Tag Archives: reuters

As questions rise

The BBC gave us the rundown late yesterday (at https://www.bbc.com/news/business-58540936) where we are given ‘Apple rushes to block ‘zero-click’ iPhone spyware’. A setting that comes at times and this is not against Apple, yet the article left me with questions. I get that there is initial finger pointing, as such pointing to the best in the field makes perfect sense to me and it is done with “it had high confidence that the Israeli hacker-for-hire firm, NSO Group, was behind that attack”, I do admit that the term ‘hacker-for-hire’ will be one that requires more precise explaining. Bill Marczak from the University of Toronto’s Citizen which first highlighted the issue gives us “we previously found evidence of zero-click spyware, but “this is the first one where the exploit has been captured so we can find out how it works,”” and this got me thinking. 

Where is the timeline? With what version of iOS does it start? Version 14, version 14.5, version 13? So how long was this in play? It is not the fault of the BBC and it is the first issue.

We then get “the security issue was exploited to plant spyware on a Saudi activist’s iPhone”, so how many activists are monitored? When was the transgression detected? How was the transgression detected? At least two of these questions require investigation and the BBC did not go there. We can argue whether they were required to do so. 

So whilst we are lulled to sleep with “Security experts have said that although the discovery is significant, most users of Apple devices should not be overly concerned as such attacks are usually highly targeted” which could be an absolute truth, we see the setting that Apple is protected. So why was the weakness there in the first place? The answer might be extremely valid, no system is truly secure, we have seen that for a long time. Yet in the moments where I saw this article I phrased a few questions that I have not seen anywhere else (as far as I could tell). And of all the people who could be infected, we get the mention of ‘Saudi activist’? The article was set to certain measures and without proper and a clear explanation there is every chance that additional questions will be asked from the University of Toronto as well. This is not against them and I have nothing against Bill Marczak (I do not know anything about him), but the stage was set in a few measures and that makes for a worrisome setting. A BBC article absent of a few facts and the insertion of a few innuendo’s. All whilst there optionally might be questions from the NSO Group. A stage where we see a setting where (in my personal opinion) someone was standing of the axial of a seesaw to keep the almost in balance. And as the NSO Group, Saudi Arabia and Apple where alternating on the seesaw, the man in the middle offset the balance by just enough to make is wonder, to make us lay blame. Yet all that happened with several facts missing and the smallest mention of “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime”.

We all need to do what we need to do, yet I wonder if the BBC (and Reuters) did enough here.

Leave a comment

Filed under IT, Science

When one and one remains one

Two things crossed my path, as perhaps a lot of you too. They are not related, but they gave me food for thought. The first are the floods all over NY city. I looked at a lot of YouTube videos and I agree, we have never seen this before, will we see more of that? Time will tell. Yes, it could be due to global warming, but it is not a given. We have tornado’s and we have storms and this one went towards New York. Now, I am not stating that it isn’t due to global warming, but to point the finger from the start is not a good idea. I do believe that global warming is part of the storm surge and as global warming continues there will be more storms. There is no denying that. One can lead to the other, but one is not the definite cause of the other. That setting is here too. So whilst those with a sub-level apartment, they now have a swimming pool. I am not making fun of them, that would be wrong, but it is important to consider that New York has never dealt with this before and it is now August. It will take months to dry, so we are in a setting with thousands of a basement apartments and when the frost sets in, these houses will become death traps. November and December will be close to unbearable and in January if the frost sets in these apartments will be a different setting. It is also a more important setting, if snowfall comes early this December, thousands of places to live will become close to unsurvivable and New York better get ready for that stage, it could kill a lot of people. Is it a given? No, it is not, but the floods are clearly visible, if the subway is flooded, how will these houses fare? And that is only the start, the water brought all kinds of mud and other health threats, so cleaning these places will be an almost titanic task. Then we get to the damaged electrical systems, and all this is before we realise that plumbing and  water will take a while to become decently reliable again. A stage we saw in part, but how much of these dangers did the people see?

The second is not related, but it had my attention. Reuters (at https://www.reuters.com/article/amazon-tv-usa/amazon-to-roll-out-its-own-tv-in-u-s-by-october-business-insider-idUSKBN2FZ00D) gives us ‘Amazon to roll out its own TV in U.S. by October’, this implies that there is another statin on US minds, Amazon will have more than Amazon Prime Video, they are now setting the stage to TV and there is no attack, there is no issue. Yet the stage of them offering  TV with a twist is not out of the question. It is a clever move from Amazon, they have the option to take advertising to a whole new level and it is THEIR TV channel, so the essential attacks on Amazon will not be as effective as the attacks that Apple and Google are facing. But is that what it is about? No, it is not merely the TV part, it is the shifting economy that Amazon gets to push for. This is not meant in a negative way, but consider that thousands will be dislodged, thousands will need a job, a home and Amazon who is out to hire 55,000 tech jobs and that news is a mere 22 hours old. People have relocated for a lot less and that gives Amazon more than a leg up, it gives them a furlong head start in 2-3 venues and in this setting of bad news they become a shining light and optionally a larger staged beneficial noise to a lot of people. The part that New York might not like is that there is a setting where (depending on Amazon choices) 20-30 thousand people vacate for sunnier shores and in light of what happened in the last few days, with the added workforce taking a step in an optional other direction. We will see a larger stage of the economy changing in New York, one New York never anticipated before. So we see the tech jobs, TV and a lot more and Amazon is at the heart of that. These events are not connected, yet the stage of a larger change becomes apparent, or perhaps I need to say ‘speculatively apparent’. because it is speculation from my side. A stage where Amazon gets to promote their jobs, their positions, their TV, their goods at base pries is an advantage that few ever have and thousands are looking for jobs and that advantage is likely to increase over time. I am merely looking at the pharmaceutical side, the retail side and the job side and there we see Amazon having an advantage thrice over. And as I see it, they are not doing anything wrong. They merely take a versatile set in a post covid era and they are decently ahead of the rest. 

