Comments

Bearded Man July 16, 2021 4:43 PM

“They are dismantling the sleeping middle class. More and more people are becoming poor. We are their cattle. We are being bred for slavery.

We could be pets, we could be food, but all we really are is livestock.

The poor and the underclass are growing. Racial justice and human rights are non-existent. They have created a repressive society and we are their unwitting accomplices.”

  • They Live (1988)

John Nothing July 16, 2021 5:15 PM

@Bearded Man : Been to Macronistan (formerly France) recently, haven’t you ? 😉

Travis says, "HTTPS Nowhere is cool!" July 16, 2021 6:46 PM

Hey Bruce,

I’m curious how much money would be required in order for you to dress up as a ballerina and either the tin-man or the cowardly lion from Wizard of Oz, for one of your talks.

This post was sponsored by the radical new browser plug-in, “HTTPS Nowhere” which allows you to browse every site on the Internet without SSL!

curious July 16, 2021 7:48 PM

@ Clive

How bad is this thing in UK? Thanks!

h_t_t_p_s://en.wikipedia.org/wiki/2021_European_floods

Hope this gets by moderation. This is also a security.

Stay safe!

Clive Robinson July 16, 2021 8:47 PM

@ Curious,

How bad is this thing in UK? Thanks!

As far as I’m aware not as dramatic as is being portrayed.

Members of my family were on a day out “jolly” in Kew[1] Richmond and Putney on the day in question, and yes whilst there were unspecified problems with the London Underground on the way back flooding was not apparently given as the reason.

We do get flooding around this time of year most years anyway, due to the tail end effects of tropical storms, and the fact rats etc have had time to build up nests etc in the sewers in the preceading weeks[2]. Thus “wash down” creates surface drainage and some sewer blocages.

So there was nothing much on the “Traffic and Travel News” I think Raynes Park / Wimbledon did get mentioned but only for the road underpasses for the mainline railway,

https://www.bbc.com/news/uk-england-london-57805391

I don’t do TV these days as it’s a waste of money unless you are into “moron TV unreality” that passes as “opiod for the masses” these days (it’s realy strange in the local café when they have the TV on it’s not just surreal but alternative reality fan fiction weirdness level strange).

Anyway there is the usual hysterics in certain news outlets with political axes to grind. But the BBC has a childrens News program called Newsround and they have some mobile phone pictures,

https://www.bbc.co.uk/newsround/57816752

I don’t see anything in there that I’ve not seen most years in the past couple of decades and most of it only appears to be a few inches.

The one with the “boil” in it near Grenfell is what happens quite often when you are in a lower lying area or there are lots of high rises and the like creating the “piston effect” due to closed in drainage (to keep smells down).

Is flooding getting worse in London on a year by year basis? Well Yes, but is it just one cause or several?

1, Party Politics
2, Failing utility provider
3, Climate Change

The worst damage due to flooding normally is due to 2 with burst water mains or colapsed sewers or blocked river ways etc due to realy shoddy maintainance. Every time I’ve seen flooding on those stretchs of railway north of the North London Railway stations, the eventual reports all point the finger at Thames Water’s repeated failings…

But all have their part to play, as do “mobile phones” that capture minor events that would not have been captured even half a decade ago.

[1] Much to their anoyance the giant lilly flowered whilst they were there but nobody said anything so they missed it, they only found out later through the “Frirnds of Kew” site later.

[2] There is also the issue that Thames Water is one of the most mismanaged organisations you can imagine, look up “fat-bergs” if you want more on that, especially the one in Kingston-upon-Thames which if memory serves was reported as the worlds largest.

ResearcherZero July 16, 2021 10:50 PM

Google released a blog post where it disclosed two Chrome software flaws that Citizen Lab found connected to Candiru.

hxxps://citizenlab.ca/2021/07/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus/

Winter July 17, 2021 2:16 AM

@Clive
“As far as I’m aware not as dramatic as is being portrayed.”

In the triangle Germany, Belgium, Netherlands (Cologne, Lieve, Maastricht) it a genuine disaster with ~ 200 dead.

SpaceLifeForm July 17, 2021 3:02 AM

AWS again.

hxtps://techcrunch.com/2021/07/16/backnine-insurance-applications-exposed/

Many of the insurance applications found in the exposed bucket were for AIG, TransAmerica, John Hancock, Lincoln Financial Group and Prudential.

SpaceLifeForm July 17, 2021 3:22 AM

@ Winter, Clive

It is dire. Over 1400 people missing.

Not only roads completely obliterated, but many metres of soil underneath have been scoured away. This is a complete unmitigated disaster. It makes what happened in Flagstaff Arizona look like a dripping faucet.

SpaceLifeForm July 17, 2021 4:08 AM

@ Winter, Clive

It’s going to take years to recover. Dependency Hell.

When the roads are destroyed like this, you can not truck in supplies.

You have to truck in supplies to rebuild roads, etc, etc.

hxtps://www.youtube.com/watch?v=arYnc6v07Go

hxtps://www.youtube.com/watch?v=5ANdYaMDJHM

Clive Robinson July 17, 2021 6:35 AM

@ Winter, SpaceLifeForm, ALL,

In the triangle Germany, Belgium, Netherlands (Cologne, Lieve, Maastricht) it a genuine disaster with ~ 200 dead.

From the news it does look bad, very bad. Some parts of that area I’ve knoen and liked and knew people there a decade or so back, and I still have some ties to Bocham.

I’ve always been a bit concerned about some areas there because of the amount of coal that was taken out and the fact nothing was put back. Those sorts of voids lead almost inevitably to “sink holes” and worse such as entire hill sides sliding down into valleys like massive avalanches.

But the point I was making was just about London and close by. The UK has a maratime climate so generally our problem if we have one is not excess water but lack of water over a prolonged period. Not so continental climates where winters tend to be cold and technicaly dry, and summers hot and dry with rain etc being spring and autumn. With “snow melt / run off” in spring being of concern as it comes down off of the mountains into “hard rock valleys” etc.

Yes we do from time to time get serious flooding in the UK, and yes it has been known to run off from upland plains into hard rock valleys as it comes towards the coast. We had that down in the South West a few years back and entire villages got reduced to little more than road signs a mile or so up the road.

However what I am unfortunately seeing is some people trying politically inspired oportunistic behaviour to stir it up… Harking back almost to “acid rain invective” of half a life time or so again.

How do I put it, the London Firebrigade reporting ~150 phone calls about what appears mainly to be a few patches with a few inches of water across nearly 1000 square km of London whilst it is news, and likewise the Met Office reporting a months rain fall in a day is news, neither is a disaster or realy much more than an inconvenience that happens almost every year.

It’s certainly nothing even remotely close in comparison to entire hill sides turning into mud/land slides, with water levels rising in rock valleys by many feet.

Whilst I do feel sorry for those in London who’s basments and below ground level flats etc have been flooded, you would kind of expect them to realise that just as rain water fills pot holes in roads, it will also fill any other hole in the ground just as easily so living in a hole in the ground carries some degree of risk.

However well built homes above ground on what should be solid ground the average person would not expect to get flooded let alone washed away. You need to be a fairly well informed hydrogeologist to work out where should be safe and where might not be.

I do not know if what has happened is going to be marked down as a “hundred year” or “thousand year” weather event. What I will note is that what were hundred year events appear to be coming almost ten year events these days.

But those who have suffered and their loved ones are certainly in my thoughts as I have known people well in those areas in the past.

Winter July 17, 2021 7:04 AM

@Clive, SLF
“From the news it does look bad, very bad. Some parts of that area I’ve knoen and liked and knew people there a decade or so back, and I still have some ties to Bocham.”

It is not yet known why this became such a disaster. But it has been raining heavily for weeks now so all the soils will have been soaked. Then a few days of unusually heavy rains and water had nowhere to go than through the valleys. The Meuse and Rhine are at records high.

It was the flash floods going down the valleys that did most damage in Germany and some of Belgium. It is the record high water levels in the Meuse and tributaries that seem to do the most damage in the Liege area in Belgium and the Netherlands.

That also explains the difference in casualties. The river floods are seen coming while the German villages were completely surprised by the unprecedented floods.

