Tag Archives: NSA

November 26, 2014 · 23:50

Perception from the outside

It is hard to write about this. Not because of the topic, but because of the implications that derive from the thoughts I have. You see, I have thus far always had faith in the intelligence branch. When we look beyond the implied Hollywood drama of all matters, the intelligence branch is a dedicated underpaid group trying to keep its nation and its citizens safe. Yet, what lies beneath the veneer when we look deeper into certain matters. Are they for real or are we all played by the press to some extent?

This is at the foundation, as we cannot rely on any first-hand information, especially when the press is part of it, we are left with a question mark. One that might not need answering, but one that should not be ignored, this is at the core of me, for better or worse, I seek answers.

This all started yesterday when I got wind of a Guardian article at the earliest of dawn, as a final paper was due, I just left it to look at later (that later is now). The article is ‘Lee Rigby murder: internet firm could have picked up killer’s message – report‘ (at http://www.theguardian.com/uk-news/2014/nov/25/lee-rigby-murder-internet-firm-could-have-picked-up-killers-message-report-says).

Now, this should be a shock, especially to the family members of Lee Rigby, so why is this even a story? It starts with the first paragraph “Internet companies face intense demands to monitor messages on behalf of the state for signs of terrorist intent after an official report into the death of Fusilier Lee Rigby said one of his killers wrote on a website – later named as Facebook – of his desire to slaughter a soldier, without the security services knowing“, was this written by someone who had a clue? If we consider CNet (at http://www.cnet.com/news/facebook-processes-more-than-500-tb-of-data-daily/), we see that Facebook processes 500 Tb a day, now this is all manner of data, yet consider another indirect connection when we see ‘Tesco director facing questions about lobbying government over dirty chicken report‘ (at http://www.theguardian.com/world/2014/nov/25/-sp-tesco-director-facing-questions-lobbying-government-dirty-chicken-report), the first paragraphs says it all (as far as information goes) “Former FSA chief Tim Smith understood to have warned Department of Health that revealing food poisoning contamination rates could provoke a food scare and damage the industry“, so when we add the text “Tim Smith is understood to have warned the Department of Health in June that FSA proposals for publishing results, which included naming and shaming individual supermarkets, could provoke a food scare and damage the industry“, so when was all this released to the media? how much delay was there? Consider the implication of the statement in there that “it kills around 100 people and makes an estimated 280,000 sick each year“, now we get back to the implied message that might have saved Lee Rigby, if we take that a message in total is no more than 60Kb (it is a lot smaller, but could include graphics), we are looking at 8 billion messages each day (those we make, we forward or share, those we get offered as advertisement). Now, there is more, Facebook has applications with within that application message options. Not one or two, but a few dozen, which means additional messages, like simple online messengers, all that data, now also consider the implied message that the Guardian mentioned. “The report said the authorities were never told that one of the killers, Michael Adebowale, wrote of his murderous intent six months before he and his accomplice, Michael Adebolajo, brutally attacked Rigby in May 2013 in a street near his military barracks and attempted to behead him“, so finding the message, investigating it and acting on it. In well over 2.5 billion optional threats, the National lottery in the UK has better odds of winning a big price in it, so how did all this come about?

Here we get to the issue “The ISC chair, Sir Malcolm Rifkind, accused internet companies of providing a “safe haven” to terrorists but said a despite a string of failings by the security services, which had repeatedly monitored both men before the attack, there was nothing they could have done to prevent the murder of Rigby“, here I start having an issue, particularly with Sir Malcolm. Consider one sincere threat in a place where there are millions of threats, boasts and pranks, all claiming something pretentiously grandiose. It is my believe that Sir Malcolm is all about trying something different and he going about it the wrong way, he is trying to get to Damascus, via Washington and Los Angeles. Not the brightest route to take. Apart from the approach he is implying to take, he is also forgetting about a series of events that he needs to take, which will fail and in the process will enable commercial companies to actually hammer down on consumers in the wrong way. Does Sir Malcolm realise that, or did he intentionally forget about that part?

What did I mean by that? You see, the intelligence branch has access to enhanced statistical algorithms; they match it via other created profiles. Now, normally such a profile is only created when a person has too many flags in his/her name. For example members of an extreme faction, people with links to organised crime and those with additional political agendas. There is a bunch of reasons which will result on the eye of the intelligence community on you. For the most they are checked every now and then and if nothing happens, nothing happens, it is that simple, which an accumulative approach to sifting data tends to be. This is all good and proper; it is a way to protect national interests. For the most they end up verifying that you are not a threat, or not a concern to them, it comes with their territory.

The intelligence branch has resources, they are there, but they are finite. Sir Malcolm seems to be pushing for a change that is extremely dangerous, you see, at some point, Facebook, Google and others will all be shanghaied into becoming ‘volunteers’ in data oversight. They will get all kinds of tax breaks, so there will be interesting benefits for these data farms, but now we get to the real dangers. At one point, they want more and push for a change that will allow these farms access to those advanced algorithms, now we get a new problem, now we see a change where those farms will get to analyse US ALL! they will have the algorithms and the linked data no commercial enterprise should ever be allowed to have, now we will all be set into those who get access (viable as retail commodity) and those who do not matter, we will get marketed into oblivion, but now directly into the realms we use to love, it will be a push to sway us into a direction we never wanted to go, our freedom becomes a point of pressure. Consider, you might love ‘the Office’, once social media digs deep, how much will you enjoy getting 10-20 sales pitches a day on your personal interests? How long until you stop sharing interests?

Now consider the following:

The ISC said in its report: “Whilst we note that progress has started to be made on this issue, with the Data Retention and Investigatory Powers Act 2014 (Drip) and the appointment of the special envoy on intelligence and law-enforcement data-sharing, the problem is acute. The prime minister, with the National Security Council, should prioritise this issue”.

The part not mentioned or looked at is data retention. I wrote about it on October 2nd 2014 in ‘Advice from the press?‘ there I wrote “I am still convinced that if data retention becomes a larger issue, the intelligence community will be lacking in hardware, knowledge and staff to deal with these massive amounts of data, which leaves us open to other issues, yet this is just my view!“, now we see a push that social media will do more scanning.

The next two paragraphs illustrate certain dangers down the track: “Adebolajo, the more dominant of the two, had featured in five MI5 investigations and Adebowale in two, but none found evidence of an attack. The ISC said MI5 made errors and was plagued by delays, but even if corrected none of this would have helped the security service to spot the level of danger posed by the attackers before they struck“, so how could we have kept Lee Rigby alive? The information to the better extent is stating that this would not have been the case and I am not the only one thinking this.

When we consider “The Guardian understands senior figures in MI6 expressed anger at the criticisms in the report. One source familiar with the committee’s work said: “It is fair to say that the chaps across the river are not happy at all.”“, we see another part. This is not just within the UK, the UK needs to protect itself, especially with the ISIS acceleration we see all over North Africa and in the Middle-East; this all requires a new strategy. Data is at the centre of it, that part is correctly seen by Sir Malcolm Rifkind, chairman of the ISC. Yet, my issue is the view the man seems to have in regards to integrity. Commercial enterprises have no integrity and to a larger extent, neither do internet providers. So we have an upcoming issue. The next part you the reader might observe is the part that was not clearly seen in the article and it has been part of the events that miss one item as we see these discussions.

What time is it?

Yes, the timeline! That is part of all this. No matter how lovely that ‘donut’ looks in London, the people there have been delaying with an increased amount of data. I personally would consider it to be in excess of 30% in growth per year, which means that the data collectors and analytical group grows over 100% in size in a little over 3 years, the accumulated requirement for the UK, and beyond that the Commonwealth requires growth beyond that. In my view, letting places like Facebook crunch that data and giving them access to some of these algorithms is clearly a bad idea. In addition, consider that these firms could harbour ‘sympathisers’ to chaos. Once these algorithms gets into other hands, how long until those supporting ISIS and like-minded extremists will get a handle on lowering their profile even further, making this entire approach pointless?

That danger is twofold, storage, which is the non-essential part. As storage seems to become cheaper and cheaper, that part will be decently manageable overall, the other part is the issue, processing power. We can want for all the processors we can, but the power processors of tomorrow are less and less equipped to deal with such a growing load of data. Now consider that this is just Facebook, how much additional data will we need to see mail providers, twitter, Instagram and loads of other multi Gigabyte collecting options. There is no denying that data needs to be looked at, yet direct data crunching is less and less an option. The question becomes how to tackle it, can or even the question should it be tackled like this at all?

That is the dangerous side, isn’t it? When we are confronted with such an abundance of data, why seek the pressured solution? Let’s not forget that the example taken here, namely Lee Rigby, would not have been saved. So why try to seek a solution in such a pressured environment? Consider the lottery example; if 1,000 out of the 5 billion are death threats, we get a number one in 5 million, now we need to tackle these 1000 messages, which ones are genuine? Consider that some are below the radar, which means that some could be WRONGLY disregarded. Add to that the danger of a prank jest where a group and all THEIR friends send one threat regarding a VIP, politician or regent. It would drown out intelligence resources in mere minutes.

