Who? December 24, 2021 4:31 PM

Does someone identify the glyphs used in the plaque sit in front of the statue?

Too many secrets hidden in recent art along the United States.

null clam December 24, 2021 6:03 PM

Below the squilpture article is another article about a certain Michael Jaeger visiting the city. For anyone who has studied the Men in Black filmic opus, it should be clear that Michael left the work as a self portrait of his real (alien) appearance.

John December 24, 2021 7:18 PM


‘Twas the night before Christmas, when all through the house
Not a creature was stirring, not even a mouse;
The stockings were hung by the chimney with care,
In hopes that St. Nicholas soon would be there;

The children were nestled all snug in their beds,
While visions of sugar-plums danced in their heads;
And mamma in her ‘kerchief, and I in my cap,
Had just settled down for a long winter’s nap,

When out on the lawn there arose such a clatter,
I sprang from the bed to see what was the matter.
Away to the window I flew like a flash,
Tore open the shutters and threw up the sash.

The moon on the breast of the new-fallen snow
Gave the lustre of mid-day to objects below,
When, what to my wondering eyes should appear,
But a miniature sleigh, and eight tiny reindeer,

With a little old driver, so lively and quick,
I knew in a moment it must be St. Nick.
More rapid than eagles his coursers they came,
And he whistled, and shouted, and called them by name;

“Now, DASHER! now, DANCER! now, PRANCER and VIXEN!
To the top of the porch! to the top of the wall!
Now dash away! dash away! dash away all!”

As dry leaves that before the wild hurricane fly,
When they meet with an obstacle, mount to the sky,
So up to the house-top the coursers they flew,
With the sleigh full of toys, and St. Nicholas too.

And then, in a twinkling, I heard on the roof
The prancing and pawing of each little hoof.
As I drew in my hand, and was turning around,
Down the chimney St. Nicholas came with a bound.

He was dressed all in fur, from his head to his foot,
And his clothes were all tarnished with ashes and soot;
A bundle of toys he had flung on his back,
And he looked like a peddler just opening his pack.

His eyes — how they twinkled! his dimples how merry!
His cheeks were like roses, his nose like a cherry!
His droll little mouth was drawn up like a bow,
And the beard of his chin was as white as the snow;

The stump of a pipe he held tight in his teeth,
And the smoke it encircled his head like a wreath;
He had a broad face and a little round belly,
That shook, when he laughed like a bowlful of jelly.

He was chubby and plump, a right jolly old elf,
And I laughed when I saw him, in spite of myself;
A wink of his eye and a twist of his head,
Soon gave me to know I had nothing to dread;

He spoke not a word, but went straight to his work,
And filled all the stockings; then turned with a jerk,
And laying his finger aside of his nose,
And giving a nod, up the chimney he rose;

He sprang to his sleigh, to his team gave a whistle,
And away they all flew like the down of a thistle.
But I heard him exclaim, ere he drove out of sight,

Paul Suhler December 24, 2021 8:58 PM

SMBC: Flammable Rocks


The girl’s reasoning brought to mind Bruce’s parable of the ant farm.

SpaceLifeForm December 24, 2021 10:48 PM

NFT idea

Put this on a T-Shirt. Then take a picture. Go for it!

[Redacted] reports [redacted] new coronavirus cases, the biggest one-day increase on record

SpaceLifeForm December 25, 2021 1:08 AM

@ Clive, ALL

You know this guy is the real deal when you spot the stacked milk crates

[I may be an old dog, but I do not recall having to signal the operator to disconnect. Guess it was before my time. Then again, the tech in town was likely bleeding edge all along (natsec reasons). Though I do recall weird incidents, even though, in theory, it was not a party line. Olden daze, when a Central Office had a name. Just recalled an old number]

Clive Robinson December 25, 2021 3:16 AM

@ SpaceLifeForm, ALL,

You know this guy is the real deal when you spot the stacked milk crates

I can draw you the “circuit” diagrams of such a switch board from memory, if you want… Because I used to have to teach telephone systems at the very end of the 1970’s and early 1980’s when GEC trainees might still come across such monstrosities in older hotels and similar…

So now for “nerd cred” or “old fart cred” depending on your viewpoint… And proof that “useless knowledge” is not always as useless as many think, and can even be a little festive. Evere played “the chain game”? It used to be one of those “after Xmas dinner” games when you are more stuffed than the turkey was…

So time to make a “chain” starting with the video you kinked to and ending in an Xmas turkey…

The guy in the video makes a mistake, when he talks about the “plastic” in the plug cords being rotten…

It would not have been “plastic” but “vulcanised rubber”…

The only “plastics” in use back when that frame was originally designed were,

1, Casein
2, Bakelite
3, Celluloid / Nitro Cellulose

All of which are “rigid” so would not have been sufficiently flexible. However Bakelite would have been used to make the rack fronts in which the line sockets were mounted to make “jack boards”. And casin was used for quite some time to make the shells of the jack plugs.

Casein is made from milk proteins in a process cheese makers would recognize. It’s still very much in use today for making artificial bone, wood and similar for buttons used in the fashion industry. But unlike cheese it has no usable nutritional value so is a dead end on the Turkey hunt 😉

Bakelite the first fully artificial plastic invented back in the very early 1900’s, and it is nolonger used. One reason is in some forms it ages especially rapidly with heat, and it can become as fragile as egg shells and shatter into shards that are almost as dangerous as glass. But the real problem with it though is that it is a resin made with carcnogenic compounds, and it requires a structural filler. Even into the 1980’s one such filler was asbestos… So DO NOT clean or file down “old Bakelite” used in 1950’s and earlier valve/tube radios etc.

As for celluloid / Nitro Cellulose, I’ve mentioned before about the fact that because it looked similar to ivory it was used to make piano keys and billiard balls that had a nasty habbit of exploding[1]. Which is why in the early 1910’s they started making billiard balls out of Bakelite…

Most people think of celluloid as beong used for making “Movies”, which it was. However it was and still is used for making “ping pong balls” and as a lacquer type finish on some printed items like “traditional” playing cards. The disadvantage with it is that it does break down and the residue will set off “Chemical Agent Monitors”(CAM) used in “bomb detection” work. But then so does another common nitrate, “pickling salt” you might have used to “brine the Turkey”…

So there you have it from telephone switch gear to seaonal festive food, who says “usless knowledge”… 😉

[1] Terry Pratchet and I were swapping stories at a party in Oxford, he told me about the “burying of diggers” from when he worked as a press officer in the British Nuclear Industry and I swaped a couple of stories about Victorian exploding billiard balls, and one I’d personnaly seen when an old kitchen knife got knocked into a barbeque and it’s large plastic handle went off like an Saturn Five rocket motor… He “reused” the billiard ball story in “Men at Arms”.

Ted December 25, 2021 8:23 AM

@ALL, Clive

Is this weird?

Re: Pegasus spyware and Chinese coding

From a Medium article:

“I find it strange how an Israeli company makes code comments in Chinese, creates App GUI’s with text written in Chinese, and no one has noticed this at all?”

Comments on twitter:

EL: How are you so sure that you were reversing Pegasus samples in the first place. I was looking at your repo samples back then and mos of them were incoherent between each other and seemed like a collection of random malware. Did you find any evidence connecting it to NSO?

JS: All the sample hashes were validated before my first commit to the repo, I’m not sure what you were looking at when you say inconsistent, but I’m open to hearing what you have to say. The point is that I found Chinese engineering in side what the public and media calls Israeli


lurker December 25, 2021 11:45 AM

@Ted, Is this weird?

Nope. You’ve entered the world of Spy-vs-Spy. Remember, attribution is hard. Chinese game servers could be a handy place to park stuff, or for redirection. I can think of a number of reasons why a Chinese person might end up coding for NSO.

But starting at the top, what do we know about vxunderground? How hard would it be to plant a decoy there?

Anders December 25, 2021 3:19 PM

@Clive @SpaceLifeForm @ALL

“Hackers take down the website of Russia’s Federal Penitentiary Service. Gulag .net reported that a community of hackers contacted them and in solidarity with them and their reporting of atrocities happening in Russian prisons are attacking the servers of FSIN”


ps. One satellite that tracked Russian troop movement near
Ukrainian border is temporary out of order. Maybe coincidence,
maybe not.


JonKnowsNothing December 25, 2021 3:23 PM

@Lurker, @Ted, @All

re: The Twilight Zone of of Spy-vs-Spy

A fun way to gain insight into SvS is to read the historical novels of Robert Graves: I, Claudius and Claudius the God.

While they are historical fiction, much of the underlying themes of the period remain reasonably accurate.

Of special interest is Sejanus, an important person during the reign of Tiberius.

If you haven’t heard of Sejanus but have heard of the Tiberius Caesar there’s a reason for that.

  Send a dog to eat a dog…

Clive Robinson December 25, 2021 3:32 PM

@ Ted, lurker,

Pegasus spyware and Chinese coding

Remember, why we have patents,

“Only one person invented the wheel, everyone else stole the idea!”

Also known as “The better mouse trap principle” only they don’t “beat a path to your door” to come to praise you but to rob you. Have a look at the history of SendMail, it will be instructive.

The basic point is, in software re-use is realy the fundemental driver of things moving forward, every one steals from each other…

It is actually when you get right down to it “more efficient”, also “more rapid” and very importantly “more chaotic”…

So maybe your question should be,

Is it wierd we don’t see this more often?

To which the answer is, actually we see it all the time with “cyber-crime” it’s “cyber-espionage” where it is rare.

As @lurker notes,

“Nope. You’ve entered the world of Spy-vs-Spy. Remember, attribution is hard.”

Or more correctly it is to do with amongst others,

1, Covertness -v- Overtness
2, Invisability -v- visability
3, Misidentification -v- Identification.

And perhaps most importantly,

4, Corporate -v- Governmental.

The last of which is about,

“The utilisation of resources to obtain desired outcomes”

We say “Level III” attackers but it only is a rating of “skill level” State attackers are very different to Corperate attackers.

The likes of GCHQ and the NSA “accumulate” zero-days, developing them to full exploits but importantly NOT deploying them. Because their “desired outcomes” is not normally monetary return but continuation of access. Corporations NSO in particular it is very much all about “monetary return” they have banks and venture capatilists to pay as well as having significant life styles to support. Therefore their “desired outcome” is to “turn the wheel as fast as possible whilst there is a monetary advantage to exploit.

NSO know that to make the levels of money they have to be,

“Seen in the right places, at the right times, with the right product, if some one can meet the premium price”

Therefore they also know that any exploit they use is going to have a short shelf life at “premium prices”.

So they pay high, develop fast, and move on with at best only a couple of exploits in hand to cover over their products being “discovered”.

And the important part to realise is the “develop fast”.

Because it’s not just “Proof of Concept”(POC) code they are developing but a whole “nose to tail” system. Having the worlds best zero day is pointless if you can not get it “producing product” your customers want.

The problem is when you think about it is that their entire “product chain” has to be as hidden if not more so than the actual exploit.

Because if some one recognises code from closer to the tail they can “walk back up the beast” till they get to the nose…

So there are two basic thibgs an organisation like NSO can do,

1, Sell a compleate package.
2, Rent a service.

If they go for option 1 they are going to have an unsupportable “burn rate”. If they go for option 2 then they can arrange things such that they “decouple” the tail from the nose by becoming the body. That is their customers only ever get to see the tail and the product they want.

NSO can thus build a sensible infrastructure element that turns raw input to finished product, knowing that it also acts as a limited form of “Delphinic Oracle”.

NSO can then take “Attack POC code” and weaponise it very rapidly and secretly as it is an “instrument” or “head end” they then need to develop the equivalent of a “neck”.

The “neck” has to be bi-directional so it needs some kind of “wall” to stop people observing and corrolating known NSO input points and walking back up to the “nose”.

When you think about it you will realise that they actually need to develop multiple “necks” for each “nose” thus development in this area is perhaps the most rapid, and actually the most difficult.

High value zero-days are not just rare they are sort after by many people. As I indicated to you over your “Why Argentina?” question you might only find one every half decade or so.

That is not a reliable business model to build on for what the likes of NSO does, they need a near steady stream of zero days to cover their clients needs.

Think about some of NSO’s customers, the NSO directors etc probably are right now whilst also thinking about the best way of disapearing “alive”… That is many of those customers we are getting to find out about, would not be the sort of people you would want to upset[1] and NSO just has done so, big style, courtesy of the US Government[2]…

So NSO were almost certainly running an option 2 type operation, with a high degree of need of flexability in the “neck” area of the process.

So fast, short time scale, high turn over, for what is very likely to be near bespoke, short product life, development… Code reuse from other people is almost certainly going to be high on the developers list of ways to deliver.

But if you doubt this East Europran Russian jurisdiction Ransomware found it had to move into an option 2 type operation. Unfortunately much as NSO has discovered, “You have to watch bot just your back but your neck as well”.

The one thing you should not doubt in any way is that other people have looked very carefully at the option 2 business process and whilst be it semi-legitimate or purely criminal enterprise have decided it is just way to high a risk to sell “intangible information products” under option 2.

I certainly decided long long ago that either option was not just workable as a process but also as a business model with “tangible physical products” such as electronic surveillance equipment. But… no way with “intangible information products” the risks were just way to high in many respects. It might have taken several decades for my reasoning to be proved… But NSO like ReVile are just the first of their respective types of business to prove it… I’m expecting quite a few more to find out in the near future. After all you can not expect to be gobling up $500million/year without somebody cutting in on your business any which way they can.

[1] We know what some of the “choicer customers” NSO were taking millions a month from, would not think twice about having people killed if they thought they were being short changed. Tyrants, Despots, and Dictators are by definition “not nice people”. Especially as they rate highly on the sadistic and psychopathic scores often with a large side order of narcissism to make them realy quite unplesant when they get disapointed. If you doubt that look at what the current leader of the House of Saud did, he quite litterly had a journalist “butchered” probably whilst still alive in a consulate surounded by CCTV. Then once “bled out”, “slain”, “jointed” like a pig, into easily managable pieces probably in refuse bags for easy movment and disposal… Then he went after the journalists employer both as an individual and as the owner of one of the worlds largest businesses. The House of Saud would have spent probably billions on this all whilst schmoozing with the worlds self appointed elite… But hey it’s only “US Oil Money” after all, and there is plenty more where that came from, just raise the oil price a cent or two on a barrel, plebty more cash to be squeezed out of US citizens and the like, and if the US won’t pay then China probably will do, and their weapons are as good as those from the US these days and probably better value as well…

[2] It is also more than possible that NSO have stood on one or two many US MIC corporate toes, so after a quiet word or two with the right people in the State Dept NSO find themselves “kicked to the gutter”. After all it also does give “leverage” over Israeli politicians, who may have been getting a little too –shall we call it bold or– demanding recently?

Clive Robinson December 25, 2021 4:16 PM

@ Anders, ALL,

One satellite that tracked Russian troop movement near Ukrainian border is temporary out of order. Maybe coincidence, maybe not.

I did a quick search on Copernicus Sat info and could not find an indication of an outage via DuckDuckGo.

So I tried a “specific word” search for the original of that “image” you linked to, no joy either…

What we really need is the 23rd December 2021 message it referes to.

As a side note, all “civilian satellite operators” are required as part of their launch agreements to not make images and other information concerning potential or actual “war zones” available. We first got to hear about this with the French SPOT and the Iraq war.

lurker December 25, 2021 7:31 PM

@Clive, @Anders

The “image” @Anders posted appears in the “Latest News” block on the homepage at

Their Mission Status Reports are download pdf, and the latest is 14-20 Dec. The ‘net is slow today so I won’t dig any further in their Byzantine web site…

lurker December 26, 2021 12:53 AM

@SpaceLifeForm, @Clive

Maybe by July we might need herd immunity if vax can’t keep up. My informant in London says at that time and place vaxxers were all being given boosters of Moderna(mrna), don’t care what you had first time round.

There’s a school of thought says mixing the booster shots vs original, gives wider and deeper immunity. Another meme is that the whole virus vaccines (J&J, Sinovac,…) are showing better longevity and better response on newer variants than mrna or protein fragments. But this is anecdotal evidence, through the fog of war it is difficult to find real data.

JonKnowsNothing December 26, 2021 1:15 AM

@SpaceLifeForm, @ALL

re: Maybe by July, we will have herd immunity.

A few considerations regarding modeling Omicron

  • The current division between StayAtHomes vs OotNAboots. This mirrors certain political divisions in proportion. The StayAtHomes will have no impact on the outcome for Jan or July. They are outliers to the model because they do not inhibit the spread of the virus nor do they transmit the virus to others.
  • To inhibit the spread of the virus the number of eligible fish in the tank have to be reduced.
    • The HIP Economies reduce the number of fish by infecting elderly persons and reducing or withdrawing support services to the most vulnerable. Thereby reducing the population in the tank.
    • Vaccinations that generate long term or full immunity and prevent re-infections (called break-through cases or vaccine failures) would reduce the number of potentials. Nothing we have at the moment provides a long enough duration to avoid reinfection(s). Everyone in this category is still in the Open Tank.
  • Some of the Gen2 Gen3 treatments and vaccines may have long term effectiveness that’s good in the lab but when deployed in the population the results maybe be (better or worse). Plus you have to get the roll out going. The continued hoarding of vaccines by the wealthy countries bodes ill for the long term stabilization of this part of the Tank Population.
    • Some of the Gen2 treatments reduce the Expected Days of Illness by ONE DAY.
  • Local areas or groups may automatically withdraw from the tank without direct intervention or because there is no intervention or no sustainable interventions. This would be a neighborhood or block or village level. (1) This leaves a Swiss Cheese effect in the modeling data.
  • Omicron is mutating.