Russian Good Troll July 17, 2021 10:02 AM

@ Winter

Yes, sometimes we disobey our Garden Gnome leader – Putin 🙂

and something to all:

h.t.t.p.s://www.pcgamer.com/war-thunder-fan-says-tank-is-inaccurate-leaks-classified-military-documents-to-prove-it/

echo July 17, 2021 10:14 AM

For the full dramatic effect watch this:

https://www.youtube.com/watch?v=z_yPCcGQOOw

Then read this:

https://www.theguardian.com/world/2021/jul/16/englands-covid-unlocking-a-threat-to-the-world-experts-say

Boris Johnson’s plan to lift virtually all of England’s pandemic restrictions on Monday is a threat to the world and provides fertile ground for the emergence of vaccine-resistant variants, international experts say.

Britain’s position as a global transport hub would mean any new variant here would rapidly spread around the world, scientists and physicians warned at an emergency summit. They also expressed grave concerns about Downing Street’s plans.

Government advisers in New Zealand, Israel and Italy were among those who sounded alarm bells about the policy, while more than 1,200 scientists backed a letter to the Lancet journal warning the strategy could allow vaccine-resistant variants to develop.

Clive Robinson July 17, 2021 10:40 AM

@ Winter,

That is the world Neo-Liberals wanted to recreate. And they are far on the way of succeeding.

Supprising to many is the driving force for neo-liberals is not money or power, they are meerly tools for others to wield on their behest. It’s all about “status” often through religion which in the UK is the “high church” and certain crypto-papist “High Churchmen” or what you might call Catholic symbolism and ceromony welded onto very conservative attitudes and a craving for the corridors of power, not to walk, but instruct the adherents.

Traditionaly they aligned with the Tory party but that fell into disrepute. So in the later part of the 1900’s they dabbled in socialism but failed to get the traction they wanted because Tony Blair PM a closset Papist Catholic ensured his ministers were to his religious tastes. Thus it appears the High Churchmen have thrown their lot back in with the Tories again, which is very bad news in oh so many ways.

Remember they are like the Vogons in Hitchhikers

“They don’t think, they don’t imagine, most of them can’t even spell. They just [want to] run things. And if we don’t hitch a ride soon, you won’t need the guide to tell you just how unpleasant the Vogons can be. They already destroyed…”

(Yes Douglas Adams did model the Vogons on certain “high churchmen” and Hammer and Tongs when making the movie followed the same line).

metaschima July 17, 2021 12:30 PM

@Clive

Supprising to many is the driving force for neo-liberals is not money or power, they are meerly tools for others to wield on their behest.

Isn’t that true of all political parties? Using their members as tools or pawns? I’m pretty sure that’s what they are, and why I don’t subscribe to any party. The world isn’t black and white like the politicians would have you believe. There is no objective right or wrong, just the subjective perception of events by society and then trying to make things fit. Real solutions to problems are never general edicts, but rather individualized and highly specific solutions. Therefore, the only thing politics hopes to accomplish is to control the minds of other with the aid of the media and now even better using social media.

Winter July 17, 2021 12:41 PM

@Clive
I do not think that you can explain the Neo-Liberal reaction from UK/USA particularities. The movement is too international and involves too many aspects of society.

The reactionary power grab in the 1980s took place at a moment when the damages of the WWI+Depression+WWII were repaired and all the developed economies had ended their 30 years growth spurt.

Economic growth was stalling and the difficult task of distributing the little growth that was happening was killed in the but. What happened instead is that the ruling elites captured all the economic growth in the name of Neo-Liberal freedom and efficiency.

The main, if not only, result of this policy was that the real income of most people did not grow in 4 decades, while the economies almost doubled in size.

Any religious or ideological justification of these policies are nothing but fig leaves for massive money and power grabs. The politicians and religious leaders are nothing but front men for these power grabs .

SpaceLifeForm July 17, 2021 4:03 PM

Literal Security Threatre

hxtps://www.cyberark.com/resources/threat-research-blog/bypassing-windows-hello-without-masks-or-plastic-surgery

it’s important to note that potentially any authentication system that allows a pluggable third-party USB camera to act as biometric sensor could be susceptible to this attack without proper mitigation.

[I doubt one actually even needs a camera. Just a USB device that can emulate one]

flat July 17, 2021 5:30 PM

More Havana Syndrome, now in Vienna…

ht tps://www.bbc.com/news/world-europe-57875322

xxx July 17, 2021 7:39 PM

@ Clive and others.

This might interest you

“Building a Curve25519 Hardware Accelerator”

hxxps://www.bunniestudios.com/blog/?p=6140

from the NP != P department July 17, 2021 9:49 PM

new study verifies safety of rust

https://developers.slashdot.org/story/21/07/17/0521243/new-study-verifies-safety-of-rust

/*

In his dissertation,

https://people.mpi-sws.org/~jung/thesis.html

Ralf Jung now provides the first formal proof that the safety promises of Rust actually hold.

https://www.eurekalert.org/pub_releases/2021-07/su-cs071521.php

“We were able to verify the safety of Rust’s type system and thus show how Rust automatically and reliably prevents entire classes of programming errors,” says Ralf Jung.

In doing so, he also successfully addressed a special aspect of the programming language: “The so-called ‘type safety’ goes hand in hand with the fact that Rust imposes restrictions on the programmer and does not allow everything that the programmer wants to do. Sometimes, however, it is necessary to write an operation into the code that Rust would not accept because of its type safety,” the computer scientist continues. “This is where a special feature of Rust comes into play: programmers can mark their code as ‘unsafe’ if they want to achieve something that contradicts the programming language’s safety precautions. Together with international collaborators, including my thesis advisor Derek Dreyer, we developed a theoretical framework that allows us to prove that Rust’s safety claims hold despite the possibility of writing ‘unsafe’ code,” Jung says.

*/

2 things,

#1, i hope this finds NP and fam in good health.
#2, how do we validate a proof when all we have is trust and news?

ADFGVX July 18, 2021 12:11 AM

@ xxx

This might interest you

“Building a Curve25519 Hardware Accelerator”

hxxps://www.bunniestudios.com/blog/?p=6140

The math are cracked already. I don’t trust anything from that college boys frat house.

@ from the NP != P department

2, how do we validate a proof when all we have is trust and news?

There are several systems of computerized formal verification that have been used with varying degrees of success to build up all of modern mathematics from the basic axioms of Zermelo–Fraenkel set theory using only the standard rules of propositional logic with quantifiers.

Clive Robinson July 18, 2021 4:21 AM

@ Lurker,

Mobile Phones are 75 yr old technology.

Actually they are a bit older than that try 86years or there abouts.

The UK Met Police were developing a mobile phone type system for their police cars and boats in the mid 1930’s prior to WWII in the Barnes area of London on the River Thames.

Sadly very very little information on it survives because the work got subsumed fairly quickly into “war work” and all the secrecy involved.

From what I was told the idea was that the non driver in the vehicle could “dial a dept” rather like you would dial an extention in a very small company.

Apparently they started with HF for the increased coverage area but later switched to VHF as the technology came about, which was very surprising for the time. Apparently it was one of a number of things including the cavity resonator magnetron the Tizard Committee gift wrapped and gave to the US in return for them supposadly manufacturing equipment for the war effort.

The last I heard about it in Britain was that it ended up under MI5 out of garages in the Vauxhall area of London post war. By which time Britain had no money to develop such systems or much of anything at all. With the population starving and dependent on gifts from ordinary US citizens just to survive, US politicians were of the view that Britain was secretly holding out via “Empire” and should thus be bled white even further… Unsurprisingly a lot of British talent got on a boat and never came back, Gordon Welchman being a name a few readers here should recognize, in effect he was the father of what would eventually become the Internet.

Clive Robinson July 18, 2021 4:46 AM

@ from the NP != P department,

#1, i hope this finds NP and fam in good health.
#2, how do we validate a proof when all we have is trust and news?

You left out,

#3, OK for top down attacks, but what about bottom up attacks?

Most software development security proofs are at best “half proofs”…

But with long known attacks starting from underneath the CPU ISA level in the computing stack or like RowHammer capable of reaching around from user space to underneath the CPU ISA level… We know software based security in type systems etc can be avoided.