So consider what I write, consider what you think and see where you can prosper, because someone who hires 55,000 tech jobs has a larger plan in place and that is not something you should ignore, especially when Amazon takes that setting on an international level. It gives them a larger advantage over several players who aren’t even close to doing what Amazon is claiming to start over the next 4 weeks.

Leave a comment

Filed under Finance, IT, Media

And the mystery is?


It is one of those ‘I told you so moments’. I am not happy or proud, but the profound sadness that hits me when I see the way it is reported on is just staggering. A few are reporting on it, but the larger stage is likely to be found in places like the Verge soon enough. The people who get it will soon understand that it will be worse and that my 90% of cloud transgressions was no joke. Yet to see part of that nightmare, you need to realise that the Microsoft Azure cloud has been in existence since October 2008, almost 13 years. Now it took the business to grow its customer base. Yet consider that the article at Reuters ‘Microsoft warns thousands of cloud customers of exposed databases’ (at https://www.reuters.com/technology/exclusive-microsoft-warns-thousands-cloud-customers-exposed-databases-emails-2021-08-26/) gives us “A research team at security company Wiz discovered it was able to access keys that control access to databases held by thousands of companies” Now we can only speculate how long that flaw was there, or perhaps that design error. Yet the damage is enormous. With “Microsoft agreed to pay Wiz $40,000 for finding the flaw and reporting it, according to an email it sent to Wiz” we might think it is trivial because it only costed $40,000, but it is not. Thousands of firms with BILLIONS in IP values and other values have been in danger for years, at the most 3 years, yet the article does not really reflect on that (which is not the fault of the BBC or Reuters). And when we are told “We fixed this issue immediately to keep our customers safe and protected. We thank the security researchers for working under coordinated vulnerability disclosure”, I wonder just how bad it is. Now, I get it, it might be fixed but if that was an easy fix, it might equally mean that it could have been easily prevented. 

So when we get to “This is the worst cloud vulnerability you can imagine. It is a long-lasting secret. This is the central database of Azure, and we were able to get access to any customer database that we wanted.” We get to see that Wiz Chief Technology Officer Ami Luttwak (a former Microsoft employee) now working at Adallom LTD and Wiz. Now we get it bugs happen, yet one would think that proper testing would be done and this bug whilst not proven to be transgressed upon went undetected for no one nows how long until an external group decided to test Microsoft access (optionally on Microsoft orders). So whilst some might think that “Microsoft only told customers whose keys were visible this month, when Wiz was working on the issue” passes the mustard, but it does not, mainly because the length of the transgression enabled time is still unknown, and that is not all. When we consider “The company was breached by the same suspected Russian government hackers that infiltrated SolarWinds”, as well as “a wide number of hackers broke into Exchange email servers while a patch was being developed” with the cherry on top of “A recent fix for a printer flaw that allowed computer takeovers had to be redone repeatedly” a well as “Another Exchange flaw last week prompted an urgent U.S. government warning that customers need to install patches issued months ago because ransomware gangs are now exploiting it”, as such one might speculate that they need to adjust their marketing vision, with the first optional change being “We advertise the most powerful console because the other stuff is buggered” and it seems that Microsoft has all kinds of testing and investigation flaws, that is merely my speculated view, yet for the customers who feel threatened by this, consider looking at Open office (at https://www.openoffice.org), I cannot guarantee it is more secure, but it is free and you are now paying for all the transgressions in a multitude of ways (including an annual fee) so you can at least negate one factor. 

So whilst some feel sorry for that multibillion company and how sad things are, consider that Azure is an issue, especially when you realise “Microsoft and outside security experts have been pushing companies to abandon most of their own infrastructure and rely on the cloud for more security”, when that comes to the surface, we see that Microsoft seemingly embraces ‘sharing is caring’ and with everything people have in that cloud sharing everything with EVERYONE, we might see Microsoft as the most caring behemoth in the universe, but I reckon the customers who pay a pretty penny for that ‘privilege’ will see this differently. But there is light at the end of the tunnel (well not really). Compare the logos of Microsoft and the olympics, now consider that only the black elements (the hackers) were not yet represented, but it seems that Microsoft gave them an internal challenge and so far the hackers are leading three to nil, which is the larger danger. 

And that larger danger is given to us at the very end with “But though cloud attacks are more rare, they can be more devastating when they occur. What’s more, some are never publicised. A federally contracted research lab tracks all known security flaws in software and rates them by severity. But there is no equivalent system for holes in cloud architecture, so many critical vulnerabilities remain undisclosed to users, Luttwak said”. 

So it is here that some might realise that 

  1. Some cloud transgressions are never shown the light of day.
  2. Many critical vulnerabilities remain undisclosed.
  3. (Speculated) The makers might not even be aware of some vulnerabilities.

That is the stage that cloud customers are exposing themselves to and in this, with too many corporations reducing their IT security staff and relying on the security of the cloud, how much is this costing the Fortune 500 who created that erroneous overly simple mindset? It was never a mystery to me, I have written about these kind of dangers since 2017, so if people are just now waking up, good morning and enjoy the coffee you have, you’ll need it.

