hand, sitting on my sofa came up with ideas that had no cost, merely a few dimes of electricity. One works in whatever way the brain gets to be (more) creative. It was the same path I followed when I designed a way to push a  meltdown in the Iranian nuclear plants. OK, I also engineered two additional valve ideas and when I file for these I might get a few additional dollars as well. I do know that these solutions are pure concept, there is no guarantee it will work. But it keeps my brain busy and if it doesn’t work, it might make for a nice additional part to some TV series or movie. The creative brain can come up with a dozen ideas, just be ready that it ends up where it was not expected to go. You might find that funny and it is, but when you consider how books, games and movies got an infusion of brilliance. You merely have to consider how they got to be. Games like Ultima 3 became inspirations to a lot more RPG games (made by other makers). The EA game ShadowCaster was by way too many overlooked, yet when you see “the 49th best computer game of all time, calling it “an admirable attempt to show that RPGs don’t have to be boring””, so why was this game not remastered and redesigned for consoles and streamings? In that same light we can review all kinds of neglected hardware and see just how creative we could get with it. Everyone is so busy in making things not work that they overlook the option to make it hurt the activator and not the target. Perhaps we need to instil the need for people who work for no such agency to get better acquainted with gaming. You might not realise it but games have been on the fringe of hardware for at least 3 decades, optionally even longer and even as some ‘embrace’ that nowadays games are more advanced, people forget that the CBM-64 and Atari ST allowed for games that were often not possible, yet the game makers found a way around their limitations. Consider a game like Impossible mission (Epyx) and the fact that this game can still be enjoyed on an 8 bit system by any number of gamers today, and they got that done on a system with a mere 38KB, it can equal a game that requires an 8GB system, so there!

There are of course a few more ideas, but it is about the concept of working with limits. I ned not explain this to programmers, but some of them will grab an Azure SDK and start from there. We forget that that same company gave us the Microsoft Assembler. Azure solutions start at 765 kilo bits, whilst assembly gives us one of the smallest useful programs for a mere 4 bytes. It is not merely what solution is used, it is about what limitations can be used to our advantage and as a snow-globe gave me the idea to meltdown a reactor, an assembly program used to overcome some security on an EA game (8 bytes) might be the path to set the firing point of the Qiam-1 to the destination point as firing point + 10000 if the destination is measured in metres. At times we forget that having more space does not work, it requires limitations to give us the creativity we required to get it done.

Just my 2 bytes on the matter.

Leave a comment

Filed under Gaming, IT, Military, Science

The New business

The BBC informs us(via another route) that there is a new business in town, this business works on the old premise of the bully and the backstabbing method called Ransomware. Now, this method was not unknown, we have seen it before, yet the article (at https://www.bbc.co.uk/news/technology-57946117) called ‘Ransomware key to unlock customer data from REvil attack’ gives us “US IT firm Kaseya – which was the first to be targeted earlier this month – said it got the key from a “trusted third party”.” Yes, this might sound true, but I still have an issue here. And the quote “Kaseya’s decryptor key will allow customers to retrieve missing files, without paying the ransom. The company’s spokeswoman Dana Liedholm declined to answer whether Kaseya had paid for access to the key”, I get it, Kaseya accepts that there is a cost to doing business, without the key they are helpless, but in this instance they have also given voice to the new business. This is not on Kaseya, ransomware is a much larger stage and the law is not ready to deal with it. So when we get “But members of the group disappeared from the internet in the days following the incident, leaving companies with no way of retrieving the data until now”, I think that it was not merely fear. I think that they found a weakness in their armour and they needed to fix it, perhaps the FBI and NSA got too close? It is speculation, but I reckon that any hacker inviting the wrath of the NSA has something to fear, only the stupid do not fear that hunting machine. So when we get to the jewel of the article, a setting that describes a few elements by Joe Tidy (Cyber reporter), we see “Firstly, giving away the key now is far too late for most of the victims of this massive ransomware attack. Secondly, the mystery gifter was most probably linked to – or working with – the criminals directly.” I feel that he is on the right track, I get that Kaseya prefers the term ‘trusted source’, but that does not put Kaseya in the clear, moreover, as I reported the massive bungles that were made and the lack of oversight within Kaseya gives them a reason to cooperate with organised crime, but not a right, a right to do that is a form of treason towards ALL their customers and as Joe said it “giving away the key now is far too late for most of the victims of this massive ransomware attack”, if you doubt that call Coop (at +46107400000) and ask them the damage of 500 supermarkets shutting down, as well as a loss of data. And then Joe gives us the gem at the heart of this “I’m told by a hacker who claims to be a part of the inner circle that it was “a trusted partner” who gave the key away on behalf of the group’s leader, who calls himself Unknown. My contact says it’s all part of “a new beginning”.” I understand that this is hard to swallow and optionally it is a form of bragging, but I am not convinced that this is the case, as Joe gives us “it could well be the start of something else”, yes that has the ring that sounds true. It is the start of a new business venture and Kaseya is merely the pilot. In this we have two sets of minds, the first is that the shortsighted greed drive of Kaseya (as I discussed it in ‘Dream number three’, at https://lawlordtobe.com/2021/07/06/dream-number-three/) needs to have consequences. The dominant sales types with their ‘we’ll fix it down the road’ can no longer be allowed in this industry. The second part is that we have no choice but to return to a stage of targeted killing, and I do not care whether one of the hackers is a poor little 16 year old person hiding behind  ‘minor protection laws’, they guilty they get the $0.17 solution (price of a 9 mm bullet). We have no choice, the law did nothing for too long, giving hackers pass after pass as they ‘claimed’ that it was the only way. Well, so far it did nothing for a lot of people spanning a timeline that is a little over a quarter of a century, it is like an armistice race with too many casualties and the law merely shrugging at the damage that was not theirs. With Kaseya a large corner is turned and Kaseya partially has itself to thank for that. And in all this is has become time to recognise that Kaseya is not merely a victim (no matter what Dana Liedholm tells us), it did this to themselves as the source in the other article “were helping Kaseya plug the hole long before the hackers found it”, as such the ‘we’ll fix it down the road’ no longer holds water, especially as we take tally of the victims that are victims because of the shortsightedness of Kaseya. And they are not alone, there is every indication that the Microsoft exchange group and Solarwinds are part of that same stack. I have personally seen how the needs of proper testing took a back seat to Marketing and the board room drive of greed in more than one instance and that too needs to be addressed, yet I feel that the media will paint over that part with articles in emotional ways, their stake holders will not allow that to be any other way, adhering to their bonus whilst relying on marketing and sales to set out a new path based on ‘we’ll fix it down the road’, should Joe Tidy be correct (and I believe he is), we will soon see a new wave of REvil attacks and the law will be on the sidelines, as will governments all pointing at one another, all whilst keeping their ‘friends’ out of the line of fire.