It’s one of the things Cambridge Uni was looking at with execution time tagging systems like CHERI some years back, but again still a top down approach.

https://www.lightbluetouchpaper.org/2019/10/18/ukri-digital-security-by-design-a-190m-research-programme-around-arms-morello-an-experimental-armv8-a-cpu-soc-and-board-with-cheri-support/

https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/

Winter July 18, 2021 5:35 AM

@Clive
“#3, OK for top down attacks, but what about bottom up attacks?”

Rust is not about attacks, but about reducing coding errors and catching them at compile time.

The idea was to prevent all the know coding problems in C while still getting an efficient run time.

Clive Robinson July 18, 2021 7:01 AM

@ Winter,

The idea was to prevent all the know coding problems in C while still getting an efficient run time.

So not as I noted,

“Most software development security proofs are at best “half proofs”…”

But not even half proofs.

We’ve known for over fourty years how to make programming languages “type safe” and safer in other ways. In all that time we have also learned that actually the problem is not type safety but programmers under the wrong sort of motivations and no corrective forces allowed.

Rust is known to have ways out of that type safety shoe box, I’ll give you three guesses as to how much that feature will be (ab)/used as a quick fix/hack and become the mainstay of “Go-Faster stripe” functionality in security sensitive areas…

But the point I was making is the world has already moved on, yet the “Old Guard” are still fighting their fathers and grand fathers battles with the same old known to fail battle plans…

More than a decade ago on this blog I pointed out when it comes to the choice between the right way and the wrong way to to do these things, almost invariably it’s not the right way.

I’m sure others will have their say but my view, way way to little, way way to late, and definately not the right direction to be going.

echo July 18, 2021 9:50 AM

The last I heard about it in Britain was that it ended up under MI5 out of garages in the Vauxhall area of London post war. By which time Britain had no money to develop such systems or much of anything at all. With the population starving and dependent on gifts from ordinary US citizens just to survive, US politicians were of the view that Britain was secretly holding out via “Empire” and should thus be bled white even further… Unsurprisingly a lot of British talent got on a boat and never came back, Gordon Welchman being a name a few readers here should recognize, in effect he was the father of what would eventually become the Internet.

I have no idea what diplomacy may have achieved at the end of the Cold War but I recall the US leaning very hard on Russia after the collapse of the Soviet Union to the point of cruelty. The image of old ladies selling their fixtures and fittings to make money to buy food is an image that has stuck in my mind. I have no symnpathy for Russian nationalism nor their liking for old school “wet jobs” on European soil or any of the other silliness such as interference in human rights both within wider Europe as well as the EU and UK. What I do think is US hardliners if not enouraging or provoking it are certainly not helping.

https://www.theguardian.com/uk-news/2021/jul/14/public-should-be-alert-to-threat-from-china-and-russia-says-mi5-chief

The chief of MI5 is to warn that the activities of China, Russia and other hostile states could have as large an impact on the public as terrorism, marking a significant shift in emphasis from the UK’s domestic spy agency.

Giving his annual threat update on Wednesday, Ken McCallum is expected to say that the British public will have to “build the same public awareness and resilience to state threats that we have done over the years on terrorism”.

But while the threat from Russia, as demonstrated by the poisoning of the Skripals in Salisbury, is familiar to the British public – the spy chief will argue that threats that typically come from China are not.

McCallum will say that universities and researchers risk “having their discoveries stolen or copied” if they are not vigilant and that businesses could be “hollowed out by the loss of advantage they’ve worked painstakingly to build”.

“Given half a chance, hostile actors will short-circuit years of patient British research or investment. This is happening at scale. And it affects us all. UK jobs, UK public services, UK futures,” McCallum will say.

Not a peep about the UK establishment or US vested interests wrecking the UK economy and taking advantage of Europe from the 1970’s and onwards.

https://www.theguardian.com/politics/2021/jul/14/mi5-investigated-rightwing-terror-suspect-who-was-13-years-old

MI5’s chief has revealed that the agency had found itself investigating a neo-Nazi terror suspect who was 13 years old, part of a “rising trend” of radicalised teenagers becoming engaged in rightwing terrorism across the UK.

Ken McCallum, the domestic spy agency’s director general, warned that extreme rightwing terror accounted for one in five of all counter-terror investigations, a threat that had “grown and morphed quite substantially over the last five to 10 years”.

A particular problem, he said, was the “high prevalence” of teenagers in rightwing terror investigations, which he suggested was because youngsters were being swept up in a “toxic ideology” of “online extremists and echo chambers”.

And which corporations are getting away with it behind the facade of which countries?

flat July 18, 2021 11:29 AM

Leak of the day:

ht tps://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones

flat July 18, 2021 11:37 AM

ht tps://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus

ht tps://www.theguardian.com/world/2021/jul/18/ft-editor-roula-khalaf-among-180-journalists-targeted-nso-spyware

ht tps://www.theguardian.com/news/2021/jul/18/revealed-murdered-journalist-number-selected-mexico-nso-client-cecilio-pineda-birto

ht tps://www.theguardian.com/news/2021/jul/18/viktor-orban-using-nso-spyware-in-assault-on-media-data-suggests

Anonymous July 18, 2021 12:19 PM

Bruce has done a great job to define and pioneer the role of a public-interest technologist. After reading some recent news, I wondered, what’s term for someone who does the opposite of that?

Aside from borrowing older, perhaps loaded words such as hackers, malicious actors, frauds or ludite, is there a better term we can use to talk about people who work against public interest, or who aren’t really tech people, or both?

Do we already have more neutral academic terms to discuss those who, knowingly or unknowingly, subvert the work of public-interest technologists?

For those curious as to what sparked this line of thought.
http://lite.cnn.com/en/article/h_1aeef61fc661e9d05401a1d2ceb34390

amonymous mouse, gray one July 18, 2021 12:55 PM

@ Anonymous

First, define ‘public interest’?
Politicians all the time talk that they do their political work for the ‘public interest’, ‘for the people’, they ‘serve people’ etc.

We all know what kind of bullshit this is.

Therefore when someone define his work as a ‘public interest’, I have my bias. I’ve see too much.

And for the record – wouldn’t free access to info be in ‘public interest’? Here has been several times raised the issue, that this blog could be accessed also via a plain HTTP so that older systems could also access the info. Hardly nobody attacks this blog on the network redirection level so that HTTPS and certificate is needed for ID.

Yep, lets cut people out from information for the ‘public interest’!

Clive Robinson July 18, 2021 12:57 PM

@ echo,

Gripping stuff.

Yes Monday, when Delta Death flies unrestrained by the stupidity of BoJo and Co.

I currebtly call it the,

“Sajid Suicide Pact Policy”

The UK is without doubt “the dirty man of the west/north” yet again

And this utter stupidity will significantly negatively effect probably 2% of the UK population before the schools go back.

Then well your guess is as good as antibodies.

The hurd immunity policy is one of many genocide type policies that have happened over the last hundred years. The difference being I can not see BoJo and Co getting hung for their crimes against humanity after all “That would not be cricket”.

Three likely results,

1, Increased deaths in the young.
2, Saturation of the NHS.
3, The appearance of atleast two possibly three new variants of concern, of which atleast one will be either another “break out” or vaccine avoident.

name.withheld.for.obvious.reasons July 18, 2021 2:34 PM

@ Clive
Whilst I expected to be moderated, I am still surprised that disclosure of public information seems to be problematic. Nothing I noted was not available from data provided by the named party. Frustrating…

Oh, and on the issue of raw political power, i.e. with respect to the Catholic Church, the new theocrats are attempting to use the opportunity of chaos and confusion to rearrange the deck chairs. It is a cynical use of biblical frameworks to wrestle not only control away from secularized governments but to also seize assets.
?)
On disturbing note, there are those in the U.S. Christian Nationalists movement that are using Victor Orbon (sp?) as a model of human rights.

JonKnowsNothing July 18, 2021 2:47 PM

@echo

re: The image of old ladies selling their fixtures and fittings to make money to buy food is an image that has stuck in my mind.

