Tag Archives: NSA

September 21, 2016 · 11:17

The Right Tone

Today we do not look at Ahmad Khan Rahami, we look at the engine behind it. First of all, let’s get ugly for a second. If you are an American, if you think that Edward Snowden was a ‘righteous dude’, than you are just as guilty as Ahmad Khan Rahami injuring 29 people. Let’s explain that to those who did not get through life through logic. You see, the US (read: NSA) needed to find ways to find extremists. This is because 9/11 taught them the hard way that certain support mechanisms were already in place for these people in the United States. The US government needed a much better warning system. PRISM might have been one of these systems. You see, that part is seen in the Guardian (at https://www.theguardian.com/us-news/2016/sep/20/ahmad-khan-rahami-father-fbi-terrorism-bombing), the quote that is important here is “Some investigators believe the bombs resemble designs released on to the internet by al-Qaida’s Yemeni affiliate through its Inspire publication“, PRISM would be the expert tool to scan for anyone opening or accessing those files. Those who get certain messages and attachments from the uploading locations. To state it differently “the NSA can use these PRISM requests to target communications that were encrypted when they travelled across the internet backbone, to focus on stored data that telecommunication filtering systems discarded earlier“, so when a package is send through the internet and delivered, it gets ‘dropped’, meaning the file is no longer required. The important part is that it is not deleted, it is, if we use the old terms ‘erased’, this is not the same! When it is deleted it is removed, when it is erased, that space is set as ‘available’ and until something else gets placed there it is still there. An example you will understand is: ‘temporary internet files’. When you use your browser things get saved on your computer, smartphone, you name it. Until this is cleaned out, the system has that history and it can be recalled with the right tool at any given moment. PRISM allows to find the paths and the access, so this now relates to the bomber, because if correct, PRISM could see if he had actually gotten the information from Inspire magazine. If so, a possible lone wolf would have been found. Now, the system is more complex than that, so there are other path, but with PRISM in the open, criminals (especially terrorists) have gotten smarter and because PRISM is less effective, other means need to be found to find these people, which is a problem all by itself! This is why Edward Snowden is a traitor plain and simple! And every casualty is blood on his hands and on the hands of his supporters!

The right tone is about more than this, it is also about Ahmad Khan Rahami. You see, he would be a likely recruit for Islamic State and Al-Qaida, but the issue is that his profile is not clean, it is not the target recruit. You see, apart from his dad dobbing him in in 2014, he stands out too much. Lone wolves are like cutthroats. Until the deed is done, they tend to remain invisible (often remain invisible after the deed too). There is still a chance he allowed himself to be used as a tool, but the man could be in effect a slightly radicalised mental health case. You see, this person resembles the Australian Martin Place extremist more than the actual terrorists like we saw in Paris. I reckon that this is why he was not charged at present. For now he is charges with attempted murder (3 hours ago), yet not all answers have been found. You see, the quote “they had linked Rahami to Saturday’s bombing in Chelsea, another unexploded device found nearby, both constructed in pressure cookers packed with metallic fragmentation material. They also said he was believed to be linked to a pipe bomb that blew up in Seaside Park, New Jersey, on Saturday and explosive devices found in the town of Elizabeth on Sunday“, the proper people need to ascertain whether he is just the set-up, or a loser with two left hands. The FBI cannot work from the premise that they got lucky with a possible radicalised person with a 60% fail rate. If he is the start of actual lone wolves, PRISM should have been at the centre of finding these people that is if Snowden had not betrayed his nation. Now there is the real danger of additional casualties. I have always and still belief that a lot of Snowden did not add up, in many ways, most people with actual SE-LINUX knowledge would know that the amount of data did not make sense, unless the NSA totally screwed up its own security (on multiple levels), and that is just the server and monitoring architecture, yet I digress (again).

The big picture is not just the US, it is a global problem as France found out the hard way and new methods are needed to find people like that. The right tone is about keeping the innocent safe and optional victims protected from harm. The truth here is that eggs will be broken, because an omelette like this needs a multitude of ingredients and not to mention a fair amount of eggs. The right tone is however a lot harder than many would guess. You see, even if Man Haron Monis (Martin Place Sydney) and Ahmad Khan Rahami both could be regarded as mental health cases (Man more than Ahmad), the issue of lone wolf support does not go away. Ahmad got to Inspire magazine in some way. Can that be tracked by the FBI cyber division? It might be a little easier after the fact, so it becomes about backtracking, but wouldn’t it have been great to do this proactively? It will be a while until this is resolved to the satisfaction of law enforcement and then still the question becomes, was he alone? Did he have support? You see a lone wolf, a radicalised person does not grow from within. Such a person requires coaching and ‘guidance’. Answers need to be found and a multitude of people will need to play the right tune, to the right rhythm. The right tone is not just a mere consideration, in matters like these it is like a red wire through it all. It is about interconnectivity and it is always messy. There is no clear package of events, with cash receipts and fingerprints. It is not even a legal question regarding what was more likely than not. The right tone is also in growing concern an issue of resources. It isn’t just prioritisation, it is the danger that mental health cases drain the resources required to go after the actual direct threats. With the pressures of Russia and the US growing, the stalemate of a new cold war front works in favour of Islamic state and the lone wolves who are linked to someone, but not usually know who. The workload on this surpasses the power of a google centre and those peanut places tend to be really expensive, so resource requirements cannot be meet, so it becomes for us about a commonwealth partnership of availability which now brings local culture in play. The intelligence community needs a new kind of technological solution that is set on a different premise. Not just who is possibly guilty, but the ability of aggregation of data flags, where not to waste resources. For example, I have seen a copy of Inspire in the past, I have seen radicalised video (for the articles). I don’t mind being looked at, yet I hope they do not waste their time on me. I am not alone. There are thousands who through no intentional act become a person of investigative interest. You see, that is where pro-activity always had to be, who is possibly a threat to the lives of others? The technical ability to scrap possible threats at the earliest opportunity. Consider something like Missing Value Analyses. It is a technique to consider patterns. SPSS (now IBM Statistics) wrote this in its manual “The Missing Value Analysis option extends this power by giving you tools for discovering patterns of missing data that occur frequently in survey and other types of data and for dealing with data that contain missing values. Often in survey data, patterns become evident that will affect analysis. For example, you might find that people living in certain areas are reluctant to give their annual incomes, thus creating missing values in your data. If you leave these values out, are your statistical conclusions valid?” (Source: M.A. Hill, ‘SPSS Missing Value Analysis 7.5’, 1997). This is more to the point then you think. consider that premise, that we replace ‘people living in certain areas are reluctant to give their annual incomes’ with ‘people reading certain magazines are reluctant to admit they read it’. It sounds innocent enough when it is Playboy or penthouse (denied to have been read by roughly 87.4% of the male teenage population), but what happens when it is a magazine like Inspire, or Stormfront? It is not just about the radicalised, long term it must be about the facilitators and the guides to that. Because the flock is in the long term not the problem, the herder is and data and intelligence will get us to that person. The method of getting us there is however a lot less clear and due to a few people not comprehending what they were doing with their short sightedness, the image only became more complex. You see, the complexity is not just the ‘missing data’, it is that this is data that is set in a path, this entire equation becomes a lot more unclear (not complex) when the data is the result of omission and evasion. How the data became missing is a core attribute here. Statisticians like Hackman and Allison might have looked at it for the method of Business Intelligence, yet consider the following: “What if our data is missing but not at random? We must specify a model for the probability of missing data, which can be pretty challenging as it requires a good understanding of the data generating process. The Sample Selection Bias Model, by James Heckman, is a widely used method that you can apply in SAS using PROC QLIM (Heckman et al., 1998)“, this is not a regression where we look at missing income. We need to find the people who are tiptoeing on the net in ways to not get logged, or to get logged as someone else. That is the tough cookie that requires solutions that are currently incomplete or no longer working. And yes, all these issues would require to be addressed for lone wolves and mental cases alike. A massive task that is growing at a speculated 500 work years each day, so as you can imagine, a guaranteed billion dollar future for whomever gets to solve it, I reckon massive wealth would be there for the person who could design the solution that shrinks the resource requirements by a mere 20%, so the market is still lucrative to say the least.

The right tone is an issue that can be achieved when the right people are handed the right tools for the job.

1 Comment

Filed under IT, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , ,

September 15, 2016 · 16:22

Did UKIP get it right?

That is a question that is slowly growing within the minds of Britons and non-Britons alike. Some will be in denial over it all, some will ignore their inner voice and some will ponder it. You see, once the banter and the mudslinging stops and people are sitting down thinking over a year in political waves, we are slowly getting the aftermath news and suddenly things are a lot less gloomy. Bloomberg gives us “There’s dwindling talk of a recession caused by the vote the leave the European Union, and British politicians are wondering if a “hard Brexit” option –rapid withdrawal from Europe without a new trade agreement – might be feasible. The answer is no. Such views rest upon bad economic reasoning and the cost of Brexit remains high, albeit mostly invisible for the time being“, is part of the news. You see, the scaremongers are now out of the view and the negative impacts, the ones we knew about are showing to be less negative than the scaremongers proclaimed. I agree and always did agree that the cost would be high. Mark Carney, Governor of the Bank of England had stated it, and in addition stated that there were elements that could not be forecasted. Which is also a truth. They are the invisible costs that will come and come again. The issue in my mind has always been, will it in the end be worth it (are the costs not unaffordable high) and I leaned more and more towards the Yes side!

You see, one of the main reasons for leaning towards Brexit was Mario Draghi. The trillion plus stimulus plans he had were too unfounded. Japan and the US are showing that there had been no clear increase whilst we hear opposite claims. The issue is actually brought to light by Bloomberg last week (at http://www.bloomberg.com/news/videos/2016-09-08/ecb-s-mario-draghi-downplays-more-stimulus), where we hear at 00:39 that there is an impact on the markets, but no real impact on the economy, which was my issue from the start. Politicians casually mixing both up in their speeches were playing, as I see it a flim-flam artist dictionary game, trying to make us think it is one and the same, yet they all know that it is not. So no real impact yet will over a trillion deeper in debt, only those on the financial markets, only some of them got a big payday out of all of it, the rest just has to assist in paying off the invoice. It is one of the pillars UKIP had!

Now we see even more issues, especially when we see additional issues in City A.M. (at http://www.cityam.com/249335/christine-lagarde-and-mario-draghi-call-politicians-do-more), with the quote “Christine Lagarde, head of the International Monetary Fund (IMF) and Mario Draghi, president of the European Central Bank (ECB) said governments and institutions needed to make sure their policies did not leave the poorest members of society behind, and called for structural reforms to help share the spoils of economic growth“, the failure of the European Community laid bare! You see, the people on EEC incomes have been meeting and not getting anywhere for almost 15 years now! The fact that tax laws and Corporate laws required revision even before 2004 as a requirement and after 2004 as a given is shown that none of this has been adequately done. The fact that the US played its cards in the Summit in the Netherlands in 2013, we all knew how that ended, so as we see that some are now crying cockroach, whilst littering food all over the floor only have themselves to thank for this situation. This all reflects back on the initial issue UKIP gave, ‘let’s make Britain about the British’. This is not racism, this is nationalism (read: nationalistic pride). An issue that neither Christine Lagarde nor Mario Draghi could resolve as they have been setting a neutral pose in aid of large corporations for far too long.