We won’t have to wait for the Instant Replay to see what directions things are going after Bowl Game Mania Day.

The UK might get a new Prime Minister but afaik any potential replacements will have built in obsolescent dates.


1) RL Anecdote tl;dr

An avid hunter demonstrated new learned behaviors in flying migrating geese and ducks as they flew over head.

Taking a shovel and banging it repeatedly and hard against a metal shed wall, produced a loud sets of booms.

A short delay as sound traveled from the ground to the flying birds…

You could tell when the sound arrive: The birds scattered in different directions.

The geese might not be able to tell the difference between a shot gun blast and a shovel against a metal wall bang, but they were not hanging around to debate about it.

Clive Robinson December 26, 2021 5:37 AM

@ lurker, ALL,

But this is anecdotal evidence, through the fog of war it is difficult to find real data.

It’s not “the fog of war” but “the speed of battle” two compleatly different things. Though if you are pined down with incoming all around and no coherant command handing out information on which way to go do you care which it is? Probably not.

With regards,

My informant in London says at that time and place vaxxers were all being given boosters of Moderna(mrna), don’t care what you had first time round.

It changes on a daily basis but yes as far as I can see it’s all mRNA not that they will give it to me.
You can look up on line what is being given and where[1].

Now to the more vexatious,

mixing the booster shots vs original, gives wider and deeper immunity


whole virus vaccines … are showing better longevity and better response on newer variants than mrna or protein fragments.

Both statments are “sort of true”. It’s both complicated and whilst we do have in vitro (in glass/lab) results confirming the statments, we don’t yet have enough in vivo (in life/human) results for obvious reasons. The caution being “lab and life are very different environments” not least being the high mutation rate due to the high infection rate…

So the next question is,

“How much do you know about the ‘skirt effect””‘ in ‘Quality Curves’?”

Quality curves are not named after “Quality control” but after “Quality of performance” they look like “bell / normal” distribution curves but are more complicated. One such set of curves being the “Q curve” used in radio engineering for tuned circuits that have losses.

I’m not going to go into too much detail but assume the left hand axis gives “effectivness” as a percentage, and the axis at the bottom gives “specificity”. Importantly the area under the curve is effectively fixed for any given entity.

It’s fairly quick to see that very speciffic vaccines like the mRNA ones are very specific thus have very narrow skirts but high effectivness. The likes of “traditional” vaccines have very broad skirts so have lower effectivness. Where exactly the “center” on the axis at the bottom is also important as it can shift left or right as well…

For the first few SARS-2 VoC that had high pathogenicity (ie killed easily) you therefor wanted as higher effectiveness as you could get centered bang on top to save lives. However such narrow specificity means not that vaccine avoidence might happen, but “it will happen” which means the curve is nolonger centered on mutations especially VoC’s, as we can now see happening.

I chose Oxford AZ for my vaccine because it had a wider skirt, and was in Scottland at the time showing it was more effective because of the larger number of VoC’s it then covered. What I would have gone for if it had been available would have been a deactivated “live virus” vaccine like Sinovac. For two reasons,

1, It was a well tried thus well known process, unlike untried mRNA.

2, It has the broadest of immunity specificity skirts, even though it barely cleared the 50% effective marker (some immunity is better than no immunity).

Also being a deactivated live virus, it is more likely to give “longer lasting” immunity than mRNA because it hits more parts of your immune system in many different ways, giving more chance it will work with your unique immune system.

Which brings us around to “effectivness decay rates” it’s a complicated subject and thus prone to misunderstanding when “simply explained” so take this with a healthy dose of “it’s only an approximation for illustration”.

With time all things fail, that is they decay. It does not matter if it is from heavy use wear&tear or corrosion&seize-up from no use, it happens in the same way as entropy dictates, and it’s one of those fundemental “laws” in the universe as we currently understand it.

So obviously those effectivnes quality curves diminish with time.

Thus the obvious questions are “How?” and “How fast?”.

Well the how is generaly “reduction in area under the curve” which means one of three things,

1, Effectivness goes down.
2, Skirt draws in.
3, Both.

Actually it’s all depending on progression of time.

As Omicron appears to be of low pathogenicity but quite a way across from the center of the skirt, it’s “down toward the bottom of the skirt” that concerns us most (take a moment to let that sink in).

Obviously giving a booster will lift the area under the skirt but if it has the same center it’s not going to move it out very much. So if the virus VoC is too far off the vaccines skirt then it does not matter how much you lift the skirt it’s going to do next to nothing in “lifting percentage effectivness” for that VoC…

So giving a narrow skirt vaccine is not ideal, but if it’s all you’ve got…

Which is a very important concern and significant problem. Because drugs companies do not want to cure you or make you immune.

Like all “drugs pushers” they want your money or more correctly “highest price for minimum cost” so they want you hooked, and giving three boosters a year would be up the top of their fantasy list.

In vaccine production like most other mass production, by far the biggest cost is “up front” especially with mRNA vaccines… So whilst Big Pharma will “talk up” being able to come up with a twiddled vaccine, they have absolutly no intention of doing it any time soon, if ever in your life time. As long as the demand for the current vaccine continues they care not if it works or not, they will do nothing other than sell it…

Make of that what you will, but I know from experience of working in similar ethos mass production businsses in widely different industries (petrochem, consumer electronics) what it means.

[1] The UK “National Health Service”(NHS) has a web site where you can check the status of your local walk in center,

If you search say “Westminster” you get offered a choice of two, so selrct “City of” and the first option is “St Thomas’s” click on “See opening…” and you get some handy little tables for availability for various “age groups and jab types”. Note at the top they are a “Pfizer” site only. But… When you look down you will see the bottom two enteries are “Boster dose” [Available] and “3rd dose” [Unavailable]. Which is a problem for me as I fall in the “3rd” dose category. If you back button and go into “Hills Phamacy” you will see they carry both Pfizer and Moderna, but only Pfizer for booster dose (this is “suggested prefrence” policy). But… What it does not say, as it does at many walk in centers is, “IMPORTANT GP letter…” required. You can see the entire thing by back button then select “Montgomery Hall” and scroll down.

What is not mentioned is “There is a hole in the system!”… One of those “we will ask you questions” is “Have you been in hospital as an in patient?” and if so “Why?” if you mention “blood clot in the heart” then you might as well say you are “a leper” you would be more welcome. They insist on a GP letter… Which requires a “meet with the Doc” which many Docs are not doing… So in effect “Go home and Die” only they get upset when you put it as bluntly as that. The same thing happens if they look your records up on the National data base (the one they sold to US “SpysRUs Corp” Palantir for £1).

Clive Robinson December 26, 2021 5:52 AM

@ JonKnowsNothing,

The UK might get a new Prime Minister but afaik any potential replacements will have built in obsolescent dates.

AKA “Teflon Vosen Bottle Johnson” as nothing sticks on his shoulders, it’s always the Billy Bunter squeaky cry of “Oh Gosh, no it was not me Sir, oh no, must be somebody else”. Smart people will note the first double negative…

It would appear the only way we are going to be rid of the fat ugly slug is if he catches something. As he’s already had Covid, some are suggesting an environmental issue like Wilkes-Booth disease –accelerated lead poisoning– or some such.

Ted December 26, 2021 5:57 AM

@lurker, Clive, JKN

Re: Pegasus spyware and Chinese coding

But starting at the top, what do we know about vxunderground? How hard would it be to plant a decoy there?

I think the interesting thing about this, is that Jonathan Scott is excited about it, but I haven’t heard much about it from more mainstream sources. Granted I am absolutely no expert and there is so much I have not read.

I don’t know how Chinese coding in the Pegasus spyware is explainable at this point. I don’t know if Jonathan is saying he doesn’t either?

I have only lightly perused the vxunderground site so far (bc Christmas obligations). Would you say this is a malware repository for security researchers?

Jonathan Scott was recently a participant in Damncon 2021. I can’t tell if Damncon is an Indian (🇮🇳) based conference? The presenters all look pretty on top of their game, from what I can tell. You can see some of the presenters here:

They had a few speakers who presented on the Cyber of Things. So I picked one and went down that rabbit hole for a moment. Got to say, he seems legit.

So I don’t exactly know how to assess Jonathan’s research. I honestly didn’t know there were possible Pegasus spyware samples that could analyzed by the larger research community? If this is true?

What are yours all thoughts?

Apokrif December 26, 2021 1:38 PM

@Clive Robinson: can one get a different vaccine at each jab, or even more doses than the official 3, to get both effectiveness and “large skirt”?

Anders December 26, 2021 5:11 PM


New China outbreak – Xian.


SpaceLifeForm December 26, 2021 5:12 PM

@ Ted

So I don’t exactly know how to assess Jonathan’s research.

Neither does he. There is no try.

It is most likely a combination of False Flag with Reverse Engineering and redeploy to confuse.

His comment about comments in the code makes no sense.

Do not concern yourself about attribution. The odds are better than 50-50 that you get it wrong.

JonKnowsNothing December 26, 2021 5:13 PM

@Apokrif, @Clive, @All

re: can one get a different vaccine at each jab, or even more doses than the official 3, to get both effectiveness and “large skirt”?

I dunno about the effectiveness but at least one person was selling “My Arm For Your Jab”. He got about 10 jabs before he was discovered. The buyers wanted the (worthless) vaccine cards to gain entry to their local pubs.

Another guy tried a “fake prosthetic arm for jabs”; that didn’t work either.

Then there were the Semi-Truck Drivers (HGV) in EU buying fake vaccine cards so they could haul between EU borders. They discovered that COVID-19 doesn’t read and their fake vaccine cards were deadly.

Currently some countries (Israel) are giving up to 4 shots. The actual dosage may vary between shots and age groups. That would have an impact on the “skirt or tail” coverage.

lurker December 26, 2021 5:28 PM


Om Stopped The Planes,
MSM is reporting 6000 flights cancelled over Xmas weekend worldwide due to crew infections.

In other news today (depending on where your dateline is) is Louis Pasteur’s birthday. Yes, he invented vaccination (named from cowpox), but the Chinese had been inocculating against smallpox 350 years before that. Pasteur was reportedly evicted from one hospital for asking doctors to wash their hands before procedures. Handwashing seems to have dropped down the list of anti-Covid measures…

SpaceLifeForm December 26, 2021 6:07 PM

@ Anders

re: New China outbreak – Xian.

I saw this a few days ago, but I have yet to find any info as to whether it is Delta or Omicron. Or, a new variant.

Suspect Omicron, but CCP is crickets.

SpaceLifeForm December 26, 2021 6:32 PM

@ lurker

Of course plane flights were cancelled.

The flight crew personnel got infected from prior passengers.

The spin by the airlines that plane ventilation is good is whole cloth.

lurker December 26, 2021 7:31 PM


I’m with @Clive, and this guy

It’s years since I used to chase malware and analyse it, and I got tired of the obfuscation and misdirection. Jonathan Scott seems to have too many loose ends flapping in the breeze, and the Twitter thread has a high noise/signal ratio. Keep some unsurprised paint handy to color me if it turns out to be something else entirely which is riding on the notoriety of Pegasus.

Ted December 26, 2021 8:05 PM

@lurker, ALL

Re: Research scope and quality

I think the thing that is curious about some of Jonathan’s public interests is that they seem to concern topics that are in information “dead zones”. Who else in the MSM is talking about malware repositories and Android spyware?

On a different note, Jonathan posted a link to some pretty neat research being done on Apple AirTags.

Are you all reading any of this? Of the security and privacy concerns Adam lists for AirTags, what seems to be the most alarming to you? 😐

ResearcherZero December 26, 2021 10:22 PM


There are daily attacks on our satellites, so it’s always a possibility, though could be a number of other reasons why it may be temporarily offline.

Russia has increased repression of internet and information this year.

“This past year’s dramatic crackdown on Internet freedoms is the culmination of many years’ efforts by the authorities to restrict the rights and freedoms of Russians online,”

According to HRW, the Russian government has also attempted to use its domestic legislation to “dictate content moderation practices to Internet companies, even in relation to their business operations in other countries.”

HRW said such efforts have been facilitated by Russia’s deep packet inspection (DPI) technology, which allows the authorities to “directly filter, reroute, and block” Internet traffic.

The “sovereign Internet” law adopted in 2019 requires all Internet service providers to install DPI technology in their networks.

In March, authorities used DPI technology to slow down access to Twitter for its failure to take down content the government deemed unlawful, HRW said, noting that the measure came weeks after social media companies were given large fines for failing to take down posts calling for participation in peaceful mass protests in support of jailed opposition politician Aleksei Navalny.

According to HRW, the authorities repeatedly threaten to block access to the websites of foreign and Russian tech firms over alleged noncompliance with the country’s Internet legislation.

In September, digital rights groups reported the temporary blocking of access to the Google Docs service by Russian Internet service providers, in what they said illustrated the extrajudicial and nontransparent nature of DPI technology.

“Moscow has increased pressure on big tech this year in a campaign that critics characterise as an attempt by the Russian authorities to exert tighter control over the internet, something they say threatens individual and corporate freedom.”

Russia has demanded that 13 foreign and mostly U.S. technology companies be officially represented on Russian soil by the end of 2021 or face possible restrictions or outright bans.

China is pursuing the same agenda.

“What we need to do is to make it increasingly expensive for companies to offend China so their losses outweigh their gains,” – The Global Times

SpaceLifeForm December 27, 2021 12:16 AM

@ Anders, ResearcherZero

I’ve been checking. Folks that review SATINT. None have mentioned issues. This appears to be a web server issue. Maybe there was a sporadic disruption, and the feed was not captured? Or it was, but there is MITM?

SpaceLifeForm December 27, 2021 1:44 AM

@ Ted, Clive

Event Timing Side Channels

In the Key Facts and Findings (, you see these various timer values:

  • Updates last byte of advertisement data every 15 minutes
  • Goes into a lost mode exactly 3 days after being away from its owner’s device
  • Makes noise once every 6 hours while in lost mode and movement is detected
  • Samples the accelerometer every 10 seconds when waiting for movement
  • Samples the accelerometer every 0.5 seconds once motion is detected, for 20 seconds
  • Transmits BLE advertisement every 2 seconds when away from its owner’s device
  • BLE connection interval of 1 second when near its owner’s device

Supposedly lost mode was changed to 24 hours.

If you think those values are hardcoded, you be smoking good stuff.

null clam December 27, 2021 2:59 AM

The recursive (ie rabbit hole) nature of computing …

Available on the web in many places is a PDF of Turing’s 1936 paper “On Computable Numbers, with an Application to the Entscheidungsproblem”. When one tries to print the file, on at least one kind of printer, the printing process crashes on the 13th page, p 242 in the original numbering of the paper. Thus, the {PDF + printer} is a machine that solves the halting problem. Turing was wrong.

Ted December 27, 2021 3:13 AM

@SpaceLifeForm, Clive

Supposedly lost mode was changed to 24 hours.

Good spot. I saw that 3 days thing on Adam’s page too and it made me wonder how (or if) updates will be made there as Apple responds to security concerns.

This looks like a problem:

(Lack of) Secure Boot

Modifying the firmware does not result in a boot failure. This indicates the signature of the firmware is not checked against a trusted Apple certificate.

Re: The article on Ultra Wideband (UWB)

Great find. I’m going to be reading that. I save it as a PDF with an app and then go thru it with a little highlighter tool. 🙂

SpaceLifeForm December 27, 2021 3:55 AM

@ JonKnowsNothing, ALL

S-Gene Target Failure (SGTF) / S-Gene Dropout

The virus is stealthy. Testing is futile.

It really is at this point. The PCR tests are coming up negative, when people clearly know they are sick. The Rapid tests are doing better than PCR. And by the time you can get PCR results, why bother?

Assume you are infected. Even if you are asymptomatic, you likely have been exposed by now. The numbers will be rich in two weeks, and we will know what is going on much better. Interestingly, the S-Gene Dropout (caused by deletions at positions 69 and 70 of the Spike Gene), have apparently been going on for over a year.

So, because the PCR tests are failing to detect the deletions, and this has been happening for over a year, then probably a lot of infected people got a negative result, but were silent spreaders. And took a plane flight.

Winter December 27, 2021 4:19 AM

“re: New China outbreak – Xian.”

I read a newspaper (real paper) report that this is still Delta. Om has not yet reached China. It is not easy to enter China at the moment.

ResearcherZero December 27, 2021 4:24 AM


Depending on Android phone vendor and region released in, updates sometimes take a long time to get pushed to devices. Can take a year or longer for older models to get some official updates.

Pegasus for Android

Google calls this threat Chrysaor, the brother of Pegasus. For simplicity, we’ll reference this as Pegasus for Android.
Pegasus for Android is easier to deploy on devices and has the ability to move laterally if the first attempt to hijack the device fails.