It is merely my look on things, and I expect to be proven correct before the end of 2021. 

Leave a comment

Filed under IT, Science

From horse to course

Yes, there is a horse, it is not Mr. Ed, there is no kind conversation. This one has wings, and there are a few versions, including the off-spring of Lord Poseidon. Whether we believe Hesiod or not, it does not matter. Pegasus became a part of our oldest mythological stories. Yet today, Pegasus is something else, a figment from the imaginations of the NSO group and it was made real. It has been out for some time and last week we got the media and their overemotional response that it had a connection to 50,000 people, with 0.36% of these people journalists.

So what gives?
It is important to look at a few sources. The first is the BBC (at https://www.bbc.co.uk/news/world-middle-east-57922543) who gives us ‘Princess Latifa and Princess Haya numbers ‘among leaks’’, perhaps yes, perhaps no, who cares? We do get “The discovery of the princesses’ phone numbers on the list – and those of some acquaintances – has raised questions about whether they could have been the possible target of a government client of the group.” And here the questions start and the BBC is not asking them. Just like it is steering clear of alleged man-slaughterer Martin Bashir. So when we see ‘could have been the possible target of a government client of the group’ could is here the operative word. You see, no one is doubting that list, no one has given us a clear rundown of the names, a dashboard if you like, with the option to drill per nation and per class of person. This could all be a ruse of anti-Israeli groups, optionally the ruse of a competitor. And when we see “NSO has denied any wrongdoing. It says the software is intended for use against criminals and terrorists, and is made available only to military, law enforcement and intelligence agencies with good human rights records”, so which government leaked the list and how did THAT government leak what is implied to be a complete list? Then we get to the option that the leak came from within the NSO Group, which might be the most ludicrous thought, but I tend to look at all angles, so it is an angle that is most unlikely, but the chance is not zero. The article is all about Princess Latifa, not much about the NSO Group, it is an emotional lamentation to steer clear of massive screw ups like Jimmy Savile, Lord McAlpine, Sir Cliff Richard, and Lady Diana Spencer. As some say, the credibility of the BBC has never been lower. 

The second article is also from the BBC (at https://www.bbc.com/news/technology-57922664) less than a day ago gives us ‘Pegasus spyware seller: Blame our customers, not us, for hacking’. Here we are given “Investigations have begun as the list, of 50,000 phone numbers, contained a small number of hacked phones”, silly me for thinking that when we see ‘Investigations have begun’, we also get ‘a small number of hacked phones’, as such there is a much larger stage, and the BBC gives us “Pegasus infects iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras”, so if there are only a small number of hacked phones, how does that part matter? And when we get “a consortium of news organisations, led by French media outlet Forbidden Stories, has published dozens of stories based around the list, including allegations French President Emmanuel Macron’s number was on it and may have been targeted.” We get the real deal, a consortium of news organisations, led by Forbidden Stories hide behind ‘allegations’ and ‘may have been targeted’. Is anyone catching on? The media want to create emotional waves, yet does not want to be held accountable for their actions. The stakeholders are key here. A ‘consortium’ implies shareholders and stakeholders. It implies also that their issue is not that the NSO Group might do something outside of governments, it might show that the media does a lot more to anger the audience it desperately needs. 

And then the media does one more jab towards a currently missing journalist no one cares about with “including those close to murdered Washington Post columnist Jamal Khashoggi”, this is the emotional stage handed to us. It is “67 agreed to give Forbidden Stories their phones for forensic analysis. And this research, by Amnesty International Security Labs, reportedly found evidence of potential targeting by Pegasus on 37 of those”, so out of 50,000 we see that 67 are investigated and potentially we see 37 are targets, but there is no evidence that the NSO Group did this, these 37 might have been targets of the NSA or even the DGSE. 

And at this point there is one interesting flaw. If it was me, the first think I did was set up a dashboard that allows us to see where these 50,000 names are part of, where they are and how they were hacked. They have had a week and the stretch of media that gives us emotion after emotion is a much larger stage of stakeholders that need a negative view to be pushed onto the NSO Group. I admit that my view is equally speculative, but is it a wrong view? 

