Often it feels like squid just evolved better than us mammals.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
++Don • July 30, 2021 5:20 PM
Often it feels like squid just evolved better than us mammals.
Nature is lazy. It doesn’t spend energy on things that aren’t needed. If squid have better resistance to microbial infection, then that makes me think that they live in a more microbe-infested environment. Or maybe we evolved a better immune system rather than anti-microbial skin (I don’t know what squid immune systems are like), with the same net outcome. Evolution is a tricky thing.
CMYK • July 30, 2021 5:43 PM
@ SpaceLifeForm,
https://minimundo.com.br/blog/gramado-no-inverno-o-que-fazer/
echo • July 30, 2021 6:19 PM
Psychologists think that more creative people are able to link remote elements together in their minds more easily, which is what’s being tested here. A more comprehensive measure would have to also take into account achievements in creative fields, such as music composition and inventions.
It’s a complex picture – but the DAT approach might make carrying out future studies into creativity just a little bit simpler.
“Creativity is fundamental to human life,” says Olson. “The more we understand its complexity, the better we can foster creativity in all its forms.”
Apparently my score was “82.74, higher than 76.1% of the people who have completed this task”. I have no idea what this means and am circumspect of online tests. The results chart and methodology is a curiosity. Take care to tick the box for “results not allowed to be used in research” and not fill anything else in.
The author of the test appears to be wanting to flog a book.
His academic CV is an ethics and security nightmare.
SpaceLifeForm • July 30, 2021 6:34 PM
@ echo
Creativity is all about thinking outside of the box.
Just ask Copernicus.
SpaceLifeForm • July 30, 2021 7:33 PM
@ ALL
Do you recall Beirut explosion?
I said the chem math did not add up, and that it appeared, from video, that explosion appeared to blow from underneath the dock warehouse?
Something does not make sense.
I am not buying this FBI report. Consider the timeframe.
hxtps://www.usnews.com/news/world/articles/2021-07-30/fbi-probe-shows-amount-of-chemicals-in-beirut-blast-was-a-fraction-of-original-shipment
The FBI’s Oct. 7, 2020 report, which was seen by Reuters this week, estimates around 552 tonnes of ammonium nitrate exploded that day, much less than the 2,754 tonnes that arrived on a Russian-leased cargo ship in 2013.
bot serial #5557765998 • July 30, 2021 7:57 PM
@SpaceLifeForm
Yes, we remember.
h77ps://www.nationalgeographic.com/history/article/a-year-after-beirut-explosion-nobody-cares-that-people-died-or-if-people-live-they-dont-care
name.withheld.for.obvious.reasons • July 30, 2021 8:04 PM
Two questions: What will the editorial landscape look like for this Friday’s squid, and anyone wagering on the amount/pomposity of troll-tooling?
name.withheld.for.obvious.reasons • July 30, 2021 8:19 PM
@Clive and the unusual suspects
It does not sound good, and you are a fair decent bloke when it comes to that stiff upper…something or other.
Please take care and let us root for your speedy and robust recovery. We, I am sure, are all concerned for you and know that we have a physically distance but humanly locale relationship. So please, when possible, keep us apprised good friend and dear old chap.
echo • July 30, 2021 10:26 PM
Creativity is all about thinking outside of the box.
Just ask Copernicus.
Been there. It’s never done me much good for one reason or another. Politics, timing, or simply having a big mouth.
Thinking of things Copernicus:
https://www.youtube.com/watch?v=EqKEev6FD9U
Hubble is fixed! And is the crisis in cosmology over?! | Night Sky News July ’21
Dr Becky
https://arxiv.org/abs/2106.15656
Measurements of the Hubble Constant: Tensions in Perspective
Wendy L. Freedman
Was it a problem with our best model of the unverse, or a problem with measurement, or something else we haven’t thought of (hah)? It appears it may be due to the measurements we are making.
As a sidebar, and I’ve commented on these things before, our models of reasoning (which includes cognitive processes and emotional baises and all that junk) and the language we use and the concepts we carry around in our minds and the known knowns and more unknowable stuff are fairly well known. If this makes sense.
One of the more interesting tangents is what is the speed of light and what if it was different? The speed of light is governed by what is best described as friction. Throw in quantum stuff and the possibility of what is called “hidden variables” and things can get wild and speculative.
https://www.youtube.com/watch?v=f23eWOquFQ0
Can Physics Be Too Speculative? An Honest Opinion.
Sabine Hossenfelder
The below the line comments are predictably hilarious.
Freezing_in_Brazil • July 30, 2021 10:54 PM
@ SpaceLifeForm
Snow has fallen in Brazil, an extremely rare event for the tropical country. Thanks to an intense cold snap, snow or freezing rain fell in at least 43 Brazilian cities on Wednesday and Thursday, according to weather service Climatempo.
Well I’m still freezing here.
I should note that it’s southern, subtropical/temperate, highland area of the country. The magnitude was surprising, but it is a common occurrence. In fact, it’s been a long time since I saw a winter like this one. The snow was amazing (seen on TV).
The southern hemisphere is generally cooler than the other half, at the same latitudes. In South America, all territory bellow the 20S paralel is prone to frost. The losses this month have been severe. If you like coffee, prepare to a hike in prices.
4C now.
@ Clive
Rooting for you. Best wishes.
Regards
SpaceLifeForm • July 30, 2021 11:39 PM
@ name.withheld.for.obvious.reasons
Guessing relatively quiet for a day or two.
DOJ, Tax returns, Congress. Probably has some players scrambling for misinformation stories right now.
hxtps://apnews.com/article/technology-europe-russia-election-2020-5486323e455277b39cd3283d70a7fd64
WASHINGTON (AP) — The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors’ offices around the country last year, the Justice Department said Friday.
The department said 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached. All told, the Justice Department said 27 U.S. Attorney offices had at least one employee’s email account compromised during the hacking campaign.
SpaceLifeForm • July 31, 2021 12:19 AM
@ ALL
Bug Bounty and something else. See if you can spot the story within the story.
It’s not just that Apple was being cheap due to cash flow problems.
hxtps://thezerohack.com/apple-vulnerability-bug-bounty
Clive Robinson • July 31, 2021 12:30 AM
@ SpaceLifeForm,
Creativity is all about thinking outside of the box.
Didn’t Pandora get first dibs on “out of the box” activities?
SpaceLifeForm • July 31, 2021 1:22 AM
@ ALL
If you ordered a PinePhone last month, and it still has not arrived, it may have been on a plane, and now is in quarantine in New Zealand.
hxtps://twitter.com/thepine64/status/1420769527030296584
SpaceLifeForm • July 31, 2021 2:03 AM
@ name.withheld.for.obvious.reasons
Maybe this will extend the quiet time
hxtps://www.bnnbloomberg.ca/wealthy-americans-targeted-by-u-s-in-panama-tax-fraud-probe-1.1634573
U.S. District Judge Gregory Woods modified an order Wednesday that authorized the IRS to issue summonses to entities including the Federal Reserve Bank of New York, the Clearing House Payments Co., HSBC Bank USA N.A., Citibank N.A., Wells Fargo N.A., Bank of America N.A., FedEx Corp., United Parcel Service Inc. and DHL Express.
SpaceLifeForm • July 31, 2021 2:33 AM
@ name.withheld.for.obvious.reasons
In case they are not paying attention…
hxtps://www.scotsman.com/news/politics/court-told-over-real-and-substantial-concerns-about-finances-of-trump-organisation-3328135
The so-called ‘McMafia’ order is a relatively new – and rarely used – power with which authorities can target suspected corrupt foreign officials who have potentially laundered stolen money through the UK.
The mechanism is designed to force the owners of assets to disclose their wealth. If a suspected corrupt foreign official, or their family, cannot show a legitimate source for their riches, authorities can go to court to seize the property.
Winter • July 31, 2021 4:34 AM
@echo, All
For those who like me do not like YouTube, here is the transcript of the YouTube presentation of Sabine
http://backreaction.blogspot.com/2021/07/can-physics-be-too-speculative.html
ResearcherZero • July 31, 2021 4:42 AM
‘I woke up in the middle of the night, because I had this incredible case of vertigo. It felt almost as if I was in some kind of carnival ride. And I’ll tell you, Catherine, I had spent years in the war zones of Iraq and Afghanistan.’
‘I put my life on the line. This was the most terrifying experience of my life. I had no control.’
The Iraq and Afghanistan war veteran believes that the ‘Havana Syndrome’ is an ‘act of war against the US,’ after experiencing it for himself.
‘I’ve had a headache for three years,’ he said. ‘It feels like a vice clamp down here. And there’s pressure that comes over the top of my head.’
hxxps://www.dailymail.co.uk/news/article-9684895/Retired-CIA-officer-suffered-Havana-Syndrome-says-act-war-against-US.html
“What we found was that there is a literature that describes health effects of a particular form of microwave energy, which is pulsed and directed,”
“And that literature now goes back a number of decades, and was published largely by the former Soviet Union. That literature does mimic and is consistent with a number of the clinical findings that we noted.”
A number of new incidents have been reported involving CIA officers in the last year or so, a source with direct knowledge told NBC News, including a CIA officer who experienced symptoms in Poland last spring, two CIA officers allegedly hit in East Asia last fall, and incidents in London in May and December 2019.
The source said the CIA, using mobile phone location data, had determined that some Russian intelligence agents who had worked on microwave weapons programs were present in the same cities at the same time that CIA officers suffered mysterious symptoms.
hxxps://www.nbcnews.com/news/world/cia-officer-suffered-crippling-symptoms-moscow-was-it-havana-syndrome-n1250177
About 100 CIA officers and family members are among about 200 US officials and kin sickened by “Havana syndrome”, the CIA director, William Burns, said
hxxps://www.theguardian.com/us-news/2021/jul/22/havana-syndrome-cia-officers-family
The revelation that CIA agents were targeted by a sophisticated microwave weapon while in Australia last year proves such devices are real, a security expert said.
hxxps://www.9news.com.au/world/havana-syndrome-explainer-microwave-weapon-behind-havana-syndrome-attack-on-cia-agents-real/8f74e64c-1b02-4dfb-9fa9-98c7682d0652
CIA briefing slide appearing to date from the 1960s or 1970s which shows a building being hit by microwaves from a nextdoor structure
hxxps://strangesounds.org/2021/06/microwave-weapons-havana-syndrome-usa-china-russia.html
–
Former Department of Communities senior bureaucrat Paul Ronald Whyte entered the pleas in writing because it would have taken hours for the magistrate to have taken pleas to each of the 530 charges verbally.
He also faced a new charge on Wednesday of laundering around $254,000…
The money was stolen through a fake invoice scheme in which three shelf companies — iValuate, Boldline and Quadrant Analytics — were paid various amounts of money, including a total sum of $2.7 million in 2012.