Screenshot capture
Live audio capture
Remote control of the malware via SMS
Messaging data exfiltration from common applications including WhatsApp, Skype, Facebook, Twitter, Viber, Kakao
Browser history exfiltration
Email exfiltration from Android’s Native Email client
Contacts and text message

It self-destructs if the software feels its position is at risk. Pegasus for Android will remove itself from the phone if:

The SIM MCC ID is invalid
An “antidote” file exists
It has not been able to check in with the servers after 60 days
It receives a command from the server to remove itself

To install Chrysaor (Pegasus), we believe an attacker coaxed specifically targeted individuals to download the malicious software onto their device (malicious APK). Once Chrysaor is installed, a remote operator is able to surveil the victim’s activities on the device and within the vicinity, leveraging microphone, camera, data collection, and logging and tracking application activities on communication apps such as phone and SMS.

Chrysaor is even capable of answering phone calls silently and staying connected in the background so the caller can hear conversations that are taking place nearby and of quickly resetting everything back to normal if the user picks up the phone to interact with it.

Upon installation, the app uses known framaroot exploits to escalate privileges and break Android’s application sandbox. If the targeted device is not vulnerable to these exploits, then the app attempts to use a superuser binary pre-positioned at /system/csk to elevate privileges.

If /sdcard/MemosForNotes was present on the device, the Chrysaor app removes itself from the device.

it is easier to use old vulnerabilities to target Android users, because a portion of the population will generally still be vulnerable to a given attack months or years after a patch comes out. And even if a potential victim downloads Pegasus for Android on a device that has all the most recent security updates, the spyware can still work if the user mistakenly grants approval through Android’s permissions system.

The malware is also difficult to detect. It has self-destruct mechanisms built in to wipe it off devices, and can even block certain patches and scans that could nullify it.

Some samples of Pegasus for Android date back to 2014, though, so it seems likely that NSO Group and other cyberarms dealers have developed even more sophisticated techniques since then.

Cytrox Predator

We did not find a mechanism for persistence on Android, nor values in the Android configuration file that indicate persistence support. However, we found some additional code in the Android sample, including code to disable SELinux and code for an audio recording component.

…there are artifacts associated with Predator that suggest approaches like Samsung RKP can be defeated by stomping on the SELinux access vector cache entries to grant the needed permissions.

Winter December 27, 2021 5:03 AM

“S-Gene Target Failure (SGTF) / S-Gene Dropout”

I asked someone who does (and designs) PCR tests. The failure was noticed with Alpha. Since then, S failure is used to spot new variants. Note that current PCR tests use two regions of genes. Different, PCR tests use different genes.

A melting curve analysis is used as a quick way to determine the variant. That is quicker than full sequence analysis.

Clive Robinson December 27, 2021 7:04 AM

@ SpaceLifeForm, Ted, ALL,

In the Key Facts and Findings

Treat what is said “With Caution”…

The first thing that caught my eye was “11 year battery life”…

The calculations used are to simplistic to put it mildly and thus in no way in contact with reality.

The first thing you need to know about batteries is that they store energy “in a coherent” or “highly organised way” and that as you use them things “move from organised to disorganised” that is they suffer from “entropy”.

Another aspect is that to get energy out easily the storage has to be less than stable. That is compleating a circuit cause chemical bonds to be broken… The higher thr current you want out of any given cell surface area the less stable it is. As metals are involved there are free electrons involved, which means that they cause chemical bond break down with time and no closed circuit.

We call this “self discharge” and in analysis as a first approximation we substitute a resistor in parallel with the cell. We also do a transform and put the resistance in in series for when we close the circuit. You will see this second resistance called “Effective Series Resistance”(ESR). Whilst ESR is often given in data sheets the parallel equivalent is less likely you usually get a capacity graph with tempreture related curves and time.

Thus that “coin cell” even sitting in it’s factory packing has the clock running.

I’ve not got the data sheet for the cell, but I suspect a 100,000hour storage life is not given.

Ted December 27, 2021 7:32 AM


Thank you for those links! Something I thought was interesting was this from Google in 2017:

What is the scope of Chrysaor?

Chrysaor was never available in Google Play and had a very low volume of installs outside of Google Play. Among the over 1.4 billion devices protected by Verify Apps, we observed fewer than 3 dozen installs of Chrysaor on victim devices. These devices were located in the following countries:

The most installs were listed in Israel.

I don’t really know how to interpret all this, but it certainly seems related to Pegasus. Many thanks again!

Someone linked to a Chrysaor-related article here in a comment in 2017. Goodness.

Clive Robinson December 27, 2021 9:30 AM

@ SpaceLifeForm, JonKnowsNothing,

It really is at this point. The PCR tests are coming up negative, when people clearly know they are sick.

The problem with PCR is you have to know what you are looking for. And… If that thing disappears logically you can not find it.

So you need to look for several things, the more you look for the more expensive it gets and the more blured the results as when you get close enough in many things start to look the same (just four base pairs at the bottom). At some point there is a crossover and full sequence testing might as well be done.

Things going on in Australia…

I hear that they have decided because their vaccination rate is significant enough, that for low pathogenic varients with high infectivity, lockdown is going to cost more than it will save in the long term.

Part of this is being infected gives you immunity advantages over just being vaccinated.

I get the idea but I’m not qualified to say if it is good or bad my interests in science do not lean that way enough.

But the idea appears to revolve areound IgA.

Apparently IgA gets made when you get the disease, but not if you get vaccinated.

IgA exists outside of your body, and is found in bodily fluids such as saliva and mucus that line what are for SARS-CoV-2 the primary entry routes.

In effect IgA takes the battle outside not just the bastion but ouside and away from the baily as well.

Therefore even though you may be breathing the virus in, it has to get past the IgA before it can infect you. So effectivrly it cuts the potential infective viral load down. So making your bodies ability to fight that much greater in proportion.

But… IgA is not very specific so whilst it might be generated in response to Omicron potentially it will also work with all the varients of Omicron that are poping up, not unexpectedly.

That is it would appear to be Australians are thinking “broadening the skirt via omicron may be adventageous for not just society but the majority of individuals…

However as far as I’m aware omicron has not been around long enough to make definate claims.

lurker December 27, 2021 11:09 AM

@Ted: a maximum battery life of at least 11 years if the device never came out of sleep

What @Clive said boils down to, the shelf life of a battery depends on storage temperature, which has to be unknown for a device in the real world. Secondly, when the device is sleeping, it is still drawing current from the battery for the circuitry that knows when and how to wake up.

I recently had to replace a coin cell in a device, and it irked me that most places had them in blister packs of two. The second one would have reduced remaining life when it came time to use it (or be lost). Good sales ploy…

Clive Robinson December 27, 2021 11:30 AM

@ Ted,

With regards,

““This gives a maximum battery life of at least 11 years if the device never came out of sleep.”

I would say unlikely to near impossible in an AirTag. Even if still inside the battery manufacturers specialised packing and not as claimed “in circuit”. Very few battery technologies make it to a five year shelf life (even with fiddling the figures).

The latest comercial technology is a modified lithium with manganese dioxide arangment, where the msnganese dioxide “can” act as a stabaliser, but I’m not aware of anyone actually having had them in production long enough to verify the claimed 90% shelf life.

Lithium technology is a “wet electrolyte” technology, which has advantages and disadvantages. For instance in rechargable lithium cells whilst you can take power out of them below 0 Celsius, do not try charging them as you will strip the recharge life down to near zero. That is lithium technology has odd temprature characteristics.

But ask yourself what the impedence of atmospheric air at 100% humidity, 25 Celsius ay sea level is across a 1mm gap… Then you have to figure that into your “in circuit” calculations.


1/(Rtot) = 1/(Rdis) + 1/(Ratm) + 1/(Rcrt)

Rtot : Total resistance, from,

Rdis : Self discharge resistance.
Ratm : Atmospheric resistance.
Rcrt : Circuit resistance.

As far as I can see Rdis and Ratm have been left out of his calculations. But what of Rcrt?

From other things the author claims, the AirTag will never be just in sleep mode… That is it wakes on a timer to do things like transmitting a becon signal and calculate new KeyMat, which if the author has identified the KeyMat type (PubKey) correctly is not going to be “CPU lite” thus the daily current averaged is going to be rather more than the measurment of minimal sleep mode current would indicate.

So the current given for the device draw is impossibly low as the device does not stay in “sleep mode”. Therefor Rcrt is lower than probably used in the calculation.

So very probably as I indicated earlier, somebodies math is to simplistic.

So the statment he made is wrong even in his own view, so why make it?

Especially as in real terms it has no actual meaning to the short term usage and security of the AirTag device…

Hence my comment,

“Treat what is said “With Caution”…”

[1] For those not instantly up on basic electronics, 1/(Rtot) is actually the “normallised voltage” current over a selected power cycle. If you want the “true current” it should be,

Itot = Vtrm x 1/(Rtot)

The problem is, even though some cells hold the loaded “Terminal Voltage”(Vtrm) fairly constant due to very low internal “Effective Series Resistance”(ESR), Vtrm does drop with increasing or peek current. So as the current drawn increases the more energy is disipated in the ESR component inside the cell. Which means that the actual power delivered to the circuit goes down with respect to the current drawn.

Vterm = Vint x (Rtot / (Rtot + ESR))

JonKnowsNothing December 27, 2021 12:32 PM

@SpaceLifeForm, @Winter, @Clive, @Gerard, @All

re: S-Gene Target Failure (SGTF) / S-Gene Dropout / PCR Testing

iirc(badly) I’ve put up a few posts on this topic; they may be in the archives.

As Winter explained, the PCR test, which is the most accurate of the tests, uses 3 regions of the virus for comparison.

One of the regions is the S-Gene because the COVID-19-Alpha-Variant was getting missed because of a deletion in that part of the virus genome. It took a bit but they rejiggered the PCR test and it resumed being fairly accurate.

One of my points about the sub-lineages is that they have additional mutations that are not “publicly acknowledged” but are well known to the science community. You have to dig way past DDG to find information about them. Often all you will get is the genomic differences and perhaps the locale. If you know or have tracked the known effects of some of the mutations you can spot what’s different. You might NOT know WHY or HOW other mutations affect things because those are being written up in science papers that are pending publication (hopefully).

In the case of Omicron, there are 2 sublineages: BA.1 BA.2.

  • BA.1     determined by SGTF – absence of the S Gene on the PCR test
  • BA.2     does not have the 69/70del so the SGTF is not triggered, making it invisible to PCR tests.

Of importance NOTE: BA.2 is NOT DETECTABLE by PCR test at the moment.

RL anecdote tl;dr


blockquote>A friend made a forceful statement about the amount of COVID-19 in the region.

“All these people are testing and the tests are NEGATIVE. They don’t have COVID-19 and they just have a COLD.”

While it maybe they have colds, it is far more likely they are testing with Lateral Flow or other home-kit that has high-false-negative outcomes.

It is also possible they have Omicron-BA.2 which will show up just as negative as a cold.

As @Gerard pointed out: People don’t care what type of sick they have.

As I’ve pointed out: It matters, because when you can no longer breath, you need to get to the ER, providing they have room at the inn.


  • PCR Test for Omicron-BA.1 returns COVID-TRUE results. People stay home.
  • PCR Test for Omicron-BA.2 returns COVID-FALSE results. People do not stay home.

Rhetorical Question:

  • Which Omicron Sub-Lineage do you think will become dominant?

Ted December 27, 2021 1:00 PM

@Clive, lurker

So the statment he made is wrong even in his own view, so why make it?

It seems like engineers equally like to build and break things down. Maybe you have an invite to play?

From Adam’s page:

Tweet me or view on GitHub to propose changes or corrections.

I like that he includes photos with his teardowns. Would you call these spatial assessments?

Khazed December 27, 2021 4:11 PM


The glyphs are numbers using Cistercian numerals.[1] They read “972 588 4762”, which someone on Twitter interpreted as a Google Phone number and called. It allegedly answers with “a recording of something that sounds like a cross between chanting and a dial up tone.”

Any idea what else the numbers might refer to?


SpaceLifeForm December 27, 2021 4:44 PM

@ Ted

Re: (Lack of) Secure Boot on Airtag

I’m sure that a signature of the Airtag firmware is verified by the parent device (iPhone, iPad).

It is just a matter of time until the Airtag is fully hacked and reverse engineered, and the firmware update protocol is fully discovered.

It may happen sooner than you may think.

Security by Obscurity will not work.

SpaceLifeForm December 27, 2021 6:25 PM

@ Clive, JonKnowsNothing, ALL

just four base pairs at the bottom

i know what you are getting at, but there are no pairs.

This is RNA, not DNA, so no pairing.

What you meant was nucleotides.

Which leads me to this.

Because in theory, it takes 3 nucleotides for the ribosome to select the correct amino acid, is is not strange that the deletion of two consecutive nucleotides (69,70) still can result in a functional protein?

I mean, dropping two consecutive bits in a bitstream, that is expected to operate in 3 bit chunks, would seem catastrophic to the overall integrity of the message, right? The bits following should be out of sync, right?

Which leads to the redundacy of the mapping betwwen 3 nucleotides (codons) and which amino acid the ribosome selects.

So, why is the S-Gene dropout happening?

Maybe, it all about different Genes. The genes involved that the host uses to build the Ribosomes.

The S-Gene dropout must be occuring because of the host genes.

At the Electro-Chemical level, maybe the Ribosome makes a mistake in translation. For some, depending upon the host genome.

All Ribosomes are not created equal.

Maybe, this a good thing.

If the host Ribosome completely breaks the reproduction of the virus, then you will not ever become aware of that.

Omicron may be a good thing.

ResearcherZero December 27, 2021 9:48 PM

@Ted @ALL

In one of those articles about Pegasus, it says some of the spyware samples date back to 2014.

4th party collection is quite popular in spookery, collecting from the other collectors.

Murchison Widefield Array captures radio images of material being sucked into the supermassive black hole at heart of Centaurus A

All the data is sucked into a black hole and archived. Politicians ignore all security reports from the archive, unless pertinent to their success, or the downfall of their opponents. Never get your info from an adversarial intelligence agency if you are a politician (or aid), as it will remain good until it’s important that it’s good.

Roskomnadzor is using a TSPU (technical tools to counter threats) system which it had forced all Internet and communications operators to install as part of the country’s controversial “sovereign” Internet law. The tools block access to servers from which the app is downloaded.

Russia passed legislation in 2019 on the development of a “sovereign Internet” network that would cut off the country’s access to the World Wide Web, a move critics say is meant to muzzle free speech.

Roskomnadzor has barred 49 websites linked to Navalny this summer while the Moscow Arbitration Court recently ordered Google, Apple, and Russian search engine Yandex from displaying the phrase “smart voting” in search results.

According to the RuNet monitoring project GlobalCheck, Tor is being blocked using Internet-isolation equipment.

All uncensored information is an absolute evil!

Anton Gorelkin chairman of the State Duma’s Information Policy Committee:

“I have never been a supporter of blocking, but in the case of Tor, I simply do not see any other options,”

“Its developers aimed to fight censorship – but in fact Tor became the backbone of the darknet infrastructure. I am convinced that the majority of Tor users use it exclusively for illegal activities: access to illegal information, purchase or sale of illegal substances, credit card numbers, stolen data, illegal services.”

“In general, Tor for me (and, I think, for all sane people) is an absolute evil, which must be fought as hard and uncompromisingly as possible,”

upload arbitrary data from non-internet-connected devices by sending Find My BLE broadcasts to nearby Apple devices that then upload the data for you

Bräunlein reported that he could send at about 20 bits/second and receive at about 25 bits/second, but that his hidden data “messages” took anywhere from a minute to an hour to arrive.

ESP32 firmware that turns the micocontroller into an (upload only) modem, and a macOS application to retrieve, decode and display the uploaded data

Clive Robinson December 28, 2021 12:06 AM

@ SpaceLifeForm,

i know what you are getting at, but there are no pairs.

This is RNA, not DNA, so no pairing.

Yes, it was originally a three long paragraph and growing statment, that I was trying to explain the uniqueness of DNA in “living” entities and the non uniqueness of RNA in “non living” but viable pathogens, and how the closer you looked down the less unique things are. Hence the need to look for more than just a handfull of features we currently do with finger prick tests and how at some point you have to switch over to full sequencing, which is what atleast one European country is doing.

I realised it was getting to long and wandering so edited it down several times then finally some what savegely, to move on to the other point about Australia.

I now find that even trying to explain it succinctly, is just not going to work. So I should have swung the axe at it all, and done it as two seperate posts.

Clive Robinson December 28, 2021 12:42 AM

@ SpaceLifeForm, Ted,

I’m sure that a signature of the Airtag firmware is verified by the parent device (iPhone, iPad).

Probably not, but it will probably happen now someone at Apple has read your posting 😉

It’s the way this blog appears to work, “the usual suspects” chat and suddenly “Researchers” and “Company employes” just happen to have the same bright idea or so they claim…

SpaceLifeForm December 28, 2021 3:46 AM

@ ResearcherZero, Ted, Clive, ALL


These 3 bullet points are carefully worded. Note the bolding. It is there to distract you just enough, but also allow the false conclusion to be delivered. Not my bolding. Bolding is in original.