Finally there is the Guardian (at https://www.theguardian.com/news/2021/jul/22/israel-examine-spyware-export-rules-should-be-tightened-nso-group-pegasus) where we see ‘Israel to examine whether spyware export rules should be tightened’. Here we are treated to “An Israeli commission reviewing allegations that NSO Group’s Pegasus spyware was misused by its customers to target journalists and human rights activists will examine whether rules on Israel’s export of cyber weapons such as Pegasus should be tightened”, I can accept that view, but that also means that governments are largely to blame for this mess, if the list is real that is. There is every chance that this was a ruse to make the NSO Group less large, less of a challenge to a competitor and this is exactly what stakeholders tend to do, and using the media as their bitch is not out of the question.

My view is reinforced by “NSO has said Macron was not a “target” of any of its customers, meaning the company denies he was selected for surveillance using its spyware, saying in multiple statements that it requires its government clients to use its powerful spying tools only for legitimate investigations into terrorism or crime”, so as Macron was never a target, the BBC articles are less than accurate and that leaves the media open to all kinds of attacks. Yes, I will admit that it is a he said she said setting (she being the media), but that also means and implies that the NSO Group is not out of the woods at present. And let’s be honest, who needs a tool like this to keep track of the Dalai Lama? The man is out there in nowhere land and when he is travelling we see 50-150 reporters surrounding him, all ways to keep track, no NSO Group required.

As we see the horse Pegasus go on a course towards the government destinations, I see less of an issue with the NSO Group and a hell of a lot more with the Stakeholders who do not have the ideas, the innovations, but they really like the money attached to it. Do you still think I am on the wrong horse track?

There is always the time will tell part, but consider that if the media has not released a dashboard of these 50,000 numbers, I believe that my case is rather clear, I would personally consider that list is nothing more than the fabrication of a stakeholder who needs the revenue that the NSO Group currently has.

1 Comment

Filed under Media, Military, Science

The Lawyer wins, the law loses

Yes, it is a stage that we will be seeing soon enough. As the lawyer wins, the law loses and tht is just the beginning. As we see ‘Apple loses appeal in Fortnite court battle’ (source: Australian Financial Review) there is a secondary stage that comes up. It is not immediately clear, but someone gave the reader by Jeff Dotzler in GC Consulting in 2019 ‘Will You Get Sued if Your Business is Hacked?’ There we see “Even though the company was able to restore the records, one of the affected clients, Surfside Non-Surgical Orthopedics in Boynton Beach, sued Allscripts in federal court. Surfside accused Allscripts of not doing enough to prevent the attack or lessen its impact and sued on behalf of all affected clients for “significant business interruption and disruption and lost revenues.”” Now consider that ‘significant business interruption’ can be replaced with ‘game score disruption’, a stage I saw coming a mile away. Epic Games did not  consider the stupidity of their actions and now, should they win they will soon face several, if not well over a dozen class cases. They cannot make some ‘we are not responsible draft’, the moment ANYONE at Google or Apple squeals the setting of the hack and it comes with the accompanied ‘We could have prevented that’ Epic Games is lost, it will cost them billions in settlements and lawyer costs. If you doubt that, consider ‘SolarWinds says unknown hackers exploited newly discovered software flaw’ (at https://www.reuters.com/technology/solarwinds-says-unknown-hackers-exploited-newly-discovered-software-flaw-2021-07-12/), so they just got out of one mess only to land in a new one and these people have a decently simple system, Epic Games will have to spend on protection that is several levels higher and I feel decently certain that it is not enough. The moment any profile is transgressed on whilst there was a purchase, that is the game, loss Epic Games and loose they will, a lot. 

Even as we are told “SolarWinds said the flaw was “completely unrelated” to last year’s hack of government networks”, it will not matter, another flaw is found and there is every chance that more than one will still be found. In this Forbes gives us ‘Why SolarWinds Is The Wakeup Call No One Heard’, it comes with “everyone talks a good game, but the very structure of American (and other businesses around the globe) makes it nearly impossible to, for example, deliberately and significantly reduce EBITDA to prepare for cyber warfare” and when you consider that EBITDA is Earnings Before Interest, Taxes, Depreciation, and Amortisation. You see the problem, it is not all, it is earnings before interest and depreciation that bites, earnings before interest is all earnings with cost diminishing this and too many corporate players tend to cut cost. In some cases they have no choice in the cloud a lot does not matter but it is transgressed on (according to some numbers) for almost 90%. And when you add that Amortisation is merely anther view of  depreciation the path is clear. Steve Andriole also gives us “The number of severity of cyberattacks will explode in 2020.  Cyberwarfare has now levelled the playing field in industry, in government, and in national defence:  why spend ten or fifteen billion dollars on an aircraft carrier when you can disable it digitally?” You think that this is about defence? Do you have any idea what 50 million whining gamers can do? EVERY ransomware player will target Epic Games and with an open Android and iOS setting they will succeed. I saw this when this all started in 2020 within 5 minutes, the short sightedness will hit Epic Games and others in a few ways. Think I am BS’ing you?  Consider that several sources gave you a month ago “Hackers Stole 780GB Data Including FIFA 21 Source Code in EA Hack” and EA has been in this game a lot longer than Epic Games has been. That is not evidence, but it is a setting that we need to consider and when Epic Games loses that data the class actions start, and it is not something that they can keep quiet (apart from that being a crime), the people will talk and the parties involved, including government parties will find a nice letter making claim to financial losses. The law source (see above) also gives us a link to the Ohio Data Protection Act. There we see “Under the law, damages cannot be imposed if a state court finds your company had a reasonable cybersecurity plan when a breach occurred and followed it to the best of your ability. Or, as the legislation puts it, the law is “an incentive to encourage businesses to achieve a higher level of cybersecurity through voluntary action.”” In this I offer ‘reasonable cybersecurity plan’, was it followed through? Was there a backup if it fails, was there consideration for cross platform transgressions? In this last part I offer to the older programmers 

IF(clipper)
  
ELSE

   …
ENDIF

Those who know will nod and consider what else Epic Games and others have forgotten, what happens when someone exploits a Sony flaw over the entire system, and at that point these companies have little to no protection. 