The next issue is the economic plan B that is now all over the news. The powerful monetary tool (TLTRO) that at 1:37 comes with the quote “that nobody has really fully understood or analysed“, and that is the plan B they are now grasping for!

TLTRO?

It is not a cereal or breakfast solution. It is a Targeted Long-Term Refinancing Operation. The ECB states “provide financing to credit institutions for periods of up to four years. They offer long-term funding at attractive conditions to banks in order to further ease private sector credit conditions and stimulate bank lending to the real economy“, that sounds nice on paper, but if we know that the impact is not understood, has never been analysed to the effect it is, this all whilst we know that taxation laws are failing and corporate laws are not up to scrap, the ECB quote could be translated to “provide financing to credit institutions for periods of up to four years. They offer a refinanced the current outstanding debts to banks, guaranteeing large bonuses by resetting bad debts and revitalising the conditions of what were supposed to be written off debts, giving a false incentive to a dangerous presented economy at present“, you see, I am almost stating the same whilst the intent completely changes, the markets are now getting a boost via the other side. This is a reality we could face!

You see, the view is given with “All the new operations will have a four-year maturity, with the possibility of repayment after two years” (at https://www.ecb.europa.eu/press/pr/date/2016/html/pr160310_1.en.html), yet like the US, Greece and Japan, it is almost a given (speculation from my side) that these maturities will be paid with new debts. When we see the quote “Counterparties will be able to repay the amounts borrowed under TLTRO II at a quarterly frequency starting two years from the settlement of each operation. Counterparties will not be subject to mandatory early repayments” gives way to the thought that it is entirely possible that when the debts mature, they could be replaced be a new debt. Giving weight to the dangers. The fact that the option ‘not subject to early repayments’ is clearly included gives ample weight to the solution, whilst not preventing additional debts from this rephrased stimulus. In the end, the economy will not prosper, the rise of the debt will. Whilst under the debts the UK already is, these arrangements are as I see it too dangerous, all this as the increase of debts only give rise and power to non-governmental institutions to grow their influence via corporations over nations. One of the better players (Natixis), had this quote “Natixis Asset Management ranks among the leading European asset managers with €328.6 billion in assets under management” (source at present intentionally omitted), with the TLTRO in play, depending on the rules of the game (which were not available to me at present), it is entirely possible that once really in play, banks can indirectly refinance risky debts in additional loans via the applicant and as such get themselves a boost. It could potentially allow Natixis to grow its asset management part up to 20%. The ECB states (at https://www.ecb.europa.eu/mopo/implement/omo/tltro/html/index.en.html) “The TLTROs are targeted operations, as the amount that banks can borrow is linked to their loans to non-financial corporations and households“, so basically companies in hardship can get relief, whilst the banks will still get their cut (aka administration and processing fee). Consider that Wealth Management is many things and Estate planning is one, now consider that Natixis has Credit and counterparty risks amounting in excess to 295 billion euro’s. Now there is a Draghi solution, one that no one seems to have ‘analysed’ that allows for solutions to non-financial corporations. Natixis is that, but their clients are not, and they can apply for the shifted funds, offsetting their loans, paying of the loans towards Natixis, who now have a massive amount of freed up cash that they can now pour into all kinds of solutions and endeavours. So do you still think that my view of 20% is oversimplified? And in 4 years? Well at that point, when things go south, Natixis and parties alike can jump in and possibly help out, ‘but at a price’ (which is fair enough).

This now reflects back to UKIP and Brexit!

The Guardian had an opinion piece (at https://www.theguardian.com/commentisfree/2014/sep/14/ttip-deal-british-sovereignty-cameron-ukip-treaty), that gives us the following, remember this is September 2014! “If you are worried about the power of corporations over our democracy, be very afraid: ISDS in effect grants multinationals the same legal position as a nation-state itself, and allows them to sue sovereign governments in so-called arbitration tribunals on the grounds that their profits are threatened by government policies. Is this scaremongering, as TTIP supporters claim?” So far there have been many voices who seem to be over the moon that the TTIP is now a failure and that the issues within the EU would have been far more reaching that many players were willing to admit to before the signing. Politico.eu reported “U.S. diplomats are sketching out a last-ditch plan to salvage core sections of the EU’s moribund trade deal with Washington“, that with the added “U.S. and Italian officials are now weighing the option of a “Step 1” deal to lock in elements that can be finalized by December, possibly including joint testing regimes and mutually agreed upon standards for cars, pharmaceuticals and medical devices“. It is clear that the US want to lock in Pharmaceuticals and cars, yet how is such a niche nothing more than a path trying to ditch the title ‘total loser government’ regarding the current administration. In addition “The idea has sparked immediate scepticism in the European Commission and in some EU member countries, which argue that any form of a downgraded deal will be very hard to sell politically, particularly after French Trade Minister Matthias Fekl and German Economy Minister Sigmar Gabriel turned hostile on the negotiations” gives way that BMW, Mercedes, Bayer Pharmaceuticals, Peugeot, Citroen and Sanofi are none too pleased with such a one sided piece of paper. The idea that such set benefits would be allotted at this point gives even more weight to some of the UKIP statements in the past.

If 2 out of the many projection come true, you are not suddenly a better prognosticator, mainly because that title is reserved for the likes of Punxsutawney Phil, Queen Charlotte and Shubenacadie Sam. Let’s face it, it is the title worthy of a groundhog! But some of these steps were clearly seen, because this is where everything was headed, the more forward you look, the easier the prediction could come true is not wrong, but only if you are travelling on a straight road. A road that corporate greed depends on I might say!

In my view, there is not enough to state that UKIP got it right, yet there are also enough facts and questions in play that UKIP did not get it wrong. We might listen those who keep on shouting that Brexit was wrong and see them as the people trying to reinvent the vote, but overall people are starting to realise that the US (read Wall Street) has been trying to give people a bad deal to benefit their own greed. The fact that this is going on at this very minute is equally a worry. This is on both sides of the isle, yet we can understand that Labour needs to clean house and they have decided on the method of accidentally leaking names. How will that solve anything? If Labour was on the ball, than they would steering towards real economic improvements, not bickering minors trying to decide who should be the number two, and soon thereafter remove the number one (read: allegedly attempt to). Actions that are totally counterproductive as the Conservatives are governing until the next general elections. It seems like such a waste of energy to me.

Now we see a new escalation. It seems (at http://www.ibtimes.co.uk/jean-claude-juncker-proposes-new-european-military-hq-worj-towards-eu-army-1581391). So the quote “The president of the European Commission Jean-Claude Juncker has called for a European Union military headquarters to work towards an EU-controlled army. Juncker made the proposals during his State of the Union address to MEPs in Strasbourg on Wednesday (14 September)“, which automatically makes me wonder how this correlates with Nazi Germany as this was how they resolves their bad economic times. It is a harsh history lesson to learn, but in that I am actually less afraid for a ‘new’ Nazi Europe. My issue is that many nations have their Cyber plan not in hand and any actions here give rise to the dangers that this would open up data for the Chinese Cyber groups to learn a lot more than they bargained for. You see, no matter how much denial we see, the facts are simple, Ren Zhengfei is the Huawei CEO and a former officer for the PLA. Now this does not mean that he is now still committed to the PLA, yet Huawei does business with the Chinese government and as such, they have all the specs and as such, they have all the weaknesses  of these devices too, meaning that governments all over Europe are in a possible place of Cyber Scrutiny. This does not mean that I am willing to just blindly accept the NSA report, but ties like that, when you are on these levels talking to the ruling members of Chinese government, you need to be networking on a massive scale and if both the Chinese military and Chinese Intelligence (MSS) gives you the thumbs up, you have been playing the game they want you to play, plain and simple. By the way, this is not a rant, or a side step into the matter, this is a direct factual response. Nigel Farage addressed the EU on an EU Army opposing it on valid points, and he got a few more hands clapping than his opponents are comfortable with. Now this was about opposition of the EU army as a whole, but underneath is the need for any military organisation to be secure and have systems in place, systems that could be compromised. In this Huawei could validly give the same argument that all Cisco Systems are compromised by the CIA and NSA. As we cannot prove either side, or perhaps even both sides, how to proceed? Both sides would be fair enough and it only makes a case strong enough to not proceed with any EU Army, which is no solution to any existing threat, will cost massive amounts of money (and that just the initial infrastructure) and with the current upcoming changes to the EC as a whole. Especially as Marine Le Pen has vowed to hold the French referendum if she is elected, this whilst several European magazines are now stating that France can no longer avoid Frexit (at https://www.letemps.ch/economie/2016/09/12/france-ne-pourra-eviter-frexit), which I stated was a growing realistic danger if Brexit would commence, in addition, Italy is seeding its own departure later this year, but no given certainty exists at present.

All these parts I gave visibility to almost 2 years ago, the press still largely in denial and additional players are now coming out to (as I personally see it) fill their pockets as fast as possible because when this comes to town and the referendums do fall, certain people will have to give account of their actions. The fact will remain that the Credit Card that Mario Draghi used will be spread over several nations, most of them with no option to get into deeper debt. So they have this to look forward to. In Italy there seems to be a plus side, as the larger players are now looking towards the option of as referendum, the act as such seems to be taking the wind out of the sails of Matteo Salvini, head of the far-right Lega Nord, which is regarded as a relief in many European nations. They seem to regard Matteo Salvini the same way that they regard the French Newspaper Minute, too far to the right and not really that readable. I cannot confirm that (as my French does not surpass the ability to read a menu), but I understand the sentiment as there have been Dutch papers on the other side of the political isle receiving similar accusations.

In the end Europe is about to take economic steps with large implications, the fact that they are trying to push it through regardless of whatever consideration it required, which makes me worried on the fact that the impact on the European populations have been ignored for too long. The weird thing is that any action should have been in support of the European population and their needs, giving weight to more than one statement from the side of Nigel Farage.

I would suggest you ponder those facts before blindly moving into the Bremain field in the near future, because there are several issues that no one can answer and they come with obscenely high price tags!

 

Leave a comment

Filed under Finance, Law, Media, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

February 22, 2016 · 19:44

Within the realm of privacy

We all have an inherent need for privacy, we want things to be at our leisure of contemplated sharing. Yet, what is privacy? On one side we want privacy, but the next moment ladies will share whether their carpet is a landing strip or a martini glass, I for one do not care. If they want to share certain parts that’s fine with me. I am not too much about sharing. On the other side, apart from a few MP3 files, there is nothing interesting on my mobile. I reckon that my mobile is one of the dullest ones around.