You can see this nearly everywhere, everyday, globally.

In the USA it’s called a Flea Market and Yard Sales. They take place on the streets and in car parks. Upscale versions are called Art and Antique Fairs but the Bread and Butter crew are at the Flea Markets and the Bread with no Butter group haunts the Yard Sales.

It’s not an unknown or even unreported problem but it happens as you move through the generations. At some point, income drops significantly. For some it drops to zero and others to a low level, and periodically reduces the expected standard of living to an unsustainable level. It’s called Down Sizing.

We Up Size when younger, with families, and Down Size was we get older and sell off all our possessions to buy food and pay medical bills and buy medications. Eventually most of us will end up in 1 room, if we are lucky. If not we end up in a tent or jailed for inability to pay vagrancy law fines. The rate of sell off varies by demographics and social status.

It happens to the poor and to the rich and to those who think they are rich and to those who have expectations of being rich and dying rich.

In the USA it’s all about Getting Rich. Keeping it is different episode.

===

ht tps://en.wikipedia.org/wiki/Vaux-le-Vicomte

  • A historically important chateau but often lost behind the history of grander buildings. Owned by various parties since 1641, but often left derelict and all the furniture and fixtures sold off or destroyed. Restoration efforts are on going.

(url fractured to prevent autorun)

Fake July 18, 2021 2:57 PM

@jon,

yard sales certainly, but estate sales have been promulgating wildly.

lathes mills radio equipment manuals collectibles of the non millenial sort.

a whole cottage industry in the last 10 years or so has popped up around the internet and facebook involved with the managerial side of liquidating familial assets poorfessionally.

echo July 18, 2021 3:34 PM

@JonKnowsNothing

In the USA it’s called a Flea Market and Yard Sales.

This wasn’t just selling off their trash because they had nothing better to do over the weekend. The country was in chaos and the economy had imploded and their pensions were rendered near worthless. People were starving.

In the USA it’s all about Getting Rich. Keeping it is different episode.

The US doesn’t get Europe. We do things differently over here.

https://www.independent.co.uk/news/uk/politics/universal-credit-casey-boris-johnson-b1884921.html

Cutting the £20-per-week universal credit would be an “unnecessary evil” leading to an increased reliance on foodbanks this winter, Boris Johnson’s former homelessness adviser has warned.

Well, not everyone but like Clive said earlier hanging is now unlawful. Not that this is stopping me from wanting to see every last one of them being held to account.

Quizzed on whether he would review the cut before September, the prime minister replied: “Of course I keep everything under under constant review, but I’ve given you a pretty clear steer about what my instincts are.”

And that day cannot come soon enough. A life sentence in Belmarsh should wipe the smile off his face.

meanwhile in Russia July 18, 2021 3:39 PM

@ Clive Robinson

While UK infection rate is really bad, your death rate is still small. Compare this with Russian so called “official” numbers.

hxxps://en.wikipedia.org/wiki/COVID-19_pandemic_in_Russia

Scroll down to graph.

Starting from July the first, basically:

~25K infections per day
~700 death per day

And those are only “official” numbers. One can think real numbers are way, way higher.

from this strange and twisted world July 18, 2021 3:55 PM

@ echo

‘The US doesn’t get Europe. We do things differently over here…’

Really?

In EU there’s no death penalty.
Let’s say you are old, no job, can’t pay bills, can’t buy food, you lost your home.
But you want to live, DESPERATELY.
So you have only one option – to kill someone.
After that – you have roof, you have food, you have medical attention, you have internet, you have books etc. Yes, you don’t have freedom any more, you are in prison, possibly until you die, but you are still alive.

So strangely enough – to stay alive in Europe you must kill someone.

self aware usb drive July 18, 2021 4:49 PM

For years, a backdoor in popular KiwiSDR product gave root to project developer

Users are rattled after learning their devices and networks were exposed.

Dan Goodin – Jul 15, 2021 7:22 pm UTC

KiwiSDR is hardware that uses a software-defined radio to monitor transmissions in a local area and stream them over the Internet. A largely hobbyist base of users does all kinds of cool things with the playing-card-sized devices. For instance, a user in Manhattan could connect one to the Internet so that people in Madrid, Spain, or Sydney, Australia, could listen to AM radio broadcasts, CB radio conversations, or even watch lightning storms in Manhattan.

On Wednesday, users learned that for years, their devices had been equipped with a backdoor that allowed the KiwiSDR creator—and possibly others—to log in to the devices with administrative system rights. The remote admin could then make configuration changes and access data not just for the KiwiSDR but in many cases to the Raspberry Pi, BeagleBone Black, or other computing devices the SDR hardware is connected to.

A big trust problem

Signs of the backdoor in the KiwiSDR date back to at least 2017. The backdoor was recently removed with no mention of the removal under unclear circumstances. But despite the removal, users remain rattled since the devices run as root on whatever computing device they’re connected to and can often access other devices on the same network.

“It’s a big trust problem,” a user with the handle xssfox told me. “I was completely unaware that there was a backdoor, and it’s hugely disappointing to see the developer adding backdoors in and actively using them without consent.”

JonKnowsNothing July 18, 2021 5:26 PM

@echo

re: This wasn’t just selling off their trash because they had nothing better to do over the weekend.

In the Heights of Silicon Valley, when everything was possible, there were “auctions” for computer equipment held at “named hotels and conference centers”.

Inventories of replaced servers, computers, pcs, comm systems, hardware galore was on offer to highest bidder. Equipment flowed like a river, downstream landing in the laps of startups. Multi-processor servers going for $200USD each. RAID systems for even less. Then there were the “failed business” sales another source of cheap goods.

Yesterday’s hardware for a pittance.

A failed business selling their equipment, furniture, fixtures is not much difference that a person having to sell their “trash” because it’s the only things they have left to sell.

Nothing’s really changed in ages. Well, perhaps some views have changed.

The question is: Who is buying?

tl;dr

During one of the many famines on the planet, various NGOs shipped large quantities of foodstuffs to the area. There were too many hungry people and not enough foodstuffs to feed them all.

TRIAGE became the word of the day. Some people were given food and some where not.

An elderly man was on the No Food List. He stood at the back of the delivery truck while the food was handed out to younger people. Some of the grains fell on the ground and the old man tried to bend over to pick up the few fallen pieces. Younger people took the few pieces out of his hand.

The old man cried and collapsed on the side of the road.

No one was going to come. No one was going to save him. He was starving. He knew he was dying of starvation. Still no one came.

The truck drove off to Save Someone Else.

No one will be coming to save you and if all you have is “trash to sell” then that is what you will sell and you hope that someone will buy enough of it to pay for a meal.

YMMV. Mine will be getting to the bottom of the tank very soon.

p[e]nis p[a]rty July 18, 2021 5:40 PM

I like to rock back and forth, back and forth, naked, and listen to the sound my p[e]nis makes as it smacks my belly button over and over and over again.

ADFGVX July 18, 2021 6:46 PM

https://www.washingtonpost.com/wp-srv/special/national/black-budget/

Funding the intelligence program
The CIA, NSA and National Reconnaissance Office (NRO) receive more than 68 percent of the black budget. The National Geospatial-Intelligence Program’s (NGP) budget has grown over 100 percent since 2004.

@ from this strange and twisted world • July 18, 2021 3:55 PM

In EU there’s no death penalty.
Let’s say you are old, no job, can’t pay bills, can’t buy food, you lost your home.
But you want to live, DESPERATELY.
So you have only one option – to kill someone.

That’s usually CIA // Mossad. But you say you’re from Europe, out on a mission to kill? It’s that James Bond 007 stuff again, and it ain’t a legitimate moose hunt, either. SIS, formerly known as MI6. EU is a slightly looser union than the U.S., and each member state maintains its own intelligence apparatus.

Yesterday’s hardware for a pittance.

A failed business selling their equipment, furniture, fixtures is not much difference that a person having to sell their “trash” because it’s the only things they have left to sell.

Nothing’s really changed in ages. Well, perhaps some views have changed.

The question is: Who is buying?

The Christian Socialists fence that sh!t at a Jewish pawnshop in Dresden, with the little girls’ lemonade stand and the ladies’ bake sale.