Which gets us to ‘when a breach occurred and followed it to the best of your ability’, but the suing side will argue that the breach could have been prevented on day zero, or even day -1, which will be their way of saying that they opened the system when they were not ready and that is another billion in class actions right there, and I agree with the stage that there will be enough cases that have no bering (just like the loot box cases in the media), yet Epic Games will have to hand to their lawyers to investigate them all, the hours alone will rake up millions and that is merely year one. The lawyer wins his bread and butter for a year (at the very least) and the law is up the creek without a clause. The law was never ready for this, so the going will be good towards the coffers of Epic Games, a looting box that requires time, not money. 

So when we go back to Forbes and consider “When I took the results to the CFO (to which technology weirdly reported), his only question was, “what’s all this going to cost me?,” which of course was the wrong question.” We see there setting, but I wonder who gave that same question to the Chief Legal Officer (CLO) with the question ‘What will this cost the firm?’, a question that he can decently predict when he considers 1-5 class actions and that result has to be scary and any consideration of future profit goes straight out of the window, not merely the legal costs, marketing will have to offer a whole range of products and services to stem the tide of people leaving for the next safer harbour, the most dangerous of all settings, and that is merely the beginning of year one as Android and iOS stores open. Forbes also gives a reference to Andy Greenberg (Wired Magazine, 2019) said about why governments have been unwilling to deal with cyberthreats: “More fundamentally, governments haven’t been willing to sign on to cyberwar limitation agreements because they don’t want to limit their own freedom to launch cyberattacks at their enemies.  America may be vulnerable to crippling cyberattacks carried out by its foes, but US leaders are still hesitant to hamstring America’s own NSA and Cyber Command, who are likely the most talented and well-resourced hackers in the world.” And this is not a government setting, Epic Games will be hit be greed driven and vengeance driven hackers as well as organised crime, a %5 billion company? With the state of cybercrime convictions? They are definitely on board. A stage Epic Games could have prevented from the start, but someone saw 30% of $5,000,000,000 and did the math, but whoever did the math was not ready for the tidal wave they would be inviting through that choice. In this, Forbes had one more gem, it comes from Nicole Penroth and ‘The hubris of American exceptionalism’, when we see “More hacking, more offence, not better defence, was our answer to an increasingly virtual world order, even as we made ourselves more vulnerable, hooking up water treatment facilities, railways, thermostats and insulin pumps to the web, at a rate of 127 new devices per second”, now consider that Fortnite is on Windows, MacOS, Switch, Sony, Microsoft, iOS and Android, they drew more than 125 million players in less than a year, do you think that there will be no flaws? And how many devices a second will that add to the equation? Do you have any clue what level of protection is required, even as Sony, Solarwinds, Nintendo and Microsoft have all been hacked even though they had nowhere near that level of complexity required. This was a dangerous situation from the start and gamers will soon have to seriously consider to remove any program that has an ‘open’ store, the cost will be too high for a lot of them. 

And that is not all, as Nicole spoke about ‘an increasingly virtual world’ the danger that open stores will mean that you either have a dedicated computer, or healthcare and safety products will not be considered to be insured in your house, when that happens we get a whole new level of nightmare, I can only imagine that setting, but I am clueless as to the impact, we cannot oversee that, not with an evolving IoT and 5G evolving before our very eyes.

Leave a comment

Filed under Gaming, IT, Law, Politics

Dark side of the Jedi

Yes, I guess that George Lucas really had no idea that this would hold for well over 45 years, but that happens when you become the real innovator. In this we recognise innovators, but the path of one is often dangerous, perilous and it only works when the competition is at your heels. Consider that Star Wars came out when we had The Omen, Taxi Driver, All the presidents men, Rocky, Saturday Night Fever, the Duellists. All excellent movies, all driving the others to do better, that is why it works, so when I see “reversing the Trump-era award to Microsoft Corp and announcing a new contract expected to include its rival Amazon.com and possibly other cloud players” I merely wonder how stupid Trump actually was. To give $10,000,000,000 to Microsoft when they screw up their console position and hand the number two place to Nintendo with the weakest of all consoles, only to likely lose again in the future to the Amazon Luna and possibly even to Netflix? How delusional can you become? Microsoft tried to attack the Apple tablet market and failed miserably again and again, they blew their mobile market and they are trying to create waves for their Azure market, that is the player we want for the U.S. Defense Department? This all whilst we get a day ago “Microsoft has “paused” SQL Server in its Windows Containers project. Microsoft advises anyone interested in running SQL Server in a container to use the Linux root instead”, so basically the two non entries (Google and Amazon) were a better solution off the bat?

So, this Jedi (aka the Joint Enterprise Defense Infrastructure) is off to a rocky start. I had never expected to be any commander in chief so delusional that they would hand the contract to one player, all whilst better solutions (in the worst case merely equal) would be considered without proper vetting? I am not stating to merely give it to Amazon or Google, that is why vetting is an important process, yet in all that, Reuters (at https://www.reuters.com/article/us-microsoft-pentagon-jedi/pentagon-hits-reset-on-trumps-10-billion-cloud-deal-welcoming-new-players-idUSKCN2EC1YY) gives us “The company cited a 2019 book that reported Trump had directed the Defense Department to “screw Amazon” out of the JEDI contract”, is this how Americans see their national defence, as an ego driver? It would be one thing if Microsoft is the better party, but that hasn’t be the case for some time. 