All 3 can be shown to be false.

  • The AirTag doesn’t know which Apple device picked up and relayed its messages, thus preserving the privacy of the person whose device helped out by providing internet access to deliver the Find My report.
  • Apple knows which device sent in the Find My message but can’t decrypt it, so the location of the relay is kept private.
  • The owner of the AirTag that called home can decrypt the location in the Find My message, but has no idea which relay device passed the message on.

Clive Robinson December 28, 2021 4:16 AM

@ SpaceLifeForm, ALL,

Coffee? Tea?

You left “or me?” off of that[1] 😉

Oh I nearly stopped reading at,

Evidently, the authors of Jian had acquired early access to it some other way.

Actually there are three basic possibilities,

1, They worked it out for themselves.
2, They reverse engineered it.
3, Somebody “passed it on”.

With the most likely at the top.

It’s a typical WASP comment for which some people should be ashamed of themselves for.

Anyway, yes it’s an interesting tool set, but the code base is not just an “elephant” but “Wooly Mamoth” in the room that is the victims storage system.

Correct usage of certain tools would show up anomalies in both fully and semi-mutable memory, just on the code base size alone.

So it’s not that it’s invisable, just that Micro$haft did not actually think through the ntoskern.exe properly in the first place… (I guess they were still in “single-tasking” mode thinking for way to long).

[1] Yes I am old enough to have remembered the book making a “splash” in the newspapers of the time, not that it interested me at the time. I did however read it a few years later, but by them it was a bit “plebeian”, or as might be said today “pants”,

But yes it’s kind of appropriate for Micro$haft WinDoze and Dave Cuttlers “better unix than unix” that has hardly changed –except bug fixes– this century. And was “pants” driver and memory wise before that…

Clive Robinson December 28, 2021 4:22 AM

@ SpaceLifeForm,

These 3 bullet points are carefully worded.

Yes, I’m aware of that…

Did you read my comment a little while back about using AirTags as “beacons” so you could track a users iPhone?

Well guess how that works…

SpaceLifeForm December 28, 2021 5:09 AM

@ Clive, Ted, ResearcherZero, ALL

I read all comments here, every day. Let there be no doubt.
(except spam comments posted to old articles)

There is a lot happening, and one can not pay attention to everything everyday. Got to manage your time and interests, and avoid rabbit holes. Ted made me scroll back thru my tabs yesterday, so I swept off the cobwebs on the monitor, to find the links I posted above.

I kid about the cobwebs. The tabs were not over a week old. But I have many that are just sitting there, that are months old. They are aging, like a fine wine.

Warm your coffee? Warm your tea?

There is no heavily obfuscated code, there are no hardcore anti-debugging measures, and no packers and/or cryptors used. They try to blend in and not be too unique.

Winter December 28, 2021 5:21 AM

@Clive, all
“Hence the need to look for more than just a handfull of features we currently do with finger prick tests and how at some point you have to switch over to full sequencing, which is what atleast one European country is doing.’

The genetic code defines the “species”. There is always something that differentiates one virus from other species. Variability of genes is limited by critical functionality of the resulting proteins. Some change little between whole classes of beings. The trick of PCR is to find a few parts that change little from individual to individual, but are always different from the codes in other species.

People doing PCR have become quite experienced doing this. They also know that you should not pick a single region if you want a robust identification. But robustness and efficiency are mutually exclusive. So the bulk tests can be a single target, with multiple target PCR as backup.

Full sequencing of all samples is prohibitively expensive and time consuming. It also makes little sense. It is much easier to just adapt the PCR tests to any new variant and keep a lookout for new variants.

Clive Robinson December 28, 2021 6:51 AM

@ Winter,

The problem is two fold currently,

1, We are only detecting one, of probably three or more varients of Omicron.

2, Changing finger prick tests is not exactly a speedy operation.

Which is why in London we know about 13-15% of the population HAS the omicron we can detect all be it badly wirh current fibger prick tests.

But… we have good reason to believe in London we are only getting 1/3-1/2 of actual omicron infections in people “BEING TESTED”…

So how many have the varients of omicron we are not detecting and how fast it is spreading in the community we have absolutly no idea…

Some estimates say that more than 30% of London’s population either has or has had Omicron and 50% by/in early New Year is well within expectation.

It’s got to the point where some employers are saying if you think you have even a mild cold “STAY HOME” and if you can work there.

The interesting thing is that whilst Londons figures are on an upwardtrajectory like a rat up a rain pipe, hospital figures are more interesting…

You have to first remember the difference between,

1, Admitted because of Covid “by”.
2, Admitted “with” Covid.

The figures of “by Covid” are going down, whilst the overal figures are going up slightly because of “with covid”.

That is omicrons pathogenicity is so low it appears almost benign compared to other Variants, and due to it’s high infectivity it has fairly rapidly pushed Delta out of the picture.

To be blunt if I have to suffer from one varient, as far as I can tell this would probably be the one to least likely harm me so far…

Which brings me back to the quandary I’m in. Due to having been in hospital with serious blood clots well within 28days of my last jab, they do not want to give me a booster, which means I have to jave a 3rd shot… Which needs a letter from my Doctor who is basically doing all they can to avoid writting it, because my last shot will be the same as the 3rd shot… By the time I’ve got the letter I will probably have caught omicron anyway (if I have not already).

Which begs the question “Is there any advantage in me getting an infection over any benifit from a 3rd shot?” and it rather depends on your view point. Which is why I’m interested in what Australia appears to be doing, as they think having IgA and broader immunity is the expected advantages.

null clam December 28, 2021 7:03 AM

Re: AirTags etc. etc. … → ∞

Today’s technology seems to go Rube Goldberg and Heath Robinson one better. Not only does it explore excessively complicated solutions to problems that also only dubiously should be considered for machine-based solutions, as those authors do, but it also explores ways the details of these monstrosities can be used to attack their users. Cartoonists, your challenge is offered.

Winter December 28, 2021 7:31 AM

“So how many have the varients of omicron we are not detecting and how fast it is spreading in the community we have absolutly no idea…”

I do not know how things are in the UK. But here in the Netherlands, large samples are fully equenced. Also, some labs store all positive samples to allow investigating the history of variants found.

It is standard statistical sampling theory what you can a cannot detect.

Ted December 28, 2021 8:51 AM


Re: Bridging an airgap (or potential use cases for Apple’s Find My network)

Thanks for those great articles you linked! One of the blog posts was kind of intriguing.

In the world of high-security networks, where combining lasers and scanners seems to be a noteworthy technique to bridge the airgap, the visitor’s Apple devices might also become feasible intermediaries to exfiltrate data from certain airgapped systems or Faraday caged rooms.

What Apple devices do you think he is referring to?

Winter December 28, 2021 9:45 AM

Dutch CDC (RIVM) reports that Omicron is now the dominant variant in the Netherlands. More than 50% of new infections are Om.

JonKnowsNothing December 28, 2021 9:46 AM

@Clive, @Winter, @SpaceLifeForm, @All

re: Confirmed COVID-19 Positive Test

In the USA some health systems and treatments are only available to people with a CONFIRMED COVID-19 test status. Preferably on their medical record and not on a plastic toss away.

Long Hauler/Long COVID treatment is not always available if you just “self isolated and stayed home” sans the official Up The Nose test version.

other curiosities:

Some official claimed “Omicron” is not the same as “last year’s COVID-19” and therefore we should just go on about our business (of making someone else rich).

One might see a problem coming in the US health care system. Not just from overwhelmed admissions but a future segregation based on What Variant Did You Have? I’m not sure what sort of notations are on people’s charts but if there’s a way to avoid paying for treatment because your chart doesn’t say Alpha or Lambda or D614G etc that is yet to come.

Clive Robinson December 28, 2021 10:05 AM

@ Ted,

What Apple devices do you think he is referring to?

Any that can pick up the broadcasts from the fake airtags, store and then forward the data onto Apple.

So basically all that currently work in the Apple network.

The important point to note though is “high latency” as well as low bandwidth.

The other thing is that the “Secure Area”, must be sufficiently large that not just the AirTag but a user with a “Store and forward” repeating device must be able to “get inside”. So potentially a room sized faraday cage not an equipment enclosure sized case.

Nearly all equipment I’ve designed for “Secure Area” use has been EmSec / TEMPEST screened such that the secure area can be just an ordinary 8ftx12ft army tent.

So the attack outlined is realy for people using COST equipment. Where the likes of “Sonic Security” / “Acoustic Cryptanalysis” has not been considered (it’s just one reason why I talk not of “air gaps” but “energy gaps”),

lurker December 28, 2021 10:36 AM

@Ted: What Apple devices do you think he is referring to?

Those Apple devices that have not been put into a locked metal box beside the security/reception desk on the way into the building…

AC2 December 28, 2021 1:07 PM

Alexa tells 10-year-old girl to touch live plug with penny

“Customer trust is at the centre of everything we do and Alexa is designed to provide accurate, relevant, and helpful information to customers,” said Amazon in a statement. “As soon as we became aware of this error, we took swift action to fix it.”

Can we just agree that ML/ “AI” systems are, at best, partly competent and mostly/ usually harmful.

Sure Amazon plugged this particular type of problem but that’s pretty useless..

Clive Robinson December 28, 2021 2:07 PM

@ lurker, Ted,

…that have not been put into a locked metal box beside the security/reception desk on the way into the building…

In the UK some used to call it “The Maggie Way”.

Back in the 1980’s when mobile phones came with their own golf cart / wheelbarrow, UK Priminister Marggie Thatcher laid down some very hard and iron clad rules.

Whilst she “understood Science” to a point, she did believe in listening to what “Spook Central” had to say about all the joys of both SigInt and ElInt that brought all those fun rules about TEMPEST distances and more importantly EmSec issues beyond just “Can you ear me mother?” emmission rules[1] sometimes called “Red / Black Segregation”.

Anyway Maggie laid down an edict of “No Mobiles, walkie-talkies, or other similar equipment” in various “secret places”. However when Antony Blair “got in” he did not like the sensible securiry rules so scrapped them for Ministers and other senior Government Officials… Much to the anoyance of anyone with half a brain cell to think about security with…

The Maggie Way, involved even the highest in the land having to park their Radio Equipment significantly far outside of the “secret places”. In one place that shall remain nameless they used what many call Swiming/Gym lockers where you put your stuff in shut the door and turn the knob and take out the key. It caused resentment because they were issued in order of arival, and on entering the “secret place” you had to show your numbered key… having a low key number was kind of a “status symbol” and woe betide any pleb who had a number less than his minister… Yes it’s not just Politicians but their Civil Servants as well that can be oh so petty and venal.

[1] For information you can just do an internet search for TEMPEST (old name) or EmSec (subset of ComSec). But specifically look up HIJACK and NONSTOP. You will find many documents most are “guess work”[2], however,

Provides an introduction. And back in the good old days beforecand just after the turn of the century we have,

And other places such as the Federation of American Scientists NSA page,

[2] Any document that says TEMPEST has a meaning via, acronym is not likely to be of any real use. Because it’s a “codeword” likewise HIJACK and NONSTOP are two word “codewords”. “Emission Security”(EmSec) is a subset of “Communications Security”(CommSec). Othere search words to look for are “Signals Intelligence”(SigInt) and “Electronic Intelligence”(ElInt). Wikipedia has a page on the “Sec / Int” meanings,

Clive Robinson December 28, 2021 2:48 PM

@ AC2, ALL,

Sure Amazon plugged this particular type of problem but that’s pretty useless..

It’s an “unsolvable problem”…

Obviously what ever rules you come up with, in by far the greater number there will need to be exceptions…

Some years ago, a well known manufacturer of “electric shavers” came up with a “wet-n-dry shaver” for that extra special shave, and the advert showed someone putting the shaver into a sink of water… Apparently some people tried the same thing with mains powered electric shavers… And the fact you should not do so came as a bit of a shock to them.

Also a percentage of people are either not exactly bright or they can be malicious.

A machine is not concious, it feels no pain, and it has no social attributes unless we program them in.

We design computers to “do as instructed” and very annoyingly for many people, “they do exactly that”. Humans however in general do not work that way.

When Mom asks the teenager “Don’t you think it’s time to put out the trash?” it’s not actually a question and it’s certainly not open to debate. A computer would in effect reply with a “Yes” or “No” answer, as would quite a few of those on the autistic spectrum.

Human communications is “full of such richness”, the trouble is as the old joke has it sometimes “it promoteth organic growth, but it is very strong and none can abide it” to mean it’s kind of dropped out a bovine rear end…

How do you give a computer a sense of humour let alone irony or sarcasm…

SpaceLifeForm December 28, 2021 7:48 PM

@ Ted

Wrong question

Can you utilize multiple networks and have more than one phone number with an eSIM?


null clam December 28, 2021 9:08 PM

@ Clive Robinson

give a computer a sense of humour

Three decades ago I suggested on a forum devoted to AI that progress will only have been made when we have “Artificial Dumbness”, this is the real Turing test. But basically there was never a positive response to this suggestion.

lurker December 28, 2021 10:23 PM

@SpaceLifeForm: Use FF and Linux

FF 78.15.0esr-1~deb10u1 default OTB has
{✓] Ask to save logins and passwords for websites
…[✓] Autofill logins and passwords
…[✓] Suggest and generate strong passwords
…[✓]Show alerts about passwords for breached websites

J Random Luser will click [OK] at the first item. (No dots in FF, I can’t quickly make an inset list in markup…)

Browsers saving passwords was a bad idea before it was thought of. Just a part of feeping creatures, what was the last FF update ridiculed here, colored thems?!

ResearcherZero December 28, 2021 11:15 PM

@Clive Robinson

The Maggie Way is how I expect everyone, including my wife, to conduct themselves when entering my private residence. Park down the end of the street, and leave your crap in your vehicle. If a phone rings then it goes in the microwave.

People will literally hold their phone in one hand and type their rubbish password with the other, camera with full view of the keyboard. I’m not saying people should be shot for pointing their little camera lenses around wildly all over the place, but they should perhaps be a little more considerate.

Anything could lurk on some peoples phones, including spyware like HackingTeam’s bag of bits and bobs, or something a little more advanced.

They might be subject to the secondary surveillance network. I don’t care who they are sleeping with, but Palantir does.

…or their provider leaked all their details again and they got SIM swapped.

Every time someone enters my home armed with some piece of technology, which they often seem to have no mastery off at all I might add, I’m reminded of this passage from an old science fiction story:

“And always there was that sense in the background of a possible great disaster, of dancing on the world’s thin crust that had broken once and let one through, and might break again. Its very thinness, its very fragility added a desperate gaiety to the dance.”

Though, for now, I seem to have frightened most people away.

ResearcherZero December 28, 2021 11:31 PM

“Russia’s Supreme Court has ruled that one of the country’s oldest and most prominent human rights organisations should be shut down for breaking a law requiring groups to register as foreign agents, capping a year of crackdowns on Kremlin critics unseen since Soviet days.”

The Prosecutor General’s Office last month petitioned the Supreme Court to revoke the legal status of Memorial — an international human rights group that rose to prominence for its studies of political repression in the Soviet Union and currently encompasses more than 50 smaller groups in Russia and abroad.

The court on Tuesday ruled in favour of the prosecution, which charged at the hearing that Memorial “creates a false image of the USSR as a terrorist state”.

Mikhail Gorbachev grew up witnessing the effects of the Terror Famine, one of the many atrocities documented by Memorial.

Moscow city officials handed the group a document voiding the agreement allowing the use of the space without compensation and ordered it to leave within a month.

“I link it to the overall trend of destroying civil society in Russia,” Civic Assistance Committee head Svetlana Gannushkina told Mediazona.

Perhaps the effects of the Terror Famine are one of the many things that Gorbachev considered when he proposed nuclear disarmament.

“Both President Ronald Reagan and President Mikhail Gorbachev called for zero nuclear weapons”

ResearcherZero December 29, 2021 12:30 AM


Devices to consider are anything like Alexa that monitor other devices in the home, but any IoT devices can potentially be used to exfiltrate data. Apple TV, things like that, as often people will purchase these devices and they could sit around the home for years.

In more sensitive environments, medical facilities as an example, there are many different devices that you could use to exfiltrate data that have poor security. I’ve seen HackingTeam software on hospital public WIFI after the routers have been repeatedly bombarded. Those particular individuals were caught, but they stuck out like a soar thumb and seriously could not have made their presence more noticeable (one guy fell through the ceiling). More competent adversaries would not have been so noticeable, and anything as simple as AirTags could potentially be used.

If you scan for network capable devices, there are many unsecured channels about. People let all kinds of dubious characters in for tech support, and the public doesn’t always make it easy for them to provide a modest amount of security or head their advice, even in commercial environments.

Clive Robinson December 29, 2021 1:57 AM

@ SpaceLifeForm,

Ignore any official numbers. They will be lies, just like 2 years ago.

That is certainly true for WASP nations in the Northern Hemisphere. As far as we can tell the UK and US were and probably still are the biggest liers, and certainly fiddled the figures every which way they could it was so obvious to anyone who had eyes to observe and use them (it’s why I called out very early on to look at the “excess death” figures).