Freezing_in_Brazil July 18, 2021 9:04 PM

@ SLF

Thanks for taking the time. Exactly what I’ve been considering in my latest musings. I see i need to make a better use of the site’s search.

*I notice a recent post of mine was deleted. It was not offensive in any way. Must have been some mistake.

Regards.

SpaceLifeForm July 18, 2021 9:08 PM

@ Clive

I can not find the link. Remember what I called modified goldbach conjecture, and you had linked to something (that I can not find now), and I mentioned that maybe I had a bug because I had fewer exceptions?

I really want to find that, because I want to go thru my exception list versus what the link you have provided had listed as exceptions.

I think it is not a bug, but a slight difference in problem definition.

I thought the link you had provided was wikipedia, but my google-fu and ddg-fu is not finding it.

Regards

SpaceLifeForm July 18, 2021 9:25 PM

@ Clive

I can not find it via ‘t-prime’ and I’m pretty sure that was mentioned.

Thanks

JonKnowsNothing July 18, 2021 9:47 PM

@All

A bit lighter fare…

Some funny replies to the question of:

  “Q: why are companies always experiencing higher-than-normal call volumes?”

A sample of replies:

  • Because they are experiencing lower than normal staff levels.
  • How about: “This call may be recorded for quality control purposes”? Really? Don’t most of them already know how abysmally poor their service is?
  • Your call is not as important as their profit margin.
  • it was really just a marketing and sales ploy to exaggerate the popularity of their products.
  • “Your call is important to us.” Not you, your call.
  • the answering system, designed in such a way that whatever options you choose it tells you to find your answer by going on to the website, then thanks you for your call and hangs up?

Some real howlers for sure…

RL anecdote;

My person version is to use a lot of Expletives Not Deleted when sitting in a message tree; the really long trees: press 1 for x; say your name; repeat your secret sauce info, I did not get that… try again.

It’s a ROBOT. Why do you need to be polite to it?

===

ht tps://www.theguardian.com/business/2021/jul/18/readers-reply-why-are-companies-always-experiencing-higher-than-normal-call-volumes

(url fractured to prevent autorun)

ADFGVX July 18, 2021 10:04 PM

@ SpaceLifeForm

When the roads are destroyed like this, you can not truck in supplies.

You have to truck in supplies to rebuild roads, etc, etc

That is easy. You truck in rock and dump it on the spot and drive over it to make a roadbed. Keep making round trips to the quarry and dump more rock where you want to allow lighter trucks to drive.

JonKnowsNothing July 18, 2021 11:43 PM

@ADFGVX @SpaceLifeForm

re:

SpaceLifeForm: When the roads are destroyed like this, you can not truck in supplies. You have to truck in supplies to rebuild roads, etc, etc

ADFGVX: That is easy. You truck in rock and dump it on the spot and drive over it to make a roadbed. Keep making round trips to the quarry and dump more rock where you want to allow lighter trucks to drive.

@ADFGVX Probably you have not been involved in any sort of serious road building but your technique only works in limited applications.

Dirt is not just dirt. It has different densities. This and water make mud. One aspect of mud is that the base is not stable. You can pour lots of gravel on a muddy area only to watch it sink away and you are still left with your muddy wet puddle of goo.

Driving heavy equipment over such pathways only makes things worse. Huge gouges and deep ruts and more churned dirt-mud will be the reward in short order. It might be fun to drive through a mud patch in a ATV or Motocross Bike, but you can slide right off the pathway and into… probably some where you didn’t want to go like a ditch or worse a river.

Some of the damage in Europe from the massive floods is far beyond the ability of Dump and Fill.

In the USA River levees fail when the water erodes the levee walls faster than the Dump and Fill trucks can make the round trip to the gravel yard and back. Nothing worse than watching than your $300,000USD crawler go FLOP into the river.

In USA for years our highway system has used Cut and Fill to straighten roadways. We Cut the hillside away and drop the Fill into the canyon below until the base is raised high enough to be level with the existing roadway. There is some method to the engineering, like they have to install huge culverts to allow water to flow through the bottom of the canyon-fill area otherwise you get a mini-dam and that’s a different engineering spec.

If you do not put in a decent base, a stable under surface, the road won’t last long enough to fill in the massive erosion from the flooding. And Dump and Fill won’t fix the erosion part at all.

On a smaller scale, the same thing happens in horse arenas. Horses churn the surface as they move, creating divots, tracks and dips in the surface. Arena maintenance periodically uses one of several methods to level out the surface. If the arena has only a dirt base, it’s a losing battle and the cost of replacing the surface material can be prohibitive. It may seem that it’s cheaper to just dump the sand on the dirt but when your arena floods because there isn’t any drainage and an entire section is one big slip-n-slide the experience is hardly worth the faux-saving both in materials, medical bills and vet bills.

ADFGVX July 18, 2021 11:50 PM

@ JonKnowsNothing

Some real howlers for sure…

And what sort of criminal charges is the pimp of the district promoting or compelling on the basis of such intelligence gathered through illegal wiretapping ?

ht_tps://fee.org/articles/thanks-to-wiretapping-laws-your-cell-phone-is-a-felony-machine/

ht_tp://www.gencourt.state.nh.us/rsa/html/LVIII/570-A/570-A-mrg.htm

The relevant New Hampshire law is titled “Wiretapping and Eavesdropping,” but it isn’t restricted to electronic communications.

It’s a felony if someone “willfully intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any telecommunication or oral communication.”

See also: ht_tps://app.leg.wa.gov/rcw/default.aspx?cite=9.73

SpaceLifeForm July 19, 2021 12:01 AM

Jason Scott interviews Dan Kaminsky. Defcon 2012-07-30, 30 mins.

“I think we can fix the net”

hxtps://twitter.com/textfiles/status/1416436828861775872

hxtps://www.youtube.com/watch?v=ZkqY4l6mPtc

SpaceLifeForm July 19, 2021 1:01 AM

NSO iPhone Zero-click exploit

hxtps://twitter.com/billmarczak/status/1416801439402262529

THREAD with a couple of interesting bits from @AmnestyTech’s new report on what they learned from looking for NSO Group’s spyware on phones

hxtps://threadreaderapp.com/thread/1416801439402262529.html

Clive Robinson July 19, 2021 4:13 AM

@ SpaceLifeForm,

I thought the link you had provided was wikipedia, but my google-fu and ddg-fu is not finding it.

If memory serves correctly it is,

https://en.m.wikipedia.org/wiki/Dubner%27s_conjecture

If it’s not it will have to wait a few days, I’ve been put in “resuscitation” of “Accident and Emergency” with multiple medical problems, not sure how long they are going to keep me in for as they cranking up the big machinery to see if there are any signs of inteligent life in my soft old heart 😉

echo July 19, 2021 5:44 AM

@JonKnowsNothing

Dirt is not just dirt.

A lot of things are like this. I’ve been looked at like I’m stupid when I’ve given people the Mark Twain example. He remarked that many found the Mississippi and its swirls of water beautiful but he had been a river boat pilot. He knew things were not as they appeared to be.

Public inquiries? Glossy annual reports? Perfectly curated Instagramm lives? The list goes on. A goodly portion of being a leader is knowing when staff are blowing smoke up your posterior. I’ve also heard people complain about mangers asking questions for answers which are obvious. One reason is to to find out what you know and make sure that what you know is what you know. Another reason is simply to confirm what you know and what they know are the same thing.

The dirt thing is fascinating. I knew most of that but I don’t spend all day thinking about it so forget it and your level of detail was interesting.

It’s similar with gardening and agriculture. Dirt is not just dirt. This is why a lot of modern farming depends on soil experts and a lot of modern enviromental policy initiatives rely on a lot of science like this too. The EU is moving forward with this while the UK goverment is trying to tug in the opposite direction. That’s what happens when you have a bunch of dolts who think “common sense” beats expertise or what philosophers might call “vulgar” or “sensible”. Those are actually technical words but wow do people get funny if you use them. It’s not a personal attack!