So when I see “the plan would likely involve a direct award for “urgently needed” capabilities and then a “full and open” competition for multiple suppliers by early 2025”, which we get from John Sherman, acting chief information officer for the Defense Department. My issue here is that when I see ‘urgently needed’, I also remember the joke (not a funny one) that the Zumwalt class represents and the billions spend there, then there are a few more projects, all with pressing needs. And whilst we are getting towards it, the entire Kaseya and Solarwinds debacle shows the larger pressing matter. Security matters! And the matter of security can never be properly investigated if it is appointed to one player, one debatable player mind you. I am not stating that security at Google or Amazon is better, but the Exchange issues, which we get from ZDNet in April shows us “Four zero-day vulnerabilities in Microsoft Exchange Server are being actively exploited by state-sponsored threat groups and others to deploy backdoors and malware in widespread attacks”, this doesn’t mean that Google and/or Amazon is better. But the debate is on and Microsoft lost top dog and pole position years ago, they are merely in it to remain mediocre, all for the good of the board of directors. They lost to Apple (tablets), then they lost to Google (with Bing), then they lost to Amazon (web services and SaaS) and now surpassed by TikTok (video against China), that is an impressive fail rate. Consider that Bing has a market share of 2.71%, which against Google with 91.95% is slightly too funny for words. 

But this is not about Microsoft, it is about Jedi (all these funny acronyms). So when we consider the dark side of that forceless solution (by Microsoft) and we need to wonder about “the Defense Department also announced its plans for a new multi-cloud initiative known as the Joint Warfighter Cloud Capability, or JWCC. It must provide capabilities at all three classification levels — Unclassified, Secret and Top Secret — and parity of services across all classification levels; integrated cross-domain solutions; global availability including at the tactical edge; and enhanced cybersecurity controls, according to the Pentagon”, not the intent, but the investigative presumption of ‘enhanced cybersecurity controls’, both Solarwinds and Kaseya showed us that and this field is still widely in development, and sources like business wire are setting the Marke that cloud security will double over the next 4 years, a stage of increased visibility will both increase security and criminal activities, the winner remains unknown at present, even if we acknowledge that REvil has the upper hand, we have no way of knowing what happens tomorrow,  if security comes from innovators there is every chance that Amazon or Google will get there before Microsoft will, even Apple has a better chance of showing innovation than Microsoft in the cloud atmosphere at present. The fact of what happens next will be out soon enough, yet my mind wonders why anyone would be stupid enough to award national defence to anyone without proper vetting.  So when we accept that it was meant as “part of a broader digital modernisation of the Pentagon aimed at making it more technologically agile”, wouldn’t you want to vet to broaden the application of data, the security of the system and the application of security towards data, users and access? There is a reason that SELinux had roots going back to the NSA, this they all wanted to throw away? And the media is merely reporting the news, not questioning that time line? Why is that?

Only the agile and versatile remain superpowers, and the former president was willing to hand over 50% of THAT equation? So consider that what was JEDI (Joint Enterprise Defense Infrastructure) could have become the Darth (Defence Application Reprehensive Technology Hype) defence system. 

Leave a comment

Filed under IT, Military, Politics, Science

Something rotten in Denmark

I always liked that line from Hamlet. I have nothing against the Danes, but I have been several times and the people in Copenhagen look down on others and more so on foreigners. A sort of extrovert nationalism. They were never openly negative about me, but that vibe is undeniable. Should you doubt me, be there for half a day, then take the ferry to Malmo and compare the feel, the Swedes are much warmer. But that is as far as I can take it, my co-workers in Copenhagen were really warm and kind and even now, 10 years later they still are. So when I saw ‘NSA spying row: Denmark helped US gather data on European officials, says report, I merely had to giggle. And when we are given “The Defence Intelligence Service (FE) collaborated with the US National Security Agency (NSA) to gather information, according to a report by Danish broadcaster Danmarks Radio” we need to wonder just how united that EU really is. There is the optional “Intelligence was collected on other officials from Germany, France, Sweden and Norway, according to the report”, which implies that any Dane hoping to have a jolly good time in another Scandinavian country is up for a nice surprise. So even as we take notice of “In a new report shared with several European news agencies, the NSA is said to have accessed text messages and the phone conversations of a number of prominent individuals by tapping in to Danish internet cables in co-operation with the FE.” we can boast and shout, yet if we consider that this was there in 2013, where exactly does ‘In a new report’ come from? In addition, we see the Netherlands and Belgium being not part of that equation, why is that? So as we are given “Mr Snowden accused US President Joe Biden of being “deeply involved in this scandal the first time around”. Mr Biden was US vice-president at the time when the surveillance took place” my question becomes, whose bread is he buttering and his look like a super sad puppy dog with the byline “US whistleblower Edward Snowden expresses wish to return home”, I merely wonder if traitors should be given any choice in the matter, although there is something satisfying on him coming from Russia to end up straight in front of a firing squadron. And when we look back to June 2015 where the BBC gave us ‘Snowden NSA: Germany drops Merkel phone-tapping probe’, I feel that someone kept it all alive to be used when appropriate, and now seems to be that time. And one little item comes to mind, We see Operation Dunhammer, yet the Dunhammer is “a species that are wild in Denmark or grown there”, it seems very specific doesn’t it. Did the NSA seek out that name, or is there a lot more to the story? Even as we see “Mrs Merkel, then-German Foreign Minister Frank-Walter Steinmeier and opposition leader at the time Peer Steinbruck were also reportedly targeted”, it is something specific within a specific scope and that tends to be not of interest to the NSA unless there is a specific case, optionally with an operational push from the White House. That and the fact that between France and Sweden several other nations were not mentioned, we seem to see half a story, not the full ball of wax (as they say). 