Leave a comment

Filed under Finance, IT

Maximising digital exploitation

Yes, that is what you all fear is it not? To get digitally exploited and would you believe it, governments and politicians are making it happen. The first one to do so is South Korea. The news (at https://www.reuters.com/article/us-southkorea-antitrust-tech/s-korea-parliament-committee-votes-to-curb-google-apple-commission-dominance-idUSKBN2FQ05V)  gives us ‘S.Korea parliament committee votes to curb Google, Apple commission dominance’ and here we see “a key step toward banning Google and Apple from forcibly charging software developers commissions on in-app purchases” and it is not just that, we also get “the amendment bans app store operators with dominant market positions from forcing payment systems on content providers and “inappropriately” delaying the review of, or deleting, mobile contents from app markets” As I personally see it, this is what organised crime has been waiting for and South Korea just made it happen. So as you ponder ‘or deleting, mobile contents from app markets’ consider that one infected app maker can now make claims rejecting deletion (or massively delaying it) and as such thousands of tablets and mobile phones will get infected and spreading the backdoor. There was a reason for the jumps that Apple and Google had made, in this we were decently safe. Now consider that we become the infection point because we were told that brand X is 25% cheaper, gives 50% more credit and is just as fast. That short sighted thinking will get you slammed, will get you hammered and could cost you your device. So as other sources give you “We do not expect any issues”, or “We are not aware of any issues at present” consider the carefully phrased denials and the consequences for your hardware. And whilst you remain in denial of this all being for consumer good. This all got started by some greed driven upstart that was making $5,100,000,000. So how much extra do you get? When you consider that one player has V-bucks (their currency) is at 1000 for £6.49/$7.99. When did they give you more for the same amount? They did made over 5 billion last year alone. So when we get to the quote by someone we care not for we see “Dominant app store operators with large platforms should by now look to profit from value-added services, not just taking a cut from apps sold on its store”, yes, so how stupid was that? Now the value added services like security, testing and storing must be paid for, as such the small players will soon stop existing, all to help out the multibillion app players. In the old setting all developers had a decent chance, that will now seize and as the damage to consumers start stacking, the larger failing will be seen in 2022, or as soon as you suddenly get a message that you became a DDOS agent. So whilst you get rid of all the games and utilities, it will be too late. You will need to factory reset your device hoping it will be enough (it might not be). Yes that was real clever thinking and when we regard “the rushed process hasn’t allowed for enough analysis of the negative impact of this legislation on Korean consumers and app developers” which is given to us by Wilson White, a policy director at Google. We will need to ascertain a few issues. In the first when this is pushed through we can no longer hold Apple or Google accountable when we get transgressed upon, we will get to drag these politicians into courts and in front of the camera and we can advertise just how stupid and shortsighted they were, it is the smallest reward for days and optionally weeks of our devices not being able to function because short sighted people thought they knew what they were doing. As I see it a ‘sorry’ statement will not be any defence and that is the larger setting, these politicians will openly ignore the damage done to the people, they will deny catering to organised crime and we are left with the damage. Yet they too will feel that impact hen EVERY developer will have to pay to be on the Appstore. When 10%-25% fall away, the larger players who were greed driven will merely shrug with a ‘so what’ and the rest will be looking for a job and that will have a few larger impact settings as well. The Appstore settings as they are for now will enable developers to get decently quality systems to develop. When that comes with the additional $750 annual bill that falls the developers way. Consider the impact when you consider that there are 23 million Apple developers and well over 6 million Android developers. When they get the additional bills it will push a whole lot of them out of that field, the impact will be seen and felt in almost all walks of life. As I personally see it there is every chance that 2022 will become the year of the digital exploiters and in that setting it will not be about Apple or Google, but I will leave you all to figure that part out and be sure to feel the pain of what happens when you go to any other app store to save a dollar or two. The impact will be seen and felt almost everywhere. 

So as we see that South Korea got there first, the US is right behind them. They are hiding behind the quote “a bipartisan group of senators introduced a bill that would rein in app stores of companies that they said exert too much market control, including Apple and Google”, so when the damage hits, it will hit hard and it will hit almost complete. Consider that I am wrong and consider these advertisement statements we see and how much deceptive advertising you have seen on your phone or tablet? And that part has been around for almost a year. If these politicians cannot even keep the advertisement section clean, how much use are they when you get infected? That is the setting none of them are willing to stay around for. 

That is the danger and it is not merely on a simple setting, when the app store can be ‘avoided’, we will get to see headlines like “Mobiles Hacked for 5th Time in 2 Years in Latest Breach; Nearly 150 Million Affected”. You think I am kidding? Last week Newsweek reported that something similar happened to T-Mobile with only 50,000,000 victims. So there if you are an American there is a 1 in 6 chance that you are one of them, so how often do you want to lose control of YOUR data?

That is the larger danger and that danger is currently rapidly increasing. 

Leave a comment

Filed under IT, Politics, Science

In retrospect

I (for the most) react to facts, as I do now, but the results are not anticipated new facts, what comes next is pure speculation, no matter how correct I think I am, it is speculation and that needs to be said up front. Even as I start now, my mind is racing through speculative ideas and options in other realms (science realms no less), but I digress. The thoughts started with a Reuter article called ‘Analysis: Biden’s COVID-19 strategy thwarted by anti-vaxxers, Delta variant’, the article (at https://www.reuters.com/world/us/bidens-covid-19-strategy-thwarted-by-anti-vaxxers-delta-variant-2021-07-29/) gives us “Dr. Peter Hotez, a vaccinologist and dean of the National School of Tropical Medicine at Baylor College of Medicine, said the Biden administration’s acknowledgement of the “terrible impact” of the anti-vaccine movement was important, but he said the government could do more. “Anti-science is arguably one of the leading killers of the American people, and yet we don’t … treat it as such. We don’t give it the same stature as global terrorism and nuclear proliferation and cyber attacks,” he said”, it might be a mere quote, it might be the paraphrasing from the article writer, which is not a negative view, but it got me thinking. When we see the anti-vaxxer movements in the US and EU, they are uncannily effective, they are almost too effective. For the most and proven since the 90’s, the anti-vaxxers are either religiously inclined like the Dutch people in Giethorn (their ‘sort of’ version of Amish) or loons (often people who are one shade away from being absolutely bug-nuts). In the first, these people are driven and they are also self isolationists, it is merely about them and their community, it makes them a danger to themselves, not to others. The second group is a danger to all, but often so stupid they merely hit other stupid people. These anti-vaxxers are driven, not merely by intelligent people, no, they are driven like they are terrorist tools, like biological DOS agents and they are growing. These people are not accepting any scientific evidence, they forward non-scientific papers as ‘their’ evidence and they are not merely more effective, they are almost centrally driven by a similar source. 