So yes, no one denies that something must be done, yet giving social media these responsibilities is not the best idea, giving them access in some way to other algorithms is less a solution, we are in a shift of dimensions, an interaction of data dimensions and profiling intelligence. Consider the NSA data center in Utah, costing over 5 billion in total, in addition, the cost of electricity, manpower and other costs, taking it to an additional 50 million a year (for just one location). Now consider that this centre will need to grow processing power in excess of 50% within two years, how much additional costs will it require? Add to this the energy needs, well over 60 Megawatts, yet within 2 years, that could be closer to 80 megawatts. That means in excess of 10 wind turbines, just for one location, the equivalent of 15,000 households of energy. I think that certain parties are not thinking in the right location, if we disregard the lack of expertise and an offer (in abundance) of revenue based (read commission seeking) expertise, it seems to me that even though data should never be ignored, certain approaches will require a different hand.

Perhaps it is not a new solution they need, but to reinstate a very old one.

Leave a comment

Filed under IT, Law, Media, Military, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , ,

October 18, 2014 · 09:43

As we grow expertise

An interesting story broke on the Guardian this morning, the title ‘Senior NSA official moonlighting for private cybersecurity firm‘ should catch our eyes in many ways, but for most of you it will seem wrong. The story is about an official named Patrick Dowd and how he, as an NSA official also worked in the late hours for IronNet Cybersecurity, yet never crossing the ethical boundaries.

You see, many will shout scream and all others of noises, but the plain and simple truth is that this happens ALL THE TIME. If you think that this is not true, then look at accountancy firms, look at Google and look at a host of other corporations. In this day and age, to get ahead you need to double dip your brain power.

Of course when doing this, knowledge, more precisely data cannot go from one to the other, yet the knowledge and the knowhow is there, which is the IP of the person holding the brain (aka the man with the thought out plan). Former General Alexander is heading a firm making well over 10 million a year (I will send him my resume shortly).

The article written by Spencer Ackerman in Washington (at http://www.theguardian.com/us-news/2014/oct/17/senior-nsa-official-moonlighting-private-cybersecurity-firm) gives the right nuance and is a good read. More important, between the lines he seems to be implying the question that follows from ““I just felt that his leaving the government was the wrong thing for NSA and our nation,” Alexander told Reuters“, he is of course correct, can we allow in certain areas to suffer a brain drain. Keith Alexanders pragmatic approach, if properly used earlier could have saved the intelligence hundreds of millions in the timespan 2003-2007; no one seems to be looking at that part. We seem to allow ‘dodgy’ accountants to sign off on unchecked quarters of billions, but when a soldier find alternative usage of his skills in non-criminal ways, we tend to shine the limelight on them. For this I only need to show the Reuters quote “(Reuters) – The new boss of Tesco (TSCO.L) has told staff he expects to be able to give a “clear and accurate indication” of the impact of a 250 million pound accounting mistake when the grocer reports delayed first-half results next week“, whilst trying to Google Pricewaterhouse Coopers reveals not one, I say again not one link that the press has taken one look at that part of the Tesco equation. So we can conclude at present (from the evidence as seen published) that for now, the backbone of the press is nothing more than a shoddy paperback!

Back to the Age of Cyber Alexander the Great, as we see the Huffington post, we see the quote “The FSR itself is a veritable tilt-a-whirl of revolving doors, with a steadily increasing lobbying budget on behalf of its corporate bankers and insurers and a roster of high-placed former government officials. For example, the FSR employs the firm of Barnett, Sivon and Natter to advocate its causes“, The Financial Services Roundtable (FSR) seems to be dealing with its ‘own’ mess by getting the bigger boys on the block involved. Now, whether the use of mess is qualified is depending on the view of where the responsibility of pro-active protection and support should be at. (at http://www.huffingtonpost.com/bea-edwards/the-nsas-keith-alexander_b_5515718.html), but there is no doubt in my mind, that those who would like to be (people like me), who have advanced data skills will have to clear the field to those with catered skills form the NSA, that is just a plain and at times, a little uncomfortable truth. If we look at the CCNA OSI layer as a comparison, then I would cover the layer two and higher, like most of us data boers (South African giggle), yet people like Patrick Dowd have layer one in addition. We all know layer one (physical layer), yet we do not actively interact with it other than a facilitation level. It is there that the difference of a million a month is easily spotted. We can all do it with time, but we were never able to work on that plain, that is where NSA bang for the buck resides. And let us be clear, this is a massive bang for all of the monthly bucks, because if you had not figured it out. RFID blockers are there for a reason, it is not a fab and it is not an overly worrying thing. The people (a very small group at the tip of the pyramid) would gain knowledge of a person beyond your imagination when they scan you as you pass by. The problem is not that you get scanned at times; it is where the flaws start on how thousands lose small amounts every day and no one is ever the wiser. Bloomberg reported in 2011 that hackers took a billion a year, that leak must be dealt with and this is just the small cash drains, when we consider other avenues, the loss of 1 billion might actually be the tip of another pyramid and as such the FSR will needed another game plan.

Keith Alexander saw this niche that was ignored for far too long and with the help of Patrick Dowd and others like him they are looking at changing the game and drastically reducing the losses. In a game of billions, 20 million would be a steal at twice the price. In the age of cutting down, a market hole was found and IronNet Cybersecurity is filling that niche nicely. Consider that the Securities Industry and Financial Markets Association (SIFMA), the Consumer Bankers Association and the Financial Services Roundtable (FSR) are only the beginning. It’s such a nice view where we see a former General turned data visionary could become the founder of a billion dollar company. This is not a boast, when we see that outside of the US the digital theft age is a lot more than just a simple 9 figure number, the exact amount is not known, we know of the fact that it is, but not how much, but when it is hushed up to this intent, we can safely assume it is to some extent worryingly high, so as such IronNet Cybersecurity is not the first, but it is likely to grow faster and larger then all others for simple reason of skills and access to knowledge, two elements the others do not tend to have to that degree on these fields.

What will be next? That is the question which is not answered with the final quote, but it shows a much larger field then many considered “Compounding the potential financial conflicts at the NSA, Buzzfeed reported that the home of chief of its Signals Intelligence Directorate, Teresa Shea, has a signals-intelligence consulting firm operating out of it. The firm is run by her husband James, who also works for a signals-intelligence firm that Buzzfeed said appears to do business with the NSA; and Teresa Shea runs an “office and electronics” business that lists a Beechcraft plane among its assets” If you think it has no bearing then think again. As the requirements for data retention grows as stated in more than one nation, the clear limits to skills and people, which have been noted by me and several others to some extend over several months, where do you think these telecom companies will get the consultants and knowledge from?

These places refused to grow expertise when they had the chance, pushing the need forward again and again, now these consultants are pretty much all that is left and training in house staff will get a lot more expensive soon enough, good business is where you find it, and it seems that Keith Alexander and Teresa Shea saw that companies were painting themselves into a corner, they only had to wait until the first one realised that they had no place left to go.

The consequence came to them as easy as eating pancakes, the cherry they got for free!

Leave a comment

Filed under Finance, IT, Law, Media, Military, Science

Tagged as , , , , , , , , , , , , , , , , , ,

October 2, 2014 · 11:51

Advice from the press?

So, as we look at the Guardian, we see someone stating that we need an independent monitor. So, what is going on? To be quite honest, at first I thought I was reading a cartoon. The fact that the spokespersons name is Julian Disney did not help matters (and I so love my Disney movies).

Yet, this is not me having a go at a respectable person. I do not know Prof Julian Disney AO; he is a professor of Law at UNSW. Even though those from UTS will always happily have a go at their academic brethren (Australian graduates regard the rivalry between Oxford vs. Cambridge and Harvard vs. Yale to be mere child’s play), we do keep all professors in high regard!

Yet, that does not mean that we will not oppose them when needed and this is as I see it such a moment!

I have been very vocal in the past in regards to the press, their actions and their flaws, their massive flaws. It seems that the press all about ‘self-regulating’ and beyond that it is all about public advocates (so that they will have access to materials. Yet, the intelligence field does not operate in this way. I had a few concerns, which I addressed as “I would have preferred that a clear location would be there to alert someone, even if it was a special appointed judge“, which allows for whistle blowers to the smallest extent, but not one that is open to all. I want to be certain that the information is properly vetted for ‘misuse’ (read: whinge to promote one’s self agenda and career).

So yes, I have issues with the article (at http://www.theguardian.com/australia-news/2014/oct/02/australian-press-council-spy-powers-independent-monitor). My first issue is “The Greens senator Scott Ludlam announced on Wednesday the Greens would not be supporting the next tranche of legislation, which will force telecommunications companies to keep the personal details of Australians for two years“. We have two options here, either the DSD (Australian version of GCHQ) gets all the data, or they get access to the data when properly needed. They opted for option two, which means that telecoms need to hold on to data. Listen up people, this means that your data is safe until there is a direct known threat, which will allow for a ‘data warrant’. So if you did nothing, you will never show up in their lists. To be clear, in America, the NSA opted for solution one, which gives them all your actions and as such you were ‘mined’ for flags. This means that in 99.999657% likelihood (roughly), they never saw you, they mined you with processes, but no person ever saw your actions.