So when I initially heard about the FBI wanting to access the iPhone of Syed Farook, I shrugged my shoulders and went ‘whatever!’ meaning that I was not opposed and I did not care. It was the techdirt site that has an interesting fact from the court case.

Footnote 7, on page 18 details four possible ways that Apple and the FBI had previously discussed accessing the content on the device without having to undermine the basic security system of the iPhone, and one of them only failed because Farook’s employers reset the password after the attacks, in an attempt to get into the device“, so the boss went into ‘auto-moronic’ mode and did not check? He acted without knowing? So when we see “The ‘owner’ of course, being the San Bernardino Health Department, who employed Farook and gave him the phone. Basically, what this is saying is that if the password hadn’t been reset, it would have been possible to try to connect the phone to a ‘trusted’ network, and force an automatic backup to iCloud — which (as has been previously noted) was available to the FBI. But by ‘changing’ the password, apparently that option went away“, should we consider that his boss was stupid, or that his boss was scared he had done something wrong and this was his/her way of covering the mess up? (at https://www.techdirt.com/articles/20160219/17463033656/footnote-reveals-that-san-bernardino-health-dept-reset-syed-farooks-password-which-is-why-were-now-this-mess.shtml).

For the record, that was clear speculation on my side!

What happened was that Apple, the firm that initially ‘screwed over’ its customer base with error 53. A few days ago, the Guardian reported ‘Apple ordered to decrypt iPhone of San Bernardino shooter for FBI‘ (at http://www.theguardian.com/us-news/2016/feb/17/apple-ordered-to-hack-iphone-of-san-bernardino-shooter-for-fbi). In there we see the important quote: “In 2014, Apple began making iPhones with additional encryption software that they said they could not unlock, even if faced with a court order. Apple said this was done in the name of consumer privacy and cybersecurity, but the company has been locked in a public feud with the FBI since“. I understand that there is a need for privacy. My issue is why THIS level of privacy is needed. One could speculate that this is to keep the financial adviser’s customer base happy. I reckon that those people look for other means the moment their actions could be monitored, or investigated afterwards. Again, speculation from my side.

You see, I do not comprehend why law abiding citizens are so in fear, of what the government finds out. Most people can’t stop selfie themselves, their fashion and body parts to social media on a global scale. They tend to Facebook all details, especially when they are far away from home to ‘all’ their friends, so that the department of discreet entry and removal operations can empty their homestead in the meantime. With so much sharing, what privacy do you think you still have?

So back to the Granny Smith of automation, the next article (again the Guardian) gives us ‘FBI escalates war with Apple: ‘marketing’ bigger concern than terror‘ (at http://www.theguardian.com/technology/2016/feb/19/fbi-apple-san-bernardino-shooter-court-order-iphone), here we see the subtitle ‘Court filing from Department of Justice says Apple is more concerned with ‘its marketing strategy’ than helping FBI unlock San Bernardino shooter’s iPhone‘, which is fair enough when we consider that a failed marketing equals an alleged death in those houses. The quote “Cook called for public debate and has been backed in his fight by some of tech’s biggest names, including Google’s chief executive Sundar Pichai, WhatsApp and whistle-blower Edward Snowden“. I think that this is less about Americans and more about the 7 billion non-Americans that have this false fear of the CIA and the NSA. Yet in all this, the only true group to fear this is the 0.0001% of the population, I do not even register and in that regard most do not even register. Like the previous mass surveillance marketing ploy, simple fear mongering.

Now, let it be said that I have nothing against a person’s privacy and there is nothing wrong with wanting privacy, yet when we consider the 1.5 billion on Facebook, the 100 million on Instagram, the 307 million on Twitter and over 100 million users on Pinterest, we have well over 80% of the iPhone users on social media all sharing from mere events attended up to the grooming of the most private of parts, Which makes the shout for privacy a little too hilarious.

So how does this fit legally?

Well first there is the part that the DoJ is now relying on. It is the All Writs Act of 1789, which states “The Supreme Court and all courts established by Act of Congress may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law“, which sounds rather nice,

Yet the fact that the DoJ needs to rely on an act that has, according to several press sources, only been used thrice is a little too novel.

When we consider that the ‘self-destruct’ was enable by Farook’s boss (making the device useless to thieves), only leaves the DoJ without options. What is interesting is when the last cloud backup has happened, had it happened at all? Too many question that are all in the realm of speculation and none of it gives way to legislation. The question becomes should it be? I am not opposing the FBI, CIA or NSA. Yet these alphabet groups do know that they are fishing in murky waters. You cannot expect a corporation to set a product meant for 1,000 million to have options for the internally build exemption of 5,000-7,000 users. The math just does not add up!

I was talking about the legality, so let’s continue there.

In McCabe v British American Tobacco Australia Services Ltd,’ and the appeal, British American Tobacco Australia Services Ltd v Cowell (Representing the Estate of McCabe (deceased)), exposed some of the difficulties that plaintiffs who sue large corporations may face in litigation involving access to documentation. The Victorian Court of Appeal reversed the first instance decision which had struck out the defence of a tobacco company (‘BAT’). The basis for the first instance decision was that BAT had systematically destroyed documents that might have been relevant to the plaintiff’s case. It important to state WHO destroyed documents. You see, in case of Farook it was the boss who ‘destroyed’ the options for information retrieval. The important issue is that INTENT becomes near impossible to prove. In addition that case gives us: “The High Court declined the opportunity to clarify the law in this important area by refusing leave to appeal. The effect of this case, absent statutory reform, is that corporations may destroy potential evidence provided that their actions do not constitute an attempt to pervert the course of justice or a contempt of court. These are notoriously difficult to establish” (source: Playing for keeps? Tobacco litigation, document retention, corporate culture and legal ethics by Matthew Harvey and Suzanne Lemire. The reason for going towards this case is that the entire approach to mobile architecture and auto-backup could instigate updates where the mirror is encrypted extern from Apple. Which means that any phone would have an XML set-up and data object, but the object would be irretrievable. The ‘responsibility’ for proper password maintenance would be kept with the ‘client’ or end user. Taking Apple out of the equation leaving the DoJ with the apple pie made from the famous Granny Smith (AKA Janet Abigail Doe).

This takes the entire cyber conversation towards Spoliated Evidence, where we see “a party is faced with the fact that certain key evidence has been destroyed, altered, or simply lost“, destroyed implies intent, but proving that is next to impossible (which got us the tobacco case. Altered is basically what the DoJ faces as the boss decided to reset the password, again malicious intent becomes next to impossible to prove, whilst lost is not in play in this case but could clearly complicate the issue if that was the case, as the DoJ would have no implied evidence at all.

This entire endeavour goes even further south when we consider Federal Insurance Co. v. Allister, 622 So. 2d 1348, 1351 (Fla. 4th DCA 1993), where the Fourth District decided to set forth five factors to consider before imposing sanctions for spoliation of evidence. They were:

  • whether there is prejudice;
  • whether the prejudice can be cured;
  • the practical importance of the evidence;
  • the good faith or bad faith surrounding the loss of evidence;
  • Possible abuse if the evidence is not excluded.

As bad faith is now linked to the degree of wilfulness, we get back to intent. If mere ‘negligent loss’ does not cut the cake and the cake cannot be devoured without the essential evidence, the entire issue goes nowhere really fast. Basically, it boils down to the boss of Farook having one set of glasses on with the limiting mindset of cost if his mobile was ‘abused in usage’, leaving Apple in the clear shrugging their shoulders going ‘not my problem now’, whilst in all this we are left with no evidence linking to intent or malice. That small scope that was available will in all expectations to be diminished further. It basically solves all of Apple’s problems.

In the need for privacy we have gone from exceptionally rare to just hilariously ridiculous. The Guardian article (at http://www.theguardian.com/technology/2016/feb/20/apple-fbi-iphone-explainer-san-bernardino) shows in equal measure another side. Which comes from Senator Ron Wyden, Democrat from Oregon. Here we read “Some are calling for the United States to weaken Americans’ cybersecurity by undermining strong encryption with backdoors for the government,” he wrote on Medium on Friday afternoon. “But security experts have shown again and again that weakening encryption will make it easier for foreign hackers, criminals and spies to break into Americans’ bank accounts, health records and phones, without preventing terrorists from ‘going dark’“, as such correctly implying that the medication will end up being a lot worse than the disease they face. In addition to that, should Farook have relied on another path, for example receive orders and message a ‘guild’ within a Facebook RPG game, the wasted time on the iPhone becomes nothing more than an iconic episode of the Comedy Capers. With these games receiving billions of messages a day, parsing though 1 of a dozen games would take years. The fact that none of this required any encrypted android or IOS system, just a mere desktop like millions of students use makes for the case against the Alphabet teams. When looking at Extremetech, we see a quote that is important in all this, the quote: “how terrorist organization uses social media to spread its message and radicalize curious readers. GWU’s research found that while ISIS uses a wide range of services, including Facebook, Google Plus, Kik, WhatsApp, and Tumblr, Twitter is the social media site of choice. Twitter already patrols and bans the accounts of ISIS supporters“, it casually forgets the 3-4 dozen accounts that do not raise any flags, the accounts that ACTUALLY bring details of the attacks to the transgressors.

 

 

 

Leave a comment

Filed under IT, Law, Media, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

February 1, 2016 · 20:50

Where are my lenses?

For a moment I was contemplating the Guardian article ‘National borders are becoming irrelevant, says John McDonnell‘, which could be seen as a load of labour by the Bollocks party, or is that a load of bollocks by the Labour party? Anyway, the article was so shaky that it did not deserve the paper to explain the load of bollocks in there. What is however an interesting article, is the article in the National Security section of the Washington Post. The article “‘Eyewash’: How the CIA deceives its own workforce about operations” is worthy of digging into for a few reasons (at https://www.washingtonpost.com/world/national-security/eyewash-how-the-cia-deceives-its-own-workforce-about-operations/2016/01/31/c00f5a78-c53d-11e5-9693-933a4d31bcc8_story.html).

Initially, the very first thought I had was regarding Lao Tsu, who gave us the quote: ‘Those who know do not speak. Those who speak do not know‘, which is a truth in all this.

Apart from the title, the first quote to look at is: “Senior CIA officials have for years intentionally deceived parts of the agency workforce by transmitting internal memos that contain false information about operations and sources overseas“, there are a number of issues here, but let’s focus on one thread for now.

You see the second quote “Agency veterans described the tactic as an infrequent but important security measure, a means of protecting vital secrets by inserting fake communications into routine cable traffic while using separate channels to convey accurate information to cleared recipients” is at the very core of this.

No matter how you slice and dice it, the CIA has had a number of issues since 2002. The first is that after two planes got the wrong end of a vertical runway, the game changed, suddenly there was a massive overhaul and suddenly it had to deal with the United States Department of Homeland Security. In 2002 the DHS combined 22 different federal departments and agencies into a unified, integrated cabinet agency. More important, the DHS was working within and outside of American borders.