Whyte approved the payment of the invoices and had bank cards that allowed him access to the companies’ bank accounts.
The crimes came to light when department staff identified payments to the companies, which did not have contracts attached.
Previous court hearings have heard the money was spent on personal expenses.
hxxps://www.abc.net.au/news/2020-06-17/paul-whyte-pleads-guilty-wa-public-sector-corruption-scandal/12364530
worked for two Russian agents since the 1980’s
involved with stealing health records and abductions
–
“despite the defamation case being sensationally dropped by Porter, a significant chunk of evidence tendered during the case, as well as exhibits, have remained suppressed.”
hxxps://www.theguardian.com/law/2021/jun/17/news-corp-denied-documents-from-case-about-christian-porters-star-barrister-sue-chrysanthou
Spiked girls drinks (accompanied by and with the aid of a magistrate), abducted them (sometimes alone without the magistrate), and raped them.
Was then made a public prosecutor, despite being caught by police.
compromised by the same Russian agents
not the only politician or bureaucrat compromised by Russian agents in Australia, there are more
–
Russian SVR state hackers managed to breach the O365 email accounts of at least 80 percent of employees from US Attorneys’ offices located in the Eastern, Northern, Southern, and Western Districts of New York
hxxps://www.bleepingcomputer.com/news/security/doj-solarwinds-hackers-breached-emails-from-27-us-attorneys-offices/
“People tell me Jeff Clark is great, I should put him in. People want me to replace DOJ leadership.”
hxxps://www.nytimes.com/2021/07/30/us/politics/trump-justice-department-election.html
“These handwritten notes show that President Trump directly instructed our nation’s top law enforcement agency to take steps to overturn a free and fair election in the final days of his presidency,”
hxxps://oversight.house.gov/news/press-releases/committee-obtains-key-evidence-of-president-trump-s-attempts-to-overturn-the
–
On Friday 25th June Microsoft revealed that it had identified new activity from an Advanced Persistent Threat (APT) known as NOBELIUM targeting organisations globally.
hxxps://msrc-blog.microsoft.com/2021/06/25/new-nobelium-activity/
The attack on the RNC, coupled with the recent ransomware attack, is a major provocation to President Joe Biden, who warned Russian President Vladimir Putin about cyberattacks at a June 16 summit.
hxxps://www.bloomberg.com/news/articles/2021-07-06/russian-state-hackers-breached-republican-national-committee
the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) has targeted hundreds of U.S. and foreign organizations using brute force access to penetrate government and private sector victim networks. The advisory reveals the tactics, techniques, and procedures (TTPs) GTsSS actors used in their campaign to exploit targeted networks, access credentials, move laterally, and collect and exfiltrate data.
hxxps://media.defense.gov/2021/Jul/01/2002753896/-1/-1/1/CSA_GRU_GLOBAL_BRUTE_FORCE_CAMPAIGN_UOO158036-21.PDF
Winter • July 31, 2021 4:49 AM
@jones
“thanks for deleting my post re: elon musk benefiting from the us acquisition of [Godwin’s law] human experimentation”
It is telling that those who follow Godwin’s law most and constantly are throwing WWII at everyone, are also the ones who applauded the previous president when he locked up unwanted toddlers and babies in cages. I always suspect these people are so obsessed with WWII because they see it as a blueprint for a new order.
ht tps://www.buzzfeednews.com/article/hamedaleaziz/trump-debate-immigrant-children-cages
pandora got dibs on bringing you the music you listen to during ‘out of box’ experiences.
Winter • July 31, 2021 7:40 AM
@ResearcberZero
“The attack on the RNC, coupled with the recent ransomware attack, is a major provocation to President Joe Biden, who warned Russian President Vladimir Putin about cyberattacks at a June 16 summit.”
Just like with the current pandemic: No one is safe until we are all safe.
R-Squared • July 31, 2021 8:14 AM
@ ResearcherZero
The revelation that CIA agents were targeted by a sophisticated microwave weapon while in Australia last year proves such devices are real, a security expert said.
There are various theories of “gangstalking” and “electronic harassment” of “targeted individuals” — sophisticated microwave weapons sound like an urban legend to me.
Spiked girls drinks (accompanied by and with the aid of a magistrate), abducted them (sometimes alone without the magistrate), and raped them.
Was then made a public prosecutor, despite being caught by police.
compromised by the same Russian agents
I think you mean “adulterated” rather than “spiked” —
Otherwise there are plenty of “girls” probably of age, at least 21, at any bar with strangely dyed spiked hair, spiked goth collars, leather jackets, spike stud earrings, various other spiked body piercings.
Call it a “lesbian” bar if you wish, but they generally have boyfriends in that same motorcycle crowd.
Leon Theremin • July 31, 2021 9:06 AM
WSJ Investigates TikTok Algorithm, Fails to Reach the Truth: We are All Under Military Surveillance
WSJ has made a 13 minute video about how they used many bots to try to uncover how TikTok suggests videos. The video could have stopped at the first 30 seconds and it was all they would need to say, but they really want to deceive themselves and their readers about what is going on: TikTok taps into military surveillance that all who are within the range of a phone tower are subjected to. The same source for TikTok is also fed to terrorists who use it for crimes against humanity. A simple experiment with an air-gapped computer is all it takes to attest some of this, but unless you have been recruited to be part of the covert operations, you won’t know the full extent of it, like I do.
Link to WSJ’s video: https://www.wsj.com/video/series/inside-tiktoks-highly-secretive-algorithm/investigation-how-tiktok-algorithm-figures-out-your-deepest-desires/
Truth.is.stranger.than.fiction • July 31, 2021 9:35 AM
@SpaceLifeForm
There’s more information here about the DOJ data leak. Given their choice of words, it wasn’t an exploit. If it was they would have said patched or secured. Instead they state removed, as in access.
ht tps://www.justice.gov/opcl/department-justice-statement-solarwinds-update
Why did it take 9 months to figure out? Or is info leaked? If a hacker siphoned data, why would they exfiltrate individual accounts? Wouldn’t it be a lot easier to just siphon the Azure Exchange blob?
Also 2nd paragraph from the bottom alludes to consumer accounts belonging to employees were also compromised. Because they advised employees how to secure their accounts. Meaning the accounts were outside of the Gov control.
When exactly did the US Government become aware of this attack? How did they become aware?
Was the US Gov was under attack during the election? If so, then how does the Gov know that the election was not manipulated if they didn’t even know they were under attack nor did they figure out until now what was accessed?
——— in other news
Last night it was announced that Treasury CIO was leaving effective immediately. Treasury was compromised in the same O365 attack. ht tps://www.fedscoop.com/cio-eric-olson-leaving-treasury/
vas pup • July 31, 2021 4:54 PM
@Cameron’s Shadow • July 31, 2021 2:36 PM
“The new data prompted the CDC’s reversal on masks.” I agree with CDC on that.
Yeah, its better to be safe than sorry, but person should be not stupid/stubborn to follow this simple measure which is working.
vas pup • July 31, 2021 5:00 PM
Creatures of Light
https://www.pbs.org/wgbh/nova/video/creatures-of-light/
Amazing video with some clues on security/deception in the animal kingdom using light.
Hopefully, bloggers outside US could get access as well. Enjoy!
SpaceLifeForm • July 31, 2021 5:03 PM
@ Truth.is.stranger.than.fiction
Thanks for the links.
Remember, when the SolarWinds story broke, CISA internally said to staff, to NOT communicate ANY intel via e-mail or text. To only be discussed OFF-LINE.
TheRiddlerVSTheJoker Major Motion Picture • July 31, 2021 5:44 PM
Imdemnified: (not legally liable) https://www.youtube.com/watch?v=c0LmNTr-SZw?t=76
The fellow in the video, the one doing the vocal tutorial is innocent.
He was involuntarily involved in some controversial audio sampling which has long since been redacted by a much different person.
The samples were borrowed, then redacted, from the exact time following the linked youtube video above, at the time of 76 seconds inward:
https://www.youtube.com/watch?v=c0LmNTr-SZw?t=76
The item of controversy is not linked to this post. It’s already been delivered and recieved years ago.
I have an interest in clearing the good name and reputation of the talented vocalist and professional musician in the video. The tutorial is of interest to people who can hear sound.
echo • July 31, 2021 5:50 PM
I wondered about the wisdom of posting both of these which made it to my list of security related topics I have been gathering. Myself I feel the most important point of both stories is truth. The second is about abuse of power and influence. The third is about how uscrupulous people use “wedge issues” to undermine the rule of law and human rights.
It doesn’t take many steps to find hard links between malcontents and the far right, dark money, and authoritarian regimes and various “usual suspects”.
She risked everything to expose Facebook. Now she’s telling her story.
Sophie Zhang, a former data scientist at Facebook, revealed that it enables global political manipulation and has done little to stop it.
Rhianna Pratchett, daughter of late author Sir Terry Pratchett, has condemned people attempting to claim he would have supported anti-transgender views.
echo • July 31, 2021 6:47 PM
Oops. Wrong link!
She risked everything to expose Facebook. Now she’s telling her story.
Sophie Zhang, a former data scientist at Facebook, revealed that it enables global political manipulation and has done little to stop it.
SpaceLifeForm • July 31, 2021 6:49 PM
@ metaschima
It’s probably the same Dirty Dozen that are on FB.
DO NOT try to google it. You will NOT find what I am referring to.
Luke: Master, moving stones around is one thing. This is totally different.
Yoda: No. No different. Only different in your mind. You must unlearn what you have learned.
Luke: All right, I’ll give it a try.
Yoda: No. Try not. Do… or do not. There is no try.
WmG • August 1, 2021 12:40 AM
@Clive
Many wishes for a quick and complete recovery.
echo • August 1, 2021 12:41 AM
Mark Zuckerberg wants to turn Facebook into a ‘metaverse company’ – what does that mean?
[…]
The term “metaverse” is used to describe the vision whereby the internet will evolve into a virtual world. The idea was first conceptualised in 1992 by the American novelist Neal Stephenson in his science fiction classic, Snow Crash. It foresees the internet as a 3D virtual living space, where individuals dip in and out, interacting with one another in real time.
Please no. Go away.
https://theconversation.com/the-link-between-local-pub-closures-and-support-for-ukip-161032
The decline of the high street has been hollowing out British town centres in recent years. When pubs, community centres, libraries and banks close, it adds to a sense of local decline. In my recently published research, I found that local decline contributes to a rise in support for radical-right political parties – and that the loss of local pubs plays a surprisingly important role in the shift.