In the UK the Guardian is giving visibility to Kate Shemirani, in the USA we see Alabama Curt Carpenter and the list grows. Someone is somehow fuelling this, yes this is speculative and this is not merely the power of social media, someone had months to prepare the weaker minded and target them in a direction, limelight seeking nobodies all wanting their limelight with as large as an audience as possible. The evidence is not clear and as such this is speculation, yet consider the timelines of each of these Anti-vaxxers, what their audience was a year ago and each month after that. This goes beyond buying likes on places like Facebook. Some people are fuelling these ‘bright’ illumination spots and they are not done, even as they are retracting their ‘assistance’ there is still a digital footprint and it is now diminishing. Yes, I admit upfront that my view is speculative, but my speculation fits the profile, are the US and the EU under attack from bio-terrorists? You might think that they are not the same, but there you would be wrong. In this I grasp back to a writing from 2012 called ‘A Proposed Universal Medical and Public Health Definition of Terrorism’. Here we see “We propose the following universal medical and public definition of terrorism: The intentional use of violence — real or threatened — against one or more non-combatants and/or those services essential for or protective of their health, resulting in adverse health effects in those immediately affected and their community, ranging from a loss of well-being or security to injury, illness, or death”, in this, if even one of my speculations are proven, these anti-vaxxers become complicit in acts of terrorism. Did you even consider that? Now, there is a dangerous fence. I am not debating THEIR right to be anti vaccinated. If they die, they only have themselves to thank, just like Curt Carpenter. Yet by attacking science by non-science and debunked non-facts, the setting changes and that is where we are now. What should have been a straight path to recovery is now a much larger issue. The delay is not on President Biden, and now that we can optionally see that the US is yet again under terrorist attack his priorities need to change, attacking big-tech is futile and counter productive, the laws needs adjusting free speech, it needs to be validated by accountability. 

And for the love of god, can some well trained data analyst please take a look at the timeline of these anti-vaxxers? I think it is time to look at timelines here and that is when my brain went into some sort of overdrive. It goes back when I designed an intrusion system that stayed one hop away from a router table between two points and to infect one of the routers to duplicate packages from that router on that path, one infection tended to not be enough, 2-3 infections needed to be made so that the traffic on that route between two points could be intercepted, I called it the Hop+1 solution, I came up with it whilst considering the non-Korean Sony hack. That  thought drove me to think of an approach to find the links. In the first we most likely need to find on where and when they accessed the dark web, then we see another part, because if we can find their access, we can optionally see others too, when we have that list and we can correlate it to other anti-vaxxers we have an optional pattern for action. No matter how this is seen it will be staged towards my speculation, something that needs proof, proof is required to give validity to actions that follow. I believe that I am correct, but I admit that it is a speculative push in a path towards thinking something is what I personally think it is, not a path towards evidence, evidence needs to be found and the evidence that is made to fit the solution, is no evidence, it is like stating that there is a linear relationship when you only have two plot points. A pattern of evidence is required, it is always about the patterns. 

So when I look at the ‘in retrospect’ part, I am wondering when the connections were there in the early stages and I also wonder why the others are not on that path yet (or seemingly yet). The media is only partly to blame, yes they give limelight, but that was their job from the early days, like the people exploiting Google cookies, the media can be exploited too, seeking the limelight is not a crime, but in conjunction with a terrorist agenda we are on new shaky grounds, and that is the problem, any law eagerly over-quick created is pointless whilst inaction is useless, caught between two rocks whilst the floor is not lava it is the ever exploiting media, exploiting for clicks, for visibility and circulation, whilst calling it ‘the people have a right to know’. This has the option of heading into a really bad direction soon enough. Will it? I have absolutely no idea.

Leave a comment

Filed under IT, Military, Politics, Science

Why is an official like a quilt?

The answer is simple, they both cover up. And it is this part that is the larger stage. The Reuters article reports mere hours ago in the article ‘India reports 3,998 COVID deaths after state corrects its data’ (at https://www.reuters.com/article/us-health-coronavirus-india/india-reports-3998-covid-deaths-after-state-corrects-its-data-idUSKBN2ER0BF) gives us “India reported its highest death toll in a month on Wednesday – at nearly 4,000 – after its richest state reconciled its death count with 3,509 previously unreported fatalities, the health ministry said”. This is entertaining on a few levels. Most of the media passes this by, it passes this by even as I found in my article ‘The worst is yet to come’ on September 6th 2020 (at https://lawlordtobe.com/2020/09/06/the-worst-is-yet-to-come/) where we see “In the Coronavirus numbers we see yesterday that a new number is reached, 300,474 new cases, a new height. We are only one day away from the US with 3% of its population with the Coronavirus, 50% of all cases are in the USA, Brazil and India (based on the numbers), yet there are several indicators that we aren’t even close to knowing how many cases India actually has. Even as ABC gave us last month ‘India’s biggest slum has so far nailed coronavirus. Here’s how they did it’, I am not convinced and the data is siding with me.” Which shows that I was aware of the faulty Indian numbers almost a year ago, so to see now “The ministry did not give a reason but authorities have in the past attributed other instances of deaths going unreported to administrative errors, before the mistakes are discovered and the numbers appear in official data”, yes it is nice that Reuters takes ‘unreported to administrative errors’ as read, but is not asking the deeper questions in any way of form. We get it, what is reported is what is given. But the numbers have not made sense for close to a year and others have reported on the matter and I wrote about that too, but what is the point to fighting a sickness when governments are hiding the real deal, the real impact and are optionally masking THEIR statistics. As I stated before, India might be the most visible but I doubt that they are the only one. 