It’s orthogoal to the topic but compost heaps and soil improvement are fascinating too. The biggest reason why most peoples compost heaps fail is they have the ratio of ingredients wrong. It’s a similar thing with gardening and why triple digging is superior. It’s also why you can be sneaky and put wood material at the bottom of a triple dig while leaving the organic and nitrate matter in the top two layers. Triple digging is a lot of up front work but the numbers speak for themselves. Your first crop of a triple dug will be better than a plot of land which has been double dug over its first ten years. A lot of the big stately homes with vegetable and flower gardens have this superior quality but those were gardens which were tended by dozens of relative to the owners very low paid staff over decades.

Tree leaves are really difficult to compost but if you let them rot down worms go ape for it and multiply like rabbits.

JG4 July 19, 2021 8:48 AM

I’m sorry that I forgot how awesome Maciej Ceglowski is. Well worth searching for previous mentions.

Relevant people
Pinboard@Pinboard
The light inside is broken, but I still work. The Cadillac of online bookmarking sites. Alleged nocoiner. http://pinboard.in Maciej Ceglowski.com
Trending now
What’s happening

Reminded by the news containing no surprises. These problems are innate to living systems. At least ones that operate in entropy gradients. I have experienced repeated difficulty here communicating that such systems are governed by the laws of non-equilibrium thermodynamics. What you call crime and war are just entropy maximization in other guises.

https://www.nakedcapitalism.com/2021/07/links-7-19-2021.html

Big Brother Is Watching You Watch

Revealed: leak uncovers global abuse of cyber-surveillance weapon Guardian (Richard Smith), Smith comments: “Next: organised crime breaks smartphone banking and skims 5% of everything.” Other commentary:

Pinboard@Pinboard
The spyware scandal in the news today is a chance to reiterate that human beings are incapable of producing defect-free software at any scale. In particular, there is no such thing as a secure online system or a secure mobile platform. This foundational issue won’t go away.
1:02 PM · Jul 18, 2021
222 Likes | 3 Shares | Share this Tweet

A new ‘digital violence’ platform maps dozens of victims of NSO Group’s spyware TechCrunch

MarkH July 19, 2021 9:22 AM

Good Sir Clive,

I worry each time your health woes come to my mind (or more accurately, my mind fragment). It’s my picture that you’ve been diligent in taking care of yourself … the arbitrariness of chance in life’s lottery.

I trust that when the medical establishment has reached its quota of poking and prodding, you’ll swiftly return to home and family.

Best luck!

Freezing_in_Brazil July 19, 2021 11:30 AM

@ Clive Robinson

I make MarkH’s words mine. I wish you a speedy recovery.

@ echo

Interesting insights lately, from different angles. I appreciate that.

Regards

ADFGVX July 19, 2021 11:46 AM

@ JonKnowsNothing

@ADFGVX Probably you have not been involved in any sort of serious road building but your technique only works in limited applications.

Dirt is not just dirt

That’s right. You’ve got a bunch of buddies at city hall illegally expropriating real estate and converting it to their own use at the expense of the Owners.

@ echo

Public inquiries? Glossy annual reports? Perfectly curated Instagramm lives? The list goes on. A goodly portion of being a leader is knowing when staff are blowing smoke up your posterior. I’ve also heard people complain about mangers asking questions for answers which are obvious

Theft of the mail from a person of interest by crooked cops, a lot of illegal wiretapping. Nothing of interest to law enforcement personnel ardently desiring to press charges against the person of interest, by arranging trial by bribing or blackmailinga judge. No investigation of crimes committed against the person of interest, no aid or comfort in defense of the person of interest.

@ all

So a crooked fed was arrested, but he’s got a lot of buddies still on the force, and within the military at local bases.

`https://www.kiro7.com/news/trending/former-dhs-officer-indicted-sexual-assault-charges-alaska/77JLQEVNE5GTPCWDCUA4COWMFM/`

`https://www.newsbreak.com/news/2171811691077/former-dhs-officer-indicted-on-sexual-assault-charges-in-alaska`

And who the hell is this Brittany Dunlop with her precious career at City Hall?

`https://www.linkedin.com/in/brittany-dunlop-5a687213`

District Attorney in Alaska if she isn’t cutting hair in Pittsburgh somewhere on the East Coast. Where do you learn all that law on a f***ing barber stool?

`https://instagram.com/brittany__dunlop`

`https://instagram.com/_britsierra_`

`https://instagram.com/brittany.dunlop`

`https://instagram.com/brittanydunlop`

JonKnowsNothing July 19, 2021 1:45 PM

@Clive

I too hope your recovery and health improve ASAP.

Your exchanges with MarkH and others have been fantastic and reading them is similar to watching that dragon-opera; I am eager for the next episode.

Besides being in Hospital on UK Freedom Day (07 19 2021) is not what anyone considers a celebration, better to spend the time at home and throw back some of that “Plant Based Beer” while watching the spectacles on TV.

Speedy Recovery!

SpaceLifeForm July 19, 2021 3:12 PM

@ Clive

Thanks for your recall as that was the link.

Hang in there. I hope the poking and probing are the worst of the experience.

Fake July 19, 2021 3:38 PM

So, it makes me wonder if somebody in China reported the exchange exploits to Microsoft say… Last year? Is all of this news filtered water anymore?

SpaceLifeForm July 19, 2021 5:14 PM

@ lurker

Those of us who don’t use MSFT or MSP must use eternal vigilance.

True. And in more than one angle. The main angle is that your lifeline supply chain is actually almost certainly using Windows and/or an MSP.

The other angle is that it does not matter or not if you personally do not use Windows.

Silicon Turtles are involved. The news of the Exchange China attack tells you that.

@ Fake

If the attackers are inside the org that received a bug report, then the attackers will find out.

The attackers, upon learning that their exploit has been discovered, may just decide to go scorched earth, and create damage. See REvil and Kaseya.

At this point in time, there is no surprise that security researchers have basically given up on bug bounty.

They report, the org stonewalls, then the org tells the researcher there is no reward under the bug bounty program because they already knew of the problem.

Bug bounty programs are basically good for learning that secret hidden exploits have been discovered.

@ Freezing_in_Brazil

Sometimes, it is not a mistake. It may have been that it was too spot on.

lurker July 19, 2021 5:44 PM

@Fake, SpaceLifeForm
The Chinese railway ticket sales system ran (may still do, it’s a while since I looked at it) on a modified/hardened Windows XP. It covered the entire country, but AFAIK was never hacked. Amongst the reasons why
1) their network was tight, they knew who was online where, which made it easy to find
2) anyone attempting to hack it, would be taken out back and shot.

The reluctance of other governments to adopt clause 2 has led us to where we are today.

ADFGVX July 19, 2021 6:22 PM

@ lurker

anyone attempting to hack it, would be taken out back and shot

The U.S. does the same thing of course, with drone strikes to take out domestic or foreign terrorists or others who are deemed a risk or threat to national security or so-called “critical infrastructure” because of an alleged mental illness or other justification for a preemptive hit or strike on a U.S. citizen.

There are intelligence issues with that, however, because the brute force guns blazing approach usually taken by DHS, U.S. Marshals etc., is ineffective at ascertaining which individuals or groups of people are the highest priority to be eliminated or taken out as threats.

SpaceLifeForm July 19, 2021 6:24 PM

@ lurker

A lot of kiosks are Windows CE. But, a lot are XP. I’ve not seen any kiosk past 7.

This article is not even a year old.

Consider the source of course, and keep in mind that it was not a complete dump, but it sure does indicate that there has been an issue in Redmond for some time.

hxtps://nationalinterest.org/blog/techland/why-windows-xp-won%E2%80%99t-die-169883

The leaked torrent files, published on the bulletin board website 4chan, include the source code for Windows XP Service Pack 1, Windows Server 2003, MS DOS 3.30, MS DOS 6.0, Windows 2000, Windows CE 3, Windows CE 4, Windows CE 5, Windows Embedded 7, Windows Embedded CE, Windows NT 3.5 and Windows NT 4.

SpaceLifeForm July 19, 2021 7:47 PM

@ Fake

Exactly. So how long have the attackers been inside?

Was it just after 98SE timeframe?

SpaceLifeForm July 19, 2021 8:40 PM

@ Fake, NSA, FBI

Was it just after 98SE timeframe?