The second quote is “He added that it was critical for the inspector general of intelligence and security, journalists and the community to continue to monitor how the new laws were implemented“, I agree with most of this view, but let’s change ‘, journalists and the community‘ into ‘a special appointed and security cleared judge‘. I have nothing against the proper person monitoring what happens and as I am still in favour of a legal approach, it should be a special appointed judge and let’s keep the journo’s out of that part, for several reasons. Let’s not forget that the Sunday Mirror entrapment sting is less than a week old and we have seen our share of issues, especially when there was some free for all against Julia Gillard, with the questions aimed at Tim Mathieson to be the ‘Ruddy’ cake, the icing and the candles. There are several more issues. I admit we are not as bad as that island on the other side of the planet, but when it comes to trusting the press, we should all have issues, especially as the Sony issue was ignored by ALL!

So, as it stands, at present I will oppose the Australian Press Council on this.

There is however something in the quote “This will affect every man, woman and child and every device in the country. Now the government has rammed the Asio laws through the Parliament today it is now turning its sights on every internet user in the country“, this statement is not incorrect, yet the people (read the press and politicians) are both dancing around one issue, whilst another issue is the real threat. It is not that the Intelligence community has access. They are merely there to stop the dangers of terrorism. My issue from the very beginning has been ‘who else gets to have access‘. Here we see the real danger, which the press seems to be unwilling to voice. Why? Is a company like Telstra too able to ‘uproot’ your careers? That fear was voiced by me in the blog ‘For our spies only!‘ which I wrote on the 26th of September, the issue is not what should get access, but what will end up having access too that is to a larger degree a concern. I am still convinced that if data retention becomes a larger issue, the intelligence community will be lacking in hardware, knowledge and staff to deal with these massive amounts of data, which leaves us open to other issues, yet this is just my view!

Now consider the impact!

What impact could there have been? Well, to understand that, we have to take a look at yesterday’s news (at http://www.heraldsun.com.au/news/law-order/jihadist-sponsor-accused-may-have-made-one-fatal-error-that-led-to-his-arrest/story-fni0fee2-1227075746698). The issue here is not how they got him, but how they almost did not get him. The issue was luck, if the FBI did not have a record on all 12 Americans in Syria, we would not know. Hassan El Sabsabi was allegedly funding people to join Islamic State. He would still be in business, and your money on pizza would have gone to support Islamic State. What a lovely meal you would be having then. Was it perhaps the peperoni supreme?

If ASIO had the data and the scripts would have been running, it is likely that he would have been known earlier, more important, who else is doing this? If they funded a non-American they could still be in business and perhaps they still are. There is no evidence that there was only one person doing this, there is evidence that he is unlikely to be the only one. Did you sign up for your Pizza, your Salad or your Sushi to be the foundation for another terrorist? No! So let ASIO do their job! In this case the press will only advice on the things that further their OWN cause, which tends to be circulation and advertisement. That part has been in the foreground in such a blatant way, that I feel no other option then to oppose the view Professor Disney is offering. Possible we will see more information on what happens next and perhaps the Professor will sway my view. I do not think so, but ignoring voices of wisdom tends to be silly and polarising, which serves no one, not even me, myself and I.

What other issues are there?

Well for me that is pretty much it. I believe that access needs to be monitored and no one beside the Intelligence community should have access and that will, at present not be a given. However, I am very much in favour of the press not getting access at all. Yet, the article by Paul Farrell seems to be written with the ‘intent’ to instil fear. A fear we should not get into, for the very reason that it is fear that they are trying to remove and is achieved by people not looking over their shoulder, especially a group of journalists who seem to give into appeasing advertisers, the one group we do not want to see anywhere near these amounts of data.

 

Leave a comment

Filed under Law, Media, Politics

Tagged as , , , , , , , , , , , , , , , ,

September 26, 2014 · 21:23

For our spies only!

It’s out in the open, apparently Australia will get its first feel of a ‘cold war’, which according to Attorney General Brandis, will be a lot worse, will it?

Let us take a look.

The first source is the Guardian (at http://www.theguardian.com/world/2014/sep/26/spy-agencies-to-get-stronger-powers-but-what-exactly-will-they-be), as I am all about a certain level of consistency, let us add a few quotes. “Crossbench senators and many stakeholders raised their concern that, in the absence of a clear definition of a computer network, a single warrant could be used to access a wide range of computers, given the internet is a network of networks” as well as the response to the greens who wanted to add a limit of 20. “Brandis said such an amendment “would impose an arbitrary, artificial and wholly unworkable limitation that would frustrate the ability of Asio to perform its statutory functions“.

These are both fair points, in regards to the sunset clause the response was “No. Brandis rejected a call to put a 10-year expiry date on the new law related to special intelligence operations, despite agreeing to similar sorts of sunset clauses in the yet-to-be-debated foreign fighters bill“.

And the fourth quote, which we need later on is ““Freedom is not a given,” the attorney general said. “A free society is not the usual experience of mankind. Freedom must be secured, and particularly at a time when those who would destroy our freedoms are active, blatant and among us”“.

So, this sounds fine and it all sounds viable, but what about the dangers here (are there even dangers)?

For those with some insight in law, here is the bill as it currently stands (at http://parlinfo.aph.gov.au/parlInfo/download/legislation/bills/s969_first-senate/toc_pdf/1417820.pdf), which for the most is an amendment to the Australian Security Intelligence Organisation Act 1979 (at http://www.comlaw.gov.au/series/c2004a02123).

Initially, it seemed that there was an issue on page 76, yet, when we look at the final product, the change makes perfect sense. The first change here is the approach to information; basically, we will not have a weaky leaky speaky person. So we will (hopefully) not have an issue with some person dreaming to be on team Manning, Snowden and Moronic. It was so nice of the NSA to get into ‘hot’ water, so that we can prevent it. However, not all is well; this is seen (at http://www.theguardian.com/world/video/2014/sep/26/internet-threat-existence-video). Whether it was just bad form, or over generalisation, Senator Glenn Lazarus stated “The internet is a serious threat because it can be used to orchestrate and undertake criminal behaviour across the world“. He then continues how ASIO and ASIS are there to increase security. It is this slight casual quote that seems to voice the dangers, as these powers are needed to combat security threats of several shapes. Yet the senator states “orchestrate and undertake criminal behaviour“, which is a lot broader then initially implied. This does not mean that this will be used as such, and quite honestly, if it stops shady financial advisors, then I am all fine with that, but it goes further than that as it was voiced (not stating the reality will be as such). Another part of the Guardian showed the ‘grilling’ of Attorney General Brandis by Senator Scott Ludlam, yet it seems that there the kettle is off the boil too. The Senator knew that Brandis would not answer or resort to speculation. He stated “I am not going to indulge Senator Ludlam by answering hypothetical cases or cases of historical interest“, which is fair enough. The Senator should know that, when he did a similar thing on October 4th 2013.

So where is the fire and is there a fire? You see, what is happening now, is what should have been done some time ago. I oppose Brendan Molloy from Pirate Bay (a fellow student), but his heart is in the right place (top right behind the rib cage, just like mine) and all these posters we see all over the place in regards to whatever, whenever, forever and prison. It is nice that we see all these posters on dangers and so on, yet some people seem to ignore the debilitating blows the US suffered at the hands of Manning and Snowden, not to mention Jullian Assange (which I will not go into at present). This will now change. At times those who don’t know speak those who know remain silent. It is when those who know speak out, that is when the casualties really go into many digits and Australia has its own brand of security issues. America has a little over 19,000 border miles on an area occupied by 320 million people. Australia seems larger, with a 22,000 border miles coastal line, yet overall Australia only has 22 million people, so with a population less than 10% we have to play the game another way. The security measures are one way, not the only way, but it will possibly stem several issues, which gives our intelligence branches a little more time to figure it out. Let us not forget that we have an intelligence structure and a form of Signal Intelligence, but if you think that they get a serious chunk of cash, then consider that the total Australian intelligence budget is a little under 1% of what America gets, and we get to look at a similar sized chunk of land to observe and a lot less people.