Now, the blissfully ignorant (including a host of politicians) seemed to live with the notion that under one flag and united, these people would start playing nice. Now, apart from that being a shaped a joke of titanic proportions, hilarious and all, the reality is far from that. You see, both the FBI and the CIA (not to mention the NSA) suddenly had to worry about 240,000 people, 240,000 security screenings. What do you think was going to happen? The issue of ‘false information about operations and sources overseas‘ is not an issue until you try to exploit that information, which means that you are doing something ILLEGAL (to the extent of being worthy of a shot through the back of the head). ‘Eyewash’ is only one cog in a vast machine of smokescreens that counterintelligence has to see how certain tracks of misinformation makes it outside the walls of intelligent wailing. You must have heard the story of the Senator/Governor who has a ‘friend’ in the CIA, not all those ‘friends’ are working valid paths. The intelligence community is a closed one for a reason. There is a clear chain of command, which means that the CIA has a chain of command and if a Senator or a Governor wants information, there is a clear path that he/she walks, from that point a politician gets informed if that person is allowed or has a valid reason for knowing. If anyone needs to move outside that path, you better believe that it is for political or personal reasons!

Now we get the quote that matters “officials said there is no clear mechanism for labelling eyewash cables or distinguishing them from legitimate records being examined by the CIA’s inspector general, turned over to Congress or declassified for historians“, I am not sure that this is correct. The question becomes what paths and what changes were pushed through in the last 2 administrations? I am willing to contemplate that errors have popped up since the Bush Government, yet in all this the parties seem to forget that the DHS was a political solution pushed through by politicians within a year. I know at least three companies that seriously screwed up a reorganisation of no more than 1,500 people over the period of 2 years, so what did you think would happen when 240,000 people get pushed all over the place? In addition, when a massive chunk of the intelligence section went private to get an income that was 400% better than there previous income (same place, same job), additional issues became their own level of a problem within the DHS, CIA, FBI (and again the non-mentioned NSA).

There were all levels of iterative issues in DATAINT, SIGINT, IT and Tradecraft. Names like Bradley/Chelsea Manning and Edward Snowden might be the most visible ones, but I feel 99.99993422% certain (roughly), that there were more. Eyewash is one of the methods essential to keep others off balance and in the dark what actually was going on, because it was not their business or place to know this. This gets us to the following quotes “But a second set of instructions sent to a smaller circle of recipients told them to disregard the other message and that the mission could proceed” and ““The people in the outer levels who didn’t have insider access were being lied to,” said a U.S. official familiar with the report. “They were being intentionally deceived.”“, now consider this quote from another source “Having DOOMED SPIES, doing certain things openly for purposes of deception, and allowing our spies to know of them and report them to the enemy“, which comes from chapter 13 of Sun Tzu’s ‘The Art of War‘, a book that is almost 2,500 years old, and the tactic remains a valid one. Should you consider that to be hollow, than consider the little hiccup that the British Empire faced (I just love the old titles). Perhaps you remember the names:  Kim Philby, Donald Duart Maclean, Guy Burgess and Anthony Blunt. They made a massive mess of British Intelligence, it took them years to clean up the mess those four had left behind, now consider adding 245,000 names, for the most none of them had passed CIA and/or FBI clearances. So what options did the CIA have? In addition, as we saw more and more evidence of the events linking to Edward Snowden, additional questions on the clearing process should be asked in equal measure, which leads to: ‘What options did the CIA have?’

In that light, the quote “Federal law makes it a criminal offense when a government employee “conceals, covers up, falsifies or makes a false entry” in an official record. Legal experts said they knew of no special exemption for the CIA, nor any attempt to prosecute agency officials for alleged violations” becomes little more than a joke, for the mere reason that not making the intelligence community exempt from this would be a very dangerous issue indeed. You see, today the CIA has a larger issue than just small players like North Korea, it has to deal with business conglomerates all over the world and they have become close to sovereign financial entities in their own right. What happens when a Senator chooses to take a book filled with intelligence anecdotes, just because it is an American Corporation? What happens when he gets the multi-billion dollar deal and he only has to ‘sweeten’ the deal a little? This is entering a grey area that most regard to be a grey area no one wants to touch, but what if it is not a high ranking official? What if it is just a mid-level controller, or a mere IT member looking for a retirement fund? Suddenly, this scenario became a whole lot more realistic, didn’t it?

Eyewash is just one cog in a machine of cogs, it drives a certain amount of cogs of the machine and as certain levels of Intel makes it outside of the walls, counterintelligence has a path to trot on, the article only lightly (too lightly) treads on those elements (yet they are mentioned), but the overall issue of internal dangers that the CIA (et al) faces are almost trivialised, in addition, the entire issue of the DHS and the linked dangers of intelligence access remains untouched. That is perhaps the only issue the article has. Well, from my point it has a few more, like under valuating the need for counter intelligence and the fact that this tactic had been around for around 2,500 years, but let’s not squabble on minor details.

The only additional minor detail I would like to add is that in all this is the missing component of the chain of command towards the Director of National Intelligence (which at present is James Clapper), in opposition, there is no denying that there is an issue that the internal mechanisms for managing eyewash cables were largely informal, which is an issue, even if there would be a clear document, likely higher than Top Secret within the CIA on how to identify and/or classify eyewash cables. Which now only leaves us with the Eyewash cables by No Such Agency like the CIA, but that is something for another day.

 

Leave a comment

Filed under IT, Media, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , ,

October 4, 2015 · 12:00

CISA and Privacy are not opposites

There is a view that many hold, this view is not educated. A view which was given to us from the moment we spawned as a living person. Some got this knowledge as they went to their church or temple. They were told about good and evil. When we started to go to school we got to learn about order and chaos. This last one matters, you see, the opposite that order and chaos represent has been used in books, in videogames, in TV shows and in movies. In the Avengers movie ‘Age of Ultron’, near the end of the film we hear a quote from Vision, played by Paul Bettany that matters: “Humans are odd. They think order and chaos are somehow opposites“.

You might not realise it but the gem that we have here is in the foundations of many issues that have been plaguing us in several ways. Let’s take a look at this in two parts. The first is a Guardian article (at http://www.theguardian.com/world/2015/oct/01/blackphone-release-data-protection-privacy-surveillance) called ‘Blackphone: privacy-obsessed smartphone aims to broaden its appeal‘. The very first paragraph is a quote that shows issues on more than one side “Privacy company Silent Circle has released a second version of its signature handheld, a smartphone designed to quell the data scraping and web tracking that’s become such an integral part of the digital economy in the last few years (and whose results might well end up with the NSA, if the Cybersecurity Information Sharing Act passes)“, now I have no issue with the data scraping part and for the most the term ‘whose results might well end up with the NSA’ is less of an issue, but the overall taste is about privacy, I have no issue with this. The next quote is an interesting one, which will matter soon enough “In the beginning, Janke said, the Blackphone project was just a way for people working for his security firm SOC, since sold, to call home without having their communications intercepted“.

You see, there is no issue with the message shown here, but what is linked to all this is the message that is not shown here. You see, this device should now be regarded as the most excellent tool for hedge funds managers, organised crimes and all other kinds of non-mentioned criminals, who will now get to do with ease and freedom the things they had to steeplechase around the block for. This device will allow financial advisors to take certain steps that they were too scared to do, all out of fear of getting caught. This device will be opening doors.

There is no issue with the approach Janke had, he was submerged (read: drowning) in a world where any slip up could mean the death of him, his comrades and perhaps even his family. So his need for security was a given. There is a need for such a device. I have written about the need for this device as early as 2009, so the fact that someone picks this up is not a surprise, so why are we looking at this?

You see, it is the mention of CISA that is part of all this. CISA or better stated the Cybersecurity Information Sharing Act is sponsored by Republican Senator Richard Burr (North-Carolina). Why would anyone oppose ‘the bill makes it easier for companies to share cyber threat information with the government‘? Let’s be clear this is about dealing with Cyber Threats!

So what is a Cyber Threat? A Cyber threat is defined as ‘a malicious attempt to damage or disrupt a computer network or system‘, so we have the fact that this is about malicious attempts! So why would there be an issue? Well, there is because people and as it seems to be especially criminals, terrorists and Organised Crime seem to be allowed a lot more privacy than their victims, so in all this I see little issues pop up all over the place. This sounds all emotional, but what does the official text state? Well, the complete text is at https://www.congress.gov/bill/114th-congress/senate-bill/754, so let’s take a look at some parts.

Permits state, tribal, or local agencies to use shared indicators (with the consent of the entity sharing the indicators) to prevent, investigate, or prosecute offenses relating to: (1) an imminent threat of death, serious bodily harm, or serious economic harm, including a terrorist act or a use of a weapon of mass destruction; or (2) crimes involving serious violent felonies, fraud and identity theft, espionage and censorship, or trade secrets“, How can we be opposed to this? Is this not the foundation of growing fair play?

Well, that is partially the question. You see, the issue is in part the language. Consider this paraphrase which remains correct in light of the previous statement: “Permits local agencies to use shared indicators (with the consent of the entity sharing the indicators) to prosecute offenses relating to serious economic harm“. Which is now the floodlight of all this.

Now we get to the second part in all this, which is offenses relating to serious economic harm. Serious economic harm tends to be seen as pure economic loss, but it is not limited to that. For this we can look at the element ‘Loss of production suffered by an enterprise whose electricity supply is interrupted by a contractor excavating a public utility‘, which we see in Spartan Steel & Alloys Ltd v Martin & Co (Contractors) Ltd. In here the legislatively famous Lord Denning raised the issue of ‘Duty to mitigate loss’. Yet today, in the world of data and digital media, how can we measure that element? Let me show this through an exaggerated fictive example.

Microsoft raises the issue that as they required an investigation into acts that are causing serious economic harm to Microsoft. Unique software has been released that directly negatively impacts they trademarked business. The CISA could now be in effect to investigate data and data sources, but who minds that store? Who has that knowledge? Now consider that the person investigated would be Markus Persson, because his program ‘Minecraft’ is now stopping all people who are part of the Microsoft Gaming brand to continue.

So who will make that call? You might think that this is a ludicrous example, but is that so? Microsoft ended up paying more than 2 billion for it, so someone implying ‘Serious Economic Harm’ is not that far-fetched. This now becomes an issue for a timeline. What timeline is in effect here? With an imminent threat of death this is a simple matter, with serious economic harm that matter is far from simple, moreover will the claim be valid? I used the ludicrous Minecraft and Microsoft Games brand. Yet what happens when this is a lot more ‘grey’, what happens when this is Raytheon versus the Belgium based TTN Verhaert? A Technology Transfer Network (TTN) that has innovated the latest classified satellite navigation systems. Is it still a clear call as to what constitutes serious economic harm?

This act opens up a can of intellectual property, the one can everyone wants to swim in and the elected official channels do not even have a fraction of the minimum required insight to make such a call.