So when we are treated to “Last month, the poor northern state of Bihar raised its death toll by more than 5,000 in a day when it included some unrecorded data. The sudden appearance of previously unrecorded deaths has lent weight to suspicion that India’s overall death tally is significantly more than the official figure.” And that is not all, consider that 5.000 death were unrecorded, if that is the case, the setting that 100,000 sick are unrecorded is equally a danger. When we see India at present with 31,216,337 cases whilst making the claim that 30,390,687 recovered, we see the difference should be the active cases and the dead, now consider that the active cases (as reported) are 407,139. Now consider that they are off by 100,000, do you now see that India has a much larger problem? This is not merely a case of ‘administrative errors’, I think it is a lot more and I feel certain that there are several Indian government officials trying to hide the setting that they are in over their heads. 

That part is reinforced by ABC 5 hours ago with ‘India’s COVID-19 deaths could be 10 times higher than the official toll, according to research’, the article (at https://www.abc.net.au/news/2021-07-21/india-covid-deaths-could-be-in-the-millions/100310602) gives us “India’s excess deaths during the coronavirus pandemic could be a staggering 10 times the official toll, according to the most comprehensive research yet on the ravages of the virus in the country”, I personally never considered that the numbers were off by 1000%, I did it all in my head, so I must have misplaced a comma. Yet the stage is now that we see a much larger stage, a much larger impact and not just for India. In this we see a larger premise, and if I need to be the optimistic one, when we see all the anti-vaxxer protests, it is fine by me. If they get sick they will die and I can get a more decent job (until each of the other three buy my 5G IP), so one mans needs will be filled by the death of someone else. That is how the world turns, but I wonder how the world reacts to these thousands of administrative errors?

What do you think?

Leave a comment

Filed under Politics, Science

The Lawyer wins, the law loses

Yes, it is a stage that we will be seeing soon enough. As the lawyer wins, the law loses and tht is just the beginning. As we see ‘Apple loses appeal in Fortnite court battle’ (source: Australian Financial Review) there is a secondary stage that comes up. It is not immediately clear, but someone gave the reader by Jeff Dotzler in GC Consulting in 2019 ‘Will You Get Sued if Your Business is Hacked?’ There we see “Even though the company was able to restore the records, one of the affected clients, Surfside Non-Surgical Orthopedics in Boynton Beach, sued Allscripts in federal court. Surfside accused Allscripts of not doing enough to prevent the attack or lessen its impact and sued on behalf of all affected clients for “significant business interruption and disruption and lost revenues.”” Now consider that ‘significant business interruption’ can be replaced with ‘game score disruption’, a stage I saw coming a mile away. Epic Games did not  consider the stupidity of their actions and now, should they win they will soon face several, if not well over a dozen class cases. They cannot make some ‘we are not responsible draft’, the moment ANYONE at Google or Apple squeals the setting of the hack and it comes with the accompanied ‘We could have prevented that’ Epic Games is lost, it will cost them billions in settlements and lawyer costs. If you doubt that, consider ‘SolarWinds says unknown hackers exploited newly discovered software flaw’ (at https://www.reuters.com/technology/solarwinds-says-unknown-hackers-exploited-newly-discovered-software-flaw-2021-07-12/), so they just got out of one mess only to land in a new one and these people have a decently simple system, Epic Games will have to spend on protection that is several levels higher and I feel decently certain that it is not enough. The moment any profile is transgressed on whilst there was a purchase, that is the game, loss Epic Games and loose they will, a lot. 

Even as we are told “SolarWinds said the flaw was “completely unrelated” to last year’s hack of government networks”, it will not matter, another flaw is found and there is every chance that more than one will still be found. In this Forbes gives us ‘Why SolarWinds Is The Wakeup Call No One Heard’, it comes with “everyone talks a good game, but the very structure of American (and other businesses around the globe) makes it nearly impossible to, for example, deliberately and significantly reduce EBITDA to prepare for cyber warfare” and when you consider that EBITDA is Earnings Before Interest, Taxes, Depreciation, and Amortisation. You see the problem, it is not all, it is earnings before interest and depreciation that bites, earnings before interest is all earnings with cost diminishing this and too many corporate players tend to cut cost. In some cases they have no choice in the cloud a lot does not matter but it is transgressed on (according to some numbers) for almost 90%. And when you add that Amortisation is merely anther view of  depreciation the path is clear. Steve Andriole also gives us “The number of severity of cyberattacks will explode in 2020.  Cyberwarfare has now levelled the playing field in industry, in government, and in national defence:  why spend ten or fifteen billion dollars on an aircraft carrier when you can disable it digitally?” You think that this is about defence? Do you have any idea what 50 million whining gamers can do? EVERY ransomware player will target Epic Games and with an open Android and iOS setting they will succeed. I saw this when this all started in 2020 within 5 minutes, the short sightedness will hit Epic Games and others in a few ways. Think I am BS’ing you?  Consider that several sources gave you a month ago “Hackers Stole 780GB Data Including FIFA 21 Source Code in EA Hack” and EA has been in this game a lot longer than Epic Games has been. That is not evidence, but it is a setting that we need to consider and when Epic Games loses that data the class actions start, and it is not something that they can keep quiet (apart from that being a crime), the people will talk and the parties involved, including government parties will find a nice letter making claim to financial losses. The law source (see above) also gives us a link to the Ohio Data Protection Act. There we see “Under the law, damages cannot be imposed if a state court finds your company had a reasonable cybersecurity plan when a breach occurred and followed it to the best of your ability. Or, as the legislation puts it, the law is “an incentive to encourage businesses to achieve a higher level of cybersecurity through voluntary action.”” In this I offer ‘reasonable cybersecurity plan’, was it followed through? Was there a backup if it fails, was there consideration for cross platform transgressions? In this last part I offer to the older programmers 

IF(clipper)
  
ELSE

   …
ENDIF

Those who know will nod and consider what else Epic Games and others have forgotten, what happens when someone exploits a Sony flaw over the entire system, and at that point these companies have little to no protection. 

Which gets us to ‘when a breach occurred and followed it to the best of your ability’, but the suing side will argue that the breach could have been prevented on day zero, or even day -1, which will be their way of saying that they opened the system when they were not ready and that is another billion in class actions right there, and I agree with the stage that there will be enough cases that have no bering (just like the loot box cases in the media), yet Epic Games will have to hand to their lawyers to investigate them all, the hours alone will rake up millions and that is merely year one. The lawyer wins his bread and butter for a year (at the very least) and the law is up the creek without a clause. The law was never ready for this, so the going will be good towards the coffers of Epic Games, a looting box that requires time, not money. 