As for what China is doing it looks like “fogging” with something like hydrogen peroxide or the more recent “electrolised brine”. The former breaks down into water and oxygen rapidly, the latter is like bleach and does break down fairly quickly.

Will it be effective?

That depends on your goals and the route you want to take to reach them.

If the intention is to get people off of the streets for various reasons then the fogging is probably more effective than a water cannon at a riot.

One of the reasons for the rapid spread of SARS-2 in the Northern Hemisphere is people not taking things seriously. Especially with bogus claims for political reasons.

But one of the primary reasons for people not taking things seriously is they do not see politicians and public leaders taking things seriously. In fact mostly the very opposite, as a result now we have developed a “Do as they do, not do as they say” culture.

All to often we hear from supposed leaders “You don’t want to do that because it will panic people” it’s basically FUD as is “think of the children” to push through another unstated agenda, or an excuse to do nothing proactive.

As far as the UK is concerned, we have consistently had some of if not the worst figures in real terms. We are without doubt the “Dirty man of Europe” if not a much wider area. Mainly thanks to our politicians and leaders doing just about everything wrong. One of the few things we did get right in the UK was “sequencing” because by chance we had sufficient equipment to do so.

So perhaps the UK and if the current trends are correct[1] the US as well should get their houses in order first, before we throw stones…

[1] It has been reported that in Manhattan at testing centers they have a more significant number comming through, but more importantly over 50% of the people are testing positive. Whilst this does not mean 50% of the population of Manhattan have Covid, it does indicate a rapid rise in community spread, and yes people will die because of it.

Gerard van Vooren December 29, 2021 2:02 AM

There is nothing wrong with the web, except that it is a web, a web with only a few spiders, fat spiders that want more and more. And just like any other insect they want to survive. They don’t have a brain.

I mean, if you want to create a web site, you need to be an expert to start with, an expert to set your site up and running, an expert in JS, an expert in CSS, PHP, Java, an expert in setting up ads, an expert in internationalization, and an expert in securing your site. If you are not an expert, then forget about it.

This is the problem of the web and it has been going on for decades. Unless you want to get rid of amazon, google, microsoft, tiktok, you can’t change that.

So, today, we live in a WWW society, that is full of bugs, that are there only ”to help us”. A WWW that is there only because because of legacy, not because of brilliant ideas, but because of standardization.

This is only talking about the WWW, but there is a lot more [1] that is going on for decades. Decades of decay, decades of upgrading, decades of promises but not delivering, and if your computer gets so slow, you need to buy a new one, that is 200% better, but that gets slow soon too.

Welcome in 2022.


Clive Robinson December 29, 2021 2:14 AM

@ SpaceLifeForm, ALL,

RE browsers, passwords and account lists.

I think it’s fair to say that with regards security, just about every thing browser developers have done since the earliest days is just wrong.

So badly wrong you can not help but wonder who is paying them and why.

I would have thought most developers should know the difference between storing a “plaintext list” and a “hash list” and the advantages of the latter, and the serious security disadvantages of the former.

Is “user convenience” really that important?

SpaceLifeForm December 29, 2021 2:34 AM

@ lurker

The other cool thing about using FF and Linux, is, that with proper ventilation, it protects your computer from getting infected with Covid.

ResearcherZero December 29, 2021 4:31 AM


Objective-See’s free open-source tools for detecting new malware or attacks exploiting n-day and 0-day, EvilMaid, processes, persistence, keylogger event taps, network activity…


@Gerard van Vooren

Once you have experienced an atrocity, or anything in the ball park of, you certainly don’t want to experience it again, yet humans remain proficient and prepared to commit them. Even the Buddhists do it. Odd bunch humans.

Clive Robinson December 29, 2021 5:49 AM

@ ResearcherZero, ALL,

Once you have experienced an atrocity, or anything in the ball park of [one], you certainly don’t want to experience it again, yet humans remain proficient and prepared to commit them.

The reasons for atrocities are few and excuses plenty, but at the root of it is fear.

Take one atrocity from history,

We call him “Vlad the Impaler” and whilst he is still a hero in Rumania for what he did in the 1400’s mostly in the West we think of him incorrectly as “the real Count Dracular” of Bram Stoker’s Victorian fantasy stories of blood, lust, and power.

The atrocity Vlad is mainly remembered for is the impalement of the 20,000 mostly Turkish prisoners used to line the route to the capital

But few stop and ask why Vlad did it and what did it potentially achieve?

Well the route would have been taken by an invading army of such superior forces that it could not be defeated by normal means and Vlad was aware he was outnumbered potentially 25 to 1.

Well the gruesome line of impaled certainly deterred the Ottamans and several others, and so brought a form of peace and potentially saved lives and captivity in slavehood for many (hence his hero status).

With regards,

Even the Buddhists do it.

Perhaps you should say who it was against?

Buddhists have long been persecuted by Muslims, and some of it in more recent times at the end of the last century in Bangladesh have been described as “genocidal”. Previous persecution by Hindus is resurfacing in India and then there is the behaviour of the Chinese still going on against Buddhists.

Buddhists feel significantly threatened, and with good reason. Within living memory they have had many atrocities committed against them, and for various economic deprevation and similar reasons their monasteries have a lot of angry young men within them.

Unfortunately for many mostly peaceful muslims, others have made the thought of reappearance of such persecution and genocidal behavioirs come to the forefront.

As noted by, Alan Strathern, fellow of History, Brasenose College, Oxford,

“The global climate is crucial. People believe radical Islam to be at the centre of the many of the most violent conflicts around the world. They feel they are at the receiving end of conversion drives by the much more evangelical monotheistic faiths. And they feel that if other religions are going to get tough, they had better follow suit.”

Fear or the use of it can be not just a powerful political tool, but a very dangerous and vindictive one that can go down the centuries.

Recent goings on in the Middle East are in no way going to ease these perceptions, with knowledge of Vlad the Impaler having detered an army that would otherwise have been impossible to defeat, perhaps people can see why such things can and do happen…

Clive Robinson December 29, 2021 6:38 AM

@ SpaceLifeForm, ALL,

Airtag recent case study

Apparently the yellow case in question, is safely back to this,

In “Clitheroe” in the more northern parts of England and it’s so called “satanic mills” region[1]…

Where coincidentally,

The food can also be satanic…

[1] From the words of Jerusalem. Contrary to what many think those “satanic mills” were not the hell mouths of the industrial reveloution but English Churches where the teachings were designed to force the populous into endless toil for the benifit of others (perversion by protestant work ethic)… So it is a little ironic the words of Jerusalem got set to music and became a hymn much favoured in English Churches…

To see the how and the why of people getting it wrong,

Ted December 29, 2021 8:11 AM


Re: Endpoint security tools

That’s interesting, although I would probably full stop before I personally downloaded a security app onto anything other than a test device.

I was listening to CrowdStrike talk* about their Falcon mobile endpoint security product. It’s interesting they said they could observe but not block some threats. I think they were saying this in regards to Pegasus spyware for which they use Amnesty International’s indicators of compromise?

From their FAQ:

What threats does Falcon for Mobile detect? … Falcon for Mobile will detect blacklisted hashes, domains and IP addresses with integration with CrowdStrike Threat Intelligence.

It looks like this is going to be big business for them.

In November 2021, CrowdStrike acquired SecureCircle for $61 million, a SaaS-based cybersecurity service that extends Zero Trust security to data on, from and to the endpoint.[35] (Wikipedia)

*Amplified and Intensified podcast, Episode 29 – Identifying NSO Pegasus breaches with CrowdStrike Mobile – Cameron Buriani

Maybe open source is better than nothing?

JonKnowsNothing December 29, 2021 8:32 AM

@Clive, @SpaceLifeForm, @All

re: I think it’s fair to say that with regards security, just about every thing browser developers have done since the earliest days is just wrong.

So badly wrong you can not help but wonder who is paying them and why.

It might have a lot to do with $$$ and very little to do with “wonder”.

While there are people who will forego $$$ on intellectual or moral grounds, not too many follow that path. The warrior-trade is still considered a good-trade, even though the trade-off is becoming dead. If folks can be convinced that wearing the ugliest colors and the worst designed clothes is a good deal, it’s a hard sell to get them to not do stuff because it’s bad-idea, bad-design, bad-intention.

The old adage that the good ones leave and the rest go for the $$$.

Real Life anecdote tl;dr

In early days of Silicon Valley, a VP of HR said, that the one of the goals was to hire the smartest guys first to design the system, then fire all of them, using legal and various methods like assigning them to a closet.

Then you hire in the next lot, who are OK but not brilliant. These folks shoehorn the system together but because they didn’t design it and the designers have left, have no restrictions on Do-Overs because they Don’t Get It.

Then you get rid of that lot, again using legal and various means and hire in the cheapest folks you can and outsource the entire operations.

It was rather shocking when he included me in the first grouping and was frank that I should have been gone-away with much earlier. In a way I was flattered to be part of the first group but definitely not flattered about being in the exit grouping.

It was also clearly stated it was a way to nullify all those Stock Options and Grants because they had “vesting dates” and it was important to boot as many as possible before the old options were nullified by the venture capital funding rounds. This avoided many vocal complaints about the process.

This is where they re-jigger the entire stock option list and dilute all previous holdings to NIL. If you started with 10% of the company on Day 1, you ended up with -10% of the company after Round B Funding and during your exit interview.

JonKnowsNothing December 29, 2021 8:45 AM

@Clive, @SpaceLifeForm, @All

re: Reliable Numbers and Recommended Policies

“On a balance of probabilities this is probably correct.”

Dr Richard Tedder, a member of the Clinical Virology Network

Which method do you think he prefers? Box-Jenkins?

Curious December 29, 2021 12:04 PM

Just noticed something on twitter about NASA and FOIA requests, dating to 27. December this year, so just a few days ago.

Apparently, somebody had something solicited for unredaction re. a particular NASA related document, to which it is shown that NASA document had been redacted and that the redacted part apparently hides that that they were self concious about hiding future FOIA requests because of how NASA were then already withholding unclassified data.

“Data and Information Release Committee of the Program Review Board Meeting Summary – August 10, 1977”

According to Wikipedia, ‘Freedom of Information Act’ (United States) dates back to 5. July 1967.

Ted December 29, 2021 12:57 PM

Have you all heard about Pegasus ID software?

In this special holiday episode I have not one but two special guests joining a small panel to discuss the current state of mobile security.

I’ve set the start time to about when they talk about this, but the whole episode is fantastic.

If you have thoughts on this (either way), I’d be really interested to hear them.

SpaceLifeForm December 29, 2021 5:06 PM

@ JonKnowsNothing, Clive, ALL


Re: nullify all those Stock Options and Grants

This has been my experience.

The first time, it was pension, with a spin-off to avoid full vesting. A lawsuit prevented loss of pension.

The second time involved loss of phantom stock.

It was always a Ponzi scheme, and most of us techies knew that.

I was in the same situation you were in.

The day came to start the purge. Everyone was directed to go to large meeting room.

I go to meeting room, and our core technical team, somehow magically, we all sit together at the same big round table.

HR IDIOT comes in, looks around, and is silently shocked that the entire list of the people to be culled are the complete set sitting at the large round table.

“You guys come with me”

So, to another meeting room we go.

Where we are told we are fired.

We were all Un-Fired two days later after the CEO and HR IDIOT were fired.

MK December 29, 2021 6:29 PM

Olivetti once closed an office by initiating a fire drill, then locking the doors when everyone was out.

ResearcherZero December 29, 2021 6:51 PM


Open source has some pretty good tools, and it’s definitely a good choice to use a test machine.

Commercial security products do some crazy stuff, there is some questionable choices in some products, especially some AV products.

There are many good open source choices which is what I prefer to use. You can look at what is happening with raw sockets, and without any reverse engineering and hacking at priority software.

Some people are time poor, but learning to properly design and compile is good practice. Building a custom test bed is also good practice. There are man pages, plenty of documentation, really no excuse not to. Learning the boot process, modules and kernels, building and compiling custom kernels all very important IMHO. I used to spend a lot of time with RedHat and Debian systems, and really should get back and brush up on my skills.

I will watch your video after I get my work done this morning, looks interesting.

SpaceLifeForm December 29, 2021 6:52 PM

@ JonKnowsNothing, Winter, Clive, MarkH, ALL

Vitamin D and ventilation

[Redacted] reports [redacted] new coronavirus cases, the biggest one-day increase on record

(see bnodesk)

It’s going to rip.

It is stealthy. This past Northern Hemisphere Summer, many got infected, but were asymptomatic. But they were Silent Spreaders.

Now, that the WX is poor in Northern Hemisphere, peoples immune systems are not keeping up.

The breakthru cases are happening.

Testing and tracing, a waste of time.

If one never got any vax by now, rest, Vitamin D, Ventilation.

If you get infected, you want Omicron.

It’s going to rip.

Seriously, it’s going to rip. There is no way it will not happen.

Clive Robinson December 29, 2021 7:13 PM

@ SpaceLifeForm,

Seriously, it’s going to rip. There is no way it will not happen.

And as it rips, it will become anew in a difrent guise… This we know with almost certainty.

What we don’t know is which way it will go…

Obviously to have any real run it will either have to jump aways along the bottom axis, so it is “as new” or it will have to be more infective.

If either of those happens then we will have to see what else might have changed for better or worse O’heck jumped in the gentler direction, but the next could jump the other way. Pick up your coin and flip…

Clive Robinson December 29, 2021 7:56 PM

@ MK, ALL,

Olivetti once closed an office by initiating a fire drill,

They would not be the first or last to pull that stunt…

Back in the UK, way out to the South East of London there is a hole in the ground near the arseend of the Cray Valley called “St Mary Cray”[1].

It has an industrial estate that pretends to be a “Science Park” and there once was an electronics company of note with offices there.

To protect the innocent who had to sign various legal documents to not talk, others who did not know sufficient detail to tell the outline of the tale…

A senior employee was not getting on with a very abrasive boss who thought incorrectly that he was some deity who could do as he pleased.

The senior employee was invited to lunch by another executive, who after lunch excused himself saying he had a meeting to go to. When thr senior employee returned he discovered his desk was in his parking spot burning with the aid of considerable excelerant…

It was the abrasive bosses “little joke” and message the senior employee had been fired…

Not very nice, especially as the desk had not been cleared and some of the senior employees private possessions were still in it…

The senior employee was justifiably not happy and decided it was time the abrasive boss got dealt with. So he called the Police and tried to get criminal charges agsinst the abrasive boss…

The Met Police apparently decided to “look the other way”. So the now ex senior employee contacted a specialised law firm and started a private prosecution against the abrasive boss…

I can not tell you what the final outcome was but I gather a very large sum of money changed hands and the abrasive boss was in effect removed from the country back to where he had originated.

As for the company well it kind of disappeared by being “taken over” with the company taking it over likewise suffering a similar fate…

As for the senior employee they set up their own communications company, at just the right time and it developed the golden wings of an “Angel” and he was bought out and very comfortably off. So he and his family emigrated down south and set up another communications company. The last I heard a couple of decades back it was growing well, I guess he would probably have retired by now, though an Internet search shows the company still exists and appears to be doing interesting stuff related to the finance industry.

[1] It has it’s own wikipedia page, if you go down to the bottom you will see that the only notable person they could find comming from there was born nearly two centuries ago…

There is a joke about it being such a hole that they just built the railway over the top…

Clive Robinson December 29, 2021 8:05 PM

@ lurker,

Vaccination does not prevent one getting infected, or spreading the virus

That is because it’s moved along the bottom axis, and is comming out of the shadow of the skirt of various vaccines that were realy “to specific”.

There was an anouncment from “Scotty in Marketing” the other day anouncing a new policy of “get it for free” as being in doors in nice weather and away from your friends and work colleagues is apparantly not Skippy’s way now.

Clive Robinson December 30, 2021 2:30 AM

@ SpaceLifeForm,

Seriously, it’s going to rip. There is no way it will not happen.

Actually looking at the realistic estimates rather than the official figures from yesterday,

1, UK ~150,000/day
2, US ~900,000/day

Which means the UK is slightly ahead on the bad news figures at 433 per million per day compared to the US at 367. But that will change fairly soon, if figures from Manhattan continue the way they are, with 50% being tested found positive, indicating that community spread is shall we be conservative and just say significant.

However testing in the UK is according to official figures better per head of population, with apparently some parts of the US not testing at all so a political blind eye can be put to the glass.

I think you can safely say “it’s ripped already”, you’ve just not heard it burst out.

Which is perhaps the real point of interest, many are asymptomatic, and many who do have symptoms say they are less than colds they have had in the recent past.

Testing in London the main UK hotspot shows 96% of positives are omicron and in the UK as a whole 93% so it’s pushing Delta out fairly rapidly. Also on the very few hospitallised the odds of needing oxygen is very small and duration of stay is down to an average of three days. Of those in hospital it looks like around 10-20% were brought in by covid, whilst the rest were brought in for other reasons and tested positive during admission. Even though the numbers of admissions for covid are low the total found is having a fairly significant effect due to infection control.

Hopefully the downward trend on patients will continue, because the trend on frontline staff getting infected is rising with major London hospitals now significantly “under staffed”.