This got me to two issues that are now forming, yet the bill seems to not cover it as such. I am referring to the Telecommunications (Interception and access) Act 1979. Intelligence is essential, so is data collection and analyses. What happens when new solutions are needed? What happens when we face a change? The US had this when they needed more efficiency for the buck and a system called Palantir was used in the tests. Like Deployable Ground Station (DGS), the army ended up with a version known as DCGS-A. Now we get off to the races, the initially optional new system Palantir, its software was rated as easier to use (not unlike the analytical tool IBM Modeller), but did not have the flexibility and wide number of data sources of DCGS-A, which now gets us into hot water, or what the London Chef of Sketch might classify as: ‘from the frying pan into the fire’, these changes will also impact other systems and other people. In many cases the use of a NDA (Non-Disclosure Agreement) is used (or in many cases Positive Vetting). The entire mess (slight exaggeration), will take on new forms as we see how the changes might also have a flaw (as I see it), what happens when there is a sudden spike of collected data. Scripts, automation, production jobs and moreover the gathering, sifting and storing of data will soon take an entirely new dimension. The current intelligence framework is in my humble opinion not even close to ready for a growth in excess of 400% (800% is more realistic). You see, if we are to set up a path that gives us a possible trace of events, then we need several snapshots, now, they will not snapshot the entire nation, but the amount of data that needs to be stored so that the people who need to know can follow the trace will be a massive one. I for one, am absolutely not in the mood to allow a ‘3rd party’ (read IBM, Oracle and a few others) to set up shop, as that data could even end up in America. Even though I have no issue with my data, feel free to check my Diablo 3 save file guys! The issue is when a grey field allows other uses. For this I recall the article ‘NSA linked to corporate dangers?‘, which I wrote on September 22nd 2013 (Yes, a year ago!), where I quoted the NSA site (the open source unclassified part), “The Information Assurance Business Affairs Office (BAO) is the focal point for IA partnerships with industry. It also provides guidance to vendors and the NSA workforce in establishing IA business relationships and cultivates partnerships with commercial industry through demonstrations and technical exchanges“.

So when we see such an escalation, how long until we see an ‘evolution’ of our intelligence data to create a business space? Let’s be honest upfront, the NSA has a different charter and as such has a massive amount of additional tasks, yet in the current form, is such an evolution that far-fetched? How dishonest is the advantage when a firm like Telstra or iiNet gets their greedy little marketing claws on data so verbose that they can target 10%-20% more ‘efficient’? So we have 2 sides and as far as I see it an element that might need tweaking because of it (reference to the: Telecommunications (Interception and access) Act 1979). The entire Data mining issue is also on the table as I have not met an abundance of miners who have my levels of skill when it comes to massive data sets. When the pressure is on and they need to create a creative alternative to a missing values data set, the race will be pretty much over. Then what? Get external experts?

Now we go back to the initial fourth statement ““Freedom is not a given,” the attorney general said. “A free society is not the usual experience of mankind. Freedom must be secured, and particularly at a time when those who would destroy our freedoms are active, blatant and among us”“. I do not oppose the statement perse, yet in my view the statement is “Freedom is a given in Australia, to keep the Australian values, in a time and under conditions that were designed to remove the tranquillity of our lives, steps must be taken to safeguard the freedom we hold dear. As such we need to act according to new paths for the sole purpose of stopping these elements amongst us, who are driven to remove freedoms, we and all those who came here to enjoy our way of life“.

Freedom remains a given, we will just add a few new solutions to stop those intent on destroying our lives and our freedoms!

In the end, both the Attorney General and myself decided to make Pappas Bravas, he said potato, I said tomato, yet I remain at present cautious on who else is eating from our plate, without the balance of the whistle blower, that person might remain undetected, in that regard, I would have preferred that a clear location would be there to alert someone, even if it was a special appointed judge (who would be added in subsection “(4) The persons to whom information may be communicated under subsection (3) are the following:

Was that such a stretch?

 

Leave a comment

Filed under Law, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , ,

September 24, 2014 · 21:12

Are they the real losers?

Yes, it is a nice new day and to be quite honest, I feel ashamed that fellow gamers and fellow men on the internet are starting to show that many are the type of person, real man are disgusted to know.

Let’s have a look at the facts lately. First we get the 101 naked celebrities, which, fair enough could have been done by any over enthusiastic (read: horny) teenager. That does not make it OK or any way acceptable. Then we get the persecution of Anita Sarkeesian and Zoe Quinn for the most ridiculous of reasons and now, because an actress speaks out for all women, you know, through that usage of ‘freedom of expression‘, she now gets haunted by hackers, posting her stolen images (because she was wearing not that much) to scare her and to ridicule her and finally there was Caroline Criado-Perez who had a really nice idea and got threatened because of voicing the idea.

You see, I am very willing to do something about it, but I am not that good a hacker. I can remove them with a sniper rifle pretty efficiently, but that gets me into hot water (the Crimes Act of NSW 1900 gets a bit iffy at this point) the police seems unable to do anything about the victims, but the hackers will apparently have all the rights to protection and privacy. I am willing to test these rights.

So, here I throw down the gauntlet! Because, I am sick of these cowards feeling safe and secure. I challenge these groups of so called ‘greater than life‘ hackers to prove their greatness and find those hackers who did this to Anita Sarkeesian, Zoe Quinn, Emma Watson and Caroline Criado-Perez. I think the people (and me) have a right to know, so I challenge the hackers to find them, post the evidence as well as their identity and address on all places, as well as 4chan. If the press is so into ‘the people have a right to know‘ then let’s find out who they are. It would also be nice to know who hacked the celebrity mobiles and add those names and identities too.

Let us find out whether there are real men amongst those hackers, who would like to get recognised as the man who gave us the names of these hiding cowards. If these people claim a right to ‘privacy’, let us recall a tweet that was send to Caroline Criado-Perez. The tweet ended with “NO MEANS YES“, let us test that theory!

You see, I reckon that once they are out in the open, the game changes. Their neighbours will point at them. Those guys in school who were always smitten with Hermione Granger will want to prove to their hero actress that they will stand up for her. These fathers living nearby who have seen their darling daughter cry because she got bullied, will feel the rage of violence boil their blood when they spot them. I wonder how secure their confidence is during the day when they all know who they are.

Did you, the threatener and abuser consider that?

When we look at the piece in the Guardian (at http://www.theguardian.com/women-in-leadership/2014/sep/23/hackers-tried-silence-emma-watson-naked-photos-but-made-her-voice-louder), we see an article that is decent, but substandard. It gives us a psychology part and some referencing, which is how I saw it. Of course the daily star front cover was there. There was a part I did really like. The quote was “Emma Watson did not talk to the UN about the need for equality because all forms of gender discrimination have been eradicated from our world. She spoke about it because every day, in every country, women face violence, abuse or just plain old ignorance”, yet this was countered by the quote that follows “Much as we’ll cheer for the underdog in a sports match, in real life we don’t want them to defend themselves”, which I found offensive. Of course the debate then becomes whether that statement has any truth. You see, if we truly believed that, we would be outspoken about it. The reality is that those acting out against it are cowards, like those old white men in white outfits with burning crosses (KKK reference). These people hold their believe in the dark corners, where no one can see who they truly are, which is why I want these ‘hackers’ out in the open. I am truly curious what we will find and whether we see some crying father on how his son was misled and it was all one big misunderstanding.

The second article http://www.theguardian.com/film/2014/sep/23/feminists-rally-emma-watson-4chan-nude-photo-threats is also decent, but I had a huge issue with the title ‘Feminists rally round Emma Watson after 4chan nude pictures threats‘. I personally believe that the title ‘All real man and real women go to bat for UN spokesperson under siege‘. That would be the title that wakes up nations! Let’s be clear, this is not because she looks nice, is pretty or an actress. I felt the same way when we saw the utter injustice that befell Caroline Criado-Perez.

The question is how to deal with these people, because they are tearing at the foundation of our freedom, not just the woman, the men are in equal danger. If you doubt this, then ask the father of Emma, the parents of Caroline. Do you have a daughter? It could even be a son, what happens when your child speaks out against injustice? Then what do we do? Let them be victims to some coward, who does not believe in their freedom of speech, their freedom of expression or their support to a person they ‘hate’.

I believe that they fear the light and accountability, so let’s give them some bright light to bake under. Even though the intelligence community has a few other priorities, can you guys (NSA, GCHQ, DSD, DGSE and FAPSI) make it into a competition (perhaps for your interns)? The first correct publication is worth 4 gold stars, second place gets 2 gold stars and third gets one star and the rest will have to fend for the next round. Like a hacker Olympics for signal intelligence.

Seems like a harmless enough sport and let’s face it, the hacker wants a challenge, he/she is baiting you to find them! Are you, the upcoming SIGINT officers of the future up to the challenge?

But I very much liked the quote in the end: ““All I can say Emma, is: fuck them,” wrote Rhiannon Lucy Cosslett“, she took the words right out of my mouth!

UPDATE:

At 21:00 the games changed a little. It seems that the threats against Emma Watson were a viral marketing ploy. (at http://www.abc.net.au/news/2014-09-24/emma-watson-threats-actually-stunt-to-shut-down-4chan/5766882). In my mind there is no change, the others were victims of harassment and psychic assault. Yet, these issues have other issues too. You see, the origin of 4chan was nice, clean and pure. It was altered by some to be used in other ways. It was the brainwave of the then 15 year old Christopher Poole who was into Japanese comics and anime. there is a lot more to 4chan. I found a reference to ‘A 21-year-old man was arrested after 4chan had provided the police with the IP address of the poster.’, so 4chan is more then just trollers and hackers. Which makes the actions of the company Rantic more then just a little dubious. Yet all is not clear there either as the ABC has one excellent quote “The #shutdown4chan hashtag gained some momentum on Twitter, but some users raised concerns that it aimed to eclipse conversation about Watson’s gender equality speech“, which beckons the thought, what exactly is going on and perhaps 4chan is not the nuisance, but the saviour for the message that prevails with #heforshe and whether they could do something extra to spread the message Emma Watson had for all people visiting the internet.