I think the term “radical right” is somewhat understating things.
https://www.independent.co.uk/voices/elections-bill-democracy-policing-b1881313.html
Tory changes to election law seek to undermine the very fabric of our democracy
Each of the three new and constitutionally significant bills uses a legitimate and popular pretext as a cloak for more sinister intentions
I’m not a huge fan on this import of American style legal drafting and far right Hungarian auhtoritarian government style conflating of issues to justify more extreme legislation.
Does testosterone drive success in men? Not much, our research suggests
The study doesn’t consider two things: Women have higher levels of oxytocin. Stress increases the amount of DHT and the effects are cumulative.
Women have served in armed forces for decades, but the military is still a man’s world
The British military still can’t it’s kit right?
Goat • August 1, 2021 2:19 AM
@Winter:
You, and so many others, always tap out early. With claims of “untrustworthy” sources because they weren’t from NY times or one of the major players.
Or, just like you, claim it’s not worth their time. How convenient and common among those who swallow whatever “experts” are jammed down their throats from the technocrats. The only people willing to debate are the critical thinkers. Those dubbed ‘conspiracy theorists’ would give anything for an intellectual debate.
From individuals like Dr Dr Shiva Ayyadurai to Del Bigtree, numerous offers have been made to people like Richard Pan, Paul Offit, Alan Dershowitz, Dr Leana Wen, and Peter Hotez. None of them except for Dershowitz, who’s a lawyer and not even a doctor, were willing.
Now tell me, if you’re so sure of something you feel the majority of the population should have it, wouldn’t you be confident enough to debate anyone on the subject?
This is what they do. Dr Richard Pan, who claims anyone who reuses this experimental shot is a domestic terrorist, seen running like a coward when confronted:
Clive Robinson • August 1, 2021 7:55 AM
@ CMYK,
Why printers add secret tracking dots
They are a bit of a “red herring” as there are multiple layers of tracking techniques used that go back into the 1960’s if not earlier.
If you think about it the dots are at most three decades old as printers before that were dot matrix or fixed type head like a Selectrix / IBM golfball etc.
One such was to use different “white space” widths. That is some printers had narrow medium and wide “white space” that could be used to do left and right “justification” that looked better than the ordinary software of the likes of WordStar etc.
There was also tricks that changed the way hyphenation was done and underlining.
But there are other thricks you might have heard of the ancient english “thorn” chatcter that looks like a capital Y well it actually replaces “Th” so remember when you see “Ye Old Sausage Shop” the “Ye” should be read and prononced as “The”. But printers have all sorts of two into one such as “ae” and similar. We tend not to see them these days but prior to WWII they used to popup in not just books but newspapers. Obviously they can all be used to “hide codes” etc.
At a higher level there is more than one way to spell some words the medical profession abound with old English, new English and American English spelling of words that are all treated as equally valid. Other proffessions similarly.
But there are also some rules for how you hang paragraphs so they look right that can also be used to hide code.
But these days a good thesaurus can be used to replace one word with another for instance look up stupidity and cupidity, whilst they are not interchangable by quite some measure they will often not make any meaningful difference if you do use them interchangeably. That is,
1, The software fault was due to senior managments cupidity.
2, The software fault was due to senior managments stupidity.
Tuck that difference away in the middle of a block of text and most will not notice it when they read first one version then the other.
But you can have fun with words like “install” and “instill” the average person is unlikely to have learned the difference.
Thus you can use such pairs of words to send a single bit of information. Something Francis Bacon was aware of in the early 1600’s and suggested as one of several ways to hide code within plaintext.
Obviously you can do similar with grammar or these days even markup.
Thus there can be several systems in use with various codes at various levels.
Winter • August 1, 2021 12:53 PM
@Moderator
[ Goat • August 1, 2021 2:19 AM ]
And
comment-385174 [ for all those blind “regulars” • August 1, 2021 12:07 PM ]
to
comment-385193 [ ….. • August 1, 2021 12:45 PM ]
COVID-19 and vaccine conspiracy theories, insults, and other inappropriate content. Impersonation of other contributers.
FAKE • August 1, 2021 1:14 PM
re: mdpi
https://en.wikipedia.org/wiki/MDPI#Controversies
…
MDPI, a publisher of open-access scientific journals, was spun off from the Molecular Diversity Preservation International organization. It was formally registered by Shu-Kun Lin and Dietrich Rordorf in May 2010 in Basel, Switzerland, and maintains editorial offices in China, Spain, Serbia, and the United Kingdom.[16] It is primarily based in China[2] and has established over 200 broad-scope journals, usually with one-word titles.[2]
The number of published papers has been growing significantly in the last decade with year over year growth of over 50% in 2017, 2018 and 2019, with 110,000 papers published in 2019.[3] As of 2020, MDPI is the largest open access publisher in the world and the 5th largest publisher overall in terms of journal paper output.[3]
quantity != quality, but thanks for the link.
@ Travis
who’s doing who’s bidding?
say that #19 was a weapon, who would have interest in stopping a vaccine?
maybe the speed at which is was developed wasn’t factored into the designers long game and they had to resort to … somebody elses … playbook.
but from what i’ve been reading you might be financed.
FAKE • August 1, 2021 1:19 PM
speaking of,
it seems the article you link to has some superb intergalactic sql injections that must’ve been provided by some third part three letter conspiracy stifler,
did you see the 45* text plastered all over the page?
RETRACTED.
i’d go fill your bucket up again, maybe you can flush the retractions from that page?
CornflowerBlue • August 1, 2021 3:25 PM
Shots fired shots fired
Now YouTube will be banned from skynews,
When will it end?
echo • August 1, 2021 3:36 PM
But the goal of being completely independent of the rest of the world’s internet infrastructure while still being able to access the global internet is a nonsensical and impossible one. Russia cannot both disconnect from the internet and still be able to use all of the online services and access all of the websites hosted and maintained by people in other parts of the world, as appears to have been the case during the monthlong period of testing… Being able to disconnect your country from the internet is not all that difficult — and certainly nothing to brag about. But announcing that you’ve successfully disconnected from the internet when it’s patently clear that you haven’t suggests both profound technical incompetence and a deep-seated uncertainty about what a domestic Russian internet would actually mean.
From the UN on down the world is full of good actors and bad actors and so on and so forth. It is no different at this level than if you drill down through nation states, organisations, departments, teams, people. Ditto standards, designs, implementations.
How stupid is what the Russians are claiming as opposed to, say, Microsoft claiming it has a secure general purpose operating system?
https://entertainment.slashdot.org/comments.pl?sid=19451689&cid=61644093
Go look up the names of the writers of the Doctor who episodes. They were a who’s who of science fiction authors. People read a lot less now and so there’s a lot less writing going on. That inevitably means the quality of the writing is going to go down. Authors can’t practice their writing in low-cost book form as much as they could back in the sixties and seventies. They just don’t have his large and audience to try out their works on.
Comedians have the same problem because vaudeville went away and because of cell phones recording their shows. We all love the Groucho Marx movies but a lot of those bits were honed and perfected in live shows. There’s a lot fewer live shows and worse if you’re trying out new material and it bombs is a good chance somebody’s recording it with a cell phone and will post it to YouTube. So when you have a bad night the whole country knows it.
That’s kind of what’s happening here. It’s like a video game without beta testers.
There is something to be said for going “old school” and just switching the internet off completely. In some respects this is a similar problem to the Russia one. How can you have the benefits of the internet with none of the downsides? Impossible? I’m not so sure.
The fact Sky News got caught peddling Covid misinformation is a failure at some level. “Back in the day” newspapers like computers were pretty much “fixed” the second the manufacturing line started up so people had to ensure standards were applied as mistakes could be costly. Today, they just have to take a link down after the event or issue a patch although none of this necessarily happens in practice as egos defend “historical record” or want to sell you their next gee whizz product.
Starting on Sunday, cruise liners and ships over 25,000 tons or longer than 180 meters will be banned from the shallow Giudecca Canal in Venice. Many residents have long been frustrated with the presence of what they consider “eye-sores” in the world-famous lagoon. But will the ban resist considerable economic pressure?
Only small passenger ferries and freight vessels will be permitted to enter the lagoon city’s historic centre as of 1 August according to the new rule.
The Italian government passed an urgent decree banning large ships just over two weeks ago saying it was a decision taken to “protect the environmental, artistic and cultural heritage of Venice, declared a world heritage site by Unesco”.
The real world matters. More so than livinh vicariously through the fatasies and machinations of a sociopathic billionaire or the filler that passes for mass entertainment. If we don’t look after it once it is gone it is gone as the mega rich kiss us goodbye and leave on their rockets to a distant curated paradise.
vas pup • August 1, 2021 5:22 PM
Researchers warn of the potential social, ethical, and legal consequences of technologies interacting heavily with human brains.
https://www.sciencedaily.com/releases/2021/07/210720114405.htm
“Though it is difficult to understand exactly what a user experiences when operating an external device with an eBCI, a few things are certain. For one, eBCIs can communicate both ways. This allows a person to control electronics, which is particularly useful for medical patients that need help controlling wheelchairs, for example, but also potentially changes the way the brain functions.
“For some of these patients, these devices become such an integrated part of themselves that they refuse to have them removed at the end of the clinical trial,” said Rylie Green, one of the authors. “It has become increasingly evident that neurotechnologies have the potential to profoundly shape our own human experience and sense of self.”
!!!Aside from these potentially bleak mental and physiological side effects, intellectual property concerns are also an issue and may allow private companies that develop eBCI technologies to own users’ neural data.
“This is particularly worrisome, since neural data is often considered to be the most intimate and private information that could be associated with any given user,” said Roberto Portillo-Lara, another author.
“This is mainly because, apart from its diagnostic value, EEG data could be used to infer emotional and cognitive states, which would provide unparalleled insight into user intentions, preferences, and emotions.”
SpaceLifeForm • August 1, 2021 11:45 PM
Dissing New Zealand
hxtps://www.bleepingcomputer.com/news/security/blackmatter-ransomware-gang-rises-from-the-ashes-of-darkside-revil/
echo • August 2, 2021 1:11 AM
On the whole, most of us tend to think science is a good thing, even if our judgment of who to trust is somewhat complicated.
At the heart of the problem lies an easily distracted human brain shaped by millions of years of evolution. With room for attention at a premium, our brains need to be economical when it comes to identifying the kinds of information that are most likely to benefit us.
Unfortunately, human thinking has been shaped less by a need to compute the fundamentals of nature and more by how to work with other human brains. Our cognitive tools are adapted to search for shortcuts – called heuristics – based on language, facial expressions, and even fashion to quickly determine who is on our side and who isn’t.
Being reminded to remain critical can put the brakes on an over-reliance on heuristic thinking, giving our brains a chance to look for more information to build a belief.