ResearcherZero December 30, 2021 3:21 AM

Russian disinformation and influence operations

”Through proxies, Russia ran a successful intelligence operation that penetrated the former president’s inner circle,”

US intelligence experts effectively confirmed that for the second election in a row, Trump acolytes repeatedly used, knowingly or otherwise, misinformation produced by the spies of one of America’s most sworn foreign adversaries to try to win a US election.

Russia’s meddling in other counties’ politics, while shocking to some, is part and parcel of the Kremlin’s toolkit of influence. This report documents how the Russian government cultivates relationships with ideologically friendly political parties, individuals, and civic groups to build an army of Trojan Horses across European polities. This network of political allies, named in the report, serves the Kremlin’s foreign policy agenda that seeks to infiltrate politics, influence policy, and inculcate an alternative, pro-Russian view of the international order.

PRAGUE — For a brief moment, it seemed that the powerful adviser’s head might roll at the Castle. After he lost his long legal battle over a hefty state fine, the Czech president warned him to pay up or lose his post.

Then a guardian angel materialized from Moscow.

Lukoil, the largest private Russian oil company in an industry dependent on Kremlin approval, stepped in to pay the nearly $1.4 million fine owed to a Czech court.

The aide, Martin Nejedly, stayed on as economic adviser to the Czech president, Milos Zeman, and vice chairman of his party. Perhaps more important, he retained his office right next to the president’s in the Castle, the official palace that looms over the capital, Prague.

But the payment last spring raised questions about Russian influence-buying in the Castle, where Mr. Zeman has staked out a position as one of the Kremlin’s most ardent sympathizers among European leaders.

“Unfortunately in the Czech Republic, some advisers to the president or the prime minister are willing to cooperate with the Russians,” said Karel Randak, who retired as head of the Czech foreign intelligence service in 2007. “I am not saying that they are Russian agents — but unfortunately for some people, the money is more important than the security of the Czech Republic.”

Russia Meddled on Twitter After UK Terror Attacks

“Those monitoring the UK disinformation landscape have observed several trends in the evolution of Russian disinformation tactics. First, they note that Russia often simply observes and amplifies existing anti-EU narratives and other fragmentation trends in the United Kingdom. Russian disinformation often does not advocate for a specific position or take one side over the other. Rather, the approach tends to simply be to “flood the zone” with a combination of accurate, half-true, and false information—with varying degrees of attribution—in order to introduce confusion and doubt into existing debates.”

This was evident in the wake of the 2017 Westminster bridge attack when accounts previously linked to Russia circulated disinformation on Twitter. Some of the stories were anti-Muslim, while others criticized those who held anti-Muslim views. Another tactic is the use of Russian trolls to float multiple false narratives as “trial balloons” to see which would be most successful, only later doubling down on those that garner the most interest. In many cases, Russia first tests potential narratives on less-regulated fringe platforms, either to avoid detection or refine the disinformation through user feedback before launching it into the mainstream.

“In terms of post-event information manipulation, UK officials noted an increase in Russian bot activity in the weeks following the March 4, 2018, attack on former Russian Federal Security Service (FSB) agent Sergei Skripal in the town of Salisbury, some 90 miles south of London.”

Following Prime Minister May’s formal accusation on March 12 that Russia had orchestrated the attack, Russia’s disinformation machine sprang into action in what resembled an aggressive public relations campaign. It planted stories to deflect blame from Russia and to inundate social media with false stories that cast doubt on fact-based British and European findings. In the week after the attempted assassination, British authorities tracked eleven alternative stories about the poisoning, all of which originated in Russia.

Russia on Friday warned British media operating on its territory that they should be ready for consequences after Britain’s media regulator fined the state-financed RT television channel – formerly Russia Today – over its coverage of the poisoning of former spy Sergei Skripal.

In the month following the attack, Russian state-funded media outlets RT and Sputnik put out 138 different narratives, ranging from claims that the nerve agent originated in a UK lab to claims that the story was fabricated to distract from Brexit.

“a government poll revealed that in September 2019 only 55 percent of the British population had a “perception of Russia culpability,” down from 65 percent in March immediately following the attack.”

“Second, experts observe that disinformation efforts have become more targeted over time. Specifically, they appear to be increasingly event-driven, spiking just before major decisions, votes, anniversaries, or just after potentially controversial events. The former was most evident ahead of the June 2016 Brexit referendum. In the days before the vote, officials saw a significant uptick in tweets linked to Russia-based accounts.”

Researchers at Edinburgh University found that 419 of the accounts operated by Russia’s Internet Research Agency, which runs troll factories in St. Petersburg, posted on the Brexit referendum.

According to researchers at Swansea University in Wales and the University of California Los Angeles, some 150,000 Russian-language Twitter accounts posted tens of thousands of messages urging Britain to leave the European Union in the days before the referendum.

This was an increase from 1,000 a day two weeks before the vote, to 45,000 in the last 48 hours before the vote.

Chris Bryant, the former Labour Europe minister, said: “One of the most stupid adages for politicians to believe is my enemy’s enemy is my friend. Putin closes down the free press, jails journalists with impunity and has enriched himself beyond the dreams of Imelda Marcos and has territorial ambitions. Farage is rapidly becoming the Berlusconi of Britain.”

The Ukip leader has appeared so frequently that he is cited in literature for the TV station Russia Today as one of their special and “endlessly quotable” British guests. “He has been known far longer to the RT audience than most of the British electorate,” Russia Today claims.

Farage caused surprise at the weekend when asked by GQ magazine which politician he most admired. He replied: “As an operator, but not as a human being, I would say [Vladimir] Putin.”

Nigel Farage and the Brexit party have voted against stronger EU measures aimed at countering “highly dangerous” Russian disinformation.

6,500 Russian Twitter accounts, many of which are run by internet robots known as “bots”, supported Labour in the run up to last year’s election, an investigation by The Sunday Times has found.

Clive Robinson December 30, 2021 4:14 AM

@ ResearcherZero,

Trump acolytes repeatedly used, knowingly or otherwise, misinformation produced by the spies of one of America’s most sworn foreign adversaries to try to win a US election.

Well both sides played the “Dirt and Money” game on the US Electorate, sometimes with the same “disinformation source” (Steel Dossier).

As an observer outside looking in, all I can say about US Politics is “take out the trash” on both sides and “cap spending per candidate” to around the average annual earninings.

As for those who do most harm to America and it’s people, stop looking at foreign shores and look inwards at the “big money” types who buy the legislation they want at the expense of the rest of the US Population.

JonKnowsNothing December 30, 2021 8:05 AM

@Clive, @SpaceLifeForm,

re: That ripping sound …

In UK the hospitals are looking for 4,000 new beds. No mention of finding the extra staff needed to care for 4,000 patients.

In the USA the military triage units are being deployed (quietly).

In 5EY countries they have a) run out of COVID-19 tests of all kinds, b) redefined who gets to have a test c) redefined which group(s) are supposed to get which tests and d) in some places the cost of the test is significantly higher.

In 5Ey countries the wrong results (both +/-) are send to people. Those that thought it was safe to have Turkey with Family may have discovered that their “safe and sane” meet up has brought in the very gift they wanted to avoid bringing to the table (with gravy).

In the USA the CDC can’t decide how many jelly beans are in the jar. They really haven’t had a good count on the jelly beans for a while as some areas don’t provide a jelly bean report. A few folks are resuming jelly bean reporting. Jelly bean reports have moved from Page 2 back to the MSM front pages.

For that perfect Xmas NYE vacation: 86 Cruise Ships are being checked for (unreported/under reported) COVID-19 outbreaks among the passengers and crew. Cruise ships only need report COVID-19 if 10% of the passengers get sick (6,500 ship count == 7 cases of COVID-19 threshold). Some crew-only ships have managed to get The Uninvited Guest. Crew only ships reporting threshold is 1% of of ships complement. Undeterred by the outbreaks of COVID-19 on the boats, even with all the “new COVID-19 sailing precautions” taken, the 86 ships are continuing their voyages.

In the snowbound lands of California, we are celebrating the Great Snow Fall! A historic record. In a few months there maybe historic flooding to match. There is no pleasing Mother Nature.

Clive Robinson December 30, 2021 10:13 AM

@ JonKnowsNothing,

Speaking of jelly-beans in the jar…

According to “Aunty B” and her daily gossiping over the national fence, things have had to be corrected somewhat as the stodge from Xmas stoped people getting up out of their chairs and playing the game so 183k yesterday…

MarkH December 30, 2021 2:53 PM

@Clive et al:

Some above remarks about battery shelf life prompted me to check the state of the art. [There are many kinds of tech I don’t try to “keep up” with anymore, because what I learn today will be obsolete within 30 months.]

The Energizer brand (which seems to be its own company) has a product line called “Ultimate Lithium” for which the datasheets claim 20 year shelf life at 21 degrees C.

The chemistry of these batteries is Lithium/Iron Disulfide (Li/FeS2).

If anyone cares to test this out, let us know … by 2042.

Ted December 30, 2021 5:41 PM

If anyone has ever dealt with power dynamics you might enjoy the book “Corruptible: Who Gets Power and How It Changes Us.”

From CNN:

His book is a relevant one, and his exploration of the power dynamics that arise on homeowners association boards will resonate with anyone who has encountered a minor Machiavelli.

FYI… he goes into more than just homeowners associations. He has thoughts on surveillance, dictators, and oversight too.

I am still dealing with the fact that my cat may be a predator, so…

SpaceLifeForm December 30, 2021 5:42 PM

@ ResearcherZero

Re: [redacted]

It’s been going on for years, including here.

They do not know what they are dealing with here, and have not figured out that this is not facebook where they can troll willy-nilly with effect.

But, I guess that is their job and have to do it.

It is meta though.

Clive Robinson December 30, 2021 6:26 PM

@ MarkH,

The Energizer brand (which seems to be its own company) has a product line called “Ultimate Lithium” for which the datasheets claim 20 year shelf life at 21 degrees C.

In the UK “Energizer” was a brand of long life batteries from “Everready” about a decade ago.

There has been quite a few recent developments on Lithium Iron chemistry, mainly because the resulting cells were more stable, and not as prone to turning into inceduary devices…

I’m assuming that efforts to get the increased stability has also given “predicted” longer life.

But unless the battery is “out of circuit” and the terminals are well seperated or the battery is kept in a dry nitrogen environment, I’d treat that 20years as “marketing aspirations”…

As for the temprature range lithium battery chemistry is generally considered “wet technology” thus drying out or freezing or other issues will come into it…

For instance one of the most expensive items in “missile technology” was the batteries and some designs are technically still “Classified” above “Secret” not that anyone would be daft enough to make them that way any more.

But for real longevity as you are aware the nuclear decay or Atom or Beta Batteries you can get which produce nano watt power levels are good for decades. Oh and Russia used to make Plutonium based RTG batteries good enough to run remote arctic light houses, weather stations and similar for upto a century,

There is a fun story about nuclear pacemaker batteries. Where it is said that they were banned not because of any effect on the person who had it in their abdomen, but because it was assumed morticians would accidently cremate the batteries thus discharging a radionucliotide into the atmosphere in contravention of “test ban treaty” limitations. If it is true or not is probably irrelevant as it still makes a good story 😉

SpaceLifeForm December 30, 2021 7:09 PM

@ Clive, ResearcherZero

Timing catch

“You can observe a lot by just watching”

Caught on recent 100. Already disappeared. Looks like [redacted] troll. I am redacting for reasons. So you can catch the point here. If you do some research, I’m sure you can figure out who [redacted] is.

Interesting that they were all posted to 16.5 year old article. About one minute apart. Sound familiar?

Also interesting, that ‘Security Blog’ was only translated in German. Lazy troll.

These were the visible handles:

English: hxtps://

Achieving Internet Simplicity – [redacted] | Security Blog

German: hxtps://

Mehr Einfachheit im Internet – [redacted] | Sicherheitsblog

French: hxtps://

Pour un Internet plus simple – [redacted] | Security Blog

Russian: hxtps://

Достижение Простоты в Интернете – [redacted] | Security Blog

SpaceLifeForm December 30, 2021 7:58 PM

@ JonKnowsNothing, Clive, ALL

Re: Bean counters

After this weekend, Tennessee will report new covid case numbers weekly.

So, the numbers will get soft and gooey, obfuscating rolling averages.

Clive Robinson December 30, 2021 8:18 PM

@ JonKnowsNothing, SpaceLifeForm,

In the USA the military triage units are being deployed (quietly).

In the UK the disasterous “Nightingale” units idea is being “dusted down” again… This time with what appears a little more thought[1].

Let us hope things don’t go “long” as we realy don’t want the return of the TB Santorums.

[1] There will be eight hubs of 100beds, this time colocated with hospitals that have respiritory disease competence,

One hospital on that list I’m already an out-patient at there respiritory disease clinic. I have been for over two decades now, due to having had my head karate kicked into a street sign back in 2000… If the hospital is competent or not is an open question. ICT wise I’d say not, as I’ve said before, they have lost laptops with my medical records on them on three seperate occassions they have notified me of.

Clive Robinson December 30, 2021 8:30 PM

@ SpaceLifeForm, ResearcherZero, -,

Caught on recent 100. Already disappeared.

Yes, the traits you indicate suggest that it’s how was it last put “the Troll Tools beating away at it again”.

I was wondering the other day if a reaperance was about to happen as a few of those stupid comments that try to be offensive have poped up suggesting someone was testing the waters again to see how fast @Moderator responded.

ResearcherZero December 30, 2021 8:33 PM

@Clive Robinson

Yes, it definitely happens on both sides. When we used to provide security reports to government, it did not matter who was in power, it was mostly political opportunism that drove the response. Important matters would be completely ignored if they might have lead to a whiff of scandal or wasn’t immediately advantageous, and only the rare issues that played to everyone’s interests were fully embraced as important.

Things ignored have a funny way of crawling right up their rear ends though eventually.


Trying to set some kind of precedent here? Or grandstanding just get in the news?

“Records obtained by the Post-Dispatch showed Education Commissioner Margie Vandeven initially planned to thank the reporter who uncovered the vulnerability.”

They also showed that a state cybersecurity specialist informed Sandra Karsten, the director of the Department of Public Safety, that an FBI agent said the incident “is not an actual network intrusion.”

Instead, the specialist wrote, the FBI agent said the state’s database was “misconfigured,” which “allowed open source tools to be used to query data that should not be public.”

“These documents show there was no network intrusion,” St. Louis Post-Dispatch President and Publisher Ian Caso said this month. “As DESE initially acknowledged, the reporter should have been thanked for the responsible way he handled the matter and not chastised or investigated as a hacker.”

But Parson, who has often tangled with news outlets over reports he doesn’t like, announced a criminal investigation into the reporter and the Post-Dispatch.

ResearcherZero December 30, 2021 8:52 PM

Public Choice Theory and the Illusion of Grand Strategy

“Basically, whenever the US stations forces abroad, commits to defending a country, or declares another nation an enemy, a consensus develops that whatever we happen to be doing right now must never change.”

“This is because there are special interests – mainly foreign governments, the national security bureaucracy, and weapons manufacturers – who shape the discussion. National security journalism depends on government actors for access, and concentrated interests promote and fund ideas that advocate for a more aggressive posture abroad. This helps explain why foreign policy analysis in the US is often so bad; the marketplace of ideas is tilted towards those who benefit from the status quo.”

Don’t leak our secrets, we will let foreign spies run around committing crimes, murdering people, but just don’t leak our secrets.

It’s like some kind of ‘locked-in syndrome’, inflexible and totally unprepared for any kind of frank analysis of our mistakes to be had publicly. Yet everyone else knows our mistakes, they know our mistakes in some cases better than we know them ourselves, and they are not ignoring them.

Clive Robinson December 30, 2021 9:00 PM

@ SpaceLifeForm,

2 years ago today: Dr. Li Wenliang warned his colleagues that 7 people in Wuhan had been diagnosed with an unknown type of coronavirus.

In 2 years it’s claimed 5,000,000 lives and as far as I can tell reduced as many again to effectively a disabled status for months on end if not for good.

In many places due to stupidity it spread and crossed over back into animals again. If we have a permanent disease reservoir is unknown but appears likely.

The speed the current variant is spreading at suggests it might even “burn out” as it will run out of hosts to which it is novel.

But all it needs is a mutation to shift it along the bottom axis, and the game will start again…

I think it is safe to say that no new vaccines will be available any time soon for fiscal reasons. And to be honest I can not see them getting a new “tweaked” vaccine ready to go in less than a year.

It will be interesting to see how other non Western vaccines perform against the current variant.

But as for “immunize the world” that is still a distant pipe dream that politicians will talk up but not do anything about…

ResearcherZero December 30, 2021 9:21 PM

Diachenko found that numerous LastPass credentials were stolen and stored in the exposed RedLine logs and checked various emails for LastPass users who received the emails to see if they were listed.

The RedLine data contains 441,657 unique email addresses stolen by RedLine that can now be searched on Have I Been Pwned.

Redline Stealer malware logs with more than 6M records were exposed online, publicly (now taken down). Internationally sourced data, exfiltrated in Sept and Aug 2021. RS is the key source of identity data sold on online criminal forums since its initial release in early 2020.

SpaceLifeForm December 30, 2021 10:03 PM

@ Clive, -, ResearcherZero, ALL

We are training the spam filter.