So was my article right or wrong? In the end, the issue I had remains and remains clearly. The press acted directly and corrected as soon as they had the information, the question becomes what about the other victims?

Leave a comment

Filed under Gaming, Law, Media, Military

Tagged as , , , , , , , , , , , , , , ,

August 30, 2014 · 11:03

The Sanctimonious pretender

I saw a smaller headline this morning. It was not a text, but a video from the Guardian. The headline read ‘Why is the United Arab Emirates secretly bombing Libya?’ (at http://www.theguardian.com/world/video/2014/aug/29/why-is-the-united-arab-emirates-secretly-bombing-libya-video). The text below the video is “The United Arab Emirates, a small wealthy Gulf state, has been secretly bombing targets in Libya, from bases in Egypt without the knowledge of the US. We explain how the raids reflect new rivalries in the region and are likely to trigger new strains between the west and its increasingly assertive Arab allies“.

There are several sides to this, but let’s start with the obvious ones “without the knowledge of the US“. Since when do we need to tell the US everything? If allies share all information, then can Washington please be so kind to send a 100% backup of their collected NSA data? You see, when we look at the word ally, the Oxford dictionary gives us “A state formally cooperating with another for a military or other purpose“, but the one that is perhaps more apt is “A person or organization that cooperates with or helps another in a particular activity“. So helps or cooperates in a particular activity, not all activities.

There are two questions linked to all this. The first is “how much of an ally is America?” I do not mean this in a negative light. The reality is that as it stands, USA is no longer a super power. They are limited in their actions and as the Democratic administration has given away nearly all power to banks and debt holders, in addition, there is an increasing visibility on just how dependent USA is on their need for oil. The article shapes another side that might have been unintended. It states “they were once united in their fear of Iran“, the fact that USA has been trying to get a dialogue with Iran is unsettling to many. In addition their slow response to the threat ISIS is also seen in a more negative light. The Iranian change has left the impression that USA will talk with all, this left an uneasy taste in the mouths of the conservative gulf monarchies. For if America is willing to take the ‘easy’ path to their oil, as well as the implied move of America to move away more and more out of the middle east is showing them the question, who should be THEIR ally? This could be the economic prosperous situation that the Commonwealth needs, yet would it be prosperous and moreover, how much of an ally will the Commonwealth nations need to become?

This is part of the view that I have had in other areas as well. Big Business seems to regard any nation with a monarchy as a non-positive area. Big Business is all about their powerbase which allows for a more secure hold on any location where politicians are the powerbase for their profit needs, it allows for changes and settings that are beneficial to large corporations. It seems to me that they cannot get the power foundation they so desire. Although phrased in opposition, KPMG made notion (at http://www.dutchnews.nl/news/archives/2012/10/big_firms_consider_leaving_the.php) of this. They stated in the headline ‘Big firms consider leaving the Netherlands, says KPMG report‘, the quote “Some of the Netherlands’ biggest companies are considering leaving the country because of the worsening climate for entrepreneurs, according to a new report by consultants group KPMG“. It is my view that this is not the actual ‘truth’. As I see it, it should read “Some of the Netherlands’ biggest companies are considering leaving the country because of the required freedom of exploitation that is denied to them“. This is of course my personal view, but considering the tax responsibilities firms have and for now, the pressures on both companies and people for tax accountability in the Netherlands. A board of directors have no national allegiance, just an allegiance for profit. I feel that honest values of accountability have for the most been the best preserved in monarchical states. Which includes the UK, the Netherlands, Sweden, and of course the UAE, Saudi Arabia, Oman and Qatar. So is there another factor why there is growing uneasy between these states? It seems to me that both Saudi Arabia and Qatar have absolutely nothing to gain in the long term to support ISIS, so where are these accusations as well as the implied evidence coming from that they seem to support these Islamic fighters?

The fact that Turkey and Qatar are stated to support Islamic movements is a call for more scrutinies investigations, as that implies that Turkey is now in opposition to its allies US and UK, so what quality evidence is there?

This is in the back of my mind when we look at the evidence. Is it truly the nations, or the larger players in these nations? If large corporations are indeed fuelling political needs of change by giving access to Islamic change, then we have an entirely new game in play. If we consider parts of ‘The Mobilization of Political Islam in Turkey‘ by Banu Eligür, we see another supporting side. It is the endorsing view by Jack Goldstone from George Mason University that gives us “Eligur shows how Islamists took advantage of the military’s obsession with the left and thus the military’s willingness to ally with them against leftist parties, the growth of a Saudi-supported Islamic business elite, and rapid urbanization, to create expanded networks and opportunities for electoral gains“. This is the side that is only one part. We tend to consider the side of on how Saudi Arabia and Qatar are involved, but we forgot the ‘western part’ in all this. Who exactly are the Saudi-supported Islamic business elite? These people, are they members of the house of Saud or are they exactly the opposite, Islamic members preparing to overthrow the house of Saud and turn a monarchy into whatever comes next. If that ever happens, then we get an entirely new situation. You see, whomever is in charge next can decide on who is allowed into Mecca, I have absolutely no idea what the consequence will be to that city, however I guarantee you that it might be the one spark to set a massive new strain of wars into motion, a destabilisation ISIS has been aiming for, for some time now.

Even though Jordan states to be ready to counter the radical threat, we see a view of widening support for ISIS among Jordanian Islamist fundamentalists inspired by its recent advances in countries neighbouring Jordan, which is a view that many are for now ignoring (likely until it is too late). This would force a massive military change for Israel and Israeli support as it will then be in a worse situation then it was in 1973, almost exactly 41 years ago.

The question becomes, how are they connected? They are not directly connected as events, yet the destabilisation will give a massive boost to the needs of ISIS as the younger population acts and reacts out, not in favour of ISIS, but against Israel due to a multi generation lecture of hatred (read non-acceptance), of the state of Israel. This might become the act tipping the scales in both Saudi Arabia and Oman. For ISIS it would be a win-win premise, if these two nations act out against Israel to appease its population, ISIS would claim to be the Islamic leader against Israel, if these nations hold off, they would create additional discord within the populations of both Saudi Arabia and Oman, which would only push the ISIS agenda forward more strongly.

So who is the Sanctimonious pretender?

As far as I can tell, they are the members of the boards of directors, in several cases just the man at the top who is pushing through support for certain extreme agenda’s so that a long term profit game can be played. The question would become would ISIS keep their word, or will they divide and exterminate this ‘infidel’ based support later on, for if we regard the meaning of infidel as ‘those who doubt or reject the central tenets of one’s own religion‘, are these people not digging their own graves?

Here is an Islamic view on greed: “Watch out for greed because the people before you perished from it. Greed led them to be miserly so they became misers. Greed led them to break the ties (of kinship) so they broke it. Greed led them to sins so they committed sins. (Abu Dawud)“, a view that was created almost a century before Christians went on the Crusades. Even then, Islamic view opposed the utter destruction that greed embraces.

If we do not start acting (read more than planning) for any solution that stops extremism, we might be left without options and the only oil America gets is whatever they can buy from Venezuela, Canada or Russia, which might make for a very uncomfortable oil price and a future we should all enthusiastically avoid.

 

1 Comment

Filed under Finance, Media, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , ,

July 6, 2014 · 15:23

The hungry Journalist games

Another day and another article on Sky News!

This all started a long time ago, but it seems that this article (at http://news.sky.com/story/1293651/internet-firms-take-legal-action-against-gchq), opens up new avenues to explore, aqs it already had taken the cake as one might say. There are issues for certain, they are on both sides, but what is this about?

The seven countries involved are the UK, the US, Germany, the Netherlands, South Korea and Zimbabwe. Let’s start by stating that this is an interesting group of nations to begin with. It was an article in Der Spiegel that set them off. Most sources seem to have copied and pasted the same message (Reuters Journalism as I tend to call it), one source also had this: “Their complaint follows in the wake of articles about mass surveillance published in the Guardian based on material released by Snowden“.

So again this could be a ‘Snowden’ story, but I want to take a look at another side and the quote by Eric King spokesperson (deputy director) of Privacy International who stated “It completely cripples our confidence in the internet economy and threatens the rights of all those who use it. These unlawful activities, run jointly by GCHQ and the NSA, must come to an end immediately

Is that the truth, or should the correct quote be “It completely undermines our support of optional criminal activities and threatens the opportunity of economic abuse for all who desire it. Their unlawful activities, run jointly by GCHQ and the NSA, must come to an end immediately, so that we may again focus on possibly deniable illicit profit

That is quite the change, isn’t it? Consider the following two issues. First the prices, for example ‘Greenhost’ offers the following:

Webhosting 120 GB storage and 1.2 TB data traffic for 132.75 euro’s a month and virtual data servers containing 50 GB storage and 1 TB bandwidth a month for 215 euro’s a month. Basically, just one account would fit the web space for most the ENTIRE Forbes top 50, not just one or two.

So, in light of recent events, I thought I had something here, the Dutch provider fits the bill, but then I got to Riseup, which no longer seemed to be active and the Chaos Computer Club (CCC) which seemed highly ideologically to me. More important, it did not fit the bill either. So am I barking up the wrong tree? (I have been wrong before you know!)