Section 9 gives us “Directs the DNI to report to Congress regarding cybersecurity threats, including cyber-attacks, theft, and data breaches. Requires such report to include: (1) an assessment of current U.S. intelligence sharing and cooperation relationships with other countries regarding cybersecurity threats to the U.S. national security interests, economy, and intellectual property; (2) a list of countries and non-state actors that are primary threats; (3) a description of the U.S. government’s response and prevention capabilities; and (4) an assessment of additional technologies that would enhance U.S. capabilities, including private sector technologies that could be rapidly fielded to assist the intelligence community

When we consider both A and B, we should look at ‘U.S. SEC drops Onyx insider trading lawsuit against Dubai men’ (at http://finance.yahoo.com/news/u-sec-drops-onyx-insider-230111643.html) from September 15th. The quote here is “Smith said the Newman decision was ‘helpful,’ but that the SEC ‘never had a tipper’ or evidence that his clients received inside information”, one would think that this is where CISA could now step in. Alas, apart from the side that is implied by the CISA text: ‘assessment of additional technologies that would enhance U.S. capabilities, including private sector technologies that could be rapidly fielded to assist the intelligence community’, which according to Blackphone is not an option, we now see that this opens a door to ‘patsy management’ on how two unsecured parties, could be set-up through the use of Blackphone through encrypted conversations and when the two unsecured parties talk, they could be setting each other up thanks to the other two parties that were using a Blackphone. Blackphone here has no blame whatsoever, they would be offering the one part criminals desperately want, a secured phone. This now sets a dangerous precedence, not a legal one, because Blackphone is behaving itself as it should, the provider of secure communications, it is what people do with it that matters that part cannot be guaranteed by the Cybersecurity Information Sharing Act. In addition, S. 754 has one additional flaw. That flaw is seen in the definitions, where we see that the earlier mentioned definition ‘serious economic harm’ is not specified in the definitions at all, so what definition applies?

Beyond that, we see the definition of a cybersecurity threat. In here it is important to take a look at part A and part B.

part a gives us: “IN GENERAL.—Except as provided in subparagraph (B), the term “cybersecurity threat” means an action, not protected by the First Amendment to the Constitution of the United States, on or through an information system that may result in an unauthorized effort to adversely impact the security, availability, confidentiality, or integrity of an information system or information that is stored on, processed by, or transiting an information system” and part B gives us “EXCLUSION.—The term “cybersecurity threat” does not include any action that solely involves a violation of a consumer term of service or a consumer licensing agreement“, which sounds nice, yet how does it help stem cybersecurity threats?

You see, when you consider the letter send by UCLA to Chairman Dianne Feinstein in June last year, we see: “CISA’s inadequate use limitations risk turning the bill into a backdoor for warrantless use of information the government receives for investigations and prosecutions of crimes unrelated to cybersecurity“, which could be regarded as the biggest failure, but it is not, it is the part we see in “CISA requires that cyber threat indicators shared from the private sector with the Department of Homeland Security (DHS) be immediately disseminated to the Department of Defense, which includes the NSA and U.S. Cyber Command. This new flow of private communications information to NSA is deeply troubling given the past year’s revelations of overbroad NSA surveillance“. It is the ‘be immediately disseminated to the Department of Defense’ that comes into play now. When we consider ‘Overbroad Liability Protection‘, which can now hide by giving that function to an intern so that “good faith” reliance remains is a potential risk that could be pushed by big business to hide behind the ‘dope’ who acts in ‘good faith’.

Is that truly the blackness we face? Well, that is hard to say, the fact that this act relies on ambiguity and is lacking certain rules of restraint, or at least certain safeguards so that data cannot leave the intelligence office is reasons enough to have a few more discussions on this topic. What is interesting is that CISA would create a fear, which Black phone addresses, yet in similar method other players will now receive an option allowing them to play large dangerous games whilst not becoming accountable, that new Blackphone could address several issues the shady commercial interest guy is very happy to exploit.

The question becomes, how does any of this make us any safer?

So now we get back to the Age of Ultron line. As we see that crime is becoming an orderly event, the fact that we tend to hide in chaos the issues that should be open for all is part of the dilemma we now face. Again we are confronted with laws that remain inadequate to deal with the issues that needed to be dealt with. CISA takes in my view a chaotic approach to keep a level of order that was delusional from the very start, from missing definitions to application of methodology. It is a cog not linked to any machine, proclaiming soon to be of use to all machines and in the end, as I see it will only hinder progress on many levels, mainly because it tries to circumvent the accountability of some. And this is not just an American issue. In that regard laws and the protection of the victims have been an issue for a longer time. We only need to look to the Tesco grocery store on the corner to comprehend that part of the equation.

 

 

1 Comment

Filed under IT, Law, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , ,

September 24, 2015 · 22:06

Imperitos idiot

This is a view I have had for a while, it is a view that I have advocated on more than one situation, yet business remains silent, deaf and as they hide in ignorance they are limiting the options they have, in the future and in an acted decimation of one’s own future. The information in the Guardian (at http://www.theguardian.com/us-news/2015/sep/23/us-intelligence-services-surveillance-privacy) shows a title ‘Facebook case may force European firms to change data storage practices‘ that questions certain elements. The quote “a court accused America’s intelligence services of conducting “mass, indiscriminate surveillance”” in the first paragraph is the act of alerting, but is that all?

The Case C‑362/14 Maximillian Schrems v Data Protection Commissioner is the calling entity here. A request for a preliminary ruling.

Let’s take a look at the elements. We see at [25] Mr Schrems lodged a complaint with the Commissioner on 25 June 2013, claiming, in essence, that the law and practices of the United States offer no real protection of the data kept in the United States against State surveillance. That was said to follow from the revelations made by Edward Snowden from May 2013 concerning the activities of the United States intelligence services, in particular those of the National Security Agency (‘the NSA’).

[35] Nevertheless, according to the High Court, the revelations made by Edward Snowden demonstrated a significant over-reach on the part of the NSA and other similar agencies. While the Foreign Intelligence Surveillance Court (‘the FISC’), which operates under the Foreign Intelligence Surveillance Act of 1978, (18) exercises supervisory jurisdiction, proceedings before that court take place in secret and are ex parte. In addition, apart from the fact that decisions relating to access to personal data are taken on the basis of United States law, citizens of the Union have no effective right to be heard on the question of the surveillance and interception of their data.

This all goes back to ‘the revelations made by Edward Snowden‘. I have forever had issues with the ‘revelations’, too many holes, too many issues that from an IT perspective are a given no no. In addition, it assumes a level of ‘openness’ within the alphabet group that does not exist. Such openness has never existed, yet the press and many others have been very willing to blindly accept the events of Edwards Snowden, yet the data was never made bare, the data is filtered and was largely ‘stamped’ as complex, as too dangerous. Yet proper analyses of the data was never made by any person that could be regarded as trustworthy. For now, to underline what comes, I will give you this quote “An intelligence operation is the process by which governments, military groups, businesses, and other organizations systematically collect and evaluate information for the purpose of discovering the capabilities and intentions of their rivals. With such information, or intelligence, an organization can both protect itself from its adversaries and exploit its adversaries’ weaknesses“, the source is not important right now, the impact will be discussed, yet before I do this I want to continue the other elements I started.

Now consider [224] where we see “In addition, the Commission expressly acknowledged at the hearing that, under Decision 2000/520, as currently applied, there is no guarantee that the right of citizens of the Union to protection of their data will be ensured. However, in the Commission’s submission, that finding is not such as to render that decision invalid. While the Commission agrees with the statement that it must act when faced with new circumstances, it maintains that it has taken appropriate and proportionate measures by entering into negotiations with the United States in order to reform the safe harbour scheme“.

Now consider the following thought by transforming the quote: ‘there is no guarantee that the right of citizens of the Union to protection of their data will be ensured‘ into ‘it will be certain that the right of citizens of the Union to protection of their data will be unsuccessful‘. The issue is that moving data will open up a massive amount of dangers, data instabilities and data security hazards. Too many players within the EEC and other places all want their fingers on the data so that they can get a foothold of power. It is THAT simple in my opinion!

All these nations wanting access to data, setting up corporations, all trying to make a quick buck whilst during political manipulating, the security of our data will be available to anyone offering 39 pieces of silver. Before you start listening to people with nice PowerPoint presentations and long winded explanations with considerable non liability asterisks on how this is so not possible consider the following events (at http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/). Ashley Maddison might be the most sensual one, but also the most embarrassing. In that same light we can see 145 million records of EBay, Sony, Heartland with 130 million and that list goes on for a long time. So the last thing I want to see is our data in the hands of some ‘seemingly’ ignorant individual, whilst completely unexpectedly and totally against ‘protocol’ the data will make it into the hands of third parties. Now I go back to that other quote, which I will paraphrase: “An intelligence operation is the process by which businesses systematically collect and evaluate information for the purpose of discovering the capabilities and intentions of their rivals and exploit the weakness of its adversaries“. This is what I foresee. This is why the crying over the NSA, whilst handing over health data to parties too unprepared to properly protect that data is more than just a big farce. Now we need to look at two sources. The first is the Guardian on the 28th February 2014 (at http://www.theguardian.com/society/2014/feb/28/nhs-data-will-not-be-sold-insurance-companies-jeremy-hunt), which gives us “Health secretary to provide assurance that confidential information will not be used for commercial insurance“, now Wired three days before that reported (at http://www.wired.co.uk/news/archive/2014-02/25/insurance-companies-buy-medical-records) “Details relating to hospital admissions from 1989 to 2010 were given (for an extraction fee) to the Institute and Faculty of Actuaries. The 13 years of data covering 47 million patients were given to the professional body to help them ‘improve accuracy in pricing’ of insurance“, yet all insurance is commercial, so as data goes, it is out there and too many players want a slice of that pie. Forcing more personal data into any open direction is beyond dangerous. That part can be constructed from http://www.wsj.com/articles/more-health-care-insurers-seek-big-premium-increases-1433206078. “Blue Cross and Blue Shield of Illinois is looking to raise rates by averages of 29% or more. In Pennsylvania, Highmark Health Insurance Co. is asking for 30%, according to proposals submitted by insurers for the year ahead. Around the country, some of the main market leaders are looking for double digit increases“. What do you think in all honesty will happen when they get the option to make healthcare unaffordable to all or unaffordable to some. Data will become the compromise and that danger is a lot larger when it is in the hands of ‘other’ third parties whilst the law is unable to deal with the issues at hand. The US has some strict rules in place that barring national security cannot be broken. Now we see a push towards fields where these levels of security do not stringently exist. What do you expect will happen? And healthcare is not the biggest slice of it all, just the most visible one.

In all this there are issues on both sides, yet at the core the pushed fear for governmental access is a fake and an illusionary one and it is shouted the loudest by people who have a little too much to hide. Hiding for the sake of their ego, their acts and/or the need for continue or renewed satisfaction of greed. Yes, I agree that my view is polarised to some extent, I agree that my view has flaws, but I approach it from a clinical side, whilst the others are all hiding through the shouting and claims set behind the emotions, the push to fear.