That is all. There is no try.

someone was testing the waters again to see how fast @Moderator responded

@ Moderator did not catch those 4 comments posted to 16.5 year old article.

The spam bot did. I did also.

But, the Spam bot did not catch immediately. Wbich is why I was able to catch on recent 100.

As I am not a bot, therefore I must be training a bot.

Or, am I?

What if I am an AI bot, trying to confuse other AI bots?

Can you tell?

Let’s take a Turing Test.

You monitor all conversations on this blog. Every day, like I do.

Am I a SpaceLifeForm or am I an AI?

MarkH December 30, 2021 10:17 PM


It’s funny that you mention batteries for missiles …

A system for warplane maintenance needed a battery analogous to the disc cells on PC mainboards.

The battery was required to be military grade, though commercial batteries would have been adequate. The “nearest fit” was a battery intended for missiles, with capacity (and bulk) absurdly large for the application, and the unit cost at least $2000 in today’s money.

When these were dispatched as replacement parts to Asia, the consistent complaint was that the batteries were uniformly Dead On Arrival.

After a large sum of money was wasted destroying these batteries, engineers discovered that the shipping department — in reaction to the terrors of ESD damage — was wrapping all components in conductive bags, regardless of whether the content was sensitive to ESD.

ResearcherZero December 30, 2021 10:32 PM

Vladimir Putin warned in a phone call with President Biden late Thursday that any new sanctions on Russia as a result of the Ukraine crisis could lead to “a complete rupture of relations” between Moscow and Washington that their descendants would come to regret.

Putin told Biden that such actions would be a mistake, “which our descendants will later appreciate as a huge one,” Ushakov said, according to the Interfax news agency. “Many such mistakes have already been made over the past 30 years. Therefore, it is advisable not to make such mistakes in this situation.”

Russian officials see a time frame of just weeks for Biden to agree to demands that NATO has long refused, including effectively allowing Russia to veto the security decisions of Ukraine and other nations in the region. The White House has rejected any such bans on NATO membership out of hand, saying all sovereign nations should retain the right to make decisions about their own security.

The United States and Russia are scheduled to hold bilateral talks in Geneva on Jan. 9 and 10, the senior official said. Those will be followed by talks at the NATO-Russia Council on Jan. 12 and negotiations at the Organization for Security and Cooperation in Europe, which includes Ukraine, on Jan. 13, the official added.

China has a “no first use” policy as do a number of the other nuclear states. The US and Russia have a Launch-on-Warning policy which means if we detect that you have launched, we will launch in what is essentially a Use-’em-or-Lose-’em strategy.

There is no equivalent yet for mutually assured destruction in cyberspace.
You try to wage cyber warfare against us? We’re more than capable of doing the same, and worse, to you.
These would be cyber offensive measures that take out critical infrastructures, and in the worst case, causing equipment failures and destruction of operating systems that would put us in a world of hurt, especially for our electrical grid.

I propose getting along and being kind to one another, but that probably doesn’t poll particularly well, unless of course you bribe a major outlet to publish manipulated opinion polls in their tabloids (it worked in Austria, but for entirely different reasons).

lurker December 30, 2021 11:47 PM

@Danny – Bruce is sensible enough to know when to have a few days off with friends or family, and enjoy the figgy pudding and port wine. Word would get here if anything was wrong.

null clam December 31, 2021 12:11 AM

@ SpaceLifeForm @ “SpaceLifeForm” …

therefore I must be training a bot

In the context, it would be someone else training a bot, by stealing your cycles.

The joke Turing was playing on everyone with the “test” was that through a small enough window, everything looks like everything. The test is guaranteed to fail, and solves the non-halting problem. Turing preferred machines that did not halt.

Is anyone sure they are awake ? They are sure, if they are awake.

ResearcherZero December 31, 2021 3:19 AM


The Cossacks play an increasingly important role in Russia. Their disciplined way of life, patriotism, large families and commitment to work, are seen by many politicians as a model that could help resolve many of Russia’s problems. For this, they receive support from the very top.

Cossack values are deeply conservative, a mix of self-reliance, fervent patriotism and belief in discipline and authority. As I prepared to leave, Ataman Viktor told me he would like to see the Tsar return to Russia.

When I asked him if he could suggest any candidates, he told me there was “only one”. President Vladimir Putin, he said, had proved himself as a potential Tsar, by bringing order and the start of Russia’s long-awaited national revival.

“The Cossacks are facing reprisals” from the separatists, Lyubov A. Korsakova, the editor of a Cossack newspaper, the Front Bulletin, said in an interview here in the traditional Cossack capital. “They started to disarm the Cossacks, and not only to disarm them, but to kill them.”

At least dozens of the fighters sent to Ukraine by the Don Cossacks, the main Cossack group, have died in mysterious ambushes in recent months, according to local news reports.

Winter December 31, 2021 3:39 AM

“When I asked him if he could suggest any candidates, he told me there was “only one”. President Vladimir Putin, he said, had proved himself as a potential Tsar, by bringing order and the start of Russia’s long-awaited national revival.”

The cossacks descend from escaped serfs. It is darkly poetic that they hark back to serfdom again.

But this is the way of the new world. In the face of globalization, people want to go back to a past of serfdom. Be it in Hindu castes, Chinese imperialism, or Stalinist/Czarist Russia. In the US South, they want to redo the civil war, with the old 3/5 rules for non-whites and regret about the abolition of slavery.

Now, in the current situation, all this “other people should die for my freedom” mostly comes from people who are opposed to social welfare for others and do not want to pay taxes.

Winter December 31, 2021 4:12 AM

“the start of Russia’s long-awaited national revival.”

It is a lot about the feeling of lost entitlements of those who feel they don’t get the respect they are due that power autocrats and conspiracy theories.

Collective narcissism as a framework for understanding populism

conspiracies link to psychopathy, Machiavellianism and collective narcissism

Ted December 31, 2021 5:20 AM

@Clive, MarkH, ALL

Re: Apple batteries and… lawsuits

So did you hear the one about Apple being taken to court for an exploding Apple Watch battery?

Well, it’s true.

From Smith v. Apple – Class Action Lawsuit, filed 12/9/21:

However, the Apple Watch contains an undisclosed and unreasonably dangerous safety hazard … insufficient space allocated within the device for the rectangular shaped, electromagnetically charged lithium cobalt oxide battery inside a polymer pouch (the “Defect”)

… To be clear, the Defect is not the normal degradation of the lithium-ion battery, but instead the placement of that battery in the above-described configuration where the battery’s expansion can cause screen damage or detachment, operationally destroy the product, and harm or potentially harm the user.

They’ve been making products for a while, so I wonder how this defect missed being detected?

Winter December 31, 2021 5:48 AM

“any new sanctions on Russia as a result of the Ukraine crisis could lead to “a complete rupture of relations” between Moscow and Washington that their descendants would come to regret.”

Gazprom has emptied the natural gas reserves in Europe and refuses to deliver more gas than the contractual minimum. It is obvious that Russia is using a shortage of natural gas as a tool to blackmail Europe in the Ukraine crisis.

The result will be very simple: Europe will do what it should have done years ago, get their energy elsewhere.

There is a good chance that the Nordstream pipeline will never be used at full capacity, and might have a very short use life. Meanwhile, France is organizing a EU defense policy that is likely to succeed due entirely to Putin.

Russia might come to regret this stupidity earlier than the US.

Winter December 31, 2021 6:55 AM

As the year is nearing it’s end, we should remember those who are less fortunate. Those who are empathy- and mentally- challenged. Those who have suffered ridicule for being unable to reflect on their actions.

A case has come up again of “Ted”, who just made a tweet in anger without reflection:

Blue-state Dems are power-drunk authoritarian kill-joys. Washington State: NO DANCING ALLOWED!!! Any rational & free citizen: Piss off.

It is so unfair to judge him on not knowing about Australia. Who ever would suspect they use social media in Australia?


name.withheld.for.obvious.reasons December 31, 2021 7:02 AM

How, for example, the Justice System, inside and outside the U.S., is a foundational component of security for the vast number of inhabitants of planet earth. As many here may know, much of what I write seems to have a pungent aroma, much of it encased in legal jargon and procedures. Let me share the basis for such aromatic profundities:

Justice systems are ill defined and far less than objective, I tend to see their applications as subjective to a fault. Working and pushing for more formalism in law and justice is kind of a pastime of sorts. From a scientific and engineering perspective, the types and number of methods procedurally leading to outcomes that are measurable may seem vast, but when focused, produce significant results. A couple of case studies would be useful; for example the Apollo program launched by JFK, the complex that is the Hadron Collider at CERN. Big science tackling vexing and difficult issues where no solution or system exists. Justice systems tend to lack the large picture or ultimate goal, what would a robust justice system produce as a goal, mission, or vision statement? I am being both rhetorical and questioning, in the socratic, beyond just being curious.

John December 31, 2021 7:43 AM



“The greatest of these is love.”

Are we trying to hurt or

are we trying to help make our world a better place?


Ted December 31, 2021 9:10 AM

@Winter, ResearcherZero

From an article:

Recently, the Chinese government put sanctions on several types of Australian goods as a means of employing economic coercion, according to the Pentagon’s “Military and Security Developments Involving the People’s Republic of China” 2021 report which was released in November.

But did Australia call for an independent investigation into the origins of COVID-19 in April? Their first rodeo?

Winter December 31, 2021 9:18 AM

“Recently, the Chinese government put sanctions on several types of Australian goods as a means of employing economic coercion,”

Sauce for the goose is sauce for the gander. When US er al start trade wars around technology, they cannot complain when China does the same.

null clam December 31, 2021 11:34 AM

@ Winter @ ResearcherZero

collective narcissism

I don’t think the distinction is between “right” and “left”. Stalin was an autocrat and his regime, of the left, was (enforced) collective narcissism on a scale never before seen.

The essential distinction is more between “utopian”, which becomes “totalitarian”, and “anti-utopian”, which could be called “conservative”, which allows a natural response to the problems of constant adjustment necessitated by our limited understanding and subjection to unforeseen contingencies. Left and right both have their utopias.

Interesting reading is Aurel Kolnai’s essay “The Utopian Mind” in the collection “Privilege and Liberty and Other Essays in Political Philosophy”.

lurker December 31, 2021 11:38 AM


They’ve been making products for a while, so I wonder how this defect missed being detected?

Apple’s QA was legendary back in the day when they made stuff onshore. But lately there have been little design defects turning up because they are outsourcing manufacture to a price, and because they are employing design people without enough real world experience.

They had a run of laptop power supplies that were catching fire or just plain dying, because the non-pluggable output cable was being pinched and short-circuited by the strain reducing clamp. When mine failed I fixed it myself, and wrote to Apple telling them the simple fix that would cost nothing in future manufacturing. I never heard back from them…

null clam December 31, 2021 12:08 PM

@ lurker @ Ted

been making products for a while

It takes a fair bit of digging, but look up Apple’s manufacturing history from beginning to the present day. Then find the video of the guy, a comp sci student at a New York university, who in the last few years went and worked on the assembly line at one of the company’s factories in China, and listen to his commentary on the experience. Considering it all together, ask if it really makes any sense and from what viewpoint.

Ted December 31, 2021 1:17 PM

@lurker, null clam

Re: Apple product QA

First off, let me correct myself. The batteries in the Apple Watches are not exploding, but they are swelling and causing the display to pop up and expose razor-sharp edges.

The legal complaint shows a pretty nasty cut on someone who ran their arm across an exposed edge and cut a vein.

I haven’t read through the whole complaint, but it doesn’t look super great for Apple:

Apple’s U.S. Patent No. 9,912,186 … acknowledges: “Continued use of a lithium-polymer battery over time may also produce swelling in the battery’s cells. . . a user of a device may not be aware of the battery’s swelling and/or degradation until the swelling results in physical damage to the device.”

I don’t know how to feel about this.

@lurker you mentioned “They had a run of laptop power supplies that were catching fire or just plain dying…” That seems very materially important.


Ted December 31, 2021 1:32 PM


About Apple product manufacturing, did you see that…

Luxshare Precision Industry is building a massive manufacturing complex in eastern #China as it aims — with Apple’s blessing — to break the decadelong hold that Taiwan rivals #Foxconn and Pegatron have on iPhone assembly.

The article from the tweet has more:

@null clam I hope that video surfaces. That would definitely be pretty interesting.

name.withheld.for.obvious.reasons December 31, 2021 2:53 PM

@ John

Help or hurt? What have the long train of abuses suggested so far?

name.withheld.for.obvious.reasons December 31, 2021 2:57 PM

From the Law School at the University of Michigan, Michigan Telecommunications and Technology Law Review, a summary statement about section 309, from the analysis, Loopholes for Circumventing the Constitution: Unrestrained Bulk Surveillance on Americans by Collecting Network Traffic Abroadpage 341:

§ 309 could go down as a historic moment in surveillance policy. It could entail a significant depression of legal protections afforded to US per- sons when data is collected abroad. It is also apparently the first time that Congress involved itself directly with data collection and retention usually regulated under EO 12333.

name.withheld.for.obvious.reasons December 31, 2021 3:06 PM

Has anyone notice this legislative gift to service providers, et al;

Section 2511(2)(a)(i) of Title 18 permits employees of providers of wire or electronic communication services to intercept, disclose or use…

Have been napping a bit and let it slip by, thought this was proposed, not signed into law.

Clive Robinson December 31, 2021 3:52 PM

@ Ted, lurker, null clam, ALL,

Re: Apple product QA

Once upon a time back in the 1960’s we had the start of what has become known as “Fast Moving Consumer Electronics”(FMCE). Basically the use of the then new transistors in their tiny glass envelopes compared to even the smallest of Tube/Valve triodes and pentodes enabled manufacturing to stop being hand wired on “tag strip” and made on “Printed Circuit Board”(PCB) not just conveniently small but that could run off of flash-light/torch batteries.

Not surprisingly manufacturing moved fairly rapidly to the “Republic of China” which we now call Taiwan.

One of the issues of mass production is it is asymetric. That is shipping to customers is considerably less expensive then shipping a product back for repair under guarentee.

In fact the cost of shipping back just one item from a customer could cost more than any profit on six or more shipped to customer items.

Back in the 1940’s and 1950’s British industrial manufacturing was running into reliability problems and it was looked at “academicaly”… The result was the foundations of what we now call “Quality Assurance”(QA) from the “British Standards Institute”(BSI) and later other Standards Organisations.

When put in place effectively QA reduced the number of manufacturing defects significantly and stoped the Far Eastern Manufacturing going bankrupt.

An unwanted side effect of this as far as Western Manufacturing was concerned was that manufacturing in the Far East got cheaper and cheaper in comparison so jobs went overseas or as we now say “outsourced” or “off shored”. A form of “short-termism” that has significantly damaged Western Nations economies and made them not just dependent, but critically so on not just potentially hostile nations, but dangerously over optimised supply chains, that fail at the tinyest of issues, be they a pathogen that can not be seen, or a ship geting “piloted” into the banks of a canal.

And it is this “over optimisation” that is the primary root cause of most issues. In essence neo-con thinking is that there can be bo ineficiency and productivity has to be not just increased but increased whilst reducing costs…

The result of such thinking is that things have become so fragile, not even the briefest flutter of a butterfly’s wings at one end of a supply chain is needed to create a chaotic storm and massive failures at the other.

If people do not realise this by now, then they need their heads examining, which is especially true of the so called “Chicago School” where the examination would best be done by the application of a “4 be 2” process, untill the recipient fully understands the error of their ways…

But it might prove difficult because of the Upton Sinclair observation,

“It Is Difficult to Get a Man to Understand Something When His Salary Depends Upon His Not Understanding It”

And those Chicago School Deans etc have the nicest of offices, confrences and lucrative book deals. Because they know what certain individuals want them to write.

Look on it as the “neo-protestent work ethic” just as false as it’s always been but spread by the modern MBA acolytes rather than the tardy priests that had diminishing power to excercise.

The thing is it’s gone to far, this optomisation is now destroying manufacturing.

The expansion and bursting into flame of certain types of lithium power cell is well known, even to the public with both Boeing and Airbus passanger aircraft effected, samsung phones burning peoples ears and neather regions and back in the 1980’s the likes of electronic door locks burning doors down.

Apple has absolutly no excuse the problem seen with their battery is well known not just in the FMCE industry but in nearly all electronic design from those knocking circuits together at home for school / college projects all the way through to aerospace with billion dollar craft.

Some of you might have heard of Alan Sugar who founded Amstrad back over half a century ago. He decided to move into “Cordless Phones” and got his own team of engineers to design a range of phones for him, and he wanted it manufactured in the Far East. The company I was working for at the time was asked to bid for the work, so a group of our engineers went over to his office, to go through the design. It was immediately clear that his designers new nothing about NiCad rechargable batteries. Not only was the charging circuit wrong which would have critically shortened the life of the batteries the design had the batteries in the wrong place and importantly there was no easy way to change the batteries… Alan Sugar “was not a happy camper” when our team explained this to him. We did not get the job, not because we could not do it, but because he sacked his designers and went back to the drawing board… So problems with batteries and wireless handset phones is not exactly a new problem.