If we want a simple comparison, someone is farting in the lunchroom and someone else is pointing at the air vents to focus attention to the wrong area. How typical is that?

And it is Channel 6 news that gave us “In August, Bramsen relieved the head of the country’s foreign intelligence service, among others, after an independent watchdog heavily criticised the spy agency for deliberately withholding information and violating Danish laws”, there are more sources, but this one also gives us “the Danish Defense Intelligence Service, known in Denmark by its acronym FE, in 2014 conducted an internal investigation into whether the U.S. National Security Agency had used its cooperation with the Danes to spy against Denmark and neighbouring countries.” Which is basically the left hand offering the right hand to do what needs to be done. Yet the stage is coming out now as it was then, in the stage of a Democratic president, I find it odd that the information remained contained under the previous REPUBLICAN president. It seems that some have no issues letting NSA secrets out of the bag when it suits someones political agenda, which as I personally see it constitutes treason of a very different kind. 

So elaborate in my own way, consider the Mexican mathematician, Dr Fibre Nachos, he gives us a number of food clients to grow his business, one gets us a second one, the two gives us three, three and the previous two give us five, five and the previous give us eight and so does one grow ones business. But alas, there is always a person hindering the growth (me in this case), I do not want to share my nachos, they are all mine (it is the one element that the hungry, the greedy and the selfish have in common). 

So we are at the beginning of one. One element threw this out in the open and they did it AFTER the republican was gone, and no one in the media is looking into it? We can all cry over “systematic wiretapping of close allies is unacceptable”, yet sometimes we have no choice, should you wonder that consider the events surrounding the Martel affair in 1962. Now we have a larger scaled problem, it is not merely governments, it is the stage of large industrials who also set a stage of political imbalance, and as the surrounding areas become less and less stable any nation needs to find issues to keep their nation safe. The EU is perhaps the best evidence in all this. The entire Vaccine rollout with Astra Zenica and the concealment of documents and pricing in a place where they claim to be transparent gives rise to a lot more subterfuge than can be found at Grizodubovoy str. 3, Moscow. And everyone is crying foul? Can anyone tell me the setting on why someone let the information out now? This was not Snowden, he had already done that, someone decided to play traitor all by themselves and it seems that it is OK with the powers in Washington DC. The fact that it is a specific list of nations and that the US seemingly trusted Denmark is also a point of discussion, one that seemingly hasn’t happened yet. Why is that? I might reflect on Hamlet and something rotten, but that is a reflection on Shakespeare and his view on ‘it shows that everything is not good at top of political hierarchy’, in my view one person got the green light to release information, the problem is that the hierarchy is not the problem, it is the treason of a chosen few who are in a stage to set a stage of imbalance and that tends to be the one not in charge, optionally a big tech push for whatever reason they have. I believe that the US needs to hunt down that source because it is limiting their options to grow their economy as well. Yet that is merely my speculated view on it all. 

Leave a comment

Filed under Media, Politics

Real life in virtuality

The other night I was pondering the setting (as you might have read in the previous blog) on RPG’s and the setting of a dream within a dream. The idea took another turn as I was considering the interaction of reality with virtuality, and in this a game based on a 1 exabyte setting, an online multiplayer game based on virtuality. A game where players fight each other, they create alliances and they conquer. To get this done, we either create a world that is believable, or we turn it around and let the world create our reality. 

And as I was pondering this, I remember a game called ‘Virus’, in this shooter the game created the levels depending on your hard-drive, that was when the cogs clicked together. 

The new game an entire exabyte of challenges.

The world where we are thrown into is not unlike TRON, but in this setting we become citizens of a cloud environment, we are kidnapped and as we scape we end up getting left to our own devices. So as such we see a challenge, but consider a cloud environment, one that has a dozen Fortune 500 companies, thousands of mid sized companies and a lot more small companies. So will you take on a large player, or do you start small? A game with settings unlike we have ever seen and it is a game that develops further as more players sink into a company, a game without a timeline, but with time as either an ally or an enemy. A stage we have (as far as I know) never seen before and as the cloud evolves, so does the world and the enemies we face. So consider creating a cloud environment for that event and turning it into a game, we are always looking for a challenge, so why not become the infecting part and take over companies, corporations and grow in that way and this is the game with a difference, it is hard core only, one life! You can restart as often as you want, but one defeated you start at square one, until you have complete control of your first company, corporation or enterprise. So as we see and as we get into one cloud, it will be close to an all out war with anyone you face, that is unless you can strike an alliance, and alliances require all parties to see the benefit of one another. The nice part here is that this might (or might not) be the stage where we either love it or hate it. You see this will not appeal to all, there is no doubt it is, yet how can we create the challenge of such a game? We appeal to the player and we set the event that the player will embrace. An approach where the benefit of both sledgehammer and scalpel are seen, and the creation of an environment where both can thrive. And that is the challenge, creating the environment where everything piece of hardware is shown as something, where every router and its components are shown as challenges, I wonder if it can be done.

The question
Yes, I do ask myself the question if it is feasible, if it is even remotely possible. You see, we all have Monday morning quarterbacks in one end, but the other end is also taken. Usually by some manager that has a new plan every Monday morning, but it never pans out to be possible, achievable or even deeply contemplated. I see that, I always question my own thoughts, you see the person who does not question their own thoughts ends up drawing castles in the sky, and then expects a dot matrix printer to print a 1200 DPI photograph. We must question ourselves at all times, especially when we caress our creative side. 