I highly recommend that you dig into my hints that I have dropped on the internet over 2 decades.

I know there is ‘Intel Inside’, but I also know there is ‘Intel Inside’.

I know some of you care, but you really need to understand that compartmentalization is not cutting the mustard.

The compartmentalization is being used against you, and your freedom.

Formally a known entity July 19, 2021 9:25 PM

now there’s an NSL waiting to happen, way to start a race condition bud.

i’m not upset but don’t you think we should

BCC: Mossad, GRU, etc

while we’re at it?

ms is was and always will be a mole hill, as to whatever mice rats or holes there are or were within or around that infrastructure?

microsoft and linux both had shitty versioning schemes.

who’s the canary now? i can’t wait to have both you and me ‘deleted’ like th @ guy.

ADFGVX July 19, 2021 11:50 PM

@ Formally a known entity • July 19, 2021 9:25 PM

now there’s an NSL waiting to happen, way to start a race condition bud.

A “race condition” was formerly a specific type of unreliability due to a timing hazard in a computer program.

Now it’s just part of affirmative action mandated by the EEO/DOE union wage benefit scale system. They hire yes-men of any desired race or color and expect instant obedience. Highly sex segregated because of sexual harassment lawsuits on the job, and Christian Democrat males who don’t want to risk being tempted into unfaithfulness at work on the job in the industry.

i’m not upset but don’t you think we should

BCC: Mossad, GRU, etc

It’s those “benefits” of corporate employment again. Health, in particular. But their incentive is certainly not by any means to let you regain your health or ever escape from the services they offer if you ever do seek help for health problems. It’s a Jewish health district, as the white nationalists call it, or you could say an Egyptian midwives district if you’re Jewish or you don’t want to be so antisemitic about it.

ADFGVX July 20, 2021 1:13 AM

In re the above, I am trying to figure out the Russian word предложение.

I at first came across the translation “promotion” via Google translate, possibly but probably not the most accurate translation.

More like a rather formal or diplomatic “proposal” or a logical “predicate” or “proposition” or a grammatical “sentence” in some language.

The most similar word in English to sound it out, though, is “predilection” in the sense of “liking” or “preference” — an indication of willingness or preference or a lead-in to a proposal perhaps. If you don’t “like” something, you’re not going to buy it.

SpaceLifeForm July 20, 2021 3:04 AM

@ ALL

Did you know that Thomas Jefferson and Benjamin Franklin were into crypto?

I did not.

hxtps://www.justsecurity.org/77383/encryption-originalism/

MarkH July 20, 2021 3:12 AM

@ADFGVX:

I don’t know what “the above” refers to. If I saw the source text, I could perhaps help give a better sense of its meaning.

Robert July 20, 2021 6:56 AM

@ADFGVX

This word has several different meanings, so please give us the exact link, if you want to get a right answer. For example look at this wiki page – there are at least 4 meanings of this word. source

Winter July 20, 2021 8:39 AM

This might become interesting. Some background might be helpful. Max Schrems has already killed the USA privacy shield which allowed data to be shared between the EU and USA and has been troubling Facebook since 2011:
ht tps://en.wikipedia.org/wiki/Max_Schrems

Austrian activist Schrems’ Facebook complaint referred to EU court
ht tps://www.reuters.com/technology/austrian-activist-schrems-facebook-complaint-referred-eu-court-2021-07-20/

Austria’s Supreme Court has questioned the legal basis on which Facebook (FB.O) collects user data and referred key issues for a ruling by Europe’s top court, after awarding symbolic damages to activist Max Schrems in his privacy case against the company.

In a 34-page ruling, the Austrian court accepted the request from Schrems, who has waged a years-long campaign against what he views as Facebook’s intrusive privacy practices, to refer key questions to the Court of Justice of the European Union.

The civil case revolves around Schrems’ assertion that Facebook deprives users of the rights and protections they enjoy under the EU’s privacy law, the General Data Protection Regulation (GDPR), by treating consent as a contract that empowers it to use their data to deliver targeted ads.

“Facebook tries to strip users of many GDPR rights by simply ‘reinterpreting’ consent to be a civil law contract,” Schrems said in a statement on Tuesday. “This was nothing but a cheap attempt to bypass the GDPR.”

Freezing_in_Brazil July 20, 2021 2:38 PM

In re the above, I am trying to figure out the Russian word предложение.

Via Slovak, predlojènie >> presentation, submission.

ADFGVX July 20, 2021 3:21 PM

@ Freezing_in_Brazil • July 20, 2021 2:38 PM

In re the above, I am trying to figure out the Russian word предложение.

Via Slovak, predlojènie >> presentation, submission.

I still think предложение is a “predilection” in English. For one thing, it’s almost always a feminine or effeminate sort of leaning or preference.

A mail order bride with a “proposal” from a Russian man, for instance, and she might have a “predilection” for fine furs, wool clothing, caviar, cocktails, fine dining etc. etc.

https://www.merriam-webster.com/dictionary/predilection

https://www.vocabulary.com/dictionary/predilection

https://www.dictionary.com/browse/predilection

Something between a proposal and the acceptance of or willingness to accept the proposal.

The word isn’t even used in English except in a certain sense of irony or sarcasm.

echo July 20, 2021 4:18 PM

https://www.theguardian.com/uk-news/2021/jul/20/woman-stole-diamonds-worth-42m-by-swapping-them-for-pebbles

A woman stole diamonds worth £4.2m from a luxury London jewellers’ by posing as a gem expert and swapping them for garden pebbles in a highly sophisticated heist, a court has heard.

I do like a good heist. I nearly mentioned this the other day along with the Nice bank job as a example but thought better of it. There’s just something in my mind which finds them more appealing than shuffling bits around which seems to be the de rigueur crime of the day. Then this story popped up.

This job does seem a bit on the tawdry side so not my kind of thing and I wouldn’t know what to do with them. Well, wear them I suppose.

Freezing_in_Brazil July 20, 2021 5:55 PM

@ ADFGVX

Something between a proposal and the acceptance of or willingness to accept the proposal.

After a second look I think you are probably right (proposal).

ADFGVX July 20, 2021 6:38 PM

CNBC “make it” — LAND THE JOB
Remove these 7 things from your resume ‘ASAP,’ says CEO who has read more than 1,000 resumes this year

4. Personal pronouns
Surprisingly, many candidates still make the mistake of using personal pronouns — “I,” “me,” “we” — on their resume.

Translation: birth gender biological sex appropriate haircut, transgender need not apply, AND they really don’t want women in the office with men at all, except in subordinate office work phone greeting positions, etc. Men are suited and tied very, very appropriately, and they keep their distance from the women at work to avoid liability for a sexual harassment lawsuit.

5. The wrong kind of email
Hiring managers want candidates who are at least somewhat tech-savvy … and that means not having an email address from an outdated account like AOL or Hotmail.

When in doubt, just stick with a Gmail or Outlook address.

This one is a little bit odd. If you’ve been in business for yourself or have your own email, they don’t want to hire you as an employee, which means it’s better for independent-minded individuals to look for contract positions on a per-project basis. But still, there is an environment of too much management, they treat their employees like little kids, coddle them with corporate benefits, and constantly meddle with the workers who are trying to do the jobs they were hired to do. A “glass ceiling” for promotions in in effect, for men as well as women. Heavy monitoring of employees social networking outside of work, offline as well as online.

(you know who is the Russian expert here) July 20, 2021 7:01 PM

Russian word предложение meaning depends on context,
but usually means proposal, offer, suggestion etc.

Give me a real sentence and i say what it means.

ADFGVX July 20, 2021 7:18 PM

@ (you know who is the Russian expert here) • July 20, 2021 7:01 PM

Russian word предложение meaning depends on context,
but usually means proposal, offer, suggestion etc.

Give me a real sentence and i say what it means.

“Напишите мне в Skype пожалуйста WhatsApp/Viber владельца сайта и передайте мое предложение.”

good Russian Troll July 20, 2021 7:29 PM

In that context he has something to propose to the
owner of the site..
Either proposing some solution or making monetary offer etc.