Apple have consistantly gone down a road of making repair by others increasingly impossible as they make vast profits from it, over and above the ludicrous profits they make on the products themselves. Worse this profit is kept off shore to avoid paying any real taxation on it. So Apple have actually gone beyond a point of no return on their finances, so they have to find a way to generate money back on US soil so they can pay for setting up US manufacturing.

If I was a suspicious person I would say that this defect was actually deliberate to cause a much shorter product life, that pushing a very profitable for them “repair or replace” cycle onto their fan-buoi customers who have a very high value for X from,

X = money / sense

I got wise to Apple racketeering four degades ago, what puzzled me then and makes me shake my head with disbelief these days is why people still fall for it.

lurker December 31, 2021 4:30 PM

@Ted, @Clive, ALL

The power supplies in question, if within warranty period were replaced, no questions. If outside warranty you had to buy a new one, ~US45. The units were plastic welded shut so any practical public repair would cost more than a new replacement…

For a look inside a Foxconn factory in Shenzhen, the series is about food, so work is incidental. The girl on the line is riveting mechanical parts of an Apple X-Server chassis (now obsolete).

lurker December 31, 2021 4:44 PM


If I was a suspicious person I would say that this defect was actually deliberate to cause a much shorter product life, that pushing a very profitable for them “repair or replace” cycle onto their fan-buoi customers…

Yes, I was a fanboi once. I believe Apple’s downhill slide has got a lot worse since the departure of St. Steve (Jobs). Back then our management didn’t know what to do about our section, with specialized software only available on MacOS, but they had to concede our hardware life cycle was twice that of the PC-win they were using elsewhere.

SpaceLifeForm December 31, 2021 5:01 PM

@ null clam, Winter, ResearcherZero

re: collective narcissism

Correct. “left”, “right”, “conservative”, “liberal”, etc, are just Labels.

Always remember the first rule of Marxism: Never join any club that would have you as a member.

SpaceLifeForm December 31, 2021 6:11 PM

@ name.withheld.for.obvious.reasons

Re: Loopholes for Circumventing the Constitution: Unrestrained Bulk Surveillance on Americans by Collecting Network Traffic Abroad

I spotted this loophole two decades ago.

It is simple. You route the ip traffic out of U.S. And then route it back in.

Bingo! It is now foreign traffic.

BGP is not secure.

Ted December 31, 2021 6:56 PM

@lurker, Clive, null clam, ALL

Re: Smith v. Apple lawsuit (re: Apple Watch Defect)

I hate that this lawsuit surprises me. I am very grateful and sorry to hear about your own experiences. Here’s just one more line from the complaint. Note the word ‘also’:

Apple also acted in an unethical, unscrupulous, outrageous, oppressive, and substantially injurious manner with respect to Plaintiffs and the Class members

@lurker I really enjoyed that video with the incidental clip of the Foxconn plant. I love the videos. I must say, however, that I am hungrier for having watched it.

@null clam thanks for sharing that link about the NYU student’s first-hand experience at a Pegatron-owned factory. That is new to me and I very much appreciate you sharing it.

@Clive, the phrase “short-termism” was quite fitting. I hope Apple enjoyed it’s brief experience with consumer confidence re: Watches. I didn’t see an explicit amount of monetary damages listed in the complaint. I am figuratively biting my fingernails.

lurker December 31, 2021 9:12 PM


unethical, unscrupulous, outrageous, oppressive, and substantially injurious manner

Just lawyer-speak. If you’d followed Groklaw back in the day, you’d be immune to those words, and be digging for “the facts, just the facts ma’am.”[1] Like, where did the alleged incident occurr? The suit is lodged in the Northern District of California. Is that just because Apple is domiciled there? The alleged incident is said to have happened “on a golf cart”[2]. What is the bright sunshine temperature at Mar el Lago?

[1] Dragonet, Stan Freberg, 1953

[2] My Scottish ancestors have advised waiting for night-time data rates to d/l the pdf.

Ted December 31, 2021 10:28 PM


you’d be immune to those words, and be digging for “the facts, just the facts ma’am.”[1] Like, where did the alleged incident occurr?

Yes, from the complaint:

On September 8, 2020, Plaintiff Chris Smith was wearing his Watch on his left wrist while sitting in a golf cart.

As Plaintiff Chris Smith reached down from the steering wheel to place the golf cart in motion, a detached screen on his Apple Watch severely sliced the underside of Plaintiff’s forearm, cutting a vein, and resulting in substantial personal injury. The watch was no longer operational.

If I may get your thoughts on this… of the laws that were purportedly violated, which one seems the most significant or interesting to you?

If the complaint says how that law was violated would you mind sharing a very brief excerpt?

SpaceLifeForm December 31, 2021 10:51 PM

@ name.withheld.for.obvious.reasons, Clive

“One ringy dingy… Is this the party to whom I am speaking?”

Re: Section 2511(2)(a)(i) of Title 18

It shall not be unlawful under this chapter for an operator of a switchboard, or an officer, employee, or agent of a provider of wire or electronic communication service, whose facilities are used in the transmission of a wire or electronic communication, to intercept, disclose, or use that communication in the normal course of his employment while engaged in any activity which is a necessary incident to the rendition of his service or to the protection of the rights or property of the provider of that service, except that a provider of wire communication service to the public shall not utilize service observing or random monitoring except for mechanical or service quality control checks.

My router is a switchboard and I am the operator, officer, employee, employer, and agent. But not a provider.

lurker January 1, 2022 2:02 AM


You have to subscribe to either Scribd or Pacer to download the court document. So I scrolled thru to get the juicy bits. It is a class action on behalf of everybody who ever bought an Apple watch Series 1, 2, 3, 4, 5, 6, or SE.

The plaintiff is domiciled in Daphne, Alabama; additional plaintifs for class action are identified in CA, OH, MD.

Magnuson-Moss Warranty Act applies in respect of misleading and deceptive warranties.

Apple in its wisdom or otherwise includes in its warranties this dinky para:

You agree that all matters relating to your access to or use of the Site, including all disputes, will be governed by the laws of the United States and by the laws of the State of California without regard to its conflicts of laws provisions.

so to bite them in the bum the Song-Beverly Consumer Warranty Act applies to all internet purchasers elsewhere in US from vendors within CA.

The complaint alleges that Apple knew the batteries swelled, they found it in testing, but thought they could get away with it – couched in suitable legal language. Since some of the alleged incidents occured in bright sunlight I thought Apple might go for a defence of specified maximum operating ambient temperature; but more cases occured indoors. Would you wear one of these devices in bed, asleep? Me neither…

Possibly, this is not clearly explained in the plaint or the terrible photos, the display glass cover suffers a circumferential shear failure as it is pushed out. Not like a car windscreen that can pop out of its rubber surround and expose a safe bevelled edge. It seems to be stupid design if the things are deliberately made as lethal weapons. There is a dismaying list of people who suffered grievous bodily harm from the (broken) glass.

This is a typical first filing, throw everything and the kitchen sink at the defendant. Then when they get in front of the Judge they’ll work out what is worth arguing over, and whether expert witnesses will be needed to testify on the tech.

Ted January 1, 2022 7:29 AM


Re: Smith v. Apple (an Apple Watch class action lawsuit)

Bless you for reading a legal document. I had included a PDF of the complaint in the last post. Did this open for you?

Yes, so the purported law violations occurred against:

  1. California Unlawful Competition Law
  2. California Consumers Legal Remedies Act
  3. Fraud By Omission
  4. Violations of the Song-Beverly Consumer Warranty Act
  5. Breach of Implied Warranty
  6. Magnuson Moss Warranty Act

So you saw all the consumer experiences that were listed in the complaint? The screen pops off, hurts some people, makes the device unusable, and Apple plays dumb and shuffles people into often very expensive repairs… all the while they are not disclosing a defect that is known only to them. Game over on this one.

As you saw, there were lots of similar experiences reported on the Apple Watch “Support Communities” forum. Here’s just one.

@lurker, you mention that car windshields have a safe beveled edge. Why didn’t Apple think of something like that? They could have missed so many bloody photos.

So, honestly I think the summary description of Apple’s behavior as “unethical, unscrupulous, outrageous, oppressive, and substantially injurious” is merited. I think the laws will uphold the legalese of those findings.

I don’t know what you think won’t stick.

Clive Robinson January 1, 2022 8:29 AM

@ name.withheld…, SpaceLifeForm, -, Winter,

One ringy dingy…

And similar such as,


are what I regard as “early warning” of sounding out the @Moderator response time.

Clearly designed not to trip a “naughty words” filter, but also to be significantky offensive, in a particular faux juvenile manner.

The time/date of “December 30, 2021 10:53 PM” should be raising a flag.

Clive Robinson January 1, 2022 8:48 AM

@ SpaceLifeForm, name.withheld…,

I spotted this loophole two decades ago.

Did you also spot what else went on?

Allegedly the new routes were advertised from China, and that was where the trafic was sent via.

But as pointed out at the time due to BGP’s entire lack of security, the real origin of the new routes could have been from anywhere via chosen routers etc…

It was only later the NSA were caught on photograph with “their hand in the cookie jar” putting implants into kit being exported.

It was in response to such behaviours that the Chinese brought out legislation baning certain US and other kit from parts of their infrestructure… Which US politicians made such a hoo-har avout at the time.

So yeh the USG SigInt agencies and compliant US Politicos, got outed over time. Not that the compliant US MSM would print such “trails of evidence”.

Winter January 1, 2022 9:50 AM

@Clive et al
“Clearly designed not to trip a “naughty words” filter, but also to be significantky offensive, in a particular faux juvenile manner.”

Russia is preparing an invasion/war in Ukraine, starting when the local ground is frozen.

History has shown that Russia prepares such actions with a disinformation and propaganda campaign. So I would expect such a campaign here too.

That would explain also the sounding out of words related to Russian politics by trolls.

name.withheld.for.obvious.reasons January 1, 2022 1:47 PM

@ SpaceLifeForm
Attended a colloqium in 2000 at Mudd college were several intelligence organizations from the U.S. were in attendance. It is a frequented fishing hole, scouting for a fresh catch of mathematicians and sundry human brains.

On this occasion we did discuss things like OSPF, BGP, and other long haul transmissions and function shipping of data to obviate restrictions on domestic traffic. A ceiling, at zero degrees directly overhead, some altitude beyond 20 miles, is considered space…and it is not yours. Ground links can transcieve to a overhead platform leaving the country and bounced back. In some cases transceivers on the ground are used if the hop is sufficiently close. Canada seemed to be a preferred long haul loop at the time. Spread spectrum and UWB methods of shaping, some with optical carriers improved performance significantly making it more practical to use physical point-to-point transmission.

I sure Clive has something to contribute beyond my poor recollection…

And thanks to SpaceLifeForm and Clive for the links…cheers and happy new year.

name.withheld.for.obvious.reasons January 1, 2022 1:51 PM

@ SpaceLifeForm
Doing legislative history research on title 18, thanks for the statue and may I suggest that the word intercept is the most problematic component–what is service provider doing intercepting communications?

lurker January 1, 2022 1:56 PM


Sorry I missed that link second time round, first time was on mobile where I don’t d/l pdf. As to “what won’t stick”, lawyers are wriggly, and there’s horse trading goes on between filing and fronting up.

SpaceLifeForm January 1, 2022 5:20 PM

@ Clive, name.withheld.for.obvious.reasons

“One ringy dingy… Is this the party to whom I am speaking?”

Allegedly the new routes were advertised from China

There always has to be a foreign bogeyman for the loopholes to be legal.

The call is coming from inside the house.

what is service provider doing intercepting communications?

Making money via Black Budget ops.

Chasing ghosts on the taxpayers dime.

It’s a great scam. Probably over 90 percent of the effort is wasted chasing ghosts.

Look! A ghost!

Where? I don’t see it.

It moved, look over there. It’s by that stack of money.

Oh, I see it now. Looks like Casper.


Clive Robinson January 1, 2022 5:25 PM

@ name.withheld…, SpaceLifeForm,

A ceiling, at zero degrees directly overhead, some altitude beyond 20 miles, is considered space…

Yes and no, it depends on how you look at it. There is a lovely bit of dialogue in the file The Martian, where Matt Damon goes through why he is a “Space Pirate” that explains the situation rather well.

Put simply, “yes it is space” but under intetnational treaties “any territory not on earth” is “international waters” thus subject to all sorts of funny legislation including “Maritime Law”.

There is a whole bunch of legislation that the “International Telegraph Union”(ITU) of the “United Nations”(UN) put in place with regards intentional EM signals, which makes “spying on individuals communications” questionable at best.

It’s one of the reasons the US in particular has tried to make the definition of a “terrorist”, or “agent of a foreign economic power” etc so broad that they can claim buying the likes of dog worming powder etc on the Internet a matter of “National Security” so they can claim an exception to the treaties and agreements.

From the 5eye perspective you are “conspiring” with an “agent of a foreign economic power” when you buy via Ebay, Alibaba, etc anything that has originated in part or whole from abroad… So just aquiring and using your mobile phone, smart device or most other electronics means you have,

“Conspired with an agent of a foreign economic power”

So you are all legaly targets because you use electronic devices…

Whilst a court if faced with this might rule against it, it makes a wonderful “collect it all” excuse, and the trick with “standing” will be used to keep it out of court.

The first time I had reason to think about it was back in the 1980’s with the failed UK spy satellite “Zircon”,

What is not mentioned in the Wikipedia article is that the design got a major near “from the ground up” redesign/rework atleast twice. And to make it all more difficult there were a significant number of unexpected deaths in the Marconi teams involved.

The first major redesign was for “mobile phones”… Back in the 1970’s mobile phones were very very few and were effectively “Car Phones” and used VHF frequencies. By the earky 1980’s cellular Analog Mobile Phones (AMPS) in the UHF bands were fairly readily available and designs for fully digital systems such as D-AMPS and those based on DECT Cordless were quite common (look up “Rabbit Communications”). In the end the Zircon design could not keep up with the plethora of standards being turned out.

The second redesign was due to the US Government reneging on “special relationship” agreements. It became clear to the UK during the Falklands War that agrements about use of satellites was “one way” which is why Zircon got put on a faster time track. The US having agreed that the UK could use the “Space Transport System”(STS) or Space-Shuttle to put up satellite’s started to get evasive on launch dates etc. Thus Zircon had to be redesigned to be of a smaller diameter so it could be rocket launched (the same thing happened to the UK Mil-Com Skynet satellites).

Then engineers involved started dying unexpectedly in what looked liked staged accidents / suicides and the word went around not to join any of the teams involved. It got so bad it is said by insiders of the time that Marconi were threatening engineers not just with being sacked but “never working again” if they did not transferre over to a Zircon team…

I found out because I knew someone who worked in Marconi, and he was looking very depressed. So a few of us took him out one night for a “Beer and Curry” evening. He got a little drunk and told us about what was going on and how he had been told he might have to move down to Portsmouth. He asked us to keep it quiet but said if he died suddenly we were to tell people. It was then that we realised he was not depressed but scared half out of his mind.

He kind of got lucky, in that his mother became seriously ill and he had to take increasing amounts of unpaid leave to take her to hospital etc and look after her. As a result his name got taken off of the “potential list” for Zircon work.

Mind you he did tell one or two funny stories. One Mil satellite system he was designing, the use of Spread Spectrum came up. As he pointed out “the bloody thing moved around so much” that it was already “Spread Spectrum”.

One of the things to come out of the UK Skynet system was the use of “Surface Acoustic Wave”(SAW) filters to “fast lock” onto satellites. In effect you could use them to make programable “matched filters” which could “lock-up” a receiver about a hundred times faster than conventional tracking loops pushed by US designers. Apparently this was such a surprise to the US MIC it actually gave the UK Government a barganing chip in the “special relationship” but as with most UK politicos they blew it…

ResearcherZero January 5, 2022 10:53 PM

@Clive Robinson

Australian politicians are quite similar in regards to UK politicos, you have to get them over a barrel to get most anything done, and considering how much trouble some of them get themselves in that’s unfortunately not too hard. Which speaks to just how screwed up things can be at times within the society ‘down under.

Zloader abusing microsoft signatures trust model.

“The malware then exploits Microsoft’s digital signature verification method to inject its payload into a signed system DLL to further evade the system’s defenses.”

“…the script runs mshta.exe with file appContast.dll as the parameter. When we took a closer look at the DLL, we noticed that the file is signed by Microsoft with a valid signature (see below for further explanation) and its original filename is AppResolver.dll. Comparing the two files, we see that in the malicious DLL, the author appended a script to the file.”

“If we compare the malicious DLL with the original one on a byte level, we can see the file was modified in a few places: File checksum and two places that match the signature size.”

“These simple modifications to a signed file maintain the signature’s validity, yet enables us to append data to the signature section of a file. As we can’t run compiled code from the signature section of a file, placing a script written in VBscript or JavaScript and running the file using mshta.exe is an easy solution that could evade some EDRs.”

Microsoft addressed the issue in 2013 with a Security Bulletin and pushed a fix. However, they stated after implementing it that they “determined that impact to existing software could be high.” Therefore, in July 2014, they pulled the stricter file verification and changed it to an opt-in update.

In other words, this fix is disabled by default, which is what enables the malware author to modify the signed file.

Further explanation about how to enable the strict file verification is available here

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.