So when we go back to Forbes and consider “When I took the results to the CFO (to which technology weirdly reported), his only question was, “what’s all this going to cost me?,” which of course was the wrong question.” We see there setting, but I wonder who gave that same question to the Chief Legal Officer (CLO) with the question ‘What will this cost the firm?’, a question that he can decently predict when he considers 1-5 class actions and that result has to be scary and any consideration of future profit goes straight out of the window, not merely the legal costs, marketing will have to offer a whole range of products and services to stem the tide of people leaving for the next safer harbour, the most dangerous of all settings, and that is merely the beginning of year one as Android and iOS stores open. Forbes also gives a reference to Andy Greenberg (Wired Magazine, 2019) said about why governments have been unwilling to deal with cyberthreats: “More fundamentally, governments haven’t been willing to sign on to cyberwar limitation agreements because they don’t want to limit their own freedom to launch cyberattacks at their enemies.  America may be vulnerable to crippling cyberattacks carried out by its foes, but US leaders are still hesitant to hamstring America’s own NSA and Cyber Command, who are likely the most talented and well-resourced hackers in the world.” And this is not a government setting, Epic Games will be hit be greed driven and vengeance driven hackers as well as organised crime, a %5 billion company? With the state of cybercrime convictions? They are definitely on board. A stage Epic Games could have prevented from the start, but someone saw 30% of $5,000,000,000 and did the math, but whoever did the math was not ready for the tidal wave they would be inviting through that choice. In this, Forbes had one more gem, it comes from Nicole Penroth and ‘The hubris of American exceptionalism’, when we see “More hacking, more offence, not better defence, was our answer to an increasingly virtual world order, even as we made ourselves more vulnerable, hooking up water treatment facilities, railways, thermostats and insulin pumps to the web, at a rate of 127 new devices per second”, now consider that Fortnite is on Windows, MacOS, Switch, Sony, Microsoft, iOS and Android, they drew more than 125 million players in less than a year, do you think that there will be no flaws? And how many devices a second will that add to the equation? Do you have any clue what level of protection is required, even as Sony, Solarwinds, Nintendo and Microsoft have all been hacked even though they had nowhere near that level of complexity required. This was a dangerous situation from the start and gamers will soon have to seriously consider to remove any program that has an ‘open’ store, the cost will be too high for a lot of them. 

And that is not all, as Nicole spoke about ‘an increasingly virtual world’ the danger that open stores will mean that you either have a dedicated computer, or healthcare and safety products will not be considered to be insured in your house, when that happens we get a whole new level of nightmare, I can only imagine that setting, but I am clueless as to the impact, we cannot oversee that, not with an evolving IoT and 5G evolving before our very eyes.

Leave a comment

Filed under Gaming, IT, Law, Politics

Chook Chook thinking

Yes, I could have said ‘train of thought’ but that would be too obvious, wouldn’t it. The thought came from two articles. The two articles set my mind in motion and they are not related in any way, other then the provider of both articles which is Reuters. The first article (at https://www.reuters.com/article/us-china-regulation-tencent-m-a/chinese-antitrust-regulator-blocks-tencents-5-3-billion-video-games-merger-idUSKCN2EG029) gave me ‘Chinese antitrust regulator blocks Tencent’s $5.3 billion video games merger’, I have nothing really to add, other then the thoughts I had wondering what the antitrust regulators were thinking. I am not saying, or implying that anything wrong was done. The ‘official’ version is “Antitrust laws are statutes developed by governments to protect consumers from predatory business practices and ensure fair competition” that is the official version, unofficial it is that competitors use their version of the excuse “to protect consumers” into a version of “stopping competitors with actual innovative inventions to get the upper hand over their need for revenue (read: greed)”, Google has been the most clear victim but they are definitely not alone. In the article we see that it is about Tencent Holdings Ltd’s and the merger of Huya and DouYu. If the merger goes through we get a setting where their combined market share in the video game live streaming industry would be over 70%. So I am not sure what to think, I do not know whether it is valid or not. It was merely an article that  got my attention. 

The second article is ‘FTC extends probe of Amazon, MGM deal’ (at https://www.reuters.com/article/us-mgm-m-a-amazon/ftc-extends-probe-of-amazon-mgm-deal-source-idUSKCN2EF2EF). There we see “Amazon.com’s deal to buy movie studio MGM for $8.5 billion is headed for an extended probe by the Federal Trade Commission, after a source familiar with the matter said on Friday the agency had issued a second request in its review of the merger”, so there is no connection there, and there will not be one. But the two articles made me think on what else Amazon could do. They do have the inside Track at present and if they push they could do titles that all others are not considering. To see this, we need to go back to 1983 then ‘Dragon’s Lair’ took the breath away from nearly everyone who saw it, it was an arcade machine and a laserdisc. No one had done it before and it took the cake, now on streaming no laserdisc is required, with MGM, Amazon has the option of launching a whole range of interactive movies. James Bond might be the most visible one, but when we consider the size of their IP which also includes the Hobbit, TombRaider and a few others, we can see that interactive movies have an option, and Amazon will own it all. The larger station is not merely interactive movies, but it is a play style that Sony and Microsoft added to their games, they merely forgot to make games like that. They did nothing wrong, they added flavour to their games. Yet Dragon’s Lair showed that a game like that is possible. In 1995 Tia Carrere added to this with The Daedalus Encounter, it started on 3DO but it did get on PC on the early age of VGA and CDROM systems with often no more than 300KB/s. Now with the consoles and streaming systems coming we can do a lot more and now we see that Amazon might be holding on to a lot more and even if the FTC tries to block it, it is merely a temporary setback, Amazon has the inside track and when the others consider this they might wake up and take old ideas into innovative new internet streaming highways. 