In all this I have yet to see the cold light of evidence that the alphabet group is disserving the people. The link to movies and conspiracy theories, nearly all of those claimants with their own agenda, sometimes badly hidden. Yet, in that light, is my view not too conspiracy theory set? I ask that of myself too, because without that consideration it is just a viewpoint. It will remain a viewpoint no matter what, yet consider that when you seek ‘NSA transgressions’ you find very little acceptable news events, with this I mean events that are of a decent level of report. When we look at data transgressions from other parties, that list is growing at an almost exponential rate and the size of the transgressions seems to be increasing, shifting data all over the place is not my first idea of safety.

Is it your choice?

When you decide and it goes wrong, you only have yourself to blame and as I see it, you lose all rights to complain when (not if) it goes wrong.

The next iteration of our lifestyles that what happens over the next 2 generations will all be about data and who has control over it and who gets access to it, which is not freedom.

 

Leave a comment

Filed under IT, Law, Media, Politics

Tagged as , , , , , , , , , , , , , , , ,

June 5, 2015 · 20:58

In reference to the router

Is this a case of Mythopoeia? Am I the JRR Tolkien of bloggers (I wish) and writer of facts by a non-journalist? It might be. You see, this is all about a mythological theme that is constant as war is, because war never changes! Its concept and construct is as old as the first ‘soldier’ who combined a flint and a stick and started to spear people. In this mindset it is all about the other person, an archaic approach to the issue that does not lie beneath, it’s in front of the person not seeing what is right in front of him/her.

It is also the first evidence that we consider the concept ‘old soldier never die, they simply fade away’ to be no longer a genuine consideration. In this day and age, the old soldier gets his/her references deleted from the database of considerations. We remain with nothing more than an old person that cannot connect or interact, the router won’t let him/her!

This is how it begins, this is about certain events that just occurred, but I will specify this momentarily, you see, it goes back to an issue that Sony remembers rather well they got hacked. It was a long and hard task to get into that place Login=BigBossKazuoHirai; Password=WhereDreamsComeTrue;

Soon thereafter no more firewall, no more routers, just the bliss of cloud servers and data, so much data! The people behind it were clever, and soon it was gone and the blame fell to the one nation that does not even have the bandwidth to get 10% past anything. Yes, North Korea got blamed and got fingered and in all that the FBI and other spokespeople gave the notion that it was North Korea. The people who understand the world of data know better, it was the only player less then least likely to get it done, the knowhow and the infrastructure just isn’t there. I did have a theory on how it was done and I published that on February 8th 2015 (at https://lawlordtobe.com/2015/02/08/the-next-cyber-wave/) in the article called ‘The next cyber wave’. It is only a theory, but it is a lot more reliable and likely than a North Korean incursion because of a movie no one cares about.

The FBI has plenty of achievements (FIFA being the latest one), but within the FBI there is a weakness, not a failing, but a weakness. Because the US has such a niche setup for NSA, CIA and other Intel officers, their offices are for the most still archaic when it come to the digital era. They go to all the events, spend millions on courses and keep up to date, but for the most, these people are following a wave that is one generation old, they follow, they do not lead. The entire Edward Snowden issue is clear evidence. I remain to regard him a joke, not a hacker, so far he is just placed on a pedestal by the press, who have created something unreal and whatever they do not to change it, it will only cut themselves. That is the fall-back of creating an artificial hero who isn’t one.

Yet, this is not about Snowden, he is only an element. Now we get to the concept of paleo-philosophy and how it hits government structures behind IT. This all started yesterday (at http://www.theguardian.com/technology/2015/jun/04/us-government-massive-data-breach-employee-records-security-clearances), where we see ‘OPM hack: China blamed for massive breach of US government data’. Now first of all, if one power can do this, than it is China! France, UK and a few others can do it too, but let’s just assume it is not an ally! Here is where the entire paleo-philosophy comes into play. You see, even though war remained constant, the players changed and for the most, it is no longer about governments. This is all about corporations. Even the movies are catching on, there is no true side to Russia or China as the enemy. Yes, their students might do it to impress their superiors/professors, but that would just be there defining moment. Ethan Hunt is not hunting a nation, it is now hunting conglomerates, large players who remain and require to be zero percent taxable. Those are the actual ream enemies for the UK, the US and China. You see, I am not stating it was not China, I am only questioning the reasoning and other acts. You see, I tried to get an answer from State Secretary John Kerry at +1-202-647-9572, who does not seem to be answering the phone, neither is his right hand man, Jonathan J. Finer at +1-7234 202-647-8633. This is not a secret, the State Department has the PDF with office numbers, locations and phone numbers in an open PDF and you can Google the little sucker! In the age where loads of stuff is open the right person can combine tonnes of data in a moment’s notice.

So can the larger players! The quote in the beginning is the kicker “the impact of a massive data breach involving the agency that handles security clearances and US government employee records“, you see loads of this information is already with intelligence parts and counter parts. I reckon Beijing and Moscow had updated the records within the hour that the next record keeper moved into the office. Yet, now in 2015, as the engine starts up for the presidential elections of 2016, that data is important to plenty of non-governments, that part is not seen anywhere is it?

Then we get “A US law enforcement source told the Reuters news agency on Thursday night that a ‘foreign entity or government’ was believed to be behind the attack“, which is fair enough, so how was the jump made to China? You see, only 5 weeks ago, the Financial Review gave us “US Treasury pressures Tony Abbott to drop ‘Google tax’” (at http://www.afr.com/news/policy/tax/us-treasury-pressures-tony-abbott-to-drop-google-tax-20150428-1mu2sg). So as the Obama administration ‘vowed’ to crackdown on Tax avoidance, they are really not the player who wants to do anything to upset those luscious donators of pieces of currency paper (loads of currency paper), so a mere 6 months later the US, is trying to undo what they promised, whilst still trying to push the TPP papers through the throats of consumers everywhere, what an interesting web we weave!

You see, for the large corporation that list of who has access to papers, and his/her situation is worth gold today, for the Chinese a lot less so. Yet, I am not writing China off as a possible culprit! Let’s face it, they are not North Korea, which means that they do not need to power their router with a Philips 7424 Generator! So at this point, I would tend to agree with Chinese foreign ministry spokesman Hong Lei who branded the accusations “irresponsible and unscientific” at a news briefing on Friday.

Now we get to the quote that is central to the entire paleo-philosophy matters: “DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion”, first of all, I am not having a go at the DHS. I have done so in the past with good reason, but this is not that case. I think that in many areas government in not just falling behind, it started to fall behind in 2005 and has been falling behind ever since. Not just them though, organised large corporations like Sony, CVS Health, Valero Energy and Express Scripts Holding are only a few of the corporations that do not even realise the predicament they are in. The Deep Web is not just a place or a community, some of the players there have been organising and have been sharing and evolving that what they know. A massive pool of information, because Data is money, governments know it, corporation know it and THE HACKERS know it too. For them it is all relative easy, they have been living and walking the cloud data with the greatest of ease they can conflict data points and flood certain shared data hosts, only to achieve to get behind the corridor and remain invisible whilst the data is available at their leisure. In that environment the intelligence community is still trying to catch up with the basics (compared to where the hackers are). You see, whilst people in corporations and government are all about politics, those hackers were bout mayhem and anarchy, now they are figuring out that these skills get them a wealthy and luxurious lifestyle and they like the idea of not having a degree whilst owning most of Malibu Drive, a 21st century Point Break, where the funds allow them to party all the time. Corporations got them into that thinking mode. So were the culprits ‘merely’ hackers or was it a foreign government? That is the question I am unable to answer with facts, but to point at China being likely is event less assuring. Consider who gains power with that data? This much data can be up for sale, it can be utilised. In the premise of both, China is not unlikely, but what is ‘more likely than not’ is also a matter, even though that question is less easily answered and without evidence (I have none) any answer should not be regarded as reliable!

Now we get to the quote “Embassy spokesman Zhu Haiquan said China had made great efforts to combat cyberattacks and that tracking such events conducted across borders was difficult” it is correct, it matters and it is to the point. In addition, we must accept that trackers can also be set on the wrong path, it is not easy, but it can be done, both the hackers and China have skills there, as do the NSA and GCHQ. Yet, in all that, with the Sony hack still fresh in memory, who did it, which is the interesting question, but WHY is more interesting. We tend to focus on clearances here, but what else was there? What if the OPM has health details? What is the value of health risk analyses of 4 million people? At $10 a month that is a quick and easy half a billion isn’t it?

You see, the final part is seen here: “DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion”, This is to be expected, but the intruders know this too, so how did they get past it all again? That is the issue, I gave in my earlier blog one possible solution, but that could only be done through the inside person, to be clear of that, someone did a similar thing in the cloud, or in the stream of data, in a way that it does not show. Perhaps a mere pressure of data in a shared cloud point is all it took to get past the security. How many data packages are lost? what intel is gained from there, perhaps it is just a pure replication of packages job, there is no proper way to monitor data in transit, not in cloudy conditions, so as we see that more data is ‘breached’ we all must wonder what the data holders, both government and non-government are not ready for. It is the data of you and me that gets ‘sold’ who does it get sold to?

So as we see an article of a data hack and a photo of routers and wiring, which looks geeky and techy, was this in reference to the router? Or perhaps it is in reference to a reality many in charge are not ready to face any day soon, and in light of the upcoming US elections of 2016, some of these politicians definitely do not want to face it before 2017. Like the Google Tax, let the next person fix it!

A preferred political approach that will allow them to lose exclusivity of your data real fast!

 

2 Comments

Filed under Finance, IT, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , ,

February 21, 2015 · 21:13

Spooky Spooky Mobile

Spooky Spooky Mobile
Hacking thyne own file
Upload and Download
And as you have your chatter
I met a Telco
That would not give its data
So I took their servers
And gave it a little patch
(Goosy, Goosy, Gander)

Yes, when we look at the article ‘US and UK accused of hacking Sim card firm to steal codes‘ (at http://www.bbc.com/news/technology-31545050) I seem to resort to nursery rhymes. There is method to my madness, just as my madness could be regarded as methodical (to the smallest degree). I read the article with other eyes, perhaps you did too? The first part is seen here “The Intercept alleges that the hack organised by Britain’s GCHQ and the US National Security Agency (NSA) began in 2010, and was organised by operatives in the “Mobile Handset Exploitation Team”. Neither agency has commented directly on the allegations“, now, I will continue on the premise that this fact is true (not whether it is correct). In 2010 there was still a massive hunt for this bearded dude underway named Osama something or other. For this part I need to take you on a side trip ‘Banking Giant HSBC Sheltered Murky Cash Linked to Dictators and Arms Dealers‘ (at http://www.icij.org/project/swiss-leaks/banking-giant-hsbc-sheltered-murky-cash-linked-dictators-and-arms-dealers). The issue might be ‘news’ now, but it had been known in the intelligence industry for some time. After 2008 several individuals with additional limitations on moral and ethics were willing to assist the grey area of free trading in setting up funds. This group had ALWAYS existed, greed is such an easy tool to grow under, yet, the fact that some would be willing to be the money orchard for terrorist organisations is decently novel. 2008 had made many hungry so some would be willing to get at what they wanted, more money. A problem that has existed for a long time, so the premise to get access to mobiles so that possible lines of communications would be uncovered make perfect sense.