So is my idea a castle in the sky? Perhaps it is, there is no doubt on that. Yet for every 8-10 failures, that one idea will push through and become a real winner. In 1997 I opted and idea to my bosses to use a marketing strategy that used websites as the central core for reaching out to others, my bosses laughed, stating that there was no business model for something that delusional, and stupid me, I listened, 4 years before Facebook, I had the idea for a digital marketing path and it was ignored, silly stupid me, as such I am putting ALL my ideas on the public domain, some will find ground, some will not, perhaps most will not, yet in this I am setting the stage for some to take the idea and push it into a direction that I am currently unable to pursue, for a few reasons, but I digress.

We can try to literally translate a cloud, or we can set the inventory of any given cloud and create a converted one that boggles the mind. Consider that a company has a server, users, computers, routers, Cloud Connectors, Data Center Interconnect Platforms, Mobile Internet Routers and a few other devices, and the larger the company becomes, the larger the hardware and that is before the cloud, in the cloud we see all kind of other issues and to map these out we need a different set of rules, a different set of limits to add to the game, to give some version of ‘reality’ to the game, a set of spawning rules (I hate spawning in games) or to set a better stage, if a cloud is represented in elements (see image) now consider that each company has larger or smaller elements of all, how diverse will be the challenge a gamer has, even as the gamer goes from place to place, he is still in one cloud and there is the larger cloud security to content with. Perhaps the game is a fools errant, yet I believe that if gaming is the edge of technology, the only way we get beyond what we have now, is to push the stage of a new game towards and beyond the horizon of what we now can see. Sony gave us the console to do it, so let’s push into a realm we have never seen before, it is the only way to keep gaming at the height of any system, if we do not do that, we are hopelessly lost.

So where is your virtual gaming life? In a new version of an existing game, or in a stage of gaming we haven’t seen yet? I have nothing against the next iteration in gaming, I played Tombraider, 1, 2 and 3 and never regretted that, yet even there, we saw evolution of gaming. That part was less and less visible in some other franchises and that is a sad part, because only those who push gaming beyond the limits will show a game worthy of conquering. We have all kind of views on this, some hate them, some love them and that is OK. I was never a GTA fan, but a lot are, some hate Watchdogs 2, I loved it (3 as well). Some love Breakpoint, me not that much. That is fine, I always state that those claiming to create a game that appeals to all, will create a game that pleases none, so if I am not part of any equation, that is fine by me. Others, will serve the game I like. 

This is how it should be and in all this creativity will push limits and creativity will open up other doors, such is life and we need to push as many doors as we can if we are to make life better all around us, the iterators never will, they are part of the margin spreadsheet, sailing a safe course to last longer, it will never ever go their way. Nintendo is perhaps one of the shiniest examples. It pushed the Wii, which was a decent success, then the WiiU, an abysmal failure, yet it resulted in the Nintendo Switch, an absolute home run in gaming and there we see that failings will optionally turn to wins, an iterator will never see that, only the innovator will get there. Nintendo at present is close to 75,000,000 switch consoles sold, that implies 2 Nintendo’s for every Xbox, so where is their ‘most powerful system in the world’ now? Iterators always have a good story, but they do not yield results, we will get another ‘We’re not driven by how many consoles we sell, it is the same all over, the losers will say the numbers are shallow, but when they are in pole position, it is everything. A brand gone to the dogs, largely because they ignored the voice of the gamer, I saw that almost a decade ago. And now we see a new world rising, one run by Sone ind Nintendo, it is fine by me, although I needed Microsoft to keep Sony on their toes, this idea will soon be a bust. So the best I can do is to set a stage of creativity and hope that some will Create more and more Sony exclusive games, those who do will be able to use my gaming IP free of charge, I do have commercial needs (income) for my 5G IP, such is life and I do like to enjoy a good meal.

So is my cloud game a bust? Perhaps it is, but for now I will try to envision more and more of that approach, consider a complete created cloud, one where you travel and set the premise of ruling the cloud, yet not alone, it is too big making alliances more and more important, a stage that several have attempted, some a lot more successful then others, I merely want to add to the success rate, or at least attempt to do so. It is the price of creativity and its push to innovation, only the successful continue that battle stronger, the failures continue too, but on a smaller scale, and that is fine, every person will fail at some point, it is what they do next that matters, because Steve Jobs had its successes, but he also had the NeXT computer. We recognise success, but we fail to recognise the failures and where they lead to, it is the flaw in many of us. And this is a larger stage, so how can we set that stage, when people keep on pushing Microsoft and their Blue solution. So as ZDnet reported “Microsoft acknowledged it was a service update targeting an internal validation test ring that caused a crash in Azure AD backend services. “A latent code defect in the Azure AD backend service Safe Deployment Process (SDP) system caused this to deploy directly into our production environment, by passing our normal validation process,” officials said”, a lot of bla bla and yada yada, yet the flaw is not merely within Microsoft, it is the same approach that is replicated again and again. So as we see mentions of Active Directory, we also see ‘a validation ring that doesn’t include customer data’, as well as ‘the SDP didn’t correctly target the validation ring due to a defect and all rings were targeted concurrently causing service availability to degrade’, so how long until there are more and more failures and the rollback merely adds to the problem? This is what I saw when I considered the NSA approach towards Trust Zero, the idea is good, but larger players will screw up making any rollback a much larger issues over the whole field. This is part of the idea to make the cloud a game, we could optionally see something we never noticed before, because thousands of gamers will kick the one part everyone ignored. 