As I said, it was merely a train of thought, but so far the others aren’t showing their actions and that is before Netflix steps into the ring, consider what they have and what they would be able to push for, the innovative player takes the cake, that has been proven by Sony and by Microsoft in the past, and with the bar set to $195,000,000,000 in 2022, do you think that the innovators are going to let slip any sliver of a pie that big? What are you thinking?

As stated it is merely a train of thought, but is it that far fetched when you think of what we can now achieve?

Leave a comment

Filed under IT, Science

Dark side of the Jedi

Yes, I guess that George Lucas really had no idea that this would hold for well over 45 years, but that happens when you become the real innovator. In this we recognise innovators, but the path of one is often dangerous, perilous and it only works when the competition is at your heels. Consider that Star Wars came out when we had The Omen, Taxi Driver, All the presidents men, Rocky, Saturday Night Fever, the Duellists. All excellent movies, all driving the others to do better, that is why it works, so when I see “reversing the Trump-era award to Microsoft Corp and announcing a new contract expected to include its rival Amazon.com and possibly other cloud players” I merely wonder how stupid Trump actually was. To give $10,000,000,000 to Microsoft when they screw up their console position and hand the number two place to Nintendo with the weakest of all consoles, only to likely lose again in the future to the Amazon Luna and possibly even to Netflix? How delusional can you become? Microsoft tried to attack the Apple tablet market and failed miserably again and again, they blew their mobile market and they are trying to create waves for their Azure market, that is the player we want for the U.S. Defense Department? This all whilst we get a day ago “Microsoft has “paused” SQL Server in its Windows Containers project. Microsoft advises anyone interested in running SQL Server in a container to use the Linux root instead”, so basically the two non entries (Google and Amazon) were a better solution off the bat?

So, this Jedi (aka the Joint Enterprise Defense Infrastructure) is off to a rocky start. I had never expected to be any commander in chief so delusional that they would hand the contract to one player, all whilst better solutions (in the worst case merely equal) would be considered without proper vetting? I am not stating to merely give it to Amazon or Google, that is why vetting is an important process, yet in all that, Reuters (at https://www.reuters.com/article/us-microsoft-pentagon-jedi/pentagon-hits-reset-on-trumps-10-billion-cloud-deal-welcoming-new-players-idUSKCN2EC1YY) gives us “The company cited a 2019 book that reported Trump had directed the Defense Department to “screw Amazon” out of the JEDI contract”, is this how Americans see their national defence, as an ego driver? It would be one thing if Microsoft is the better party, but that hasn’t be the case for some time. 

So when I see “the plan would likely involve a direct award for “urgently needed” capabilities and then a “full and open” competition for multiple suppliers by early 2025”, which we get from John Sherman, acting chief information officer for the Defense Department. My issue here is that when I see ‘urgently needed’, I also remember the joke (not a funny one) that the Zumwalt class represents and the billions spend there, then there are a few more projects, all with pressing needs. And whilst we are getting towards it, the entire Kaseya and Solarwinds debacle shows the larger pressing matter. Security matters! And the matter of security can never be properly investigated if it is appointed to one player, one debatable player mind you. I am not stating that security at Google or Amazon is better, but the Exchange issues, which we get from ZDNet in April shows us “Four zero-day vulnerabilities in Microsoft Exchange Server are being actively exploited by state-sponsored threat groups and others to deploy backdoors and malware in widespread attacks”, this doesn’t mean that Google and/or Amazon is better. But the debate is on and Microsoft lost top dog and pole position years ago, they are merely in it to remain mediocre, all for the good of the board of directors. They lost to Apple (tablets), then they lost to Google (with Bing), then they lost to Amazon (web services and SaaS) and now surpassed by TikTok (video against China), that is an impressive fail rate. Consider that Bing has a market share of 2.71%, which against Google with 91.95% is slightly too funny for words. 

But this is not about Microsoft, it is about Jedi (all these funny acronyms). So when we consider the dark side of that forceless solution (by Microsoft) and we need to wonder about “the Defense Department also announced its plans for a new multi-cloud initiative known as the Joint Warfighter Cloud Capability, or JWCC. It must provide capabilities at all three classification levels — Unclassified, Secret and Top Secret — and parity of services across all classification levels; integrated cross-domain solutions; global availability including at the tactical edge; and enhanced cybersecurity controls, according to the Pentagon”, not the intent, but the investigative presumption of ‘enhanced cybersecurity controls’, both Solarwinds and Kaseya showed us that and this field is still widely in development, and sources like business wire are setting the Marke that cloud security will double over the next 4 years, a stage of increased visibility will both increase security and criminal activities, the winner remains unknown at present, even if we acknowledge that REvil has the upper hand, we have no way of knowing what happens tomorrow,  if security comes from innovators there is every chance that Amazon or Google will get there before Microsoft will, even Apple has a better chance of showing innovation than Microsoft in the cloud atmosphere at present. The fact of what happens next will be out soon enough, yet my mind wonders why anyone would be stupid enough to award national defence to anyone without proper vetting.  So when we accept that it was meant as “part of a broader digital modernisation of the Pentagon aimed at making it more technologically agile”, wouldn’t you want to vet to broaden the application of data, the security of the system and the application of security towards data, users and access? There is a reason that SELinux had roots going back to the NSA, this they all wanted to throw away? And the media is merely reporting the news, not questioning that time line? Why is that?

Only the agile and versatile remain superpowers, and the former president was willing to hand over 50% of THAT equation? So consider that what was JEDI (Joint Enterprise Defense Infrastructure) could have become the Darth (Defence Application Reprehensive Technology Hype) defence system. 