The trail goes further, you see, most people have a contract, or stay with the same provider for years, this not an issue for the hunters. You (roughly 99.99993243% of the mobile users) are not an issue, but how to find the rest? Hope on some random lucky draw? Governments rely on income from lotteries, not rely on getting a price in that same way. So getting a hold of ALL Sims is a much better solution. It made perfect sense. Do I like it? I actually do not care, I lead one of the dullest mobile lives and I believe that some people must be hunted down. So to go all out on ‘Yes’, hunt them down and ‘No’, you cannot monitor me, seems to be both hypocrite and sanctimonious all in one package. In addition, I tend to not break the law, which makes it even easier. So let’s get back to the article!

The next part is seen here “A Gemalto spokeswoman said the company was unable to verify whether there had indeed been a breach, and highlighted that other Sim manufacturers could also have been targeted. She added: “We take this publication very seriously and will devote all resources necessary to fully investigate and understand the scope of such highly sophisticated techniques to try to obtain Sim card data””, so we see two parts, one that the known provider is not the only provider, were they all targeted?

Linked to this is: “Eric King, deputy director of the campaign group Privacy International, said the NSA and GCHQ had “lost sight of what the rule of law means and how to weigh what is necessary and proportionate”“. This sounds nice in theory, but after taking a look at the Privacy International site, I see him as (only) slightly sanctimonious. all this on surveillance and SIGINT (the Five Eyes group), yet, they have ZERO visibility on the issue that I have on the exchange of data on a global scale by large corporations and how people are almost lulled into a sleepy state of just agreeing with it all, not to mention the other versions of the Lenovo ‘Superfish’ instances that we have not seen brought to daylight yet. It seems that governments are not allowed any options, whilst the propulsion of greed from large corporations and their data remains uninhibited by using the ‘US-EU Safe Harbor Framework‘ (at http://genomebiology.com/2014/15/8/430), when we consider the quote “A multinational seeking approval must submit its global policies and practices to a ‘lead’ EU data protection authority (DPA) – typically in the country of its European headquarters. Once the lead DPA gives its ‘stamp of approval’, a mutual recognition scheme among most EU member states facilitates approval by other relevant DPAs. To date, over 50 corporations have received BCR approval” When we see the list (at http://ec.europa.eu/justice/data-protection/document/international-transfers/binding-corporate-rules/bcr_cooperation/index_en.htm), we see NOVARTIS, which gives us a direct link to Natixis (and the massive amounts of links that they have). Ernst & Young and Motorola among others, so how can one satellite locations allow indirectly to move data across other borders, or make them accessible for query? Is it not interesting that Privacy International has not been looking at that (as far as I could tell), so do you see the issue I have with their ‘statement’?

Linked to the ‘alleged’ sim code heist is another article. This one is a lot older. It was from July 2013 and called “Millions of Sim cards are ‘vulnerable to hack attack’” (at http://www.bbc.com/news/technology-23402988), so, yes, when we see the quote “Karsten Nohl has said he has found a way to discover some Sims’ digital keys by sending them a special text message. He warned criminals could potentially use the technique to listen in on calls or steal cash“. So, yes getting the data from the sim makers directly would make a lot of sense (an ergonomically terrific solution), but this method might be less visible. So why was another method used. Now we get back to the beginning: “US and British intelligence agencies hacked into a major manufacturer of Sim cards in order to steal codes that facilitate eavesdropping on mobiles, a US news website says“, which News website? The fact that this news is followed by “The Intercept says the revelations came from US intelligence contractor turned whistle-blower Edward Snowden” gives another pause. What is actually happening? It seems to me that the Snowden stamp is making us chase ghosts (pun intended), but overall I see less and less reliability in these ‘spectacular revelations‘ and the press does not seem to be asking the questions they should be asking. The investigations that they should do, do not seem to be done. The ‘revelation‘ is made and then we see one party line response from GCHQ “However GCHQ reiterated that all its activities were “carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate”“, which is now linked to this, but there is no evidence that this has actually happened. The subtitle ‘Full investigation‘ seems to be a header without a factual link. That subtitle ends with some group shot and the by-line “Experts say that the alleged hack is a major compromise of worldwide mobile phone security“, is that actually the fact? Would phone security be compromised? It seems to me that the 2013 is a much larger threat to phone security and Google stopping its continued development to anything before Android KitKat is just an additional cause for alarm, how did the alleged government activities create more danger? It seems to me that the BBC has not illuminated parts that should have been illuminated. When we see “The UN’s telecoms agency – the International Telecommunications Union – said that it would now contact regulators and other government agencies worldwide to ensure they were aware of the threat“, is also an issue. When we consider the UK issue of telecom caps and the fact that nothing has been done for years, can we dimensionally see that awareness of the ITU could be regarded as a similar demure step is a valid question, yet the current article does not reflect on the earlier issue. The end of the latest article gives the one part that is important as I see it “But perhaps this latest leak has done more to highlight how a single company is in control of millions of people’s private data“. So was this an actual leak, or did someone figure out a possible issue with current technology and they added the ‘Snowden’ link to give it a little more fear. The last part could have been done by any decent technologist, no MIT degree required. So what about the one time mention of ‘a US news website says‘? Who was it and how come that this media courtier, depending on visibility is reduced to 5 words, which seemed a little odd to me from the very first time I read the message.

Leave a comment

Filed under IT, Media, Military, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , ,

February 15, 2015 · 23:09

A coin with more than two sides

Let us take a look at two of many more sides. The first side is given in this article: Google’s Vint Cerf warns of ‘digital Dark Age’ (at http://www.bbc.com/news/science-environment-31450389). The initial quote is “Vint Cerf, a ‘father of the internet’, says he is worried that all the images and documents we have been saving on computers will eventually be lost“. This sounds nice, but is that not the same as we have had forever? If we did not take care of our old photographs and our old negatives, than those pictures would be lost forever, so how is that different?

110mm_Agfa

See here, the picture of an Agfa Instamatic. It is almost identical to the camera I had in the late 70’s. So, how will you get those negatives developed? Where to buy film? Most will not care about it, many have bought new camera’s, but where to print the negatives you have? Nowadays with digital images, almost any printer will print it, almost every system will show them. How is that different? So are the words of Vint Cerf anything else but a sales pitch for some new ‘forever’ saved option, likely one that Google will offer and not unlikely in a way that gives Google shared ownership. Is that under the current feelings of ‘data collection’ such a sceptical view to have?

Now, I will state, that not unlike those old prints, the owner has the responsibility to keep the images safe, just like in the old days. Even if the originals (the digital negatives) are lost, as long as a print still exists, the image remains, just like the old photographs. Yet, his quote “But as technology moves on, they risk being lost in the wake of an accelerating digital revolution” holds truth, because that is not unlike the 110mm film issue. So as long as you have a data option that survives, like the 110mm negative holder, you can always get another print. So, CDROM’s in a writable version came in the late 90’s, so we only started to have a backup option for 20 years, yet affordable digital images would still need several more years. Yes, that market has grown exponential and now, we see the application of Common Cyber Sense in another way. Now, people will get confronted with the need to back things up. As the Digital disc evolved, so has the quality of these solutions. Now the discs last a lot longer, so backing up the old discs on new discs does make a whole lot of sense, so there is a side that makes perfect sense, but is that enough?

That part is shown in the following quote: “’I worry a great deal about that,’ Mr Cerf told me. ’You and I are experiencing things like this. Old formats of documents that we’ve created or presentations may not be readable by the latest version of the software because backwards compatibility is not always guaranteed’“. This is at the heart of what Vincent Serf is getting to, so he is definitely onto something. How many of you can still access all the WordPerfect files you created in 1992? Who can still access their FRED applications and their Ashton Tate’s Framework solutions? That list is slowly and surely getting close to zero. This is what Vincent is getting to and there list the crux, because this would have gone beyond mere images and what we currently still access. Consider the Digital VAX/VMS systems, the collected data that spans decades from 1982 onwards. The IBM series one (those 64Mb mainframes with 10 9” floppies), so Vincent is perfectly correct (as a man with his experience would be), but what solution to use? Yes, his idea is perfectly sound, but the issues that follows is the one that I have to some degree an issue with, you see, sometimes things get lost, which has happened throughout history, would our lives have been better if the Library of Alexandria survived? Would it be better, or would there be more and more incriminations? There is no way to know, but the issue can be explained in another way. This is a myth I heard in school a long time ago. The story is that a person could ask whatever he wanted for a created chess game. He asked for a grain in the first square, two in the second square and so on. By the time the board was half way through, the person paying for it would owe the person 2,147,483,648 grain seeds and that is just half way through. Now think of today’s world, where we collect everything. Like the chess board we collect every part and this just increased the junk we collect and that at a premium price. So what to keep? That is the hard part, it is interesting to keep on the side that sometimes we need to allow to lose things, but Vincent has a case. Now we look at one of the last quotes: “’Plainly not,’ Vint Cerf laughed. ‘But I think it is amusing to imagine that it is the year 3000 and you’ve done a Google search. The X-ray snapshot we are trying to capture should be transportable from one place to another. So, I should be able to move it from the Google cloud to some other cloud, or move it into a machine I have’“. Yes, there is the sales pitch. “Google search” and “move it from the Google cloud“, so there we have it, the Google cloud! Still, even though there is a sales pitch in here, does that make it a bad approach? Are we better because we save EVERYTHING? That is at the heart of this little conundrum. Now, those having their data on the old Cray might consider their data worthy, so do many who had their data on UNIX mini’s, but now consider every Novell edition, every desktop, now, it will be arbitrary if people decide to take these steps, yet what happens when all data can be baked up like this, what happens when some start ‘offering’ this for ‘free’? Who then co-owns that data, those solutions? Is that such a crazy thought to have?