Whether we see the issue in reality, or merely virtual. We need to look with different kind of glasses, I see that because 20 years ago I listened to the wrong people, those relying on bullet points, memo’s and ego. There is no space for that in gaming, or in innovative design, I wonder when Microsoft will figure that part out, they are now in 3rd position, what happens when they become deal last (behind Amazon), will they blame metrics or will it be a Covid set of variables? No matter what they will rely on, they are in a stage where they are losing more and more slices of business cake, they are losing slices in a time where they should have had the entire pie, as I personally see it stupidity, greed driven short sightedness and ego driven conviction made them lose field after field, and now they are in a ratchet state, they have no ability to get close to Amazon and at the same time there is every chance that Google could catch up with them. When that happens, Microsoft will be holding a losing hand in the both the cloud and the gaming field and as their surface solution falls short, we see them handing over slices of that pie to Apple, a three sided losing streak, it is a rare but slightly satisfying field. Why do I think that Microsoft will fail? ZDnet stated it best with “There is still no publicly available data on Azure sales. Azure is the part of Microsoft’s cloud business that most rhymes with AWS, but is buried in the commercial cloud”. In a lifetime of working in IT, I have learned that when commercial driven players rely on ‘no publicly available data’, it tends to be because someone is too close, they are too far behind, or the results create questions, and as I personally see it, Microsoft does all three, Google is too close, they are too far behind with Amazon and the Exchange server issues call in question issues with the Microsoft cloud as a whole. As we saw (from 2019 onwards) more and more hacks towards clouds, there is every notion that together with one source claiming that 90% of clouds are in danger, Microsoft has a lot is problems coming their way, I do not know if this is completely fair on Microsoft, as all three have issues, but the replicated approach Microsoft has (Active Directory anyone?), we see a larger issue, if hacks can be transposed from one system to the other, Microsoft hacks might be seen as lucrative (from the organised crime point of view), it makes the NSA approach more and more essential, yet I personally feel that any rollback has hidden flaws and flaws are a problem, especially in a cloud where one flaw transfers to a whole number of corporations. I will be the first to agree that my view is speculative, because it is, but to see that part you need to grasp back to 2003 where the people got “Erroneous VeriSign-Issued Digital Certificates Pose Spoofing Hazard”, this needs to happen only once on the cloud and the mess is almost complete and I believe that a rollback will make it happen. So how do you feel about ‘due to a defect and all rings were targeted concurrently’ now?

So perhaps my idea for a cloud game has a few additional benefits, apart from it being an interesting approach to a new game. 

Have a great day

Leave a comment

Filed under Gaming, IT, Science

SET trust = 0.

Yup, we all have a stage when there is no trust, there is no confidence and we wonder the why part. In this, I had questions, so I asked the agency, but they did’t know, then I asked the FBI, I asked Langley and I asked Commander Andrew Richardson, they all gave the same story, there is No Such Agency, so I Googled them and Yes! There they were, complete with phone number (+1 301-677-2300) and all, yup, we got them, so now we get to their story (at https://breakingdefense-com.cdn.ampproject.org/c/s/breakingdefense.com/2021/04/nsa-about-to-release-unclassified-5g-security-guidance/amp/).

Via the BBC, we get ‘NSA About To Release Unclassified 5G Security Guidance’ and I started to read, the article makes a lot of sense. Which gave me “Noble’s speech highlighted the importance of zero-trust architecture in 5G networks”, and it got me thinking, the approach makes a lot of sense, just like SE-LINUX, the setting of ‘no-trust’ makes sense, especially in a world where Microsoft keeps on fumbling the ball, not merely their exchange servers, but the (what I personally see as greed driven) push towards Azure, it comes with all kinds of triggers and dangers, especially as they are ready to cater to as many people as possible, the no-trust rule is pretty much the only one that makes sense at present. I have written about the dangers more than enough. So when we are given “it’s reasonable to expect that future NSA 5G security recommendations will emphasise zero trust as a key component”, I believe that the approach has a lot of benefits, especially when such a setting can be added to anti viral and Google apps, it could increase safety to well over 34% overnight, and option never achieved before and we should all applaud such a benefit. There are a few thoughts on “NSA has characterised zero trust as “a security model, a set of system design principles, and a coordinated cybersecurity and system management strategy.” It’s a “data-center centric” approach to security, which assumes the worst — that an organisation is already breached or will be breached.” A choice that is logical and sets the cleaning directly at servers and ISP’s, and they are the backbone in some cases to close to 75% of all connections, so to set a barricade on those places makes sense, there is no debating, the choice of calling themselves No Such Agency wasn’t their best idea, but this is a game changer. 

I have been critical of the US government in all kinds of ways for years and on a few topics, yet I have to admit that this is an excellent approach to prevent things going from bad to worse, moreover, there is every chance that it will make things better for a lot of us overnight as such a system deploys, it will have a trickle down effect, making more and more systems secure. 

That one thing
Yup there is always one thing and we see the dangers when we consider Solarwinds and Microsoft (their mail server), the one part is when we rely on rollbacks and we see rollback after rollback creating a hole and optionally a backdoor, the most dangerous system is the one deemed to be safe, ask Microsoft, or their exchange server. When you believe all is safe, that is when the most damage can be made. And as the article looks at 4 parts, we see ‘Improved network resiliency and redundancy’, yes it makes sense, but rollback efforts are possibly out of that equation and when we get some people tinkering there, there is a chance that the solarwinds paradox returns, yet this time with a dangerous seal of approval by the No Such Agency, it will be the one part all criminal minds are hoping for, in this I personally hope they fail, but these buggers can be resilient, tenacious and creative, the triangle that even the Bermuda Triangle fears and that is saying something.

Leave a comment

Filed under IT, Military, Science