Leave a comment

Filed under IT, Military, Politics, Science

Choices by media

We all have them, we all have choices, believes and convictions. The media has them as well and they are entitled to them. I never objected to their choices, I merely want them to have accountability towards their actions. To kick this off, I need to confess. I had difficulties believing Bill Cosby was guilty. I went with what TV fed me, his character, his demeanour and I will admit, I was taken in by all of it. I saw the jokes, I saw the accusations and when we got ‘Bill Cosby released from prison after sex conviction overturned’ my mind went to different locations. I am unsure. Yes, I accept “The court ruled that the prosecutor who brought the case was bound by his predecessor’s agreement not to charge Cosby”, it does not make him innocent, yet why would any prosecutor come with an “agreement not to charge Cosby”? From a legal point of view it strongly implies that the prosecutor had no evidence to begin with. If the evidence was there, that promise would never be voiced by any prosecutor. And this got me thinking on Kevin Spacey. When we see “Kevin Spacey accuser who tried to sue anonymously is dismissed from case” (source: ABC) and we are given “A US judge has dismissed all claims by one of two men suing actor Kevin Spacey over alleged sexual misconduct in the 1980s, after the plaintiff refused to identify himself publicly” that is a voiced 50% loss, 50% went out the window just like that. And that is merely the beginning. The media is now in a much larger stage, a stage of denial and a stage of their big mouths that could land them an 8 figure settlement, optionally 9 figure, but that is a stretch. You see, at the height of the ‘House of Cards’ he was cast out, thrown away and that show was the talk of the town. Now we see the impact of the media and their need for a pound of flesh. So when we consider ABC giving us “The other plaintiff, actor Anthony Rapp, said he was 14 in 1986 when Spacey engaged in an unwanted sexual advance with him during a party at the actor’s home. Spacey, 61, has denied CD’s and Rapp’s sexual misconduct accusations. His lawyers did not immediately respond to requests for comment”. Did it happen?  I do not know, but in legal settings evidence matters, flaming opinions do not. Yet for an issue to wait 20 years until Kevin Spacey has his golden moment sounds off by a lot. And is no one asking what a 14 year old person is doing at a party? There might be a valid reason, there might not be, yet the lack of information in the media makes me wonder. A media that is too much about flaming and too little about informing. So I am not upset with Netflix when we see “Spacey starred in Netflix’s House of Cards before Netflix severed its ties with him after sexual misconduct accusations surfaced in 2017”, Netflix had to protect what was theirs, and there was damage, but in all this the media flamed that damage and when we see “the man known in court papers as “CD” said revealing his identity would cause “sudden unwanted attention” and be “simply too much for him to bear””, I have an issue, this could be a blackmailer hoping to cash in, ‘could be’ being the operative part. More important when we consider ‘10.83 The Sixth Amendment to the United States Constitution provides that in all criminal prosecutions, the accused shall enjoy the right to be confronted with the witnesses against him’, a simple foundation and when I see “Peter Saghir, a lawyer for CD, declined to comment on Thursday” I wonder what had gotten into Peter Saghir. It is speculative of me to think that the case with just Anthony Rapp was too thin to proceed. Yet the media is not looking at that picture or any picture that has the shown image as a picture in picture. And it is Reuters who gives us “Peter Saghir, a lawyer for C.D. and Rapp, declined to comment on Thursday. He has suggested that C.D. might pursue an appeal if his case were severed from Rapp’s”, so he is willing not to be ‘anonymous’ when Rapp is off the charter? It gives us a larger stage that the Rapp case is thin, optionally too thin. And that is when Kevin Spacey will made the 8 or 9 figure claim, he lost that much and that is the ball game and when the media gets that much of a claim, the game changes, the wolves become crying chihuahua’s trying to hold on as much of that money as possible, in a stage where every penny counts, losing over a billion if not well over ten times that much pennies will make them suffer, and with all the BS I have watched over the last decade, the media could do with a little suffering. 

Some people are all about Bill Cosby and Kevin Spacey, I am on the fence because we are lands of law, evidence is part of that and when the media is all about emotional flames, it tends to be the setting for a lack of evidence. Yes, this is speculative, but in that I have been proven right a lot more often than I was proven wrong. 

So what is next? 
When you see the flamed accusations against Spacey and Cosby, all whilst the media is going with excuse after excuse against Ghislaine Maxwell, daughter of dead media mogul Robert Maxwell. It seems that the media seems to be a protective shield for anyone with strong ties to media. So when you see the slams against these two gentlemen and we see ‘SHAMED Ghislaine Maxwell was left “broken” by her “horrendous childhood”’, ‘Ghislaine Maxwell’s prison cell flooding with raw sewage’ and more, yes she is so sad and so broken, but these people cannot afford a ‘$1 million home paid for in cash’, can they? When you have enough money to get a “4,300-square-foot house sits on 156 acres of land, at the top of a half-mile driveway” (source: NBC News), things do not add up. Especially as her daddy forfeited (read: default) on £50,000,000 in loans and went yachting. Yes, poor, poor little Ghislaine. 

Do you see the problem? The media has two measures and none are holding evidence too high and in all this we become the flock that relies on flamed materials, too often devoid of evidence.

So when you see this and we reconsider the hack (Kaseya) and now we add Government Security Info (at https://www.govinfosecurity.com/kaseya-ransomware-attack-this-dramatic-escalation-a-16996), I wonder what is true (I really do wonder) they give us “There’s one big question that hasn’t been answered, says Tom Kellermann, head of cybersecurity strategy at VMware Carbon Black. “Who gave REvil the zero-day?””, yet Fortune dot com gives us “The Dutch Institute for Vulnerability Disclosure said it had alerted Kaseya to multiple vulnerabilities in its software that were then used in the attacks, and that it was working with the company on fixes when the ransomware was deployed”. So one side gives us ‘zero-day’ the other gives us ‘multiple vulnerabilities’, as well as ‘it had alerted Kaseya’. Yet no one will give us how long this was known by Kaseya, how long the issue was out there and for how long Kaseya did too little in protecting their customers? The media is on both slots and the lack of voiced investigations are staggering, so when will we get the real deal, the state of matters drowning in facts and evidence? 

Leave a comment

Filed under Finance, IT, Law, Media