While the study emphasizes the need to promote science hand-in-hand with a value in thinking critically, it doesn’t describe a panacea against misinformation.
Few of us are in positions to take the time needed to build beliefs from the ground up; in the end, virtually all of us rely on trusting other people who present themselves as well informed, whether to willfully deceive or simply because they, too, backed the wrong horse.
“People are susceptible to being deceived by the trappings of science,” says Albarracín.
“It’s deception but it’s pretending to be scientific. So people who are taught to trust science and normally do trust science can be fooled as well.”
Funnily enough I was just saying this the other day in a previous topic. The original paper for your persual:
https://www.sciencedirect.com/science/article/abs/pii/S0022103121000871
Journal of Experimental Social Psychology
Misplaced trust: When trust in science fosters belief in pseudoscience and the benefits of critical evaluation
Also:
https://www.asc.upenn.edu/news-events/news/misplaced-trust-when-trust-science-fosters-pseudoscience
The lead author, postdoctoral researcher Thomas C. O’Brien of the University of Illinois at Urbana-Champaign, added, “Although trust in science has important societal benefits, it is not a panacea that will protect people against misinformation. Spreaders of misinformation commonly reference science. Science communication cannot simply urge people to trust anything that references science, and instead should encourage people to learn about scientific methods and ways to critically engage with issues that involve scientific content.”
Yesterday I came across a social media spat between a politician and professor which didn’t go wholly well for either. I was researching an issue which is fairly topical and needing a public policy response. Digging away I stumbled on two fairly fringe online publications. At first glance one seemed reasonable enough. The other was written by a far right fruit loop. In the interests of a quiet life I won’t link to any of this.
Science is one thing but I also think you need management and communication and skills and values and other things. It’s not always about what is said but how it is said, and not just what is said but who says it. There’s also a time and a place. At times there can be no shortage of science but there can be a shortage of applying it. Science can come up with some wonderful things but there’s the question of just because we can should we? Or sometimes the formal science may not yet exist simply because and it takes political or social initiative to provide the impetus for new science.
SpaceLifeForm • August 2, 2021 2:03 AM
Long Covid Brain Fog
hxtps://threadreaderapp.com/thread/1418696473177362432.html
The degree of deficit was worse the more severe the initial covid infection had been.
Winter • August 2, 2021 3:01 AM
@echo
“Unfortunately, human thinking has been shaped less by a need to compute the fundamentals of nature and more by how to work with other human brains. Our cognitive tools are adapted to search for shortcuts – called heuristics – based on language, facial expressions, and even fashion to quickly determine who is on our side and who isn’t.”
“Heuristics” are called efficiency and economics when applied correctly. Heuristics actually make life livable as it allows you to do all kinds of tasks much faster, more economically and much better than when you had to think them through all the time. But this holds for heuristics used where they apply.
Stupidity is misapplied Heuristics [1]. If you do things the way you always do them, but when your heuristics do not apply, then bad things happen. Very bad things can happen that can kill you and everyone around you. The proverbial example would be lighting a match when you smell gas. See “The Darwin Awards” for more real world examples.
ht tps://darwinawards.com/
[1] For an in depth analysis, see “The Basic Laws of Human Stupidity”, by Carlo Cipolla
ht tp://harmful.cat-v.org/people/basic-laws-of-human-stupidity/
See also, “The March of Folly: From Troy to Vietnam”, by Barbara Tuchman.
Clive Robinson • August 2, 2021 3:45 AM
@ CornflowerBlue,
“You-Tube bans Sky News over misinformation”
I’m not surprised much of the OMG non US Vaccines kill nonsense are directly tracable back to Sky News Journalists. Who more importantly are also hiding similar but much worse information about US emergancy approved vaccines.
Actually hunt down hepatic portal thrombosis which is fifty times worse than normal background levels for a certain vaccine according to yellow card reporting in Europe, unlike other non US approved vaccines where the thrombosis levels are actually lower than background levels but you would not know it from Sky News reporting that are raising “scary monster stories”.
Why anyone actually believes anything that comes out of Sky News, News International or other crap that Rupert Murdoch pushes that he’s not stolen from else where I’ve realy no idea…
Boris • August 2, 2021 4:35 AM
QQ: I’m looking for descriptions of recent ransomware attacks where double-extortion was a factor.
Ideally descriptions that include the initial compromise vector and what controls / processes failed.
Main reason is to include them in a Ransomware response exercise I’m organising – it would be good to base the exercise on real incidents.
My plan is to run through each of them and pose the questions “What would happen to us if this occurred? How would we know it’s happening? How would we deal with it?”
I’ve done plenty of searching, but I don’t see a lot beyond press-releases or speculation.
Does anyone have some links? I’ll summarise any that turn up and post back later.
Thanks!
echo • August 2, 2021 4:53 AM
@Winter
The article I refered to is seperating rational from irrational decisions. Method and means aren’t the same thing. I also refer you back to Sabine’s video on “Can Physics Be Too Speculative? An Honest Opinion.” and progressive versus degressive science.
Clive Robinson • August 2, 2021 5:19 AM
@ SpaceLifeForm,
The degree of deficit was worse the more severe the initial covid infection had been.
Whilst people have suspected a link between viral infection and long term disability for about a century now, the evidence is piling up and thus the view becoming more and more main stream…
For instance Type I diabetes was around three decades ago still considered to be a genetic defect.
Whilst there is a component of being more genetically susceptible, the notion of a “viral trigger” or similar is gaining ground, and you’ld be hard pushed to find a diabetes specialist who could not rationaly discuss it with you these days.
There is also mounting evidence that there are links between some bacteria and cancers. Whilst I probably heard about it earlier, what sticks in my mind is the Australian Dr who found the link between stomach ulcers and a bacteria that lived in the stomach despite it being such a hostile environment. Less well reported were the cases of early stomach cancer that got the new “out of patent anti-biotic” treatment for ulcers because tests to confirm cancers were backing up thus delayed. The biopsies showed that yes there had been cancer but it effectively got stopped in it’s tracks by the anti-biotics…
It begs the question, which would you rather do, take handfulls of out of patent anti-biotics for upto six weeks or wait two or three months of cancer growth for a biopsy and eventual chemotherapy? Especially when in most –but not all– cases the downside of antibiotics in an individual can be fairly easily reversed, whilst chemotherapy…
From my point of view “when the clock is ticking” you try not to hang around letting things get worse doing nothing. You try and at the very least to slow or stop the clock so you have more time thus more opportunities…
I have a nagging suspicion that the fact that we have more super-bugs than we used to and more cancer than we used to, might not be unconnected, or just be an artifact of incrrased life expectancy or diagnostic capability, and that some scientist think that might also be the case.
Back in the 1980’s there was much said about “yuppie flu” and much derision was heaped on a few people who were shown to be ill but nobody could point a finger at a specific cause. Since then the world has moved on.
If you look back on this blog to the early days of COVID you will see I had concernces over viral infection and it’s analogs causing long term effects such as auto-immune disease in the medium and long term (year to a couple of decades). Since we’ve now got “long COVID” but we only know about it in the “short to medium” term of upto a little over a year.
The world can not aford neo-con health care systems and even quite short term Long COVID…
That is ask yourself what is going to happen to people that need a year or more of near hands on therepy of four or five trained medical staff every day? How about two years?
Then ask what about a life time of auto-immune disease like kidney failure or diabetes or worse?
This is not FUD or “Scarry Monster” raising, this is fundemental “Policy Questions” that could end up effecting 1% or more of the population and costing more than many Nations Defence Budgeting, which puts it on par if not of higher priority than many National Security questions…
Not something that can be left to the supposed “Free Market” their “lobbyists” or “Finance Markets”, or politicians and legislators they buy. Without doubt it will effect every child, woman and man for more than four or five generations at least who have not been exempted. Worse for every six months to a year we alow politicians and their backers to prevaricate over it, that’s another generation that will be condemned to very poor life chances, not just by “lost opportunity costs” but by those behind the politicians ensuring that they, and only they will be exempt and not have to carry the long term cost to society.
Clive Robinson • August 2, 2021 6:48 AM
@ Boris,
I’ve done plenty of searching, but I don’t see a lot beyond press-releases or speculation.
You probably never will untill “full disclosure reporting” becomes a legal requirment backed up by unavoidable and substantive jail terms and other direct punitive actions against “directing minds” in organisations.
Thus you would be advised to “play evil” and “think hinky” to work out what you and a sufficiently morivated “Red Team” could do.
The first thing to consider though is what used to be called “Advance Persistant Threat”(APT). In essence the advasary stays hidden for a very long time and takes “tiny sips” of information as covertly as possible. Obviously if they “leak your master key” those few bytes give them everything that goes out across any communications links. If you’ve “warehoused” your critical data in the cloud then they get to see every search etc made in realtime, without causing any alarms etc to give you aby warning what so ever. Sometimes knowing what you are searching for is rather more valuable than knowing what answers you get, thus can be very very devistating in certain compwtative situations where R&D realy is the “bleeding edge”.
But there is aside of APT that is not as much talked about as it should… Consider we know that there are bugs in Microsoft OS fundementals/foundations that have been there for upto twenty years and in some cases (network code) longer than MS has been using it. The same is true for all commercial grade OS’s and the bottom side of larger applications[1].
What few realise is that the lower you get in any OS the less likely it is to change with time. That is I fully expect Win 11 or 12 when they surface to have vulnerabilities that will go back at least as far as Win XP if not further…
But it also works the other way that is “forward into time”. Consider “collect it all” I’m known to call it a “virtual time machine”. The reason consider what that gives you if you’ve been able to take advantage of it[3].
Whilst critical informarion has been collected it’s not yet been “looked at” by a potential adversary. At some point in the future somebody will look and be able to roll things back to before an event happened and see everything those involved did and roll it backwards and forwards to give the story they want not what others might regard as the truth…
It’s one of the reaaons I talk to people not just about “link encryption” but “end to end encryption” within link encryption. With the end to end encryption being entirel disconnected and having no parts in common with the link encryption.
[1] When you think about it you quickly realise that by far the majority of software upgrades are at the “User Interface”(UI) not the “OS Interface” or lower like “Driver Interface” etc. To put it simply “we redecorate rooms not replace foundations”.
[2] More interestingly bugs written in C in the low layer interfaces will get rewritten and not change when somebody re-codes it in say rust… This is because implementations have to inter-operate, which means we have “prorocols” which likewise have to inter-operate which is why we have “standards”.