Here is the last part: “And that’s the key issue here – how do I ensure in the distant future that the standards are still known, and I can still interpret this carefully constructed X-ray snapshot?” This is the part that is interesting; his concept of Digital Vellum is an interesting one. Yet, how should we move forward on that? What happens when these snapshots link up, when they connect, perhaps even interact? There is no way of knowing; perhaps this would be the beginning of a new evolution of data. Is that such a weird concept? Perhaps that is where we need to look at other sides too. Consider our insight, into our memories, our ‘wisdom’ and our ability to filter and extrapolate. Is this solution a primal step from near ‘artificial-intelligence’ to possible cyber/digital intelligence? The question becomes, if intelligence is grown from memories, what do we create when we give it everything we ever collected? I have seen the stories, the way some people think that the dangers of an artificial intelligence is so dangerous. We might consider the thoughts from the ‘Cyberdyne’ stories (Terminator series), but in the end, what if the digital intelligence is the beginning of our legacy? What if we learn to preserve ourselves, without leaving a carbon footprint, without being the deadly blight on nature? At some point we will stop to exist, we die; it is a simple consequence of nature, but what happened, if our wisdom is preserved? Many come with stories and nightmares of the loss of identity, but what happens if we can store intelligence? What happens if the next century Albert Einstein would be there to help us create progress, inspire innovation for all time? Is that such a bad thing? Some of these questions are beyond my ability to answer but there is a dangerous dark side too, what happens when this becomes commercial Intellectual Property? I am all for IP, yet, should cloned intelligence become the property of anyone? I feel that I might be alive long enough to actually see that question go to court. I hope that those making that decision are a lot wiser than I currently feel.

This now gets me to story two, which also came from the BBC (at http://www.bbc.com/news/technology-31440978), the story here is ‘Cybersecurity: Tech firms urged to share data with US‘, which gave me the initial scepticism regarding the Vint Cerf story. So, I am not linking them perse, they are separate stories. The initial quote is “Private tech firms should share more information with government and with each other to tackle cybercrime, according to US President Barack Obama“, I do not disagree with this thought, however, there is a side to this that is not addressed. The given quote is “Senior Google, Yahoo and Facebook executives turned down invitations to the summit, held at Stanford University“, so is this about not sharing, or about keeping the data non-sharable. There is part that we see when we look at the quote “Mr Obama is backing the creation of information sharing and analysis organisations (ISAOs) to help firms and government share material on potential threats“, yes, if we consider that Snowden fellow there could be issue, but is that a valid path? You see, consider how some do NOT want the cyber threat to reduce for the largest extent, consider how many software ‘solutions’ are out there, for viruses, phishing attacks, identity theft and several other parts. There are two dangers, at one part we have a possible solution to theoretically start solving and decently diminish the danger, the other side is on how all that data gets linked, that part in the wrong hands is a lot more dangerous than many could imagine.

The following quote adds to the worry: “Government cannot do this alone. But the fact is that the private sector can’t do it alone either because its government that often has the latest information on new threats” My issue is that this should not in the hands of any private part, it could be seen as the execution of the premise ‘absolute power corrupts absolutely’, those who face that lesson will not have an option. I would see a solution if there was collaboration between NSA, GCHQ, DGSE and a select few more. Reasoning? Cybercrimes have a distinct impact on national income and also national tax donations. They have all the drive to get it resolved. I have less faith in private companies, their allegiance is to profit, their board of directors and more profit. This is the issue as they will do what they need, someone falls on a sword and many get extremely wealthy, the data goes everywhere and many become exploitable, classifiable and re-sellable. I have been in data for decades, I think that governments can do what needs to be done, and it is time to change the cycle of re-iterated profit. Governments have made themselves the bitch of the private industries, the three mentioned initially is not enough, consider the quote down the line “Facebook, Yahoo, Google and Microsoft have all sent less senior executives to the conference“, so why was Microsoft not mentioned earlier? What is going on? The interesting part is that Bloomberg mentions Microsoft several times, the BBC article just twice. It is clear that something needs to be done on several levels, but it takes a different scope and a different approach, I feel decently certain that keeping the private touch out of this will be essential, for the reason that private companies have a mere commercial scope. I feel uncertain that this approach will work, it has not worked for a long time; I have seen ego and political play and personal reasoning interfere with results, in more than one nation. Whatever is done, it needs to be done, it needs to be done a lot faster than many consider and even though taking the politician out of a government seems to be impossible, we need to make sure that an approach is considered that does not allow for political exploitation, but how to get that done is another matter entirely.

 

1 Comment

Filed under IT, Law, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , ,

January 17, 2015 · 10:52

Pussy versus Tiger

This was my first assessment when I looked at the Guardian regarding the article ‘Barack Obama and David Cameron fail to see eye to eye on surveillance‘. (at http://www.theguardian.com/us-news/2015/jan/16/barack-obama-david-cameron-surveillance-terrorists). As we see America slump more and more into the weak excuse it is on an empty wallet, it must have been quite the surprise for Prime Minister David Cameron, to go to the ‘leader’ of the free world, hoping for a decent lamb chop (which you actually can only get in either Australia or New Zealand) and he ends up having dinner with someone who prefers Purina as a meal.

You see, I am not buying his ‘civil liberty’ approach for one second. In an age where Google is demanding more and more privileges to access your mobile data, where Google search gets transparently pushed into your android phone on top of your functions. In that era HE is proclaiming ‘civil liberties’?

Where we see Facebook where we would have to consent to allow access to our religious beliefs and that of our friends for access to a game. What is this, ‘Gaming for Catholics’? Here we see discord on what is needed to keep the citizens safe?

I particularly like this part “As Cameron warned the internet giants that they must do more to ensure they do not become platforms for terrorist communications, the US president said he welcomed the way in which civil liberties groups hold them to account by tapping them on the shoulder“, tapping on the shoulder? Yes, with Bing, Google, Amazon and Yahoo all in America, he definitely wants the power of collection to be ‘unhindered’ for now. There is of course the thought that President Obama has no control and it is Google and Microsoft telling Congress how it will be for now, which means unmonitored access.

That part is also a requirement to keep the financial sector running uncontrolled until it is too late (a point which might have passed already).

So, is this all rambling? Let us look into the evidence!

The first part comes from the Trans-Atlantic Consumer Dialogue (at http://www.consumersinternational.org/media/1396104/tacd-resolution-on-data-flows-in-the-transatlantic-trade-and-investmemt-partnership.pdf), an organisation not too visible, but it is loaded with high profile participants (at http://tacd.org/about-tacd/whos-who/), the PDF had nothing really new to tell me, but this part is important “The actual extent of these data collection practices, whether they were lawful, or the range of activities involving companies such as Google, Facebook, and Yahoo are still unclear. Until the new US and EU joint group of experts tasked with examining privacy in the light of the National Security Agency’s PRISM Internet data program and related disclosures makes a report to the respective governments and the public, it would be unwise for the negotiators to address data and e-commerce-related trade matters at all. The public on both sides of the Atlantic deserves a full and frank discussion of what actually transpired, and what policies or safeguards should be required as a consequence“. Even though we were confronted with the Snowden fiasco, the massive part that is kept silent is what non governments are collecting, they have been collecting data every second, of every minute of every key press you made these last few years. Data that is valued, without oversight. So ‘yes’, as I see it, the President (or the Democratic Party) is very likely getting told that with oversight, the fat checks will disappear.

This is at the heart of the matter, David Cameron (and several others) needs to keep their civilians safe, whilst as I see it, America is about the bottom dollar at the expense of everyone’s safety. Should you doubt the latter part then consider the next bit “US trade policy requires radical reform, not only to the flawed certification process, but also to the secrecy of trade negotiations in general, the lack of accountability to the public, and Fast Track proposals that insulate trade agreements even from the scrutiny of Congress itself“, which we get from Electronic Frontiers Australia. So, as we see the push for ‘free trade’, how can there be ‘free trade’ without civil liberty? It seems that in the US ‘free trade’ is synonymous with corporate trade, specifically the corporate trade of big business. So as we see that areas are drowning in corporate oversight (by the corporations), we see the term ‘civil liberties’ being cast in a voice to keep big business out of oversight. So, how does your Purina taste today Mr President?

Now the intelligent person will state, what has one thing to do with the other? How did we get from some data discussion to the TPP? This would indeed be a decent question and my answer is that it is all linked. You see, the big data collectors can only continue if it is unhindered by policy. Google’s fortune comes from the data of millions each day. So once the data starts getting holes as the rights of those from the UK, the Netherlands, Sweden, Germany and Australia are set to boundaries, the collected data will show holes, which means the value goes down by a lot. Over 30% of the internet has business, which lands roughly 40% of ALL profits in the hands of US firms. I am precise in my statement here, US Firms! Not US government or the IRS, just US firms who will syphon billions via Ireland and like-minded places where taxability is at 0.1% (or some other ridiculously low number). If this oversight changes, so will the profits dwindle to a much lower percentage, now suddenly it will be a fair game for internet companies on a global scale, which is NOT what the US wants at all.

When we consider “The prime minister adopted a harder stance on the need for big internet companies such as Facebook and Twitter to do more to cooperate with the surveillance of terror suspects“, that fear will hit many and suddenly there are more holes in the collected data, downgrading businesses, the economy and heaven forbid, the DOW Jones Index, hence kitty goes into ‘UCLA’ mode.

But many in Europe are now a lot more awake, the events in Paris did that, when an actual terror attack hits a place like Paris, people suddenly notice and their fear for their safety spring into action, which is counter-productive for these US firms (as the terror attack is not happening in the US), corporate greed takes a front seat on what needs to happen, all under the guise of ‘civil liberty’.

As the president came with “In a sign of the concern in the US at the threat posed by extremists in Europe and in Syria and Iran, the president said disfranchised Muslims were one of the greatest challenges faced by Europe. “It is important for Europe not to respond with a hammer with law enforcement,” Obama said at a press conference with Cameron as he contrasted the way in which US Muslims had integrated and regarded themselves as wholly American“, really? How did Americans react on September 12th 2001? They couldn’t get the DHS started fast enough! In addition, let’s take a look at the Guardian in 2012 (at http://www.theguardian.com/commentisfree/2012/dec/29/fbi-coordinated-crackdown-occupy), ‘Revealed: how the FBI coordinated the crackdown on Occupy‘. It seems that ‘civil liberties’ are not an issue, when profit (read: banks) are in play. If we accept the quote “The document – reproduced here in an easily searchable format – shows a terrifying network of coordinated DHS, FBI, police, regional fusion center, and private-sector activity so completely merged into one another that the monstrous whole is, in fact, one entity: in some cases, bearing a single name, the Domestic Security Alliance Council. And it reveals this merged entity to have one centrally planned, locally executed mission. The documents, in short, show the cops and DHS working for and with banks to target, arrest, and politically disable peaceful American citizens“, now apart from the Snowden issue, I regard the Guardian to be a good paper, this gives a clear view that ‘civil liberties’ is not an issue in the view of profit and in the view of those depending on thus stated profit.

So here we see the clearer view of Kitty (Oval Office) versus Tiger (10 Downing Street). David Cameron needs to get a handle on the terror fear which goes a lot further then ‘commercial interests’, he needs to actually address and deal with these fears, hence the need for data. In this matter he had to speak to the President, let’s face it, getting GCHQ to download Exabyte’s of data (whilst permission is pending), without a meeting first is just bad form. On the other hand we could ask that data set from North Korea, apparently that is where the top hackers are today (according to US officials).

 

Leave a comment

Filed under Finance, IT, Law, Media, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,