ADFGVX July 20, 2021 8:20 PM

ht_tps://www.foxnews.com/us/san-francisco-shoplifting-car-break-ins-locals-react.amp

San Francisco.

The trouble is that women holding hands with other women do not present an effective “solution” to the “problem” of male criminality and “lawlessness” among adult males.

Winter July 21, 2021 4:04 AM

@ADFGVXZ
“The trouble is that women holding hands with other womeN…”

That wasn’t even in the article.

Not only are you obsessed with sex trafficking, you also are obsessed with women who are friends. You really sound like a would be incell terrorist.

Naked Kill July 22, 2021 7:39 AM

It sounds like the build environments were compromised by an object infector.

Library and object infection are not new, just unexpected.

Naked Kill July 22, 2021 8:04 AM

The forced virtual machine persistence can be blamed on a lack of variable initialization from their build script.

Incremental builds rely on artifacts like this, it’s bigger than a traditional build process sure but the same techniques of cleanliness and reinitialization would’ve slowed down this intermediary attack.

SpaceLifeForm July 22, 2021 6:51 PM

@ Naked Kill

You missed some important points, so I can only conclude that you did not watch and listen completely.

A big part of the attack on SolarWinds involved compiling source code, then decompiling from the binary, then packing. To remove symbols and be as invisble as possible.

It did not work because of the crashed VM.

Heterodox July 22, 2021 9:40 PM

It really sounds like that sunspot thing was smuggled into the build environment as an encrypted payload that was decompiled previous to encryption. That’s why they were disappointed there was no onsite decompiling or obscuration process. It sounds like the other guy may have been mistaken about the virtual machines but I would definitively say that the final backdoor was either installed into the product as either an oitm or an actual infection. The reference to renaming sounds like the more benign less heuristic method of oitm might have been used. They did say it can or could be used to target any compiler, unfortunately for them every reference they have was a flavor of gcc.

So was a developers perl script infiltrated off site and they were actually downstream of that?

GCC could have even been compromised from the data they’re giving us as to how the initial infection into their only known infected virtual machine is concerned.

They are kinda out of the way to not name what that encrypted payload came in on, it could be GCC or make outside of the “will work with any compiler” position.

nmake what you will.

SpaceLifeForm July 23, 2021 12:49 AM

@ Heterodox

The way I read it, is that the attackers were already inside. Maybe via SERV-U.

They then created a race condition, where the rename (mv) could occur immediately before the compiler started parsing the source code.

Yes, it is interesting that they did not mention MSVC. Maybe SolarWinds was already thinking outside of the box?

When you do a build, you do not want your build tools to pull. The SCM should push. And that includes the build scripts.

Your build and SCM should be able to completely re-deploy to a fresh machine. Always.

ResearcherZero July 23, 2021 4:44 AM

“I’m certainly persuaded that what our officers and some family members, as well as other U.S. government employees, have experienced is real, and it’s serious,”

hxxps://www.npr.org/2021/07/22/1013402176/cia-director-says-he-is-escalating-efforts-to-solve-havana-syndrome-mystery

People have been getting hit with it since the 1980’s, so it probably is ‘serious’.

Calling it a “sonic” weapon should ease fears for anyone who was exposed to long term microwave exposure (over many months), as we also use microwave to retrieve data from a number of hardware implants used in targeted operations.

However The GRU microwave device is noticeable due to hair loss, repetitive migraine, and eventual cancer (likely leading to death), as has happened to everyone I know who was subjected to long term targeting.

At close range you should be able to spot someone pointing the antenna at you, perhaps from a vehicle. You will collapse, feel like you are going to die, a small amount of steam may leave your body (forearms if exposed) and your hair will stand on end. It will heat water at close range which should be a giveaway.
It’s the long term exposure that will get you, but prolonged close range exposure is not advised, taking cover will reduce the impact.

Russian high powered microwave – not sonic weapon – get it right!
hxxps://spectrum.ieee.org/semiconductors/devices/how-we-reverse-engineered-the-cuban-sonic-weapon-attack

The Russians have long used microwave to retrieve audio from bugs they place in buildings, it’s well documented, but we don’t want to create a panic.

If you do manage to get your hands on a device, give your local agency bureaucrat a blast, and definitely the pencil pushers, just so they to can get a feel for it (and the possums in the roof). It will shut them up for a minute at the very least, and they may have a new appreciation for field work. They will however want to interpenetrate the data for themselves, put it in another report, and file it in back of the cabinet with the others.

repeat after me – ‘MICROWAVE’

I pointed out the two GRU agents previously, that should be a start, but Karl Ocallaghan and David Caporne still have not been prosecuted for those murders they committed while working for the Western Australian Police, so I’m not holding my breathe. Maybe after they finish prosecuting that guy Paul Whyte who worked for those two, the one who plead guilty to the 550 charges?

Winter July 23, 2021 6:27 AM

@ResearcherZero
“However The GRU microwave device is noticeable due to hair loss, repetitive migraine, and eventual cancer (likely leading to death), as has happened to everyone I know who was subjected to long term targeting.”

This is very serious and revolutionary news. Until now, there have been no unequivocal cases seen of cancer caused by microwave radiation. If there now have been found definite cancers caused by microwave radiation, this should have consequences for the use of microwaves and mobile phones.

Or it could have been an unsubstantiated BS remark.

JonKnowsNothing July 23, 2021 9:23 AM

@Winter, All

re: consequences for the use of microwaves and mobile phones

RL anecdote, tl,dr

In the early days of mobile phones just past the huge car battery state, the things became heavy sticks with long cables and then again shifted into a flip format you could put in a pouch and hang on your belt. It was a great improvement not to be tied to a 20lb battery or a 10ft cable to your car.

I used to carry my two on my belt. One main phone for client calls and one backup phone for when the main phone battery died. ‘Twas muy importante that my clients could reach me 24×7.

These small format phones had a tiny thumb antenna on the top and when driving that antenna would “poke” inward. At first I didn’t worry much because I was told it was OK. I spent a good amount of time (battery life determined) talking with clients holding the phone next to my ear with the antenna pointing skullward. Again I didn’t worry much ’cause I was told it was OK.

After a bit, when current events, news and tech was a bit easier to come by (pre-internet), I got an ear piece which left my hands free to continue doing whatever I was currently doing and still respond to my clients.

* At work or driving, I removed my pouch held phones and threw them on the other seat or on my work bench
* I used an the over the head earphones with controls
* I still racked up the same number of Per Minute Charges per Month

I noticed a couple of things:

* I didn’t have as many “headaches” (other than technical ones)
* I didn’t have the same “gut issues” in the same area as the antenna pokes (other than gut intuition that something was going to go south at a client’s installation)

It maybe that it was all Just Fine ‘Cause They Say So, but it was much finer for moi, after I made the change.

A massive system that targets “JUST CIA”? is a bit hard to grasp. The CIA has been known to target their own personnel for experiments. They have a reputation of deciding that some persons are less valuable than others and when they want to run an experiment that would never get past a medical ethics committee, they do it with their own employees. If the experiment has a negative result or fallout, they just toss the unfortunate out a high rise in New York.

The CIA has also been known to do similar to anyone in their Dark Site Prisons. A whole bevy of CIA medical professionals, MDs RNs and other “health oath bearing persons”, spend time “testing techniques” in the field. Handy notes those.

cast July 27, 2021 2:34 PM

“From the news it looks awful, extremely awful. A few pieces of that space I’ve knoen and enjoyed and knew individuals there 10 years or somewhere in the vicinity back, I actually have a few connections to Bocham.”

It isn’t yet known why this turned out to be such a fiasco. Be that as it may, it has been coming down vigorously throughout recent weeks so every one of the dirts will have been splashed. Then, at that point a couple of long periods of uncommonly substantial rains and water had no place to go than through the valleys. The Meuse and Rhine are at records high.

It was the blaze floods going down the valleys that did most harm in Germany and some of Belgium. It is the record high water levels in the Meuse and feeders that appear to do the most harm in the Liege region in Belgium and the Netherlands.

That likewise clarifies the distinction in setbacks. The waterway floods are seen coming while the German towns were totally astonished by the remarkable floods.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.