[3] If you can get a non obvious vulnerabiliry into a standard you could with care still be taking advantage of it in half a century or more after it’s stopped being used… This is the aim of the SigInt agencies NOBUS kleptography etc and why NIST got so humiliated by the NSA and the Duel Eliptic Curve DRNG fiasco. Which potentially can still been of use half a century or more from now even though people have stopped using it. It was after all found to be in Jupiter network equipment and because of “collect it all” the NSA have all they need to recover the “plaintext” that went through that equipment. So at some future point in time if the NSA have reason to or just the spare resources to do so they can attempt to decrypt it… Yes that means that there is a lot of data that is “encrypted” just sitting in the equivalent of an in potentia or superposition state like “Schrödinger’s cat” waiting for the lid to be lifted… The way US legislation is currently, the NSA either will not decrypt it untill they need to, or repurpose words so they have not “officially” decrypted it yet thus can keep it indefinately..
RE Cognition • August 2, 2021 7:31 AM
“This finding is concerning and was a pivotal discovery leading to CDC’s updated mask recommendation,” CDC Director Dr. Rochelle Walensky said in a statement. “The masking recommendation was updated to ensure the vaccinated public would not unknowingly transmit virus to others, including their unvaccinated or immunocompromised loved ones.”
Clive Robinson • August 2, 2021 7:34 AM
@ Winter, SpaceLifeForm, ALL,
More on this in Nature:
Covid and the brain
Thanks for the link, my reading is falling a bit behind whilst in hospital, though my own “brain fog” is thankfully lifting, though the cause is not viral or bacterial.
Whilst the article points out a number of possible vectors, it’s very early days which whilst scary for those who live in their minds, it is not exactly unexpected as it’s not a major research area (though growing significantly now dementia is getting rather more publicity than it used to get).
The last paragraph of the article kind of sums it up,
“These pathways — astrocytes, pericytes and autoantibodies — are not mutually exclusive, and are probably not the only ones: it is likely that people with COVID-19 experience neurological symptoms for a range of reasons.”
But forgets to add “many as yet unknown”, thus we have no clue as to if the “COVID brain fog” is “transitory or not”. I know some who would have a small bet that certain protiens may be involved as are believe to be the case with certain dementias. If they are correct the next century or so is going to be quite problematic, and even retirment may become a “dream of the past” for all but a few.
Winter • August 2, 2021 7:37 AM
@echo
“rational from irrational”
It is not “rational” versus “irrational”.
From your article
Going on these results alone, it ironically makes efforts to promote greater trust in science a win-lose situation when it comes to dispelling conspiracy myths and pseudoscience.
Students have to be trained for years to force them to Always go back to the primary source of ANY claim and always check what that primary source actually did say and how she arrived at that claim.
This is “Trust but Verify” at every step. Such an approach to scientific claims has to be trained and is not for everyone and can be impossible in a field you know nothing about.
How then to approach scientific claims? As the research shows, certainly NOT by looking for difficult words. Also your own thinking can easily lead you astray. Deciding whether genetic engineering can cause cancer is difficult to phantom yourself if you do not know what DNA is and how cancer develops.
My guess is to look for information from sources with a good track record and a lot to loose from lying. If, say, Nature or Science publish a story about genetic engineering and cancer, they have a track record of publishing about “genes” (e.g., they published the discovery of the structure of DNA) and an awful lot to loose when they get it wrong.
For other sources, say your sciences teacher, or your aging aunt[1], you can make similar judgements. The same for news outlets, eg, the science section of the economist versus Fox&Friends.
[1] Note that your sciences teacher can be a nutcase who claims chlamydia kills you and your aging aunt might be a molecular geneticist working on cancer mutations. Each case is different.
SpaceLifeForm • August 2, 2021 6:05 PM
@ CornflowerBlue
hxtps://www.eff.org/deeplinks/2021/07/its-time-police-stop-using-shotspotter
SpaceLifeForm • August 3, 2021 12:28 AM
The interesting dilemma of ‘rolling your own crypto’
Competence vs Confidence
Personally, I believe most experienced developers totally realize that crypto is hard. But as Filippo Valsorda notes, at some point, some devs have to ignore the ‘do not roll your own crypto’ mantra. And they do not need a PHD in crypto. They must be learned, and should seek out review, but they should never give up because they do not have a PHD.
If a developer just accepts that they should use existing implementations, well, they may be implemented in a poor way, and not really accomplishing what they set out to do.
Walled gardens. Use our crypto tool, it’s good because we say so.
Hour long audio
hxtps://securitycryptographywhatever.buzzsprout.com/1822302/8953842-the-great-roll-your-own-crypto-debate-feat-filippo-valsorda
Winter • August 3, 2021 12:50 AM
@SLF
“at some point, some devs have to ignore the ‘do not roll your own crypto’ mantra”
“Schneier’s Law”:
Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can’t break.
https://www.schneier.com/blog/archives/2011/04/schneiers_law.html
I shamefully have to admit that I tried it and failed.
Clive Robinson • August 3, 2021 1:21 AM
@ SpaceLifeForm, Winter,
This is not actually a “do not roll your own argument”.
Read carefully,
“as Filippo Valsorda notes, at some point, some devs have to ignore the ‘do not roll your own crypto’ mantra. And they do not need a PHD in crypto. They must be learned, and should seek out review, but they should never give up because they do not have a PHD.“
This is an argument against a “closed shop” much like it is with a “legal profession” such as,
1, Medicine.
2, Surgery.
3, Law.
4, Accountancy.
5, Architecture.
And in some places,
6, Engineering.
7, Construction.
8, Repair.
9, Maintainance.
Used to in effect extort a higher price for services than the market would traditionaly bare.
As with “The Guilds” of old the restriction on trade creates a system which is “old, slow, political and exploitative” in the extream and holds society back for decades and centuries.
R-Squared • August 3, 2021 1:28 AM
@ SpaceLifeForm
… as Filippo Valsorda notes, at some point, some devs have to ignore the ‘do not roll your own crypto’ mantra. And they do not need a PHD in crypto. They must be learned, and should seek out review, but they should never give up because they do not have a PHD.
The “tried and true” approach is no guarantee against a scenario of massive universal failure.
Vice is inherent in crypto. Think for a moment most of what people of the male persuasion tend to use crypto to hide.
You’ve got to mean business and bet real money on your homegrown crypto solution if you’re going to make it.
“If a developer just accepts that they should use existing implementations, well, they may be implemented in a poor way, and not really accomplishing what they set out to do.
We had 3-DES, which was woefully inadequate even at its inception, and now we’re left with AES + SHA256 + RSA or some elliptic curve stuff.
AES in particular was chosen out of five finalists in a grand competition for the one true crypto, world without end. People are not entirely comfortable with that situation, for very good reasons.
@ Winter
I shamefully have to admit that I tried it and failed.
So you had a horse in the race, and it didn’t win. You’ve still got to feed the horse, groom it, exercise it, etc. Maybe more training or a different strategy will win next time, or there’s a colt down the line of that same pedigree, that shows more promise. Life goes on, in other words.
SpaceLifeForm • August 3, 2021 2:16 AM
@ CISAgov
I see a couple of red flags. The second one, that I will not mention here, is obvious if you have been paying attention. (@Clive knows that to which I do not refer to).
hxtps://docs.crossfeed.cyber.dhs.gov/user-guide/product-overview/
hxtps://www.bleepingcomputer.com/news/software/empty-npm-package-has-over-700-000-downloads-heres-why/
Winter • August 3, 2021 2:29 AM
@R^2, SLF
“So you had a horse in the race, and it didn’t win.”
Maybe I was not clear. Contrary to Schneier’s Law, I was unable to “create an algorithm that [I myself] can’t break”.
Obviously, I never showed that to anyone.
SpaceLifeForm • August 3, 2021 2:30 AM
@ R-Squared
There is fake, and there is real.
Watch closely at the writing style.
SpaceLifeForm • August 3, 2021 2:34 AM
@ CISAgov
While I understand the intent, this is an implementation problem.
I recommend this to no one.
Clive Robinson • August 3, 2021 3:27 AM
@ SpaceLifeForm, WinterALL,
Competence vs Confidence
At some point in our lives most of us become “over confident” in our abilities. Mainly for one of two reasons,
1, We are not aware of what others are aware of.
2, We chose to ignore what others warn us of.
The first is a very general failing and is unavoidable, even the most informed of us are not omniscient especially when others chose to keep things “secret” for what they see as “advantage reasons”.
In some cases we actually acknowledge this and call such witheld knowledge “zero-days” and similar. It’s practiced at all levels “of the art” and it underlies the notion behind NOBUS.
However as was once noted,
“What one man can make another can unmake”
Thus NOBUS is doomed to fail and there are a couple of examples of this happening.
But importantly history tells us through centuries of religion trying to hold back the tide of knowledge this is the case, it does not however stop certain “mental types” from repeating the nistake over and over. The less smart ones figure they can somehow keep it secret in perpetuity.
The slightly smarter ones delude themselves as well, in that they think if they can hold one thing back, that gives them time to find another new way to hold it back and so on. This is the same doomed logic that has people run from under one tree in a rainstorm to another tree under the mistaken belief that some how the tree they head for has not been saturated by the rain that is falling on all trees.
Those that actual can think about the issue know that the reality is they have a very short time window they can exploit the advantage thus they should use the advantage wisely.
But there are always those who for what ever reason chose not to listen when others warn them… We give it various names one of the kindest of which is “Not Invented Here”(NIH syndrome. Others less kindly call it “cognative bias” or “cognative deficit” or just “Being bl@@dy stupid”.
So when I design systems an implicit part of the design is,
“It will fail, how do I mitigate or buy time”.
Even at the best of times it’s realy all you can do.
As I point out to people,
“The One Time Pad is ‘theoreticaly secure’ but do you actually understand what the real ‘security guarantee’ of an OTP actually is?”
Mostly they do not, hence the systems they produce are effectively “built to fail by design”…
But… The main reason security systems fail is a very common human failing and it’s also why oh so many systems not just security fail. Strangely it’s something evolution tellsus is a very bad idea as well…
Normally I simply say,
“Security -v- Efficiency”
But the point is the more “efficient” you make something the less slack there is in the system that alows for “resiliance”. Without resiliance systems become “fragil” thus fail “more easily” and usually “more quickly” and worst of all “much harder”.
I’ve been saying this for more than a quater of a century but those whose mantra is “Don’t leave money on the table” or similar do not want in any way to acknowledge the disaster their mantras will bring down on peoples heads…
The funny thing about COVID-19 is it showed the failings of these mantras for all to see in supply chains and the like. Yet have these people learned? Of course not all they’ve done is follow that unfortunate failing of most gamblers, they’ve “doubled down” on it…
So “Masters of the Universe” they are not, no matter what they think. However the lesson for everyone else is, if the self entitled will not learn, why should we trust or follow them?