I still believe that the ISP’s are all about not complying as it is not about freedom, but about bandwidth (which directly translates into revenue), which seemed to fit the first part, but the others are not about that, which makes me wonder what is in play. Do you actually think that the NSA and GCHQ are about wasting time? So, is the Chaos Computer Club a waste of time? No, as far as I can tell, they are not. Are they a threat? Well, that remains the issue. They are hackers after all. Is it that farfetched that some people would want to keep track of some of these members? Let’s not forget that someone is feeding organised crime the knowledge that they need to avoid prosecution, when considering the power that both the Triades and the Russian Mafia have in the digital age area, looking into the CCC to some extent seems to be a given. However, knowing their skills, doing it in the way it is implied to have been done seems a little over the top as most of these hackers are pretty proud of themselves and they are for the most not in hiding. Let us not forget, they voice themselves to be about the freedom of the German people and the utter privilege of their data remaining private.

The fact is that this is an implied mess involving 7 countries, the next valid question becomes: ‘are they linked (beyond the accusation), or are they just a collection of elements?’

That question bares scrutiny, but should also indicate the view I have had of Snowden from the very beginning. I believe him to be a joke (and a bad one at that). Now, most of you will not believe this, but let us take a look at the EVIDENCE. I am not talking about some claim, but actual evidence partially on the common sense you and me hopefully tend to have.

1. The claims that he has made involves massive levels of access. Not the access a hacker will ever have, but the information from top level sources in the CIA, NSA and GCHQ. So were talking hacking into over dozens of top level secured servers, servers which are monitored 24/7. He, some hacker no one had ever heard from, did all that. These people behind the screens do NOT EVER give out passwords, do not give access, yet he had all the information and walked out of one of the most secure buildings in the world with all THAT data? This is a quote found in sources like ‘the Verge’ and ‘Wired’. I think we can agree that wired is a reputable source in regards to technology (at http://www.wired.com/2013/06/snowden-thumb-drive/) “‘There are people who need to use a thumb drive and they have special permission,’ an unnamed, ex-NSA official told the LA Times. ‘But when you use one, people always look at you funny.’” This is not unlike the view I have had for a year now. Let’s not forget, the NSA is the place where SELinux was developed, it was designed to keep close tabs on access control, specifically, who, where, how and with what. So ‘some’ technician, with the USB drive in the most secure server space on the planet is just not going to fly. The question I had from the very beginning is not how he did it, but what was actually at play here? The next part is assumption! Was it to give Booz Allan Hamilton more profit? That was my alleged first thought. If data was going to get ported to non-government institutions, this small caper could give BAH and whoever was getting oversight an easy and clean billion a year in revenue. That tactic, still ethically wrong, would have made perfect sense to me.

Here is how I see it and this is PURE assumption (I will get back to evidence in a minute for my next issue), consider the Microsoft disappointment with data collection plans for the Xbox One. We see some of the changes (at http://www.nytimes.com/2014/05/23/us/politics/house-votes-to-limit-nsas-collection-of-phone-data.html). The following quotes are essential here. The first one was from Jim Sensenbrenner, Republican of Wisconsin, “The N.S.A. might still be watching us, he added, but now we can be watching them“. It is a bold statement, but is it true; moreover, should they be watched? Yes, any intelligence operation needs oversight, which is fair enough in a democratic way of life, but how many should overlook this? Are the people in oversight not granted well above average powers and is it fair to any opposition party that they should have it?

2. What lies beneath this access is the amount of involvement. Prism is one of the named projects with supported links to Australia, the UK and the Netherlands, with Microsoft as a commercial partner. Really? One nation, known for clogs, cheeses, Hans Brinker and soccer is placed next to the NSA and the Commonwealth? It is a technological hub, no doubt about that, but it is the size of Maryland. So, this is just the first of several projects, involving secrecies that would be limited to the very top, most of it would not be written down and Snowden had it (as in having in past tense, details follow). The mention of projects like XKeyscore, Tempora, Project 6, Stateroom, Lustre and Muscular. They are not only different projects, but they are a scope of projects that would not ever be in one location to begin with. So, what is implied as ‘the top’ of data gathering and one IT person has it all? Is no one asking the questions the PRESS should have asked and openly doubted from the very beginning to begin with (a part that is not voiced in any way).

The funny part is that stateroom seems to be no more than the legal collection of information as EVERY government tends to collect diplomatic data and in his claim he made them ALL bitches to the NSA, they just do not know it. There is also a reference to Echelon, there are several references, but the one that matters is not named. A covert niche within the NSA and the name of the source is: Tom Clancy!

Is anyone starting to wake up now?

This is not about anything but the warped imagination that is not even close to a reality. Consider that every government has embassies and consulates, the Dutch have them, the Australians have them, so do the Brits and the Germans, not to mention the French and they have them too. Consulates and Embassies represent their governments. Consulates tend to be specific for people and companies, so that they have backups. Like getting home when your passport is stolen, or to help a company with a list of people they should talk to for starting to do business. Trade will always remain important anywhere. Embassies are more about ‘governing’ opportunities as I see them. The Dutch want to get first dibs on building a reliable bridge, so their ambassador talks the great talk. People skills is what it is all about and talking to the right people. There are other sides too, they try to resolve issues, like a Dutchman committing a crime in Melbourne (for example) and the Embassy tries to ‘help’ the Dutch person to get home again, or to assist local government with their investigation if need be. These people do work that they sometimes like and sometimes hate, it is a job that needs to be done. To get the best results some things need to remain confidential and secret and as such whether through encrypted ways or through other ways messages go back and front between a government and its local representatives and that needs a little more security. Some is as simple as a message of a first insight as to build a bridge; to keep the advantage this goes encrypted. It is the cost of business, plain and simple. There is no hidden agenda (other than national pride in trying to score the job). So, they do they do their job and they are not the NSA bitch in the process.

It is simple approach and the lie hidden within a truth was stated as “They are covert, and their true mission is not known by the majority of the diplomatic staff at the facility where they are assigned” Part of the truth is that the encryption specialist is usually not known, it is not a secret either, he used to be the person, who had one extra book with cyphers, he opened each page and set the encryption box and transmitted the information, often a NCO of communication (often has NATO duty reference A00x0). That person had two extra tasks and most in the diplomatic staff might not know, or better stated, they absolutely do not care.

When we saw the statements by certain key people in Australia or the UK they spoke the absolute truth. The small explanation I gave is done by all, the DSD (AUS), GCHQ (UK) and as I said it the Dutch have it too. It is a simple legally valid and required job that needs to be done, nothing secret about it, it is the cost of doing business and sometimes, to keep a lead profitable it sometimes gets handed over more secured, just like they do it at Microsoft (they just get heaps better equipment).

Another issue is the XKeyscore reference. Does such a thing exist, most likely! Now consider the implications of the following, there are mentions of 700 servers in 150 locations. The fact that it needs to intercept without visibility and analyse at the same time as a person does many things at the same time. Even if the best of the best was used (which likely is the case), then we are looking at a very select group trying to get a handle on perhaps no more than the most dangerous 2000 people on the planet. Does anyone believe that a system like this remains a secret if 4 Australian bases are involved? The next part can also be taken as a fact. Can anyone even guess the amount of bandwidth this takes? Most routers nearby the monitored person will truly get a beating, so whatever this is, it will show up. It is the scope that is claimed that makes no sense. Some in the NSA might find it nice if it was true, but the weak link in all this is the actual internet.

The last part of this is the kicker in this joke. If his life depends on it all, do you actually think he would ever part with the information? This came from the NY Times from October 2013 (at http://www.nytimes.com/2013/10/18/world/snowden-says-he-took-no-secret-files-to-russia.html) “Mr Snowden said he gave all of the classified documents he had obtained to journalists he met in Hong Kong, before flying to Moscow, and did not keep any copies for himself“, so his life depends on a journalist, who now has the thousands of documents?

Perhaps we should look at a much more likely explanation, the man has no value, the press is stretching the value of events, as they would and Snowden has played his part, I still think that the Chinese saw in him what I saw from the very beginning, a simple joke! They walked away and he had to flee to Russia who is keeping him around for entertainment and to piss of the Yanks (which they also regard as good entertainment). My issue is not him, but the fact that I see more wasted time and energy on laughable cases that keep us all away from actually moving forward. In this economy, as we are so stretched thin, rebuilding an economy is a first need, not waste time on some feigned attack on the ‘confidence in the internet economy‘ as Eric King puts it.

And for the love of whomever, let’s not compare Snowden and Assange, I completely oppose Assange and his view, but at least he seemed to believe in that what he did was a just cause and acted accordingly.

In the end this is just my view, but no one seems to be asking the questions the press are supposed to be asking. The Guardian and Der Spiegel seem to get a ‘free’ hand in boasting tons of data and a simple stamp ‘Snowden said it was so’ seems enough for people to just accept it.

4 Comments

Filed under IT, Law, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

February 14, 2014 · 18:11

A senseless merger?