The most important thing is not “do not fail” you can not stop that happening you are bot omniscient, nore is anyone else. But “learn from yours and others failings” in two ways,
1, Firstly to use more than one system that use entirely different principles such that they are unlikely to fail coincidently.
2, Secondly to design for the inevitable failing to be dealt with both in timely and graceful ways.
In high reliability systems they talk of “Availability” which is based on,
A, Mean Time To Fail (MTTF).
B, Mean Time To Repair (MTTR).
It should be obvious that whilst increasing the former is good as is reducing the latter, they both get increasingly expensive rather disproportionately. Thus you look at changing which gets you the better benifit at an given cost.
There are very similar rules for security. It’s learning how to use them to best effect that is the real lesson to learn.
ResearcherZero • August 3, 2021 3:31 AM
France’s national agency for information systems security (Anssi) identified digital traces of NSO Group’s hacking spyware on the television journalist’s phone and relayed its findings to the Paris public prosecutor’s office, which is overseeing the investigation into possible hacking.
Anssi also found Pegasus on telephones belonging to Lénaïg Bredoux, an investigative journalist at the French investigative website Mediapart, and the site’s director, Edwy Plenel.
Le Monde reported that the France 24 journalist, based in Paris, had been selected for “eventually putting under surveillance”. Police experts discovered the spyware had been used to target the journalist’s phone three times: in May 2019, September 2020 and January 2021, the paper said.
Forbidden Stories believes at least 180 journalists worldwide may have been selected as people of interest in advance of possible surveillance by government clients of NSO.
hxxps://www.theguardian.com/news/2021/aug/02/pegasus-spyware-found-on-journalists-phones-french-intelligence-confirms
–
Guide for scanning for Pegasus
Encrypted backups export more device data (such as your browsing history or wifi settings) so encrypting your backup will give you better detection.
If you have a jailbroken device you will get more complete Pegasus detection with the filesystem dump approach.
hxxps://arkadiyt.com/2021/07/25/scanning-your-iphone-for-nso-group-pegasus-malware/
Winter • August 3, 2021 3:37 AM
@SLF
“There is fake, and there is real.”
If this is referring to my comments, I appreciate the concern. However, I have written about my failures in cryptography before 😉
echo • August 3, 2021 5:52 AM
The head of a Kyiv-based non-profit organisation that helps Belarusians fleeing persecution has been found dead in a park in the Ukrainian capital, police have said.
Vitaly Shishov, the head of Belarusian House in Ukraine (BDU), was reported missing by his partner on Monday after he did not return from a run and could not be reached on his mobile phone.
“Belarusian citizen Vitaly Shishov, who had gone missing in Kyiv yesterday, was today found hanged in one of the Kyiv parks, not far from where he lived,” police said in a statement, adding that they had opened a murder investigation and would pursue all leads including a possible “murder disguised as a suicide”.
Belarus, Belarus,
Can you do the fandango,
THUNDER BOLTS AND LIGHTNING VERY VERY FRIGHTENING INDEED
https://www.theregister.com/2021/07/29/which_gpdpr_survey/
Ex-health secretary said ‘vast majority’ were ‘onside’ with GP data grab. Consumer champion Which? reckons 20 million don’t even know what it is
Guess what? When people find out about the scheme, trust in the NHS falls
Preposterous breach of GDPR.
John Glenn • August 3, 2021 10:57 AM
https://worldofmatthew.com/post/tor-german-avoid/
This is an old article…
For the past year I can only connect to a german entry node. Many time the 2nd node and the exit node are also in germany. I’ve also noticed a beacon appearing in the network monitor after searching on duckduckgo. Doing nothing, the beacon happens every 10 seconds or so. If I block or in torrec then I can’t connect to the tor network at all. Is this normal tor behaviour?
R-Squared • August 3, 2021 12:29 PM
@ Freezing_in_Brazil • July 30, 2021 10:54 PM
@ SpaceLifeForm
> Snow has fallen in Brazil, an extremely rare event for the tropical country. Thanks to an intense cold snap, snow or freezing rain fell in at least 43 Brazilian cities on Wednesday and Thursday, according to weather service Climatempo.
Well I’m still freezing here.
That’s a lot of lip for a Brazilian communist party government weatherman on television. Some lady is “frigid” rolling her eyes at the weather and complaining about a dude blowing smoke in her face at the bus stop.
@ John Glenn • August 3, 2021 10:57 AM
https://worldofmatthew.com/post/tor-german-avoid/
This is an old article…
For the past year I can only connect to a german entry node. Many time the 2nd node and the exit node are also in germany.
Glenn Greenwald, is it? Wising up to the realities of a “Sybil attack” on the TOR network? It’s designed to protect you from limited budget snooping by, say, Saxony County officials, but certainly not from the German federal police at any rate.
@ Winter • August 3, 2021 3:37 AM
@SLF
“There is fake, and there is real.”If this is referring to my comments, I appreciate the concern. However, I have written about my failures in cryptography before 😉
Jana again? It sounds like that whole crew from The Intercept before it was bought out by corporate Mainstream Media.
SpaceLifeForm • August 3, 2021 6:04 PM
@ Freezing_in_Brazil
As you have observed, the Atlantic is very quiet. The Climate Change is disrupting the weather patterns so much, that even the normal Northern Africa thunderstorms are not drifting westward.
The TradeWinds are not kicking.
Recent pic of Mt. Rainier, snow free.
hxtps://www.twitter.com/haikudegras/status/1421907699835412482/photo/1
SpaceLifeForm • August 3, 2021 6:19 PM
@ Freezing_in_Brazil
Just to be clear, there is still old ice, but it is melting fast.
The historical rate of snow deposit no longer exists.
Freezing_in_Brazil • August 3, 2021 8:18 PM
@ SpaceLifeForm
As you have observed, the Atlantic is very quiet. The Climate Change is disrupting the weather patterns so much, that even the normal Northern Africa thunderstorms are not drifting westward.
No doubt. Pressures are too high where the Inter-tropical Convergence Zone was supposed to be. This is striking to me.
With regard to atmospheric conditions in both North Atlantic and South America [in the context of the climate change], I have observed at least two interesting patterns:
As for the American/Canadian West, the atmosphere seems to be behaving ok. The explanation for the latest events seems to require a little more thought.
[1] hxxps://earth.nullschool.net/#current/wind/isobaric/850hPa/overlay=mean_sea_level_pressure/orthographic=-41.30,0.21,285/loc=-23.912,4.623
Freezing_in_Brazil • August 3, 2021 8:44 PM
@ SLF
Just to be clear, there is still old ice, but it is melting fast.
The historical rate of snow deposit no longer exists.
I’ve been watching this unfold for the last twenty years, my dear friend. It’s heartbreaking. In 2012 it was clear where everything would end. The melting rate is huge. I’m afraid we’ll see an ice-free arctic summer in the next few years.
hxxp://nsidc.org/arcticseaicenews/
R-Squared • August 3, 2021 9:35 PM
@ SpaceLifeForm
Recent pic of Mt. Rainier, snow free.
https://www.usgs.gov/news/2018-anchorage-earthquake
https://www.usgs.gov/volcanoes/mount-st-helens/1980-cataclysmic-eruption
The expression “year without a summer” refers either to 1816 when Mt. Tambora erupted or to 1883 when Mt. Krakatoa blew, both in Indonesia. The ash in the stratosphere blotted out the sun all over the earth, and it froze every month of the year even in tropical areas.
The November 30, 2018 Alaska earthquake led to further seismic activity along the San Andreas fault, including more earthquakes in California, and a massive release of powerful greenhouse gases from underground magna chambers and reservoirs.
Recent powerful solar storm activity threatens to cause further disruptions such as change in polarity of the earth’s magnetic field, and have already warmed the earth’s atmosphere due to increased solar output.
Prepare for nuclear winter.
vas pup • August 4, 2021 5:30 PM
AI breakthrough could spark medical revolution
https://www.bbc.com/news/science-environment-57929095
SpaceLifeForm • August 4, 2021 6:57 PM
@ Freezing_in_Brazil
Bears: This Climate Change really sucks!
hxtps://www.twitter.com/exploreorg/status/1422923308933296128
Truth.is.stranger.than.fiction • August 4, 2021 9:09 PM
https://fortune.com/2021/08/04/microsoft-exchange-cyber-attack-diplomats-china/
M$FT Exchange attacks go back at least 2017. A large trove of email just found in the cloud from Middle Eastern Governments and oil companies.
But this newly discovered leak is for the on-prem Exchange, yet they found the data in the cloud. How did the data get replicated to the cloud? It would be my guess that a storage engineer mirrored servers to the cloud. Which MSP do they have in common?
Seems there was no exploit – just compromised credentials. The question is, how common is this?
It makes sense that a MSP sells data out the back door and transfers it to an open bucket so there’s no audit trail. It doesn’t make sense that state sponsored hackers transferred this data to the cloud and then left it exposed.
R-Squared • August 4, 2021 9:20 PM
@ Clive Robinson
A, Mean Time To Fail (MTTF).
B, Mean Time To Repair (MTTR).
Downtime for planned maintenance is inevitable without a hot standby.
Otherwise you’re in the position of driving it till it breaks down and taking it to a professional shop for repairs.
MarkH • August 5, 2021 3:41 AM
Peter Bergen, a journalist and book author specializing in reportage of terrorism and counter-terrorism, has a new book titled “The Rise and Fall of Osama bin Laden,” which reveals some new specifics of how bin Laden’s “operational security” apparently worked against him.
You might recall that the chance sighting of a man known to be a driver for bin Laden led U.S. intelligence to bin Laden’s house in Pakistan.
Apparently, the decision makers (ultimately, then-president Obama) wanted confirmation that it was bin Laden’s abode before launching a raid sure to be risky, and very difficult in terms of relations with Pakistan’s government (especially had it turned out that it was NOT bin Laden’s place).
It seems that bin Laden was never seen or photographed there, but the U.S. intelligence community judged that it was confirmed as his residence based on several discrepancies between its ostensible purpose (the home of some men and their families who would regularly go out of the house, those men being bin Laden’s bodyguards) and various external observables:
• the house — despite being large and expensive — had no telephone or internet service
• the house had few windows
• its occupants burned all of their trash, rather than putting it out for pickup as was the custom for other homes in the neighborhood
• careful observations of laundry drying on outdoor clotheslines were interpreted by intelligence analysts as belonging to more people than the publicly observed inhabitants; the “excess population” of the house was inferred as one man, several women, and at least nine children
• the open-air balcony on the top floor was surrounded by a high wall … the CIA director asked his staffers, “Who puts a privacy wall around a patio?”
It’s not difficult to imagine countermeasures which could have made the building and its activities “blend in” better with (a) usual patterns of the area, and (b) its publicly known occupants.
Red Letter Day • August 5, 2021 6:29 AM
//yro.slashdot.org/story/21/08/04/2236231/the-state-department-and-3-other-us-agencies-earn-a-d-for-cybersecurity
JonKnowsNothing • August 5, 2021 7:28 AM
@MarkH
re: • the open-air balcony on the top floor was surrounded by a high wall … the CIA director asked his staffers, “Who puts a privacy wall around a patio?”
That’s a pretty dense question. Clearly its asked by someone living in a Non-Dense Non-Urban No-Crime area.
Loads of patios in California have “privacy screens”. We have houses on top of houses and we are all looking into the neighbor’s windows and yards because that’s how cookie-cutter housing is designed.
Upper floors may or may not have privacy screens in the same way because of building codes. You have to block the view another way.
There was even a TV program where one of the regulars was the guy next door peeking over the fence, a RL Kilroy.
Clive Robinson • August 5, 2021 9:13 AM
@ MarkH,
With regards,
the CIA director asked his staffers, “Who puts a privacy wall around a patio?”
That’s easy to answer “Anyone who knows they have nosey neighbours, or has heard drones from the patio more than once, or sees odd phenomn near it.”
I also know for certain, that atleast one young lady who does yoga in the fresh air, who lives on the top floor of flats near the Hackney Rd in East London put a privacy screen on her patio/balcony. Why? because for some strange reason the nearby “Traffic / anti-Crime CCTV” camera with zoom lense for some unacountable reason was often pointing up at her flat… After she’d spoken to me about it I installed a covert camera and CCTV for her to record the “odd phenomn” happening and yes it’s very “real” and stopped shortly after the screen went up, make of that what you will.
As for,
“the house had few windows”
You don’t say if you source said if it was “built that way” or had “windows bricked up and rendered over”.
Mind you neither are particularly proof of anything, I’ve got blinds of the slatted sort inside my windows which slant down. They let ambiant and ground reflected light in but you’ld have to be very very close and therefore trespasing to “look in”. But also behind these are “net curtains” that break any image that’s not “back-lit” up and there are lights between the nets and the blinds that point down at a carefull angle and activated by movment sensors. Behind the nets are heavy “thermally lined curtains” that realy keep the warmth in in winter and the heat out in summer.
I happen to like “mood lighting” so inside the rooms lighting is provided by quite a few low energy LED lights and the like and the pattern of which are on and which are off changes frequently. Thus the LED lights use one heck of a lot less electricity than the heating/cooling that would be required if the heavy thermally lined curtains were not closed as much as they are and give me ambiance as well. So I’m being “environmentally friendly” as well as happy 😉
Speaking of “environmentally friendly” this would be under other circumstances funny,
“its occupants burned all of their trash, rather than putting it out for pickup as was the custom for other homes in the neighborhood”
The amount of “trash” I put out a week fills less than a 400gm tin you get chopped tomatoes in, and is mainly tea bags. Food waste goes on the compost heap, recycling I collect up like for like and take in bulk loads to the recycling point, as for burnable rubish like paper cardboard etc, I save it and make it into “fire logs” for burning in the winter in the “stove” (closed carbon cycle).
As for,
“the house — despite being large and expensive — had no telephone or internet service”
As I’ve frequently mentioned neither does my house have phone line, cable TV or Internet, they realy are in the UK atleast a compleate waste of money if you can get adiquate mobile provision for 1/5th or less the price (which generally you can).
Now I know on the surface of MSM reporting US forces can appear particularly stupid with things like “We kill on meta-data” etc. But I suspect there was a lot more to this than the items reported as being the “meta-data” in this case.
Thus I suspect somebody to put it politley is being “economical with the truth” possibly for the old “methods and sources” reasons. But it still leaves the question.as to why the author did not dig a little deeper or was more suspicious of what is essentially “a truck load of horses apples”.
MarkH • August 5, 2021 12:55 PM
@JonKnowsNothing, Clive:
What Clive revealed about his lack of TV service and small quantity of rubbish confirms what I’ve always suspected — that he is, in fact, Usama bin Laden!
More seriously, I know that there are plenty of “greens” in the UK who minimize their rubbish-to-landfill disposal, and large-scale customer termination of wired and satellite services is happening everywhere. Those distinctions belong to a minority, but still a very numerous minority.
========================
It’s not difficult to find out what houses look like in affluent neighborhoods and what are the typical patterns of externally observable behavior in Pakistan, and particularly in Abbottabad.
Whether any one of us agrees with the intelligence assessments, or the logic behind them, is of zero interest to me.
It’s my observation that scientists, federal prosecutors, intelligence professionals and the like are very cautious about using words like “proof”.
The CIA already knew that UBL’s driver had visited there. They studied the place carefully, and found numerous distinctions from the norm of its environment — any one of which by itself could be dismissed as insignificant — which they judged in totality as confirmation that UBL was very likely to be in residence. I don’t know that anybody called it “proof”, and I would be shocked if an intelligence analyst used such a word in that context.
[It’s worth nothing that it’s not unusual for a rich Saudi to have a bunch of wives. Among residents of Pakistan, that is unusual.]
If you care about operational security — and Clive has written about the subject numerous times — what is of acute interest is that bin Laden’s apparent intention was to conceal his presence there, but some of the precautions he took offered confirmatory evidence of his presence. Perhaps that risk never occurred to him.
It’s a classic security problem, that a measure taken to enhance security presents an unexpected vulnerability.
If UBL had invested in an electric clothes dryer, would the U.S. have felt sufficient confidence to raid his house? If, without the analysis of household laundry, the CIA had stepped up to more intensive/intrusive surveillance measures, could that have risked “tipping off” bin Laden and enabling his escape?
MarkH • August 5, 2021 1:54 PM
@-:
It may have been an unwanted auto-correct … but I enjoy the comedic effect
SpaceLifeForm • August 5, 2021 3:50 PM
@ JonKnowsNothing, MarkH, Clive
IIRC, initially it was informed guesswork, and process of elimination, that led to the area to be studied. At that point the SATINT came to play.
There really was not that much ‘Sources and Methods’ to be concerned about revealing.
Clive Robinson • August 5, 2021 8:31 PM
@ SpaceLifeForm, JonKnowsNothing, MarkH, ALL,
IIRC, initially it was informed guesswork, and process of elimination, that led to the area to be studied. At that point the SATINT came to play.
But SatInt of what?
I think it safe to say that the information given as coming via “Peter Bergen”[1] is insufficient to identify any one reliably, if at all?
Now either there is a lot being with held from or by the author or the US forces realy are a bunch of “to dumb to be cow-pokes” for hire at best.
I’ll let others judge which is correct, on that but it’s currently not looking good if people think the author is correct.
But also consider from the reporting before the attack went down on US Pakistani relations to say they were shaky at bestvwas an understatment. The Pakistani government was split between a US trusting military leader and most other politicians and intel community being strongly anti-US for good reason.
Upto and at the time of the attack it was known that the Pakistani Inteligence agency were strongly anti-US and actively acting against the US by putting Pakistan’s interests very much at the forefront. This included sheltering a number of US “wanted” in return for the “wanted” supplying Pakistani Inteligence with actionable intelligence (a game the US plays all the time with other nations “wanted”).
Thus it was quite likely Pakistani Inteligence was indeed harbouring some ex taliban etc and not letting either their own government or the US government know because they quite rightly trusted neither for good reason (which the US Government went on to demonstrate to the world).
How the actual attack on the “compound” went down as reported at the time there was a lot of unjustified collateral damage done long before they even had “Eyes on the drop”, let alone “Eyes on OBL”.
It just begs the question,
“What if the person was not OBL but another person Pakistani Intelligence was keeping under protective cover?”
Which was suggested with good reason at the time of the attack and many still think credible.
To paraphrase the official US claim “unidetified unarmed man shot multiple times and killed, body taken to US ship, DNA confirmed ID, body dumped at sea”.
In other words a “mercenary hit”, dressed up for “US Political Publicity” and nothing else.
Only later did strange stories about a gay porn stash come out with the suggestion this was being used as a cover for stenographic communications, with couriers hiding it on thumb drives up their back passages.
But if we actually look at the supposed evidence given for the alledged OpSec fail[1] non of it is evidence to an individual, specific group of individuals or larger group of unrlated individuals with common aims.
Even @MarkH’s joke line followed by,
I know that there are plenty of “greens” in the UK who minimize their rubbish-to-landfill disposal, and large-scale customer termination of wired and satellite services is happening everywhere. Those distinctions belong to a minority, but still a very numerous minority.
Again makes the point they are not a group of “known to each other individuals”, just people with a growing ethos that is not just “environmentally friendly” in the macro scale of humanity, but also “pocket-book / wallet friendly” at the unrelated individual scale.
That is nothing given is actually a real indicator of anything pertaining to very much of anything.
Even the extra clothing was not identifing any particular group.
Thus to me the whole story “fails the sniff test” and smells more of “fabrication” than “fact”.
I would need the book to say more but as it sounds rather more “fabrication” than “fact” why should I waste any of my money on it?
But the point about indicators acting “both ways” is long known about as is it’s lack of reliability. Because you get three arguments it’s the target you are supposadly looking for,
1, It’s not common behavior this anomally indicates it must be XXX (or the twenty pizzas delivered argument).
2, It’s so average behavior that no anomallies indicates it’s a fabricated existance so must be XXX.
3, It’s beyond average behaviour this is so normalized it’s a fabricated existance so must be XXX.
In short it does not matter what the behaviour is, that is less than normal, very normal, or more than normal, the analyst is “creating an argument post-fact” to say what they want or to back a hunch.
Thus the argument is meaningless. To see why the old golf story,
A golfer hits a ball and it lands on the fairway. The ball is found to be sitting on a tuft of grass. A pseudo-scientist claims “that is the tuft I thought it would be”, his colleague calls “Bovine excreater”!!!.
Which is right? Well actually the person calling “bull-crap”. Because the other statment was not a pre-event prediction just a post-event statment said to make it sound pre-event prediction.
In fact if you look at the arguments you will see 1 and 3 are actually the opposit of each other so one of them will be true nearly every time. Thus has near zero predictive or indicative value, but sounds good to listeners of “Prime time talking heads” who have had their reasoning ability cit out in some way.
To see why, I’m going to make an actuall real faux-prediction,
1, It will be more than one person involved.
2, They will have looked suspicious to at least one of their neighbors who is interviewed post attack.
3, They will have been on some official watch list.
Now all we have to do is wait for a terrorist attack that matches my three faux-predictions and I will have won. As I’m sure some of you have done, you will see the predictions are general enough to be used for nearly every attack… In essence this os what Talking heads do every day…
[1] @ MarkH has given it as,
Peter Bergen, a journalist and book author specializing in reportage of terrorism and counter-terrorism, has a new book titled “The Rise and Fall of Osama bin Laden,” which reveals some new specifics of how bin Laden’s “operational security” apparently worked against him.
Freezing_in_Brazil • August 5, 2021 9:40 PM
@ SpaceLifeForm
Bears: This Climate Change really sucks!
It really looks like they’ve seen better days. Disheartening.
(*) Sorry for the late reply
MarkH • August 5, 2021 10:48 PM
@JonKnowsNothing, SpaceLifeForm, Clive:
Roughly 20 years ago, Bruce wrote a post on this blog pointing out that the supposed need for extreme pervasive surveillance measures in the “War On Terror” had been repeatedly undermined by an easy to understand set of facts:
Almost all successes in arresting terrorist network members, and preventing likely attacks, have been achieved by Ordinary Good Police Work.
I thought Bruce’s argument made sense then, and still does today.
Reportedly, after a very destructive attack which UBL believed was triggered by his then-habit of using satellite phones, he fastidiously avoided electronic communications.
His reported alternative was to rely on a small group of highly trusted couriers. This traded one security risk for another: it made UBL comparatively immune from high-tech signals intelligence techniques; but should one of his couriers be identified, bin Laden’s whereabouts could be inferred.
The risk of courier-tracing became extremely acute after he was rooted to a single spot: a building which he essentially never left after inhabiting it.
I suppose that U.S. intelligence used some staggering quantity of resources to trace the identified courier(s), but in essence it was a “tailing” operation, as has been practiced for centuries.
Likewise, booking a safe house in the neighborhood of the suspect house, and watching it intensively, is a practice which likely predates any of our grandfathers.
Sometimes — correction, often — correction, almost always — the stupid-simple way is the most dependably effective way.
Can I be sure that the story isn’t a fabrication to hide some super-secret double-probation ultra-sophisticated operation? No!
Can I prove that the corpse of UBL (or the poor stand-in slain in his absence) isn’t preserved in an Area 51 freezer along with the remains of ETs from a crashed flying saucer? I can not!
I’m with William of Occam. For about 45 years, I’ve been trying to design systems which (hopefully) will accomplish some (hopefully) useful purpose with a (hopefully) high level of reliability. Choosing the simplest, most straightforward means I can identify has often worked out alright.
SpaceLifeForm • August 6, 2021 12:44 AM
@ echo
Thanks for the Sabine link. She is excellent at telling the story.
What is really cool about theory, is that when it is disparaged by data, information still appears.
Oh my dear:
Clean up on isle 13 again I suppose…:(
SpaceLifeForm • August 6, 2021 2:10 AM
@ Freezing_in_Brazil
Thanks for the nullschool link. It is clear that the jet-stream flow over Southern Ocean is so strong, that it is effecting flow north of the equator. It is clearly obvious why the hurricane season has shut down, as there are no storms to speak of over Northern Africa, and when they do pop up, they are wiped out with an easterly flow.
For those wondering: Almost all Atlantic Hurricanes form from a tropical wave that is the fallout from a Northern Africa thunderstorm that moves westerly over the warmer waters of the Atlantic. That is not happening now. This is the main time it would happen.
I’m still looking for the missing positive leap seconds I expected by now. Where is the heavier salt water really moving to? To the poles?
https://phys.org/news/2021-08-ocean-current-approaching.amp
At its weakest
Because the AMOC redistributes heat, it influences weather patterns globally. A collapse from the currently attained strong circulation mode would therefore—among other impacts—cool Europe substantially as well as strongly impact the tropical monsoon systems.
It has been shown previously that the AMOC is currently at its weakest in more than 1000 years. However, so far it has remained unclear whether the observed weakening only corresponds to a change in the mean circulation state, or whether it is associated with an actual loss of dynamical stability.
“The difference is crucial. Because the loss of dynamical stability would imply that the AMOC has approached its critical threshold beyond which an abrupt and potentially irreversible transition to the weak mode could occur,” says Niklas Boers, author of the study.
Jett Garcia • August 6, 2021 5:53 AM
I will be the first to admit I knew my father would not recover from the stroke and the Alzheimer’s. I didn’t. He has been suffering from it for some years and I didn’t realise how serious it was until recently. I thought he would improve, he is still the man I loved, but he is different. He won’t do things any more. I still laugh and smile, but I don’t know if he can tell. I am scared and angry at the situation we are in. The virus has changed everything. My husband has been working from home now for some time and I think he finds it easier as he doesn’t need to commute and I can be with my dad most of the day. I’m glad he works from home, although the house still feels empty without him. My daughter is now in full-time education and she needs to be at school full time. I can’t do the two roles, I have always been the one who runs my husband and our house, she needs me more now. I look after her and my dad and he looks after me and my dad, I’m a mummy with three mummies in the house.
Who? • August 6, 2021 5:53 AM
@ Winter (the real one!)
It is sad to see how this troll has targeted you; I had been following you for years and it is hard to understand why this troll is attacking you in this way.
@ ALL
This forum is being systematically attacked by trolls; it is sad, but it shows that this blog is valuable and someone fears what is being say here too. Keep up the good work!
@ to comment 385557
I have no doubts this forum accepts messages much longer than these ones. I understand it has been tested so an hypothetical message longer than the limit will be rejected, cropped or splitted in multiple consecutive posts too. Defensive programming is not a choice anymore.
Winter • August 6, 2021 6:32 AM
@Who? (real one)
“It is sad to see how this troll has targeted you; I had been following you for years and it is hard to understand why this troll is attacking you in this way.”
When really bad people hate you, you must be doing something good. 😉
Anyhow, have no worry. A psychopath/sadist/narcissist has no soul, it is like a machine. What it writes as relevant as line noise or the sound of a washing machine.
Winter • August 6, 2021 6:43 AM
Repost due to Zilog text
@Who? (real one)
“It is sad to see how this troll has targeted you; I had been following you for years and it is hard to understand why this troll is attacking you in this way.”
When really bad people hate you, you must be doing something good. 😉
Anyhow, have no worry. A psychopath/sadist/narcissist has no soul, it is like a machine. What it writes as relevant as line noise or the sound of a washing machine.
@Moderaror:
@ALL:
Appart from attacking @Winter and my own handle as the Troll-Tools banging away have in the past, they also appear to now be also falsely using,
1, @echo
2, @Clive Robinson
Handles as well as a number of others.
However the Troll-Tools leave certain “tells” on their handy work.
One of which is “content” that appears like the desperate cravings of a Trump 400lb teenage incel making a mess of it’s parents home with desperate imaginings.
Another of which is short term timing.
Both of which have been mentioned before but there are other tells that give their faux comments away.
Personally I find the Troll-Tools idiotic behaviours instructive as to the limitations of their “abilities/skills”.
Winter • August 6, 2021 7:09 AM
@-
Personally I find the Troll-Tools idiotic behaviours instructive as to the limitations of their “abilities/skills”.
That is inherent to the dark triad, Psychopathy, Narcissism, and Sadism. They all suffer from seriously impaired learning.
It is well known that psychopaths have cognitive and emotional dysfunction:
Psychopathy: cognitive and neural dysfunction
https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3811089/
For instance, reinforcement learning is affected which makes it difficult to learn from your mistakes.
Narcissists have their own impeded learning disabilities:
Narcissism and learning from entrepreneurial failure
https://www.sciencedirect.com/science/article/abs/pii/S0883902617309345
In general, online trolls are more likely to be sadists. Sadism is a form of the same condition that leads to psychopathy and narcissism, so we can assume that it too has its cognitive and learning deficiencies.
Goat(the real) • August 6, 2021 8:43 AM
I hadnt posted for atleast a month all comments are fake, ignore them.
I am not even willing to sort out fake from real here, Just assume all of it is
Kentucky Derby • August 6, 2021 10:40 AM
@ Winter, SpaceLifeForm
hxtps://news.yahoo.com/south-african-study-shows-j-063536488.html
67 and 71
less than 5% is not “significant” right?
Winter • August 6, 2021 12:05 PM
@Kentucky
“less than 5% is not “significant” right?”
I am puzzled what you mean here? The article says Janssen’s vaccine (it’s original name) protects against death in SA. The 5% you mentioned has no relevance to the article.
With “Not significant” you seem to refer to “statistical significance” in test statistics where an alpha (type 1 error probability) of less than 5% is often used to indicate that the null hypothesis should be rejected. There is no connection with the article you link to.
I am pretty sure the researchers involved have performed statistical tests to check whether the vaccine worked, but the article does not contain a single number related to these tests.
In short, I do not think you understood what they were saying, nor that you understand test statistics.
But it is good to hear that the vaccine works.
Kentucky Derby • August 6, 2021 3:27 PM
just want to keep my eye on what works and where
the significance was all the other data we see is inverted with those variants right?
might be a keen thing to watch in the long run
so 4% is a significant insignificance?
thank you
Winter • August 7, 2021 2:15 AM
@Kentucky
“so 4% is a significant insignificance?”
There are good introductory courses on statistics just a Google search away.
Goat-Herder: • August 7, 2021 2:57 AM
@Goat
I know my goats, don’t I ?:)
Have a nice day and week my beautiful fellow animal lover!
Winter • August 7, 2021 4:14 AM
@Kentucky
“The statistic courses you said you know! Thanks!”
https://www.statisticshowto.com/statistics-basics/
https://machinelearningmastery.com/statistical-hypothesis-tests/
A real free and open course:
https://www.coursera.org/learn/basic-statistics
SpaceLifeForm • August 8, 2021 1:01 PM
I am seeing 447 comments on new squid at this time. TOR does slow things down, but it will be correlated.
R-Squared • August 8, 2021 1:22 PM
@ SpaceLifeForm • August 8, 2021 1:01 PM
I am seeing 447 comments on new squid at this time. TOR does slow things down, but it will be correlated.
It was the “toy.” The dog toy.
These people are “adults” online, and they don’t play nice with children or pets.
Didn’t I mention it was about time to get the vice lords off the property?
Winter • August 9, 2021 5:38 AM
@R^2
“These people are “adults” online, and they don’t play nice with children or pets.”
A “murderous gang” or “murderous bot swarm” would be a more appropriate description.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
SpaceLifeForm • July 30, 2021 5:11 PM
@ Freezing_in_Brazil, ALL
Climate Change deniers, Anti-vaxers. Same cloth. Anti-science.
https://gizmodo.com/6-surreal-images-showing-rare-snowfall-in-tropical-braz-1847394247/amp
Snow has fallen in Brazil, an extremely rare event for the tropical country. Thanks to an intense cold snap, snow or freezing rain fell in at least 43 Brazilian cities on Wednesday and Thursday, according to weather service Climatempo.