OK, as stated in earlier blogs, I am not an economist; I do not have any degree in economy! Yet, the information that passed my eyes less than 2 hours before has me slightly baffled. I feel happy that this all is happening in the US and not anywhere in the Commonwealth, yet, the issues as presented makes me wonder when this will hit the Commonwealth borders.

The issue is that Comcast has decided to buy Time Warner Cable. (at http://news.sky.com/story/1210921/comcast-to-buy-time-warner-cable-for-45bn) This is not a huge thing, we are in a civilisation where the hyena and vulture rules, hence mergers happen a dime a dozen and many of them before most have had a chance to enjoy their first coffee. Comcast has 21 million viewers and they are acquiring Time Warner with 11 million viewers. This all seems to make sense. Now for the kicker! This deal will cost Comcast $45 billion dollars. Are we all awake now?

So, 45,000 million divided by 11 gives us a little more than $4000 per viewer. When you consider that Cable TV is set at an average of $30 a month, it could take 133 months just to break even (providing this is all borrowed at 0%, which it is never). So there might be a price hike for all 32 million users of that cable solution.

This is not a chance to become the large bully, as they were described by a consumer group, but you must admit that this is about a lot more than just ‘adding’ new customers. Oh and by the way, this is happening less than three years after Comcast bought NBC for a little less than $14 billion. (at http://www.bloomberg.com/news/2011-01-18/comcast-nbc-universal-deal-said-to-be-near-u-s-fcc-approval.html)

The Washington Post has an interesting mention, which was not found at Sky News “It’s worth remembering that Comcast limits how much data its customers are able to stream from the Internet, while Time Warner offers unlimited Internet plans.” (at http://www.washingtonpost.com/business/technology/comcast-time-warner-to-merge-what-happens-to-my-service/2014/02/13/b285f81e-94b4-11e3-83b9-1f024193bb84_story.html), so there are a few more kinks that the customer base might face as the merger goes through.

This all goes far beyond just Cable TV. It involves 30,000 community Wi-Fi spots (amongst several other elements); this entire picture becomes a lot more ‘interesting’ if we take the merger of Comcast and NBC in 2011. This is not just about TV; it is about digital media on an unparalleled level. The merger stipulates the 33 million cable users, yet, does that give a real view of the picture? In the first regard the 45 billion seems ludicrous, yet when we consider community Wi-Fi, broadband (or better stated digital media and networking), it becomes an entirely different picture, especially when we consider the following information from Reuters (at http://www.reuters.com/article/2013/12/02/comcast-ondemand-idUSL2N0JC1S120131202). Now we get an entirely different picture. If we consider this quote “The new technology is meant to give TV networks a way to earn ad dollars from earlier episodes. Currently, most advertisers only pay for ads watched live or within three days after a show airs. That could change if Comcast’s technology, which it developed in partnership with Nielsen, is widely adopted.” and add the following case study (at http://www.sierratechno.com/sites/default/files/Turning%20Data%20into%20Customer%20Insights%20for%20Comcast%20Cable_0.pdf) we now get another view. This is about data, plain and simple, when we consider the value of collected big data in long term planning, having a data warehouse filled with the acts of 33 million people, the 45 billion dollar deal is a steal at twice the price.

It is in my humble opinion really funny to see all these people nag, complain and cry on what the NSA is alleged to be doing, whilst at the same time, their cable provider seems to be tagging them with a ‘value’ price tag for marketing, sales and identification. So what is the cable value of a customer at Hunts point, the Bronx (ZIP:  10474)?

So it seems that Comcast is getting their value on several fields, yet I am still in the dark why Americans are so against the NSA trying to find the people endangering their citizens, whilst giving big business more than twice the powers that many bargained for. It seems that this is not a senseless merger at all, yet do both consumer groups realise the powers their cable provider (slash phone, slash internet provider) ends up with?

 

Leave a comment

Filed under Finance, IT, Media

Tagged as , , , , , , , , , ,

January 28, 2014 · 20:42

For free or for naught?

It is less than a day after I wrote the previous blog ‘The danger ahead’, now I read in the Guardian (at http://www.theguardian.com/world/2014/jan/27/nsa-gchq-smartphone-app-angry-birds-personal-data) that the quote I made in yesterday’s blog “Speed and disregard of proper development has allowed for open access to many computers and devices, which allows for almost complete collection and stored and such storage can only be done by just a few. This open level of availability allows the NSA and GCHQ (amongst others) to collect open source intelligence, hoping to gain the upper hand in the war on terror.“, which is close to what the Guardian reported, as well as what is currently shown on Sky News!

At this point, I am looking at a few issues and the more I look at the data that the press is stating, the more I see that Edward Snowden is more than just a traitor. He claims being a victim in a German TV interview (at http://www.dw.de/wanted-dead-by-us-officials-snowden-tells-german-tv/a-17388431), where he speaks the fear that he is being targeted for long term sleep therapy (aka ‘terminal sleep’).

The ‘problem’ is that the issue is not just Snowden. The more I look into the breaches, the more I look into a possible functional approach on the way the NSA server parks (plural) are set up, the more I am convinced that not only was Edward Snowden not alone in this all, I feel some level of certainty that this person might still be in the NSA, endangering both NSA and GCHQ as well as other allied monitoring agencies.

The humongous amount of ‘revelations’ that are claimed in the name of Snowden do two things. First of all it turns Benedict Arnold in a stumbling saint (I just had to wash my mouth with soap for making such a claim). Linked to this is the fact that the many dozens of operations as his ‘revelations’ seem to touch on would have been on at least a dozen of servers (as projects are spread around). The fact that NSA uses an upgraded edition of SE-LINUX means that a system with logs and mandatory access control cannot get transferred to such a degree. The fact that IT and security monitors it all, as well that he was civilian contractor means that his name should have popped up a dozen times. Even if he used other accounts, the logs should have triggered alerts all over the field when they were scanned through solutions not unlike a program like Palantir Government.

The claims I am making are growing in reliability with every ‘revelation’ that is being made. There is however another side that is now the consequence of all these whingers and whiners about ‘their privacy‘ (at http://www.theguardian.com/world/2014/jan/27/tech-giants-white-house-deal-surveillance-customer-data). We now enter a field where it is important to realise that the new situation could be regarded as a danger.

It is linked to a previous newscast where President Obama was considering moving telephony data out of government hands (at http://www.washingtonpost.com/blogs/the-switch/wp/2014/01/23/government-privacy-board-members-say-shifting-nsa-data-to-third-parties-is-a-bad-idea/)

As stated before, this is a really bad idea. Consider that criminals, if enough money is in play, can use places like HSBC to launder their money (I am not talking about forgetting your wallet whilst washing your jeans), but the idea that commercial enterprises can get away with these events for just a 5 week fee (at http://www.forbes.com/sites/afontevecchia/2012/07/16/hsbc-helped-terrorists-iran-mexican-drug-cartels-launder-money-senate-report-says/, as well as http://uk.reuters.com/article/2014/01/23/uk-standardbank-fine-idUKBREA0M0LF20140123) is a lot more dangerous than many realise. Handing data storage out of government hands is just too dangerous. I am steering away from the issue whether the monitoring program should go on or stop. The intelligence community needs to do what it needs to do. Leaving that data with third parties is just not an option. The worst case scenario would see the US government paying out billions if any data leading to a registered IP ends up in ‘other’ hands. Once that evidence is ever given, the US would lose whatever credibility they ever thought they had.

At this point the title can be used as a joke. What is the difference between for free and for naught? Someone got rich for free, the US got rich for naught! That would end up being the reality of a project that was meant to map levels of global terrorism. This joke only gets stronger when we see another ‘view of shock’, but now from Google CLO David Drummond (at http://www.bbc.co.uk/news/world-25911266). It is hard to state against his view, or the premise of the company. These carefully pronounced statements from legal eagles are to be expected from many firms for some time to come. There is however a commercial positive view (at http://www.bbc.co.uk/news/technology-25914731). Here we see how entrepreneurs in makeup and clothing are showing options to avoid detection. In more than one instance it is stated to be metal based, so standing next to airport detectors should be fun soon enough. I wonder how much more would get checked when the boxers or briefs are also metal based.

So whether we get entertainment for free or fashion for naught will be discussed by many soon enough, the main fact remains. If we want to remain safe, then data needs to be collected. It is not for free, or for naught. It is for the simple reason that the world is filled with bad people; some will go any distance to hurt as many as they can. Our governments have a duty to keep us safe, it is only fair that they are given the tools, the methods and the opportunity to do so.

This does get us to the final part (or final side) to these events. This morning, the Guardian (at http://www.theguardian.com/world/2014/jan/28/microsoft-rules-out-back-door-access-to-mps-electronic-communications) reported on backdoor access allegations. The quote “Both Ludlam and South Australian independent senator Nick Xenophon have been concerned about the security of Australian parliamentary communications since the Prism surveillance program was first revealed by National Security Agency contractor-turned-whistleblower Edward Snowden.” gives the information that was the part of all this. So again we see more resources squandered in regards to Snowden. Do not get me wrong, the question by both Ludlam and Xenophon is fair enough and as such it should be looked at. Whoever wants access to certain information, which might always be the case, could consider Intruding a system, which, unless you are a real expert is getting harder and harder, as it should be.

Yet, capturing and copying frames sent over a router system makes a lot more sense. You just capture it all and decrypt it later. Now, most people will not have the ability to do this, but consider the amount of elements to get this all from user1 to user2 via server X. If you think that this is highly encrypted hard to achieve effort, then think again. The more common the method used, the easier it is to read into it. So, there is a level of entertainment as we see leagues of technicians concentrate on the door of the bank vault, whilst in reality one of the walls is missing.  To give you another example, we take a look at a paper by Daehyun Strobel, Benedikt Driessen, Timo Kasper et al (at https://eprint.iacr.org/2013/598.pdf). As we look at the quote “Despite the fact that nowadays strong and well-analyzed cryptographic primitives are available for a large variety of applications, very weak cryptographic algorithms are still widely deployed in real products all over the world.” This relates to the IT issue as, we might have secure servers and powerful password rules, but files are send from one computer to another via the ‘internet’, which goes via a router system (no matter how you twist or turn it). So, as someone gets to any router on the track and wireshark’s the traffic, the stream can be rebuilt. From there the hacker still faces a few obstacles, but you better believe that above a certain skill level, this data can be retrieved. So what exactly are we all crying about?

 

Leave a comment

Filed under IT, Media, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , ,

January 27, 2014 · 04:45

The danger ahead

It was the BBC that gave me an insight I had not been aware of. It is easy to miss an item, even though I have been involved in IT on many levels for over 3 decades. It is just not possible to keep it all in focus all the time.

It is kind of fun to consider the words of my late grandmother. It was the only issue we could never see eye to eye on. She had an expression ‘Johnny of all, master of none‘. It was not a positive expression! I always went the other way in that regard. Whilst most went to some ‘temporary’ master as they mastered a certain niche skill. I went into the width of IT. I got exposure to such a wide field that my knowledge covered the entire foundation of IT (yes, in the time of the mainframe). After that I started to grow the base of this knowledge trying to evenly grown my knowledge of all IT fields (to some degree). My knowledge grew from programming, to consulting, to training and so on.

So where is this going?

I wrote at an earlier date about IT and the iteration approach to IT (at ‘Year of the last Euro?‘). The entire field goes a lot further. In an age of the similar devices, last week as I was prohibited from moving for 4 hours, I decided to let my mind wander and I came up with an entirely new Notebook. I categorise it as a fat notebook and I call it the ‘True Mobile System’. In an age where Sony, Asus, IBM et all seem to come up with a different names for the same flavour, my mind designed a new approach to a mobile business system.

Was it clever? Not sure! The issue is that many could have come up with it and either they are limited to what their boss dictates or they are just not thinking in a user based forward motion. Here lies the crux of many issues we have seen lately. Their way of thinking is not user based. It is often revenue based, there is a HUGE difference!

If you have read my previous blogs (especially ‘Fifth in a trilogy!‘) then you might notice a trend. In my mind most corporate IT is now all about what is in charge, not who! So as marketing decides on deadlines and evolutions, many learn the hard way that marketing is basically the extension of the CFO (and/or the stakeholders) and as such it is all about the money. If development is the science, then marketing should be seen as the ‘tainted’ picture. The problem is that too many CEO’s and others are all about this tainted picture (and as such the perception of what comes next), the science/engineering side gets too often ignored, or just briefly listened to and after that they get shut down and pushed forward to meet the deadline.

In that regard I still see the game ‘Assassins Creed 4’ (yes that pirate game), which could have been truly great and ended up being less than that (at least in my personal view)! The same can be said for business based ideas. If we consider this message (at http://www.bbc.co.uk/news/technology-25859360), where Google Chrome might be considered an eavesdropping risk, then what is safe to users?

The quote “The malicious site you visited can continue listening in on you long after you have left it said Mr Ater. As long as Chrome is still running nothing said next to your computer is private.” gives ample reason for worry. The danger from our side is that this could be a topic for conspiracy theory. Was this really ‘accidental’? I am not saying it was not or was not. It is however interesting how we as computer users have been exposed to a massive amount of security flaws in the last year alone.

In my mind, is this due to shoddy programming, or is their local marketing so set on certain deadlines and as such proper testing is no longer done? I personally think it is a combination of the latter two. As additional ‘evidence’ in my train of thought, my recent Yahoo experience comes to mind.

I have been a faithful Yahoo user since the early 90’s, for me it always sufficed. The e-mail was robust, it gave me the space I needed and as such I never regretted it. Yet, since the ‘remake’ of Yahoo it changed by a lot. The amount of failures I viewed are on a new low level of customer experience and as such, at present I am seriously considering leaving Yahoo mail and move to Google permanently.

The feedback does not have any options for filing bugs or complaints. It is all about ‘submit an idea‘ and ‘send public feedback‘. To me this all seems like the marketing image left by someone who should be lobotomised and left somewhere far away from any IT endeavour (preferably forever). Yahoo mail now exposes us to additional dangers as we no longer see a status bar in certain places. So, we no longer see ‘the’ link, which I consider a bad thing. The new system also ‘assumes’ spam, so I now have to scan my spam even more often. I can no longer sort by sender, which means that organising my inbox take a massive amount of time longer. The list goes on and on. Is it marketing at the expense of functionality?  To be honest, I would need a little more evidence before I can state that as a fact to some level, but the deadline push has been visible with too many corporations and for far too long.

These issues go a lot further when you consider the article called ‘Android’s biggest security flaws‘ at ZDNet (at http://www.zdnet.com/androids-biggest-security-flaws-1339338283/). As they mention the dangers of inexperienced and malicious developers, they actually forgot about the third group, the ‘callous developer’. These firms (not the individual programmer), who are all driven to meet certain deadlines and as such might not properly test or secure their application.

It is important to note that I do not see the inexperienced developer as a real threat. Yes, they offer the same level of danger, but they are not out to harm you. You, the user, who wants applications for free (as many do) should not blame that new person for trying to get a foothold. If that developer is to be held for one thing, then in my mind it would be that too many of these freebies should bare the mark ‘Beta’ or ‘Trial’, to add an extra warning level for user downloading their new endeavour.

The big issue becomes: ‘What to do about Android?’

As the influence of android increases and interacts with all manner of devices in other ways (like with a person’s Sony-id account, so that a gamer keeps online with friends and achievements when they are not at home), gives way that security flaws become more and more harmful. More important, as we become more and more oblivious of the interaction, we might be spreading all our personal details all over the internet and that danger could grow exponentially with every additional application.

These events also shine an interesting light on an article that was in the Guardian last Friday (at http://www.theguardian.com/uk-news/2014/jan/24/justify-gchq-mass-surveillance-european-court-human-rights). When we consider the issues I listed on application security, we should take a second look at the quote in the article “Nick Pickles of Big Brother Watch said: ‘This legal challenge is an essential part of getting to the bottom of why the public and parliament have not been properly informed about the scale of surveillance and why our privacy has been subverted on an industrial scale.’

Perhaps the quote could also be read as “Speed and disregard of proper development has allowed for open access to many computers and devices, which allows for almost complete collection and stored and such storage can only be done by just a few. This open level of availability allows the NSA and GCHQ (amongst others) to collect open source intelligence, hoping to gain the upper hand in the war on terror.

I am not stating this is the case, but it could be seen as such. In that regard I call for the issue I mentioned in a previous blog called ‘Internet Privacy?‘ on December 27th, where we see the dangers of some applications (at http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers). If we consider the dangers consumes are exposed to for whatever reason, it seems odd that Big Brother watch is not more outspoken on the industrial subversion of privacy by software designers.

So here we get back to the beginning of this blog where I wrote “I designed a new way for a mobile business system.” As Microsoft has moved into a field of computers utilising an approach in the air of “With our computers you do not need to use the brain you never had in the first place“. An automated system that assumes all the time to cover 95% of its users, loaded with gaps and security flaws.

People need to get licensed to get a gun, drive a car, a boat or a plane. Yet, the dangers that computers expose us to are currently not dealt with in any serious way. I reckon that in the next two years identity theft and identity fraud will be regularly in the back of our minds, as it grows into the very visible danger it already is. If we look at some of the numbers then I could speculate that 90% of the people will directly know one victim of identity fraud or identity theft. Lexis Nexis, in their paper ‘2013 LexisNexis® True Cost of Fraud Study‘ state numbers that should scare us all. In 2013, 58% of the merchants were confronted with credit card fraud and 36% of the 2013 population was confronted with lost or stolen merchandise. These numbers by themselves are not that useful as such (at http://www.lexisnexis.com/risk/downloads/assets/true-cost-fraud-2013.pdf). Yet consider that 12.6 million U.S. adult victims of identity fraud had to deal on average with $1,653 of damage per fraud victim. The total amount becomes a staggering one and this is just the US! As technology is not properly attuned to a better level of security, but to set to please a growing marketable population these dangers will only increase. This is the true danger ahead, not what the government can see. In that regard Foreign Secretary William Hague is quite correct when he states “law-biding members of the public have nothing to fear“.

 

Leave a comment

Filed under Gaming, IT, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , ,