The oceans are warmer, which means more squid.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
MarkH • February 11, 2022 4:56 PM
@Anders, all:
The U.S. government today warned its citizens in Ukraine to evacuate within 48 hours.
Further, Department of Defense officials told at least one journalist (off-the-record, so source unnamed) that the question is “not if, but when.”
If an invasion occurs as expected, the consequences will be far broader in scope than most of us have been able to imagine.
Of special interest to readers of schneier.com is the near certainty that whatever armies may do, Ukraine will be targeted by a storm of cyber attacks of unexampled depth and intensity.
We’ve seen (and perhaps participated in) discussions of cyberwar intended to disable an entire nation-state.
The realization of this specter is now in prospect.
Clive Robinson • February 11, 2022 6:12 PM
@ Abders, MarkH, ALL,
I really hope this is false.
The date might be wrong…
But there is the old saying,
“If you give children toys they will eventually play with them”
Putin has a lot of toy soldiers, but does he have enough?
My guess, and I would treat it as that is,
1, He has enough forces to invade.
2, He does not have enough forces to hold the whole of the Ukraine.
3, He will invade east Ukrain upto a point and go not even as far as he will get support for from the locals.
4, He will find some excuse to blaim his Orwelian excuse for failure the “anglo-saxons”.
That is he will end up with more territory, but importantly with Rus still in the Ukraine on the Ukraine side of the lines to act as spys / saboteurs / troublemakers, so he can make another “salami-slice” later.
This way he gets to stay the leader of “Strong Russia” as it continues to fail economically. But he gets to blaim the US/UK/EU for the economic failure. So “win win” for Putin, “loose loose” for the Russian people and other Rus in the Ukraine and Belarus etc…
The big issue is Germany, and it’s,
1, Need for cheap energy.
2, Sentimentality for Rus myths and fake “golden age” stories.
With “Nord Stream 2″(NS2) the Germans have walked into a trap. Unlike the Ukraine Germany has little or no gas storage, so the “supply chain” via NS2 is extreamly fragile and will give Putin an almost instant off switch to Germany, thus political leverage into Europe that few can imagine.
I can see Europe fracturing with the North West and West spliting off from some of the North and East, with the South splitting off as well.
This would thoroughly delight not just Putin but the US State Dept as well. Further bith China and India would look favourably on such a split…
I just hope Germany and France both stop sleepwalking into disaster, but honestly, I don’t think they will.
SpaceLifeForm • February 11, 2022 6:15 PM
@ Anders, Clive, ALL
Remember, Putin met Xi recently. Agreed on 30 year deal to supply gas to China.
This may all be sabre-rattling to drive up the price of oil.
Clive Robinson • February 11, 2022 7:56 PM
@ SpaceLifeForm, Anders, ALL,
This may all be sabre-rattling to drive up the price of oil.
The price is going to “sky rocket” anyway, thanks to Omicron.
In the next month maybe three Europe will be out of lockdown and back to rebuilding the economy, which will need a lot of energy, much of which comes from gas due to short sighted politicians.
The Americas both north and south of the equator will also be trying to rebuild their economies but the North is going to take longer than Europe to throw off Covid for various reasons (of mainly political stupidity). Some are predicting inflation in the US will go into double digits this year, so when your boss tries to make a 5% raise sound generous, just remember anything less than 12% is actually going to be a cut in your spending power. As for energy 25% increase in cost would supprise very few who have been keeping an eye on things. It’s almost certain US domestic energy suppliers will change tariffs and put double ratchets in them as they know full well energy shortages are comming fast and most domestic consumers will end up paying for low prices to industry on fixed longterm supply contracts.
As for South America, like the rest of the Southern Hemisphere they are heading into autumn and winter. Their “respiritory disease season” is not far off. Hopefully Omicron will get down there and become compleatly dominant so no new more pathogenic varient will arise. As for South Asia and Australasia pays your money, takes your choice.
Either way, the need for energy is going to go up globally and supply actually can not currently meet demand[1] so you know what is going to happen… Your “energy security” is in your own hands, and you can be sure that legislators are going to force other hands into your pocket, to prop up their chums who have a habit of flying south of the border when a chill wind blows, especially on the yellow rose.
For those who have to deal with PEG, you have my commiserations, power and supply outages will I suspect become the norm not the exception for rather more time than will be tolerable. I know of several people who have “upped and left” and headed north where the power and energy supply is going to be more reliable and possibly less expensive.
Perhaps oddly, an invasion by Russia into the Ukraine might have the opposite effect on energy demand in Europe. Political instability usually suppresses economic activity and increases unemployment etc, with resultant economic effects similar to lockdown, and so the demand for energy falls. Even for nations on a “war footing” the economy switches over and so does energy usage and takes time to stabilize in new patterns.
If Russia does invade East Ukraine, I would not be surprised if Turkey starts taking advantage of the situation, especially where energy supply is concerned as they have certain geographic advantages they can –and have– exploit.
But we have a big unknown… ICTsec is going to be negatively impacted by any potential military action. Thus the question not just of the “waring parties” but a very wide if not global fall out as “fire and forget” malware runs astray where ever it can.
I’ve no idea what mayhem “all out cyber-warfare” will bring, but past evidence suggests that if it starts it will be entirely around the globe in less than 24hours[2][3].
One thing is almost certain, no current consumer / commercial OS or Applications have any resiliance to a myriad of zero-days etc that will get unleashed very very rapidly, and patching etc won’t be an option at all.
We know that there is information out there that will enable all Intel CPU chips to be permanently bricked. Likwise all Flash ROM to have persistant malware installed (if not already done via APT type tactics).
So now might be a good time for organisations to seriously investigate th “pull the connectivity plug” on everything that is not essential. And hard segregate / ring fence the essential connectivity that remains like it is Chernobyl.
But also consider for future thought, if your “business” is “in the cloud” well… “No cloud”, which is the likely outcome of major cyber-warfare, I guess means “no business”…
Oh and if you are an investor as those with college funds, and pensions reluctantly are you might want to consider where your money is invested…
[1] One side effect will be the price of crypto-coins, which I suspect will become even more volatile. Expect much speculation and fraud / theft as new coins and contract systems spring up[2] looking for “mug money” and vast amounts of energy to drive things.
[2] Any increase in crypto-coin speculation is going to cause an exponential rise in ICTsec attacks.
[3] Cyber-warfare is an unknown, but history suggests it is going to be bad for the vulnerable and unprepared. Most business systems are way way to exposed and have zero ability to stop the sort of malware waiting in the cyber-warfare arsenals. So such systems will get co-opted, trashed or both in “all-out” cyber-warfare.
Winston Smith • February 11, 2022 8:28 PM
Ukraine is definitely bad news. And Snowden gives us more bad news:
CIA mass (“bulk”) surveillance has been carried out “entirely outside the statutory framework, and without any judicial, congressional or even executive branch oversight. The nature and full extent was withheld even from the Senate Select Committee on Intelligence.”
https://twitter.com/Snowden/status/1491958334039154724
US Senators Wyden and Heinrich: Newly Declassified Documents Reveal Previously Secret CIA Bulk Collection
SpaceLifeForm • February 11, 2022 10:35 PM
@ Winston Smith
There is Judicial action. A lot.
I know there is a lot of impatience.
Hang in there. Stuff is happening.
There is a lot of Metadata being collected at this moment.
Winston Smith • February 11, 2022 11:10 PM
@SpaceLifeForm
I wish I could be more hopeful; I’ve lost faith. But observing fault lines in the “Matrix” is personally reassuring. Improvements to the current situation are always welcomed.
Until the average cog in the wheel values a constitutional republic more than the baubles delighting on a smart phone display, I fear little progress made.
SpaceLifeForm • February 12, 2022 12:43 AM
@ Winston Smith, ALL
Hang in there. Stuff is happening.
Hope this helps.
hxtps://threadreaderapp.com/thread/1490352639099523074.html
Robin • February 12, 2022 2:38 AM
Find it hard to believe the sudden upsurge in “freedom convoys” provoked by random stuff on social networks is a pure coincidence. I mean, just as countries are rowing back on restrictions?
Winter • February 12, 2022 6:08 AM
@Robin
“Find it hard to believe the sudden upsurge in “freedom convoys” provoked by random stuff on social networks is a pure coincidence.”
It is the far right clamouring for their “Great Reset” that is moving out of grasp when the restrictions end.
The “freedom convoy” that has besieged Ottawa isn’t a people’s revolt. It’s a fringe movement protesting its defeat.
ht-tps://www.vox.com/policy-and-politics/22926134/canada-trucker-freedom-convoy-protest-ottawa
ht-tps://abcnews.go.com/International/wireStory/explainer-protests-canada-82835569
ht-tps://www.msn.com/en-us/news/world/what-s-going-on-across-the-border-the-canadian-trucker-protests-explained/ar-AATpeam
But many Canadians were most incensed by the use of Nazi symbolism on protest signs and reports that war memorials had been desecrated.
“The use of Nazi symbols as a means to compare anything in our lives today here in Canada to the experience of Jews living under Nazi rule is a heinous form of Holocaust distortion,” the Friends of Simon Wiesenthal Center said in a statement.
JonKnowsNothing • February 12, 2022 11:58 AM
@Clive, @Freezing_in_Brazil
re: Hopefully Omicron will get down there and become compleatly dominant
Which sub-lineage are your rooting for?
Numbers in California are on the decline. Locally we ticked 17 days of TRIAGE.
BA1 is declining. BA2 is rising. Hamster-DELTA is a new option on the menu in Hong Kong, imported from The Netherlands. Mink-COVID is still circulating in the remaining mink farming countries. Bambi-COVID is a possibility for those who like the outdoors with lots of ventilation.
This diktat did not make me feel hopeful.
“As we learn to live with Covid, thanks to the success of the vaccination programme, there is no longer advice for vulnerable people to shield…”
A spokesperson for the DfE (Department for Education UK)
It’s SUPERBOWL weekend!
Remember: Endemic does not mean Harmless. 0% does not mean Eradicated.
Clive Robinson • February 12, 2022 2:12 PM
@ JonKnowsNothing, Freezing_in_Brazil, ALL,
Which sub-lineage are your rooting for?
The one that does “least harm” but also hopefully gives best immunity as well. As an African doctor said of Omicron,
“It’s the vaccine we could not aford to make or give”.
To say that SARS-2 is not now in reality endemic would be silly.
There are so many lineages now, it’s become a veritable “petting-zoo” of “cute furry thing” disease reservoirs of zoonotic and reverse-zoonotic infections. Hopefully this will now have laid to rest some of the deliberately circulated rumours, that there was never any evidence to support.
The concern now is for what ever varient next becomes dominant for it to be less pathogenic than the ones before and hopefully less so than the common cold.
Interestingly despite our many many mistakes, we have apparently seen as a byproduct of lockdowns eyc but obviously not vaccination the extinction of two varieties of flu. Due mainly to “Issolation with Hands, Face, Space, Ventillate”. As a result of which thankfully “mask wearing” is now less contentious than it was.
Maybe if we lost the “Macho Man” nonsense of “Personal Rights over Societal Responsabilities’ and all started wearing masks for the respiritory disease seasons as is the increasing habit in the Far East we might all live a healthy decade or so longer[1]…
Hopefully the lesson we can all take away from the past couple of years is that prompt sensible “primary” precautions used for millennia, if brought in early and hard will stop future out breaks of disease down to manageable levels and give science and medicine the time for them to catch up.
As for the underlying primary issue of the interface between civilisation and the wild, it would be nice to think we would have learned lessons there… But I think we all know the answer, and the solution to that, is going to be rather more difficult.
There are other things that will need to be said in the near future, any one who understands cause and effect knows that, but for changes to happen society has to want to move in that direction, and that only happens by honest education and understanding. My memory stretches atlest half a century with the moon landings still fresh in my mind. In that time I have seen many positive changes in society, as well as too much desperate clinging to the past and trying to claw back a past that never existed by “boat anchors”. Sadly such people will always exist, what we need to do is minimise the harm they can cause, without loosing the benifits of steady progress. That is science is a guide to what the ultimate arbiter “nature” will alow, one charecteristic of both nature and science is that the answers take time, and that rushing off without caution is not sensible.
Thus the precautionary approach via time tested interventions that will buy as the time to get the answers we need, is perhaps the best lesson that can be learned from this now endemic situation.
[1] Over the next 20-30years we will see the bulk of which new auto-immune diseases SARS-2 has brought to mankind. And get an indication of just how long, the tail of Long Covid, is realy going to be.
pup vas • February 12, 2022 2:13 PM
Work starts on Coventry hub for police and delivery drones
https://www.bbc.com/news/uk-england-coventry-warwickshire-60354385
=Construction has started on an air hub, which will act as a base for police and delivery drones.
The facility, known as Air One, is being built in Coventry ahead of a demonstration event later this year.
Urban-Air Port Limited (UAL) is working with car-maker Hyundai on the mini-airport, known as a skyport.
West Midlands Police said it had been working with UAL to build an infrastructure network of take-off and landing sites for its drones to boost operations and aid the fight against crime.
The force plans to be part of a showcase on 25 April to demonstrate how the hub could benefit policing.=
Clive Robinson • February 12, 2022 4:19 PM
@ pup vas, ALL,
“West Midlands Police said it had been working with UAL to build an infrastructure network of take-off and landing sites for its drones to boost operations and aid the fight against crime.“
I see the usual excuse for wasting money on techno-toys…
They said “helicopters” would “aid the fight against crime”, well the “Association of Chief Police Officers”(ACPO) makes positive noises, but the proof as they say “is in the pudding” and in this case I don’t think anyone has started to cook it yet…
You might remember a few years back the Chief Police Officer of Kent Constabulary was making positive noises about the predecessor to drones, a near thirty foot long bag of lighter than air gas that would once have been called a “blimp” or Unmaned Air Ship.
I guess it was such a success it’s become “Top Secret” as there is nothing said about it these days…
Any bets on how long before some Chief Police Officer talks about satellite technology and how his Constabulary must have it’s own satellite to look down from above, because it’s some kind of given it will,
“boost operations and aid the fight against crime.”
I guess I must be getting jaded in my old age, that or they just think any old nonsense will look good in a Public Relations Press Statment…
Bloated Cow • February 12, 2022 5:08 PM
@Clive (and others)
[1] Over the next 20-30years we will see the bulk of which new auto-immune diseases SARS-2 has brought to mankind. And get an indication of just how long, the tail of Long Covid, is realy going to be.
And we will see whether or not the injections were as safe as claimed.
US Dept. of Defense Medical Data
hxxps://stevekirsch.substack.com/p/this-medical-data-from-the-us-dod
British ONS Data
hxxps://www.lifesitenews.com/news/children-in-britain-up-to-52-times-more-likely-to-die-following-a-covid-shot-report-finds/
US Coroner cites vaccine related myocarditis as cause of death
hxxps://www.lifesitenews.com/news/new-york-coroner-confirms-college-student-died-from-covid-vaccine-related-myocarditis
The spike in sudden cardiac deaths if FIFA players
hxxps://stephenc.substack.com/p/5-fold-increase-in-sudden-cardiac
Steve • February 12, 2022 5:25 PM
@Bruce: Methinks a bit of anti-disinformation moderation is becoming necessary.
Red flags everywhere.
Winston Smith • February 12, 2022 6:48 PM
@SpaceLifeForm, @all
You cited, “hxtps://threadreaderapp.com/thread/1490352639099523074.html”
…and I’m still trying to understand how a room temperature IQ thread re: Trump and “January 6th” at the Washington D.C. Capitol building has absolutely anything to do with news that the CIA is running its own off-the-books bulk data collection program.
That, and subsequent comments cause me to consider that this forum is being drawn and quartered by divisive fodder. I miss the in-depth discussion of meaningful subjects, even if/when politics is mentioned as a factor.
And, “No”, blanket censorship isn’t the answer to this problem, either.
SpaceLifeForm • February 12, 2022 7:20 PM
@ Winston Smith
The point of that thread is that things are being investigated at DOJ.
I think we will see some very visible actions by the end of February.
The Wheels of Justice grind slowly, but finely.
The CIA database story is actually interesting. Various reports may be misdirection. One I have seen is that it really is not a separate database, but that it is actually just CIA, FBI, NSA data sharing under EO 12333. That is the most likely scenario.
Sometimes, things leak for a reason.
SpaceLifeForm • February 12, 2022 7:59 PM
F12 Right Click
No Charges to be filed.
Governor Parson remains defiant because he can not admit he was wrong.
Clive Robinson • February 12, 2022 11:52 PM
@ Winston Smith, ALL,
With regards,
I miss the in-depth discussion of meaningful subjects, even if/when politics is mentioned as a factor.
Perhaps this will ameliorate your feelings,
@ Bruce, ALL,
Somebody has decided to change the Linux kernel Random Generator, which as it has been quite contentious in the past is likely to cause some ruffled feathers now, and people will get asked to make comment.
You can read more under this wince worthy title,
random: use computational hash for entropy extraction
I won’t comment at this point, as it will take a little while for people to get to notice on a wider scale.
ResearcherZero • February 13, 2022 12:24 AM
@SpaceLifeForm
monitoring all the chat rooms requires a lot of resources
Monitoring stellar orbits around the Massive Black Hole in the Galactic Center
“they’re invariably filled with terminally online memeing kids”
https://knockout.chat/thread/33251/1
SpaceLifeForm • February 13, 2022 3:18 AM
@ Clive, Winston Smith, ALL
random: use computational hash for entropy extraction
I like Blake, and this being faster is all well and good, cleaner code, and maybe it helps reduce attacks, but…
You can not create Entropy out of thin air!
Jon • February 13, 2022 8:13 AM
You can not create Entropy out of thin air!
Sure you can. Just measure lots of micropressure variations over a good-sized area and you’re off to the races! ;-P
J.
Anders • February 13, 2022 8:34 AM
I like theirs callsigns 🙂
hxxps://www.dailymail.co.uk/news/article-10498635/The-Big-Ugly-Fellas-arrive-UK-B52-long-range-bombers-land-Britain-join-Nato-mission.html
Teledamus • February 13, 2022 9:17 AM
FritzFrog is back (or probably never went completely away):
h++ps://www.akamai.com/blog/security/fritzfrog-p2p
The decentralized botnet targets any device that exposes an SSH server — cloud instances, data center servers, routers, etc. — and is capable of running any malicious payload on infected nodes
The Golang malware being spread adds new functionality to the botnet, including the usage of a proxy network and the targeting of WordPress servers
Since there are no C&C servers to take down, countermeasures will need to follow a different strategy. It’s quite interesting that Akamai “suggest the operators are seeking to avoid infecting low-end systems with low resources, such as Raspberry Pi devices or low-resource EC2 images on AWS”.
Decentralized botnets are an interesting security challenge.
Nick • February 13, 2022 11:54 AM
Any informed comment about the recent cyberattack on the Vodafone network in Portugal?
If you google for: vodafone portugal attack
you’ll see a lot of hits – the attack took down Vodafone’s entire network in Portugal for more than a day. But there’s no information about who/where the attack came from.
Clive Robinson • February 13, 2022 1:49 PM
@ SpaceLifeForm, Bruce, Jon, Winston Smith, ALL,
You can not create Entropy out of thin air!
Aside from Jon’s genteel leg pull of reality (actually used in old mechanical hard drive head timings), no you can not determanistically create random to be used as entropy.
Like you I’ve mentioned this strange belief that some how “adding a cryptographic algorithm” will do this before. I not just thoroughly debunked it, I gave it a name of “Magic Pixie Dust Thinking”.
In fact I’ve shown how it can be used to hide a “backdoor” in the likes of Intel CPU and other chips a user can not get appropriate access to to prevent. But the chip designer and any they chose to tell can.
Can hash functions build backdoors?
We would like to think not because they are allegedly “One Way Functions”(OWFs) but we know from “Dictionary Attacks” on Password Files that knowing sufficient about the input characteristics significantly reduces the search space from impossibly large to practically small. Well one of the downsides already indicated for the current Linux Kernel RNG is that it can be relatively easy to attack via “known input”. So the argument for change would not appear to be one based on security…
So just “performance” or “fashion fad”.
However what is clear is nobody has yet done a security analysis on the proposed changes.
Me I think people should do such an analysis, because when you analyse “Roots of trust” they are all critically dependent on “nondetermanism” thus “unpredictability” in a sufficiently large field that any kind of search is infeasible in any potential time frame (like the expected life of humanity or the universe).
Clive Robinson • February 13, 2022 3:54 PM
@ Arnold,
Covid is over.
You could not be more wrong.
Whilst the “pandemic” might be over according to some, that is not because the SARS2 pathogen has somehow disappeared. No it has become so prevelant not just in humans but other creatures it is now “endemic” which in effect means,
No end in sight now or in the near foreseable future.
Worse, we have had two strains of Omicron so infectious that not only have they pushed out the less infectious varients the second Omicron is rapidly displacing the first, and there are indications that it not just breaks through vaccination but earlier infections.
Which brings to the fore the issue of mutations, these are linked to the number of infections at any one point in time. So the fact Omicron is so highly infectious means that the number of mutations is up by the same proportion.
But we also have clear evidence of,
1, Reverse zoonotic transfer
2, Zoonotic transfer.
In the same species, which means we have “Disease Reservoirs” that will carry the disease forward almost indefinately. Look at “white tailed deer” whilst they are certainly disease carriers they are minimally effected thus from the SARS2 pathogens perspective ideal hosts. We have similar in rodents such as domestic mice and rats. Which unlike the deer have an inordinately close relationship to mankind. So much so there is a legal term derived from latin for them which in effect means “eats from the plate of man”.
So the SARS2 pathogen has more than one mamailian path to mutate down. Omicron is likely to have arisen down a path involving domestic mice in parts of Africa where health care is at best minimal and healthcare surveillance non existant in the majority of places. It came to light as it rapidly swept through South Africa and on to Europe and America.
We got lucky in that although it is highly infectious it is also not particularly pathogenic in humans. That is not always the case, MERS is a another betacorona virus and relatively close relation of SARS, whilst it is not very infectious it’s pathogenicity in humans is something like a third of known infections dying of it. The MERS zoonotic reservoir host is believed to be camels where it’s pathogenicity is believed to be low.
So there is absolutly no reason why SARS2 could not mutate to be more infectious as has already happened with Omicron or more pathnogenic as has happened with other SARS2 mutations or both. If the latter happens then we realy would be looking at an existential threat where 2billion deaths could occure. Hopefully that will not happen and SARS2 will become increasingly like the common cold (other betacorona viruses that infect humans). But we don’t know.
In part because nobody has shown a causal model that shows that high infection rate means a lower pathogenicity. Nor have they shown a model as to why one host species would be almost uneffected whilst other species get significantly effected.
Oh and to top things off, the evidence of the effectiveness of the vaccines currently used in the West is that they are becoming increasingly ineffective against new mutations (a fairly predictable event as mRNA technology is way to specific).
But as for your,
You need to find another topic to virtue signal about.
Your gross ignorance or pretence at it, is a very strong signal of significant bias.
What we do not know is if your bias is cognative, or for other pecuniary, political or both reasons. At the very least your behaviour is at best Trollish.
JonKnowsNothing • February 13, 2022 7:18 PM
@vas pup, @All
re: those who think somebody’s else sons or daughters going to die for their crazy war mongering
When sabers are rattling some interesting pictures get selected for MSM reports, with the idea that “a picture is worth a thousand words”.
What I find curious is they select images of people protesting in Ukraine against Russian-Putin policies, carrying large banners written in English, even using American Spellings.
The official language in the Ukraine is Ukrainian and they have a list of other recognized languages but English is not one of them. Yiddish yes, English no.
If one were intending to Speak to Ukrainians, one might consider using a Ukrainian language. If one were intending to Speak to the Belarusian folks on the north border, Belarusian might be useful although Russian is more likely to be known there. If one wanted to address Putin, one might pick Russian. Putin may speak perfect American English but I’m sure he is far more familiar with his own native language.
Protesters in the USA do carry banners in other languages as there are some 20+ languages in use here, English being predominant. Banners in Spanish and other languages are sometimes selected by MSM with a “translation” note in the caption. However, most banners are intended for local consumption and are for local and regional issues, so the language selected is meant for the local readers. There are enclaves where English is not spoken in the USA and should you wander into those, a smile and gesture will likely suffice.
Then there is the “halo shot” where some artsy photographer takes the image from below mid-line with something in the background that forms a “halo” effect around the imaged person’s head. Lighting is popular, giving that hazy glow. Some depictions of the Great Seal of the USA have a star border and if the photographer crouches just right, they can get this centered as a background. There’s Photoshop of course, but many MSM claim they only allow standard cropping to alter an image (1).
The Guardian MSM as an example, selects a halo shot quite often. It’s rather annoying.
It’s just curious…. but then perhaps not curious at all.
===
1) iirc(badly) Some years back, a particularly spectacular photograph was selected and used by a lot of MSM outlets. It won awards too. Then someone noticed that in the lower left corner of the image, there was a “terrain stamp” or copy-paste that covered up something. That something turned out to be a badly placed camera bag. There was a huge up roar and the photographer was castigated and pilloried for “modifying” the picture. Had he done a Crop, it would have been OK.
Winston Smith • February 13, 2022 7:46 PM
@Clive
“Worse, we have had two strains of Omicron so infectious that not only have they pushed out the less infectious varients the second Omicron is rapidly displacing the first, and there are indications that it not just breaks through vaccination but earlier infections.”
Natural immunity in combination with vaccination provides superior protection whereas it very possibly includes protection from future variants, too. With natural immunity, variants don’t necessarily have to be considered mutually exclusive threats:
(Not the best source for all things medical, but it’s a quick starting point)
So, in the end, the spread of less virulent variants is not a bad thing. This points to the “virulence-transmissibility evolutionary trade-off” theory, but there is evidence both for and against it. The popular media, of course, choose FUD and land in the “against” camp with respect to COVID.
JonKnowsNothing • February 13, 2022 9:09 PM
@Clive, @ Arnold, @Winston Smith, @All
re: SARS2 pathogen has more than one mammalian path for mutation.
A few recent studies have found that the Named COVID19 variants can be found in White Tail Deer (WTD) populations in different regions including Europe. The WTD on Staten Island have Omicron, while deer in other states have cycled through the COVID Greek Letters (alpha, beta, gamma etc).
The Hamster-Covid problem in Hong Kong is interesting because the hamsters had a Delta variant matching the those found in the Netherlands and Northern Europe at the same time when Omicron is dominant in Europe. The batch of hamsters (1) were imported from the Netherlands and genome tracing is on going. The infected hamsters passed Netherlands-Delta to their owners in Hong Kong where Omicron is also dominant.
The odd gene in the Omicron genome points to a Mouse-Omicron model not Hamster-Delta model.
Mink-COVID interactions are still happening. Currently they are getting Omicron and dying. In those countries that still do mink farming, they test the dead carcasses.
Dogs and Cats get whatever their owners or carers get. When the owners had D614G that’s what they got. Now they are getting Omicron.
All the SARS-CoV-2 lineages are still active and the virus is proving very malleable (2).
The numbers and counts may be below public reporting thresholds. For those countries moving to the “Ostrich-Omission Method of Public Advice and Health” (OOM-PAH) there maybe no indications at all.
===
1) Hamsters are not Guinea Pigs. They are often confused. They are both rodents. The second is more edible than the first.
2) International veterinary groups are requesting more COVID PCR positive animal genomes be submitted to research databases.
MarkH • February 14, 2022 12:16 AM
@JonKnowsNothing:
In my experience, young citizens with at least a fair conversational ability in English are easy to find in Ukraine’s major cities.
In the present crisis, aid and sympathy from countries of the West is of paramount importance.
English is the best common language between the populations of Ukraine and those Western countries.
As for “starting a war”, there is only one country committing armed aggression in 21st century Europe.
Winter • February 14, 2022 12:34 AM
@JonKnows
“What I find curious is they select images of people protesting in Ukraine against Russian-Putin policies, carrying large banners written in English, even using American Spellings.”
Protests in Ukraine are not organized to convince compatriots, but the West.
Given the long history of Russian propaganda in Ukraine, the people their are rather cynical towards informing the Kremlin about their opinions.
Also, they will know how fanatically monolingual Americans are. If it is not expressed in US English, it does not matter to Americans. But any real support has to come from the US. Which also translated in less to no photos and exposure from demonstrations when the banners are not in English.
Something the Ukrainians are well aware of.
BTW, we do get interviews with Ukrainians on TV in their own language. Access to the Eastern Russian areas seems currently to be next to impossible, not even from Russia. Journalists regularly apologize for their inability to give the other side a voice.
Winter • February 14, 2022 1:20 AM
@MarkH, JonKnows
“In my experience, young citizens with at least a fair conversational ability in English are easy to find in Ukraine’s major cities.”
And do not underestimate the quality of online translations. They are pretty good nowadays.
Clive Robinson • February 14, 2022 2:31 AM
@ Winston Smith,
Natural immunity in combination with vaccination provides superior protection whereas it very possibly includes protection from future variants, too.
Yes it does, that is what the figures show, and something I’ve discussed with @Winter briefly over the past few weeks.
More interesting though is that the mRNA vaccines are way to specific, yet the likes of CoronaVac from Sinovac which is basically the whole virus but inactivated, has a greater coverage.
But both suffer from the “Quality or Q curve” effect, of “constant area under the curve”. That is the mRNA is very specific to certain protiens and so very effective against what it is tailored for (the original second wild strain). However the inactivated virus covers many many more protiens so is less effective against a specific variant but covers rather more variants.
The best vaccine stratagy appeared to be two doses of CoronaVax more than four weeks apart followed by a booster shot of Oxford AZ adenovirus…
However it’s been suggested from Russian trials that a single shot of three different vaccines given over a suitable period might be well up on the effectiveness curve as well as broad coverage.
The problem is trial data and peer-review take considerable time, so by the time we establish one set of facts the virus has moved on and also further facts come from other trials, so our qualified view point changes.
About the only thing we appear to know with reasonable certainty is that three shots of any individual vaccine, enters very much into the law of diminishing returns.
All of which leads back to fully vaccinated plus an actual infection gives the most robust and longest defence against SARS2.
Winter • February 14, 2022 3:14 AM
@Clive, Winston Smith
“More interesting though is that the mRNA vaccines are way to specific, yet the likes of CoronaVac from Sinovac which is basically the whole virus but inactivated, has a greater coverage.”
I do not see much difference yet. The inactivated viruses seem to do little against infection and transmission. “Natural” immunity to other strains does neither. The protection against serious disease also does not seem to differ much between the vaccines.
ht-tps://www.nature.com/articles/d41586-022-00079-6
In short, I have not seen any evidence that tells me getting infected (and sick) protects better than getting vaxxed.
SpaceLifeForm • February 14, 2022 3:46 AM
@ Clive
That’s a lot of Apes
Two Trillion Three Hundred and Twenty Four Billion Two Hundred and Fifty Two Million Eighty Thousand One
hxtps://twitter.com/gh230277/status/1492466576649502721
[interesting bug to say the least since neighbors received same]
Winter • February 14, 2022 6:49 AM
I am not sure how to classify this devious madness?
Russian teen gets 5 years over Minecraft bomb plot
Authorities claimed it was ‘terrorist training’ for the 14-year-old and his friends
ht-tps://www.theregister.com/2022/02/14/minecraft_bomb_plot/
Clive Robinson • February 14, 2022 7:58 AM
@ Winter,
I am not sure how to classify this devious madness?
Many countries have similar legislation that can be twisted to have people jailed or worse.
In the UK back at the end of 2007, a young lady who was a shop assistant, was convicted under Section 58 of the UK Terrorism Act 2000 ostensibly according to MSM reporting at the time for writting poetry on till receipts…
Clive Robinson • February 14, 2022 8:11 AM
@ ALL,
If you are over at “the vulture” having a read, you might want to look at,
India’s Reserve Bank says outsourcing and offshoring are risky
https://www.theregister.com/2022/02/14/reserve_bank_of_india_outsourcing_risk_warning/
But whilst that should be familiar to longterm readers, this “debate”, should be in most readers here fore brains much of the time,
We should not expect our communications to remain private
https://www.theregister.com/2022/02/14/encryption_debate_for1_monday/
Winter • February 14, 2022 9:28 AM
@Clive
“Many countries have similar legislation that can be twisted to have people jailed or worse.”
But not many apply them to 14 yo. But I agree, Anglo-Saxon criminal Justice often too is utterly insane. The US had 4 yo toddlers on their no-fly list.
I think the point is not the bad laws, but the determined and inhumane refusal to follow reason when applying criminal law.
JonKnowsNothing • February 14, 2022 10:37 AM
@Winter, @MarkH, @All
re: “In my experience, young citizens with at least a fair conversational ability in English are easy to find in Ukraine’s major cities.”
And do not underestimate the quality of online translations. They are pretty good nowadays.
I have no doubt that a huge number of people in EU speak English, BBC accents preferred.
The item was a very clearly made huge banner, nice graphics, in American English, that I found odd-duck. It was being carried by a group of people (6+; it was a big banner) in what was described as a “Large Ukrainian Protest Against Putin”.
Carrying a banner is not necessarily aggression; it all depends on what’s printed on the banner and where you are carrying it.
This banner was intentionally aimed at the USA. It was not aimed at Putin. Even dumb ducks in the USA have heard of Putin…
Hmmm, that might be maligning ducks.
There are likely some folks in the US Congress who don’t know a A-Putt-In from a Gazpacho.
Apokrif • February 14, 2022 11:00 AM
https://twitter.com/RichardMCNgo/status/1492212649941037056
“Octopuses are surprisingly intelligent, and reproduce at 1 year old. If we’d started a breeding program 50 years ago, we probably could’ve gotten them smarter than dolphins by now. A disappointing failure of the long-term mad science ecosystem.”
“our specific reasons their brain size could increase rapidly:
– Their brains don’t need to pass through a birth canal
– Their head weight is supported by water
– They could develop many more neurons in their arms
– They have many many offspring which we could select between”
“he best time to start an octopus intelligence breeding program was 50 years ago. The second-best time is now! “
Winter • February 14, 2022 11:04 AM
@JonKnows
“This banner was intentionally aimed at the USA. It was not aimed at Putin.”
I am pretty sure that Ukrainians are convinced Putin knows what they think of him and Russian rule. I also think the Ukrainians think Putin is behind a fire hose of misinformation about Ukraine and everything related to it [1].
So it is natural Ukrainians will address their message to the people in the USA they want them to help and who are swamped by these Russian falsehoods and not towards the man who they know would rather exterminate them than have them live in peace.
[1] The Russian “Firehose of Falsehood” Propaganda Model
Why It Might Work and Options to Counter It
ht-tps://www.rand.org/pubs/perspectives/PE198.html
Winter • February 14, 2022 11:11 AM
@Apocrif
““our specific reasons their brain size could increase rapidly:”
You miss 1, or 2, limitations:
1) Brains need a lot of energy. Octopuses are cold-blooded and need to extract their oxygen from water. That will limit the energy they can use to feed their intelligence.
2) Octopuses lack myelinated nerve axons which limits the speed/efficiency of their long distance nerve communications.
ht-tps://www.wellbeingintlstudiesrepository.org/cgi/viewcontent.cgi?article=1513&context=animsent
Winter • February 14, 2022 11:13 AM
@Apocrif
PS
Octopus nervous system
ht-tp://www.octopus.huji.ac.il/site/articles/Hochner-2004.pdf
JonKnowsNothing • February 14, 2022 2:01 PM
@ Winter
re:
@JKN “This banner was intentionally aimed at the USA. It was not aimed at Putin.”
W: I am pretty sure that Ukrainians are convinced Putin knows what they think of him and Russian rule. I also think the Ukrainians think Putin is behind a fire hose of misinformation about Ukraine and everything related to it.
So it is natural Ukrainians will address their message to the people in the USA
I concur however, part of the point is the image is posted in US MSM. There’s not many facts or rather there are a plethora of facts similar to Living With COVID advice.
In the age of Deep Fakes, it may be prudent to mute the video voice overs.
Here’s a sample, ymmv. Deep Fake, Shallow Fake, Dead Fake?
I’ve seen this movie several time before… the ending is always nasty.
Ukraine might want to really consider what it is they are wanting. The US has an entire Army it needs to put somewhere. These are the surplus folks from Afghanistan. We have no place to put them in the US. Ukraine might work out for the next 20 years.
MarkH • February 14, 2022 2:29 PM
@JonKnowsNothing:
If your point is to brag about your highly sophisticated cynicism, you’ve made it already, OK? A+ and pat on the head.
If by “MSM” you mean outlets that do their best to avoid fact-free conspiracy trash, I have seen an impressive amount of high-quality reportage on the Ukraine crisis from the MSM.
Believing liars is one kind of gross cognitive error. Heaping scorn on those who bring you truth is equally dangerous.
The Ukrainian grandmas who fought as partisans are all dead or very frail. Even if they were still around to shoulder a weapon in defense of their motherland, the technology has moved on from what they knew. The “47” in AK-47 is the year the design was completed.
I know a fair number of Ukrainian grandmas. They are all formidable people, but they need training to be able to contribute to a civilian defense corps.
FACTS MATTER
MarkH • February 14, 2022 3:20 PM
In addition to clinical information of immediate use, medical science is also seeking answers to broader questions about the present pandemic.
A NY Times article discusses investigations into the “Russian flu” which spread through humanity after first being recognized in Bukhara (present-day Uzbekistan) in 1889.
Tantalizingly, that pandemic has suggestive commonalities with Covid-19, leading to curiosity as to whether than pandemic might not have been a flu at all, but rather some coronavirus.
The only known way to answer this, is to find samples, presumably in preserved lung tissue. The search is on.
vas pup • February 14, 2022 4:01 PM
@JonKnowsNothing • February 13, 2022 7:18 PM
Thank for Your input, but based on Bruce’s or Moderator’s discretion (yeah, that is HIS blog and he established the rules) my post related was deleted. I always doubt was it done by their own discretion OR kind of outside handler ask them to delete.
I am sure Bruce is not represent interests of war mongering politicians and/or military-industrial complex. That is why it is puzzled me, because quote was promoting peace rather than war.
I just recall quote: There is no freedom without justice, and there is no justice without truth.
So, can they really handle the Truth in Ministry of Truth or Ministry of Love (1984)?
Or like some of the close Hitler’s affiliate claimed “The best way to fight the idea is to break the skull of its bearer”?
In 21 century is just shut down channels of expression. Time will show who was right and who was wrong.
Anders • February 14, 2022 4:34 PM
@Clive @SpaceLifeForm @MarkH @ALL
They probably will set up some kind of false flag op.
hxxps://www.theguardian.com/world/2022/feb/14/russian-envoy-warns-of-right-to-counterattack-in-eastern-ukraine
JonKnowsNothing • February 14, 2022 4:56 PM
@MarkH
re: cynicism
Digital Cynicism is one way to question Digit Truth. Perhaps you personally know people from Ukraine and get the true low down on what’s going on. I’m stuck with Potential Digital Manipulation of Images on mainstream papers.
In digital manipulations there are at least 2 possible goals:
1) To hide information (cryptography, steganography etc)
2) To alter information (distract, misdirect)
They use similar techniques but with entirely different goals.
All sorts of activities use such manipulations from games to puzzles, from crosswords to cosplay (1).
In open systems the manipulation is evident. You attempt a crossword, you know there are going to be questions based on the difficulty. I am not good at these but I can recognize the double entendre when it shows up in the clue list.
In closed systems the manipulation is less evident but discoverable. Puzzles and treasure hunts are examples. They may have both methods in use. A distorted map and a scramble egg list of clues. quipqiup can help for the more complicated setups.
In World Class Nation State versions, it’s most difficult for the average smoe to know what’s going on. When Nation States have turf issues and hidden agendas it’s fairly easy to manipulate the populations into actions they would otherwise not have done. We have lots of examples of people who get Bum-Rushed into situations and later on, find the courts do not agree that it was a reasonable and legal response.
Cynicism is one way to challenge the narrative. (2)
===
1) Not being hip or up to speed on the ways of Internet Influencers, I’m trying to decipher a specific hand position used by K-POP groups. Many “mudras”, or ritual gestures, are used throughout the world and the hand postions have specific meanings. The K-Pop groups go through extensive dance training. It’s likely the gesture has a meaning as it’s repeated in many images.
2) This afternoon’s image is a field of snow with a truck mounted missile launcher just after firing with the missile visible leaving the cannon.
Very well framed. Excellent cropping. No smoke. No details. No time stamp. No geotag. No orientation marks. No other identifiable items.
The missile is aimed to the right side. Did Ukraine just fire into Russian territory which is to the right of Ukraine? Was the picture reversed and the original showed the missile fired to the left, meaning Russia fired into Ukraine? Or Ukraine just fired into Poland or Slovakia? Was it a training shot from some winter war games years ago?
It could just as well have been an image from any of a thousand war-games style MMORPG games. I’m sure I saw similar on SWTOR, impressive batteries of missiles launched on Alderaan. Impressive graphics. Light Sabers FTW.
JonKnowsNothing • February 14, 2022 5:31 PM
@MarkH
re: how to contribute to a civilian defense corps.
In modern warfare there are lots of ways to contribute. Packing heavy equipment is not necessarily the best solution for “older troops”.
Expecting an untrained older civilian population to use shoulder carried battlefield weapons in the field in conflict is a high expectation. People have done it.
It would perhaps be better if they deployed the civilians in computer or digital services but that can get nasty blow back claim of using Civilian Human Shields. This does not stop the USA from releasing lethal rounds.
It might be even better to conscript the civilian populations so that they are not defined as civilian at all. Not very popular but doable. Mandatory Military Service is a common route, with some back up forces in a National Guard setup.
There are lots of ways to defend a country. Some use their human populations to better effect than others.
This is a current debate in the US and other countries.
NSO Pegasus out of Israel is one variation. FB/META is other variation, where a civilian becomes the conduit for 3L-LEA data acquisition. (1)
===
1) It would be rather humorous if FB/META users could submit legal requests for “back pay + overtime + bonus + penalty” for their “unpaid” work.
FB/META can take their data by EULA/TOS/CoC but maybe they cannot take their “labor” unpaid.
Anders • February 14, 2022 5:37 PM
@ALL
re: Vodafone.
hxxps://therecord.media/cyberattack-brings-down-vodafone-portugal-mobile-voice-and-tv-services/
Anders • February 14, 2022 5:44 PM
@ALL
“Two independent sources claim US utilities companies are placed on high alert, following peaks of malware deployment at many of them in the last days. Expectation is for simultaneous muscle-flexing cyber attacks on US companies.”
hxxps://twitter.com/i/web/status/1492236481448005636
@SpaceLifeForm : any info on that?
lurker • February 14, 2022 6:26 PM
@JKN
If you’re wondering what to do with a large, trained, disciplined[1] workforce accustomed to harsh environments, I hear there are real estate development opportunities on Mars.
[1] trained and disciplined are relative terms.
C U Anon • February 14, 2022 8:23 PM
@lurker @JKN
“I hear there are real estate development opportunities on Mars.”
Yeh, I’m told though the social life sucks, as the place has no atmosphere worth talking about.
JonKnowsNothing • February 14, 2022 9:15 PM
@All
A US Federal Case charging 2 people over the theft of Bitcoins, is not charging them with the actual or alleged theft.
The charges are over Banking Secrecy Laws and that they “hid” their identity to move bitcoins, taken in 2016 hack, through a complex scheme of transactions.
One of the red lights that flashed for law enforcement is:
The IRS does similar backwards accounting to prove you didn’t Report It All. They check all the stuff you own, bought, rented, leased and calculate your life-style. If the numbers on the bottom of the form don’t match up …
MarkH • February 14, 2022 9:59 PM
@JonKnowsNothing, all:
A critical distinction, understood by few:
skepticism says, “let’s examine claims on the basis of evidence, reason, significance, rational assessments of reliability of sources, and coherence with a well educated understanding of context.”
cynicism says, “they’re all corrupt liars, so I’ll believe what confirms my prejudices or gives me visceral satisfaction.”
One of these is vital for democracy to function; the other is intensely corrosive to democracy.
If you’re suspicious of media reports or images, why not post some links, simple citations, or verbatim text we could search?
There are knowledgeable folks here who could offer assessments.
Plenty of peaches, peaches for me. Plenty of peaches, peaches for free! • February 14, 2022 10:14 PM
Full-time internet surveillance comes to Cambodia this week
” Locals fear sharing their views on new National Internet Gateway
Cambodia’s National Internet Gateway comes online this Wednesday, exposing all traffic within the country to pervasive government surveillance.
As The Register reported when the Gateway was announced in January 2021, Cambodia's regime will require all internet service providers and carriers to route their traffic through the Gateway. Revocation of operating licences or frozen bank accounts are among penalties for non-compliance.
All incoming traffic to Cambodia will also be required to pass through the Gateway and be subject to censorship.
Human Rights Watch's analysis of the Gateway suggests it will "allow the government to monitor all internet activities and grant the authorities broad powers to block and disconnect internet connections."
Locals fear sharing their views on new National Internet Gateway
Cambodia’s National Internet Gateway comes online this Wednesday, exposing all traffic within the country to pervasive government surveillance.
As The Register reported when the Gateway was announced in January 2021, Cambodia's regime will require all internet service providers and carriers to route their traffic through the Gateway. Revocation of operating licences or frozen bank accounts are among penalties for non-compliance.
All incoming traffic to Cambodia will also be required to pass through the Gateway and be subject to censorship.
Human Rights Watch's analysis of the Gateway suggests it will "allow the government to monitor all internet activities and grant the authorities broad powers to block and disconnect internet connections.""
JonKnowsNothing • February 14, 2022 11:51 PM
@MarkH
re: If you’re suspicious of media reports or images, why not post some links, simple citations, or verbatim text we could search?
1) I do not like to post links to things that might be dodgy
2) There is no text per se attached to the images
3) I indicated the content provider(s) are MSM in the USA.
4) I described the image to the best of my ability. As the images have no context so there isn’t anything more I can directly add.
5) I could add a few comments about “composition, timing, background, eye lines, visual travel paths, focus points, aversion points, photo techniques, color spectrum and optics” but that is too esoteric.
I presumed, wrongly, that the images I see in MSM are the same you and others see but perhaps that is not so.
We know that content shoveling can be very finely tuned, on the fly, RT, to give you more of what you “click on”.
As I don’t click on the image, the rotation may simply shovel up more enticing views as Click Bait.
There is also the possibility that the images are not provide by MSM but by a MITM inserting a dodgy picture. We know that can be done, and has been done.
I would not be surprised if everyone who reads or posts here is on a list somewhere for someone. A bit of caution is warranted.
The pictures maybe 100% legit. There may be 10,000 copies of the same image featured on MSM around the USA. There might be 1 dodgy version in the lot.
You’ve got to ask yourself a question: ‘Do I feel lucky?’. Well, do ya, punk?”.
No I don’t. In fact I don’t feel “lucky” about Living with COVID either.
ResearcherZero • February 15, 2022 12:12 AM
The group calls itself Rockethack and advertises its services on Russian-language underground forums where it is highly respected for delivering on its promises to customers and the quality of the extracted information.
The latest example of that is a group that researchers have dubbed Void Balaur that has been breaking into the mailboxes, social media accounts and telecommunication records of human rights activists, politicians, business executives and other high-profile individuals across a dozen countries.
Like most APT groups, Void Balaur uses highly targeted phishing attacks to compromise individual targets, but there is also evidence it often goes higher up the supply chain to gain access to various services providers directly as well as other companies and organizations that hold sensitive data on many people its customers might be interested in.
While obtaining full copies of mailbox or social media account communications is one of the group’s primary offerings, its services extend well beyond that with highly sensitive information that could expose victims to extortion, identity theft, espionage and even put their lives in danger.
Some of the data types sold by the group includes information on:
Russian and foreign passports
Marriage certificates
N1 forms
Purchased travel tickets where a passport is needed (train, bus, airlines and ferries)
Border crossing information on individuals
Data on passengers arriving at Russian airports
Interpol records; criminal records
Migrant permits
Weapon registration information
Traffic records and camera shots
Tax service records
Cadastral information
Pension fund records
Most of this data is focused on Russia, which suggests the attackers have access to many sources of federal and local government information. How such access or data has been obtained is unclear and could vary from bribing workers in institutions to compromising workers or those institutions that have this access to such data.
The group also offers access to bank account information including account balances, account statements, payment card registration data and primary phone numbers associated with bank accounts. Void Balaur also has access to highly sensitive telecommunication data such as SMS and phone call records with or without cell tower locations, the active location of phones or SIM cards, and maps where calls were made from.
“Knowledge of these details could serve several purposes, including committing serious crimes,”
The group was seen targeting a senior manager at a telecommunications company, a deputy director at a telecom provider, various telecom network engineers in US, Russia and Israel, the founder of a mobile virtual network operator based in the UK and Russia, a mobile satellite communications operator, a manufacturer of cellular equipment and several radio navigation companies.
Void Balaur seems to possess deep knowledge about how telecom networks operate, which is evident from the data it’s able to offer. It also offers copies of mailboxes from certain email service providers “without user interaction,” which means without credential theft through phishing. Like with telecom networks, the fact that the group can obtain mailboxes without user interaction could suggest a higher level of access into these service providers, the majority of which are Russia based.
https://www.csoonline.com/article/3641412/void-balaur-explained-a-stealthy-cyber-mercenary-group-that-spies-on-thousands.html
“Rockethack has a massive associated intrusion set with thousands of indicators, which we are tracking under the name Void Balaur,”
“We chose this name because Balaur is a monstrous multiheaded legendary creature in Eastern European folklore. It is fittingly symbolic for the multiple purposes for which Void Balaur is being hired: spying on a local shop in Moscow, on journalists, human right activists, politicians, scientists, doctors working in a few dozen IVF clinics, genomics and biotechnology companies, telco engineers with deep knowledge of mobile operators’ networks, and business aviation companies. Void Balaur also dabbles in corporate espionage, is suspected to be selling data to cybercriminals in order to fight their fellow cybercriminals over disputes and has conducted attacks against cryptocurrency users.”
https://documents.trendmicro.com/assets/white_papers/wp-void-balaur-tracking-a-cybermercenarys-activities.pdf
Winter • February 15, 2022 12:17 AM
@JonKonws
“Ukraine might want to really consider what it is they are wanting. ”
They do know what they get with Putin. They have kicked out his henchmen twice before. And they see what is happening in Belarus. They also know how life is in Poland, Lithuania, Slowak republic etc.
If you want to see non US pictures, go to German or Polish media. Or any of the other European countries.
Arnold • February 15, 2022 1:07 AM
@Clive
Seems I touched a nerve. Apologies for that.
Of course Covid hasn’t gone away. What I meant was that it now has to be accepted as part and parcel of daily life – we need to live with it and get on with life.
Many recent regular contributors on this forum have been obsessing over Covid for the last two years. Some (not you) seem keen to exaggerate its effects and encourage lockdowns etc.
All the best,
Arnold
lurker • February 15, 2022 1:33 AM
@JKN, @MarkH
We get it here that often MSM will get a “juicy” story but no pix, or a trivial snippet that asks for more page space, so they go grab something from a library. At least here they do attribute, eg. Getty Images, or 123RT, but when when the pix and text are matched by somebody who did not author either the results vary from amusing to confusing.
It recalls that Mark Twain quote about knowing how to read a newspaper.
JonKnowsNothing • February 15, 2022 3:11 AM
@Winter
re: If you want to see non US pictures, go to …
I think I have not expressed the conundrum correctly.
It’s not about what I want to see, it’s what is being shoveled onto the page by an AI/ML/MITM/NSA/3L/RNG-PRNG/ or other mechanism.
I am sure I could find plenty of good quality reporting on the topic or most topics but that is not what’s being displayed on the page.
One can understand lots of Click Bait lures: cute animals, offers for Free (anything), images of food are good too, high style, royalty etc. Even for the under-informed there’s a sense of “This is an Ad and This is Not Real or Not True”.
So, when a highly polished, macho framed, military beefcake image of ambiguous provenance shows up, it’s not the same as a 2 for 1 deal at the burger stand.
In the on-line ad industry, there is an ad auction that takes place on every page that permits ads. It’s fully automated, high bid wins. The system pulls in all the meta-data it knows about “you” and broadcasts the specifics to the advertising agencies.
Then the bidding starts and in micro seconds and ad is shoveled onto the page with an enticing image.
The click bait is to follow the white rabbit ad…
Except this is what is displayed instead.
So it appears this same mechanism is at work, shoveling up the images in question.
===
2 images tonight:
1) A babushka holding a plywood rifle looking appropriately fierce. Historically the type of person, you wouldn’t want to meet during or after any battle. (3)
2) A very beefy cake group, all backs turned, inside a building that could be anywhere from Fort Benning to Ramstein Air Base to Marine Corps Air Station in Okinawa. No White Bunny Suits so it’s warm inside the building.
3) Henry IV Part One by William Shakespeare, circa 1597
The EARL of WESTMORELAND
My liege: only yesternight there came
A post from Wales loaden with heavy news;
Whose worst was, that the noble Mortimer,
Leading the men of Herefordshire to fight
Against the irregular and wild Glendower,
Was by the rude hands of that Welshman taken,
A thousand of his people butchered;
Upon whose dead corpse there was such misuse,
Such beastly shameless transformation,
By those Welshwomen done as may not be
Without much shame retold or spoken of.
ResearcherZero • February 15, 2022 5:20 AM
“Australia had tumbled down the international league table for its corruption perceptions index”
A week ago, the government very quietly announced it would not deliver on its promise for a federal integrity commission in this term of Parliament. This came just a fortnight after Transparency International announced Australia had tumbled down the international league table for its corruption perceptions index.
Bad news for government integrity, certainly. But also bad news for the economy.
The uncomfortable truth is that clean government matters for living standards.
If you think that these concerns only apply in “really” corrupt countries – ones where bags of money change hands to get things done – think again.
The insidious impacts of “grey corruption” – governments exercising their powers to favour private interests or political interests over the national interest – can chill economic activity through exactly the same channels.
Another area ripe for disinfectant is the role of money in Australian politics. The federal government lags much of the developed world, and its state government counterparts, in rules to reduce the risk of donor influence. There are currently no limits on how much money can flow to federal political candidates or parties.
https://www.smh.com.au/national/grey-corruption-cuts-our-living-standards-so-it-s-a-shame-they-shelved-the-integrity-commission-20220214-p59w4u.html
The Morrison government has proposed a commission with two divisions – one for public officials and one for politicians – which it has released for public consultation.
But critics have raised concerns it would not hold public hearings for investigations into politicians and would not be able to launch its own inquiries or act on anonymous tips from the public.
The Centre for Public Integrity – a group of former judges and prosecutors – is among those to reject the Commonwealth Integrity Commission (CIC) consultation draft as not fit for purpose.
The government has repeatedly shut down moves by the crossbench to debate a federal integrity commission in both the House of Representatives and the Senate.
https://www.sbs.com.au/news/attorney-general-confirms-federal-integrity-commission-won-t-proceed-before-election/f1000d62-c35c-4d26-9430-05e7a642a319
Who’s in the room? Access and influence in Australian politics:
just 5 per cent of donors contributed more than half of the big parties’ declared donations at the 2016 federal election
More than one-quarter of federal politicians go on to post-politics jobs for special interests, where their relationships can help open doors.
“Australians don’t like or trust the current system. The changes recommended in this report would improve the quality of policy debate and boost the public’s confidence that policy is being made for all Australians – not just those in the room.”
https://grattan.edu.au/wp-content/uploads/2018/09/908-Who-s-in-the-room-Access-and-influence-in-Australian-politics.pdf
https://grattan.edu.au/wp-content/uploads/2018/09/908-Who-s-in-the-room-chart-data.xlsx
Winter • February 15, 2022 5:22 AM
@JonKnows
“It’s not about what I want to see, it’s what is being shoveled onto the page by an AI/ML/MITM/NSA/3L/RNG-PRNG/ or other mechanism.”
AI are the new Yes Men.
If your content “suggestions” are created by AI/ML or any type historical data, you will not get News, but diversions, aka, cat videos.
You do not get information on a silver platter, never.
ResearcherZero • February 15, 2022 5:47 AM
I know reporters can’t get out much, due to their reduced budgets, but seizures – “ones where bags of money change hands to get things done” – are all too common in developed countries such as Australia. It’s not like you can carry that much money with just your bare hands.
It costs an entire $4 just to embezzle $1. Spare a thought for just how inventive they have to be to get that money into those hands!
ResearcherZero • February 15, 2022 6:14 AM
Political parties disclosed a combined $176.7 million of income for 2020-21. …$68 million in income for which there is no explanation of where it came from. How can this possibly be considered acceptable?
…since 1999, $1.5 billion in political donations have been made outside the public view – around $45.5 million in the 2019/20 financial year.
…the Coalition has hidden the source of 39.22 per cent of their party income since 1999, while the ALP has hidden 27.69 per cent.
https://publicintegrity.org.au/stronger-political-donation-rules-are-long-overdue/
“Here is a $100,000 bonus, you earned it. It is written here that you did, and so it is written.”
ResearcherZero • February 15, 2022 6:29 AM
Money orders are sequentially numbered financial instruments that must be safeguarded due to their potential use in embezzlement and money laundering schemes.
https://iclg.com/practice-areas/anti-money-laundering-laws-and-regulations/australia
Bribery may also give rise to money-laundering charges under Division 400 of the Criminal Code.
https://iclg.com/practice-areas/anti-money-laundering-laws-and-regulations/australia
Anders • February 15, 2022 6:31 AM
@Clive @SpaceLifeForm @MarkH @ALL
Estonian Foreign Intelligence Service
International Security and Estonia 2022
hxxps://raport.valisluureamet.ee/en/
Leon Theremin • February 15, 2022 7:31 AM
Unlikely to be Bruce who is deleting posts. Rather likely it is those with silicon trojans. All who post here are people of interest. Fight back or perish.
JonKnowsNothing • February 15, 2022 11:00 AM
@ Winter, @MarkH, @All
re:
@JKN “It’s not about what I want to see, it’s what is being shoveled onto the page by an AI/ML/MITM/NSA/3L/RNG-PRNG/ or other mechanism.”
@W: AI are the new Yes Men.
If your content “suggestions” are created by AI/ML or any type historical data, you will not get News, but diversions ….
Ahhh.. I think we have convergence on the puzzle.
So the basic question(s) would revolve around Reverse Engineering the AI-Bot shoveling up the stuff. In this particular case the stuff is obvious where as in most Ads it’s innocuous, desired and expected.
I do think they have an error in their algorithm, and my page pollution is just a by-product of some remainder-flaw in their calculation.
1) Not the right target.
2) A large array of “suggested” photos.
3) All photos were professionally imaged.
4) All photos would require military assistance.
5) Some photos might violate Security Clearances or require Clearance Releases.
6) All photos are staged.
7) Photo rotation tied to something other than “a daily update”.
There is, of course, some Expected Target, Expected Outcome and Expected Behavior Trigger.
It might be noted that malware, ransom-ware etc also have expected outcomes: that a click will lock your data, and they will extract $XXXX to with a “promise” to unlock it.
So it is not necessarily correct to assume the AI-bot is benevolent in design. It’s is executed by a sophisticated mechanism, with or without active assistance of the MSM Page Owners.
Anders • February 15, 2022 11:04 AM
@Clive @SpaceLifeForm @MarkH @ALL
“In Ukraine right now, hackers are attacking state-owned Privatbank & Oschadbank, as well as Ministry of Defense. ATMs & banking services interrupted. MOD and Armed Forces websites are down (picture below). Confirmed by gov’s Center for Strategic Comms and Info Security of Ukraine”
hxxps://twitter.com/ChristopherJM/status/1493623129180196872
Anders • February 15, 2022 11:08 AM
@Clive @SpaceLifeForm @MarkH @ALL
“Ukrainian Pravda quotes government officials as stating this is a significant cyber attack, which started at 15:00”
hxxps://twitter.com/michaelh992/status/1493626732989063171
Winter • February 15, 2022 2:19 PM
@JonKnowsNothing
“I do think they have an error in their algorithm, and my page pollution is just a by-product of some remainder-flaw in their calculation.”
Channel stuffing. Just like the infamous “learning chat bot” could be converted into a Nazi propaganda machine in days, it is possible to feed the self learning algorithms the content they are looking for. Click farms etc are not just used to fool the Google ranking.
Clive Robinson • February 15, 2022 3:13 PM
@ Anders, MarkH, SpaceLifeForm, ALL,
With regards,
“Ukrainian Pravda quotes government officials as stating this is a significant cyber attack, which started at 15:00”
But is it a “Primary Act of War”?
Probably not. Treaty obligations, supposed “International Law” and UN decisions are decidedly unclear at best.
Whilst physical incursion by “those under flag” or by other “kinetic means” devices or agencies of conflict into a sovereign nations territories untill recently[1] were generally regarded as “Primary Acts of War” other actions are not.
For instance what about “sanctions”?
If I was to put my hands on you to stop you eating or drinking then most would agree that would be an agress and illegal act.
However if I refused to sell you food or water from my shop, most would say I was within my rights.
But what if I could stop all shops within your reach from selling food or water to you?…
Some within the US Government have in the past made it fairly clear they consider cyber-attacks they carry out to be a form of lesser sanction. Yet have claimed the right to hold cyber-attacks against the US or it’s interests as being equivalent to “kinetic” attacks.
In short nobody knows what the legal position is and politicians in no way certainly in the US want it being made clear…
So you can see the logic some will claim as it being,
1, It’s self defence.
2, It’s by sanctions.
No I don’t like it either.
[1] The US as usual, decided that the rules do not apply for XXX reasons so played the “for self defence” card. Which has given every other Nation the excuse to use. So has come back to haunt people.
vas pup • February 15, 2022 4:46 PM
Russia-Ukraine crisis: Who supplies weapons to Kyiv?
https://www.dw.com/en/russia-ukraine-crisis-who-supplies-weapons-to-kyiv/a-60772390
See interesting link related as well
https://www.military-today.com/missiles/nlaw.htm
blinky • February 15, 2022 5:04 PM
A friend, who used to work for company who produced vaccines for Viruses made the comment, that generally, “Virus mutations tend to become more contagious, but less dangerous (lethal.)” And I somewhat paraphrase.
Surely does not work for computers. I wonder how long it would take Intel to send the general public a Patch to protect us from the ways our computers can be taken over by things like the Intel ME.
Countries, like Russia and Red China surely can afford to pay enormous amounts of money to someone who would provide sufficient information for them to use the Intel ME against an enemy of their country.
I am sure Russia, and mainland China are perfectly willing to use strong arm tactics on individuals who they think could give them the hack to use the Intel ME.
I am asking a question; I have read that Servers have some kind of protection against Intel ME. I truly do not know, be interesting. Any of you out there a Network Engineer?
Intel recently released a bit of Firmware for, CPU chips. Although ME is on another Chip – at least the physical flash on Lenovo X-230 to modify ME to prevent remote takeover is not on the CPU chip. Whats up?
It would seem unlikely that China would want to damage the ability of US to buy Chinese products.
So Mainland China is not likely to use such a tactic (bricking computers in US) Targeting some for bricking uses up their one time opportunity, as Intel will give up the (probable) fiction that they alone can control the Intel Me to do what they choose.
Targeting some computers to acquire Intelligence, is another issue.
I think mostly all I can concern myself with, will Subversion be used against my computer? Ransom Ware seems a more likely attack vector.
Blinky • February 15, 2022 5:11 PM
Ah I found the website I thought was relevant for those here who know more than I do to comment on. Begins here.
SpaceLifeForm • February 15, 2022 7:54 PM
@ Blinky
Always read prior squid.
Even if it is a Bakers Dozen days old.
SpaceLifeForm • February 15, 2022 9:28 PM
@ ALL
Bug Bounties are Security Theatre
I know there is a flaw in the Linux kernel that goes way back if your machine supports SMT. But I am not going to spend my time developing an PoC/exploit for petty cash. Google, stop being cheap. It’s not like you are nearly going bankrupt. But you are being cheap.
It is embarrassing. Just stop. You are becoming a joke. You have good tech folk that can find and fix this.
ResearcherZero • February 15, 2022 9:42 PM
Australia is cleaning up it’s appalling prevalence of sexual assault.
“And the objective test is if you’ve committed a crime: stalking, domestic abuse, assaulting police officers, breaching AVOs, possessing weapons, concealing child abuse offences, date rape offences, we want to make sure that we can pump them,” Mr Morrison said.”
“And the current law when judges hand down lower sentences (isn’t strong enough).”
“There judgments that have been handed down there where they haven’t given a higher sentence because they fear that they’ll lose their visa,” Mr Morrison said.
…wait a minute, I’ve been fooled again!
“That’s not their decision. We have a law in this country, which is if you commit a serious offence then you do not pass go. You’re gone, you’re out.”
Shadow Treasurer Jim Chalmers told ABC radio that the government already had the power to “kick people out of the country” if they’ve done the wrong thing.
“All the divisive and dangerous games being played across cabinet are designed to get political outcomes, but they diminish national security and actually make Australians less safe.”
The bill will also allow the use of data matching and biometric information to help the government identify people of concern.
https://www.news.com.au/national/courts-law/morrison-government-seeks-fresh-crackdown-on-foreign-criminals/news-story/cfd266c2541cea531ff7d4725fb70691
Rape is only 3 times more prevalent in Australia than the United States. I feel safer already…
Australia has one of the highest rates of reported sexual assault in the world, but support workers say the number of offenders facing court and receiving prison sentences is too low.
Australia has one of the highest rates of reported sexual assault in the world, at almost 92 people per 100,000 of the population, according to the United Nations. Another survey has quoted the Australian rate at more than double the global average.
The traumatic experience of the court system has also been blamed for the high rate of underreporting, with one Canberra support worker describing rape as “the most underreported crime in our community”.
According to figures issued by the Australian Institute of Criminology, an estimated 70 per cent of sexual assaults incidents are not reported to police.
https://www.sbs.com.au/news/sexual-assault-how-common-is-it-in-australia
In Australia, it is estimated that fewer than one in five sexual assaults are reported to police.
http://press-files.anu.edu.au/downloads/press/n2641/pdf/ch11.pdf
Australian Crime Statistics:
In 2018, there were around 7,900 sexual assaults against children aged 0–14. The rate of sexual assault was 3.5 times higher for girls than boys (266 sexual assaults per 100,000 girls, compared with 72 sexual assaults per 100,000 boys).
In 2016–17, parents, carers and other family members were identified as the perpetrators for almost half (48%) of all assault-related hospitalisations for children aged 0–14.
In 2012–14, there were 35 deaths due to homicide among children aged 0–14, a rate of 0.4 per 100,000 children—this increased to 2.3 per 100,00 for infants under the age of 1.
In 2017–18, more than two-thirds (around 68% or 9,400) of the 13,800 criminal offences committed by children aged 10–14 were committed by boys.
There can be physical and/or emotional impacts for children who are victims of, or who witness crime. In some cases, these may be short-term, such as a broken bone, temporary guilt, or behaviour regression; however, in many cases, the consequences can involve much longer-term developmental, mental, physical and social problems (ANROWS 2018; Finkelhor et al. 2009; Lewis et al. 2010; WHO 2016). For example, children exposed to crime, especially violent crime or crime involving weapons, may have:
increased likelihood of depression
suicidal ideation and behaviour
psychopathology and other psychological disorders
future victimisation and offending
homelessness (AIHW 2018; Bland & Shallcross 2015; Campo 2015; Holt et al. 2008; Jaffe et al. 2012; Knight 2015; Lewis et al. 2010; Mitchell et al. 2015).
Research indicates that the negative impacts resulting from a child’s direct exposure to crime are cumulative, with negative impacts increasing with the number and types of exposures (Finkelhor et al. 2007a, 2007b; Mitchell et al. 2015).
https://www.aihw.gov.au/reports/children-youth/australias-children/contents/justice-and-safety/children-and-crime
Personally I didn’t experience any of those symptoms until after experiencing the court system. I’m pretty sure experiencing extreme violence had no effects on me until after that, when I experienced more extreme violence from the people who kidnapped me, after answering questions in the Children’s Court.
ResearcherZero • February 15, 2022 9:54 PM
Should I report this man for kidnapping me again (and other children)?
I do realise “stealing $27 million from the state” is significantly more important than kidnapping children. I just figure they might actually do something this time, now that he is doing a 12 stretch?
I’m pretty sure kidnapping is also a ‘crime against the state’ in Australia.
SpaceLifeForm • February 16, 2022 2:12 AM
Experiencing a network bottleneck?
Get an expert that knows how to override the problem.
hxtps://twitter.com/MarkTomasovic/status/1492932665720377344
[19 sec video]
Clive Robinson • February 16, 2022 2:50 AM
@ SpaceLifeForm, ALL,
Get an expert that knows how to override the problem.
It’s a “dogs life”…
But what you can not see is how the blockage was cleared…
Basically the dog caused one sheep to take it’s nose out of the crack in front and so stop trying to push forwards, that was causing “push back” from those in front. Thus those in front moved on…
If you look at basic queuing in the likes of cross-bar switches, you will see similar effects. That is one signal incorrectly routed will “block the switch” re-route that signall and the switch becomes unblocked.
https://en.m.wikipedia.org/wiki/Nonblocking_minimal_spanning_switch
Also see,
Clive Robinson • February 16, 2022 3:39 AM
@ JonKnowsNothing, MarkH, SpaceLifeForm, Winter,
Whilst this is a bit of an uphill read, you might find it informing,
https://www.thelancet.com/journals/laninf/article/PIIS1473-3099%2821%2900676-9/fulltext
Note the 10 months or more it mentions, and balance that against the diminishing returns on jabs being down to 10 weeks and falling for third or more shots. Also the non negligable increase in risk…
Winter • February 16, 2022 4:17 AM
@Clive
“Note the 10 months or more it mentions, and balance that against the diminishing returns on jabs being down to 10 weeks and falling for third or more shots.”
Notice the remark on Influenza? With SARS, the immunity does not translate to new variants. A previous Delta infection protects you as little as a previous vaccination against re-infection by Om.
As has been predicted early into the pandemic, this will evolve into yearly flu/sars vaccinations with a yearly update to the latest circulating variants.
Freezing_in_Brazil • February 16, 2022 9:08 AM
I woke up this morning and the world’s still turning. My systems are ok and it is a lovely day in paradise.
Isn’t it the day the Barbarianswere supposed to arrive? Can I relax now?
Because night has fallen and the barbarians haven’t come.
And some of our men just in from the border say
there are no barbarians any longer.
Now what’s going to happen to us without barbarians?
Those people were a kind of solution.
C. P. Cavafy
htps://www.poetryfoundation.org/poems/51294/waiting-for-the-barbarians
Anders • February 16, 2022 9:18 AM
@Freezing_in_Brazil
“Isn’t it the day the Barbarianswere supposed to arrive? Can I relax now?”
Nope. Next date is 22.02.2022
hxxps://svpressa.ru/politic/article/325098/?utm_source=warfiles.ru
Knowing the language will help. I suppose MarkH handles this?
Otherwise use Google Translate.
And meanwhile listen the track:
hxxps://mecanica.bandcamp.com/track/the-russians-are-coming-unreleased-mix
Mandatory for @ALL 🙂
MarkH • February 16, 2022 10:40 AM
With characteristic generosity, Anders overestimates my language skills, which remain primitive. I allowed Google to translate …
The linked article is a snark fest, which will certainly appeal to some readers.
The gem of the piece — delightful because it seems intended sincerely — asserts that because in the areas of mathematics important to cryptography
Russian scientists are generally recognized as leaders (number theory, complexity theory, information theory, probability theory, abstract algebra, algebraic geometry, formal analysis), there is no doubt that Yankees can’t hack the Russian military internet.
MarkH • February 16, 2022 10:48 AM
Continued:
The above insight will be most illuminating to students of cryptography!
The author helpfully informs us that the field terminals of this “military internet” are mounted on KAMAZ chassis, which presumably increases their hardness against hacking.
More seriously, I haven’t seen any attributed official source say that Russia will definitely attack, much less specify a date.
Freezing_in_Brazil • February 16, 2022 11:05 AM
@ Anders, MarkH, All
If I understand it well, the main points are:
. DEBKAfiles [Israeli intelligence firm rumored to be behind the Mossad and the CIA] is overrated in the West. Their reposrts get too much credibility when they’re actually not that good.”
.Even so, they publish excerpts from a report by the firm:
In short, this “all-knowing” resource writes: “The message intercepted by the CIA assigned specific tasks to the various units of the Russian invasion, which currently number about 150,000 troops, with thousands of tanks, hundreds of fighter-bombers and short-range ballistic missiles, including Iskanders “”.
(…)
According to DEBKAfile, Russia will first attack Ukraine with aerial bombardments and missiles, and then launch an offensive from Belarus to quickly capture Kiev, located 200 km from the border.
Official Tel Aviv has already responded to the message. Prime Minister Naftali Bennett convened an unusual conference on the Ukrainian crisis on Shabbat on February 12, where, together with Foreign Minister Yair Lapid and Defense Minister Benny Gantz, they discussed a “plan for the surrender of Kiev.” They decided to expedite the departure of about 15,000 Israelis from Ukraine by adding all available Air Force transport planes to the 22 daily flights between the two countries.
(…)
After a telephone conversation between Biden and Zelensky, telegram channels close to the office of the Ukrainian president reported that the “Putin” offensive was postponed from February 16 to February 22. They refer to their sources and write that “the full-scale batch will begin on February 22, 2022,
Svobodnaya Pressa appears to be a variety site in Sverdlovsk Oblast. I cannot gauge their credibility. Anyway, interesting stuff. Thanks for sharing.
ps: Very cool electronic beat.
MarkH • February 16, 2022 11:10 AM
My prognosis is that if either (a) a substantial drawdown of Russian forces is verified, or (b) spring begins with no new invasion, then the risk of near-term invasion will have subsided.
[The MarkH intelligence service is free of charge; you get what you pay for.]
PS The translator doesn’t know what to do with “Tseraushnik”, which is slang for CIA agent.
MarkH • February 16, 2022 11:33 AM
@Freezing_in_Brazil:
Stress on the word “rumored.”
Israeli investigative journalist Ronen Bergman reportedly said that Israeli intelligence officials do not consider even 10 percent of the [DEBKAfile] site’s content to be reliable.
DEBKAfile appears to be an ideologically biased “news” operation, not an intelligence operation. Who believes that any major national intelligence service relies on what they publish?
Test question: how can you tell when a Russian is lying?
Winter • February 16, 2022 11:50 AM
@MarkH
“Test question: how can you tell when a Russian is lying?”
Easy answer: You cannot. Russians are not different from other people.
If you would have used Putin or Lavrov or any other Kremlin source, it would be different. Their words have no connection with reality. Their reliability is not different from your random psychopath.
pup vas • February 16, 2022 1:31 PM
VW guns for Tesla with homegrown software developers
https://www.dw.com/en/vw-guns-for-tesla-with-homegrown-software-developers/a-60768832
=Software has emerged as the holy grail for carmakers, who have traditionally viewed it as secondary to hardware. Swiss investment bank UBS estimates software will be the biggest source of revenue for carmakers by 2030 with a revenue pool of $1.9 trillion (€1.7 trillion) in areas such as robotaxi service, in-car infotainment and advanced driver assistance systems.
With software expected to be the key differentiator in the future, traditional carmakers such as VW, Toyota and Stellantis, which UBS says are years behind Tesla’s software capabilities, have swung into action by investing billions of dollars, tapping Silicon Valley stalwarts and setting up separate software arms.=
VW aims to develop 60% of software in-house, up from about 10% currently.
“Basically, the story is, if I do software in-house, I’d save a lot of money because I’m not making my suppliers rich anymore,” Markus Baum from Roland Berger consultancy told DW.=
SpaceLifeForm • February 16, 2022 5:12 PM
DNS lookups are Metadata
Some do not understand that.
Here, Julian Sanchez goes over this.
hxtps://twitter.com/normative/status/1493965939964092422
Second, nothing in the filing supports breathless claims technically illiterate cable hosts are making. It does not allege anyone “hacked” Trump computers, or was paid to “infiltrate” networks, or that anyone “intercepted e-mails and text messages.”
JonKnowsNothing • February 16, 2022 5:54 PM
@MarkH
re: “Test question: how can you tell when a Russian is lying?”
I don’t know that one, but I do know the one about the 2 parachutes on a plane with 3 passengers, and the one about bountiful harvests. The latter can be applied pretty much anywhere on the globe now.
Do you know the one about the bear pelts?
lurker • February 16, 2022 6:55 PM
@SpaceLifeForm
Sanchez: Are we comfortable with a status quo where outside researchers get this sort of access to your DNS lookups, and then hand that data to the FBI if they deem it suspicious?
If these were lookups as logged on the server, I assume that includes decrypted lookups from DNSSEC. So maybe using a local caching service and stretching the TTL will reduce the amount of metadata, but never eliminate it.
SpaceLifeForm • February 16, 2022 8:41 PM
@ lurker
So maybe using a local caching service and stretching the TTL will reduce the amount of metadata, but never eliminate it.
Exactly. Never Eliminate.
One can run their own local caching DNS resolver, modify TTL, and it is actually a good idea for performance and some very slight bandwidth reasons. I would not modify TTL to be over 12 hours.
If you dig via 8.8.8.8 for example, you will see that Google sets TTL to 5 minutes.
DNS Metadata puts the crooks on the radar.
The Metadata Elephant in the room is not DNS.
ResearcherZero • February 16, 2022 9:50 PM
Russian state-sponsored cyber actors have targeted U.S. CDCs from at least January 2020, through February 2022. The actors leverage access to CDC networks to obtain sensitive data about U.S. defense and intelligence programs and capabilities. Compromised entities have included CDCs supporting the U.S. Army, U.S. Air Force, U.S. Navy, U.S. Space Force, and DoD and Intelligence programs.
During this two-year period, these actors have maintained persistent access to multiple CDC networks, in some cases for at least six months. In instances when the actors have successfully obtained access, the FBI, NSA, and CISA have noted regular and recurring exfiltration of emails and data. For example, during a compromise in 2021, threat actors exfiltrated hundreds of documents related to the company’s products, relationships with other countries, and internal personnel and legal matters.
Through these intrusions, the threat actors have acquired unclassified CDC-proprietary and export-controlled information. This theft has granted the actors significant insight into U.S. weapons platforms development and deployment timelines, plans for communications infrastructure, and specific technologies employed by the U.S. government and military. Although many contract awards and descriptions are publicly accessible, program developments and internal company communications remain sensitive. Unclassified emails among employees or with government customers often contain proprietary details about technological and scientific research, in addition to program updates and funding statuses. See figures 1 and 2 for information on targeted customers, industries, and information.
https://www.cisa.gov/uscert/ncas/alerts/aa22-047a
NSA encourages all U.S. cleared defense contractors (CDC) — with or without evidence of compromise — to apply the mitigations in the advisory to reduce the risk of compromise by Russian state-sponsored cyber actors. While these mitigations are not intended to be all encompassing, they address common TTPs observed in these intrusions and will help to mitigate against common malicious activity.
https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2935170/nsa-fbi-cisa-release-advisory-on-protecting-cleared-defense-contractor-networks/
SpaceLifeForm • February 16, 2022 10:28 PM
@ ResearcherZero
People are finally figuring out that Windows is a ClusterF*ck.
That is actually a technical term that goes back three decades, regarding 5ESS telephony.
There was a (cough) database construct on the 5ESS switch called a Cluster.
You do not want to know. Trust me.
Clive Robinson • February 17, 2022 3:12 AM
@ SpaceLifeForm, lurker,
DNS lookups are Metadata
No they are not, even though they are often automated due to the recursive nature of how the “Domain Name System”(DNS) services the request[1], the actual details requested come from the user actions directly, usually via the mouse click on a URL or the user typing in the host name.
Julian Sanchez goes over this.
And he get’s it wrong as you can see,
“DNS lookup data, which is what Neustar & the Georgia Tech researchers had, does not include the contents of Internet traffic. It tells you when a computer was looking for the address of another computer. (“Hey, address book, I need the current IP address of website-dot-com.”)”
Firstly as I’ve noted, a DNS request does contain what he calls “Internet traffic”. That is the DNS request consists of two parts,
1, The “message” which is the name of the host you want an IP address for that you actively requested by your mouse click or keyboard entry.
2, The “meta-data” which is the IP address and port information of the DNS Server(s) the “message” is sent to.
Secondly, what “Neustar & the Georgia Tech researchers had” was “third party business records” collected under the “User Acceptable Use Policy”, not directly from DNS requests “on the wire”.
To see why these distinctions are important you need to understand the history of how we got to where we are to day, not just technically but how the judiciary view it bot just by legislation and regulation, but also after Prosecutors and Law enforcment have pushed it, which differs depending on which jurisdiction you are in.
So you first need to look at it another way, back in the,days of “Plain Old TelephoneService”(POTS) landline telephones with mechanical –rotary– dialing and “Operator” serviced Directory Enquires. Which the DNS service emulates,
1, As a “subscriber” you would take the phone “off hook”.
2, You would then dial the three digits (or whatever in your area) of the Directory Enquires service.
3, The “operator” would pick-up.
Upto this point it was “meta-data” that a mechanical Tap-n-Trace chart recorder was alowed to collect. But once the voice channel is open it’s nolonger meta-data (and the faint squiggles of the audio on the chart recorder were considered unusable[2]).
4, You make your spoken request to the operator who looks it up –“in the book” or later– on their computer.
What the operator types and exactly when, is considered a “third party business record” as it’s not part of the phone circuit.
5, The operator tells you what is on the screen infront of them.
What the operator says is NOT meta-data but call-content.
6, The time when the operator hangs up may or may not be meta-data depending on if you have hung up or not and where the Tap-n-Trace recording is made.
This is because if you hang up first the call “clears down” which closes the “voice circuit”, so it would not be recorded by the Tap-n-Trace local to the subscriber. If however it’s voice recorded local to the operator it would be a third party business record as audio, likewise If recorded “mechanically” but not by “metering-pulses” it would be a third party business record. But in either case the user should legaly have been told a recording was being made (ie for technical and training reasons). If recorded by metering-pulses then it would be meta-data, oh and probably fraud, as the metering-pulses should stop on the subscriber hanging up. But if you do not hang up first the “voice circuit” is still open therfore the operator hang up is not meta-data.
The key observations are,
A, What type of recording device “voice” audio or “mechanical” signalling.
B, At which end of the circuit the Tap-n-Trace is installed.
C, If the “voice circuit” is open or closed.
The rules came about the way they did because, originally the signalling was “out-of-band” and only recorded “mechanicaly”, on a “chart-recorder” connected via the “loop current relay” which “pulled in” when the subscriber went “Off Hook” but “dropped out” with dialing pulses, or if the “break” was sent to get the operator back on the line. The move to DTMF and “in-band” dialing and signalling for a while necesitated an “audio recorder”.
The problem was that “Law Enforcment” deliberately flouted the law… When the DTMF could be recorded digitally, the use of audio recordings should have –but did not– stop. The reason given was “deliberate mis-dialing” by the Mafia and other organised crime (Matt Blaze tells that story for those intetested in an over view).
So back to DNS requests, just as with a telnet or similar protocol what the user types in is like voice, not “dialing or signalling” so IT IS NOT meta-data.
The problem in the US was “push” by Law Enforcment to “stretch the rules” by implying a DNS request is actually part of a “connection request” thus signalling, it’s not, because DNS requests DO NOT always result in a “connection request”.
That is you can manually make a DNS request yourself from the keyboard[3], something network techs do when testing or fault finding. The “modern way” to do so is with “dig”.
https://www.linode.com/docs/guides/use-dig-to-perform-manual-dns-queries/
[1] One of the easier ways to get your head around DNS and how it services user originated requests, is Chapter 14 of W. Richard Stevens “TCP/IP Illustrated, Volume 1 : The Protocols” ISBN 0-201-63346-9 December 1993.
[2] Actuall the faint squiggles on the chart recorder, caused by people speaking could actually be turned back into some semblance of audio if you used a fast enough and sensitive enough chart recorder. What you did was to turn the pen trace on the chart into a “film sound track”. You can do this manually but it’s a lengthy process. You draw a faint line under the squiggle, then “mirror image” the squiggle underneath so you now have an “envelope” fill it in to make it black, then make a reduced “contact negative” pull this through the audio section of a film projector and you get the sound back sufficiently to be inteligable. But even without doing this by eye you could see when people raised their voices etc. During WWII sonorgrams came into their own when dealing with “voice encryption”.
[3] DNS uses port 53 in both the UDP and TCP spaces. The reason is UDP is limited in length, and sometimes the data is too big (see use of the truncated “TC” flag) and a UDP request has to be made as a TCP request. I don’t recommend people try building their own TCP based DNS request using telnet, but it has been done. Oh and net admins that block TCP based DNS requests as some do are breaking the system in an unpredictable way.
SpaceLifeForm • February 17, 2022 5:01 AM
@ Clive
Fine, great semantic argument.
DNS lookups are Meta-Metadata.
Sound better?
The point being, is that it is UI. Usually obtainable over the wire by numerous intermediate routers because it is plaintext UDP on port 53.
If a Subject or Target of an investigation repeatedly visits a particular site, that is UI. Especially if they work in US Government and repeatedly visit a site known to be associated with Russia or China. In particular, if they do so every day, that is a huge red flag in my book.
Granted, there are many people that do such every day. But, if that is not really their job, it will stand out eventually.
Gettr done.
Anders • February 17, 2022 6:51 AM
@ALL
hxxps://news.err.ee/1608501731/intelligence-service-ukraine-is-the-key-to-russia-s-imperial-dreams
hxxps://news.err.ee/1608501572/intelligence-service-russia-is-on-a-war-footing
PS. I have linked here our Foreign Intelligence Service’s yearbook.
Read it. If not all, then the cybersecurity section.
Clive Robinson • February 17, 2022 7:21 AM
@ SpaceLifeForm,
Fine, great semantic argument.
It’s what courts run on and Prosecutors and Law Enforcment use to abuse the legislation and regulations, such as the wire tap laws…
Which brings around to the next point you bring up,
If a Subject or Target of an investigation repeatedly visits a particular site,
DNS does not tell you this… All it tells you is some proces behind some host IP add has made a request.
We see this nonsense with mobile phone apps in particular. Generally the average user has never heard of DNS nor knows or cares what it does. But the Apps on their phone, and IoT and Smart Devices just bang away at DNS every few minutes.
DNS tracking at there servers is something the likes of Google and Cloudflare rely on to get into peoples privacy. They also make it available as “third party business records” for the right fee in the right way.
Hopefully this current nonsense will wake a few people up and get them to do proper DNS proxying and Caching and the like.
One way around DNS leak issues is to use a “localhosts” file and no DNS resolver. I’ve set up such systems where the host pulls down a new localhosts file from an internal server, or uses a readonly shared localhosts file off of a network server.
OK a knowledgeable user can just type in an IP address rather than a Hostname, but few ever do even when they know how to.
But as for “under investigation”, back when the constitution and later amendments were put in place, there were certain assumptions that nolonger apply.
One was that your papers and possessions were under your direct control, thus the authorities had to get a warrant they had to serve on you to get access. This gave a lot of “equity of arms” to potential defendents as they would be put on notice. Further the right to a speedy trial further limited investigators in what they could do.
All that has now gone, they can sit there indefinately looking into all your electronic papers and possessions without you being aware of it. Thus they can just keep looking and looking till they either find or make something that looks suspicious, but then wait untill you can not defend yourself.
In the UK we are seeing this with the “dropped phone” issue involving a libel case and Colern Rooney, where some are claiming she has gone “WAGatha Christie” on Rebekah Vardy or her agent Caroline Watt. Apparently Ms Watt’s phone that is believed to have contained considerable evidence against her was some how “dropped into the sea” never to be accessed again…
You might not be surprised to hear that at the center of it is Rupert “the bear faced liar” Murdoch’s News International flagship paper of much ill repute “The Sun” (aka “the scum”).
Anders • February 17, 2022 7:53 AM
@ALL
hxxps://www.dw.com/en/ukraine-latest-russia-claims-new-withdrawals-from-crimea/a-60808178
Never trust what Russians say!
Clive Robinson • February 17, 2022 7:56 AM
@ Anders,
The problem for Putin is that he has sold all Rus not just Russians this old faux fable of “Strong Russia”
The problem is it might sound nice in an alcoholic haze of comradship, but the reality is Russia has a very stark choice, an honest and open economy or some parasitic existance as a tyranical nation sucking the very life blood out of the vassal nations of it’s enforced empire.
You only have to look at Belarus (White Russia) to see how disasterous “Strong Russia” is going to be for all Rus and others in surounding nations, and they do not want anything to do with Putins suicide pact policies.
Even Putin knows that whilst he may be able to invade Ukraine he won’t be able to hold it, and the cost of trying would be the end of him and Russia as well.
The best he could do is move a few miles into Eastern Ukraine where the “front line” will be strongly Rus on both sides, and claim some victory for home consumption. Oh snd blaim his “Orwellian enemy” the “anglo saxons” for not being able to move further.
Which leaves him open to do the same trick with the next olympics or similar…
The real problem though is Russian Gas…
Like it or not, the Ukraine is still central to Europes energy supply.
The two Nord Streams do not have the capacity to meet winter supply requirments. In the past the Ukraine used to “store” large quanties of liquid gas. Building up stocks in storage during summer low to meet the winter peeks.
Most of the EU take the “nimby”[1] view of wanting to be “green and clean” by crapping all over somebody elses door step. For many years the Ukraine has been somebodies doorstep one way or another, and unsurprisingly they don’t like it.
But of all the things being said about what Putin is upto the Ukrainian Government sounds the least jumpy.
[1] The “Not In My Back Yard”(NIMBY) phenomenon, started back in the 1980’s as far as I can remember. The actual result is a disaster in many areas as it robs a society of resiliance and opens it up to easy blackmail or being extorted in many ways. Which is what we see happening. After all what is going to happen to Europe when the gas stops for some reason in the middle of a harsh winter or similar?
Winter • February 17, 2022 10:18 AM
@Clive
“but the reality is Russia has a very stark choice, an honest and open economy or some parasitic existance as a tyranical nation sucking the very life blood out of the vassal nations of it’s enforced empire.”
Even a cursory look at Russian history [1] will show you that this choice is non-existent. Putin is facing a drop in popularity, a drop in the economy, a delayed return from the pandemic, and a transfer of power to an as yet undisclosed heir with retaining the real power in the background (see Kazachstan’s troubles last month). Also, the show trial of his only contender for power of sorts, Navalny, is about to start which requires diversions of attention.
Furthermore, an expensive war with the Slavic brothers from Ukraine seems to be spectacularly impopulair with Russians. Hating NATO is one thing, spilling the blood of your brothers from Ukraine is something quite different. Especially, if it requires a lot of belt tightening.
But if Russian history teaches us one thing, if there is a road to disaster, Russians will take it.
[1] ht-tps://www.thedailybeast.com/russian-history-is-on-our-side-putin-will-surely-screw-himself
Winter • February 17, 2022 11:21 AM
@Anders
Summarized: As the US and NATO insists that the Ukraine is an independent sovereign state, Russia can not do anything else than attack.
Anders • February 17, 2022 11:28 AM
@Winter
Yes, this is basically an ultimatum.
They demand also to withdraw NATO forces from Baltics.
Winter • February 17, 2022 11:38 AM
@Anders
“They demand also to withdraw NATO forces from Baltics.”
They want an unconditional surrender of NATO. I have the impression that that will not happen.
MarkH • February 17, 2022 12:43 PM
@Anders, Winter, all:
The Russian document piously cites the Charter for European Security, which forbids “… to strengthen one’s security at the expense of the security of other states.”
But Russia insists on (supposedly) strengthening its security at the expense of the security of Ukraine. They are flagrantly violating the principle on which they purport to stand.
Russia has a giant nuclear arsenal and powerful military; no state or bloc would have either motive or ability to attack. Russia is also the only military aggressor in 21st century Europe.
Ukraine has a substantial percentage of its territory under occupation, already 8 years of continuous warfare initiated and maintained by Russia, and is nearly surrounded by land forces ready to strike.
No European state is more desperately in need of bolstered security than Ukraine.
vas pup • February 17, 2022 3:54 PM
Elon Musk says US is trying to ‘chill’ his free speech
https://www.bbc.com/news/business-60420157
Yeah, Elon, You are not the first and definitely not the last targeted for free speech.
I could say that one person like You is most important for the country and its real, not imaginable security (I hope Pentagon could confirm this at least silently) and mankind prosperity as a whole, as all those army of bureaucrats targeting you.
Uniformity in thinking and lack/suppress of dissent is path to the future – see great movie ‘Idiocracy’.
Behind Your billions are creativity and tangible assets, not stock market speculations or other activities creating billions out of thin air.
vas pup • February 17, 2022 3:58 PM
@all
https://www.bbc.com/news/world-us-canada-60297302
No my comments. But statistic is interesting.
ResearcherZero • February 17, 2022 7:54 PM
The PM said the kindergarten attack was a “false flag operation designed to discredit the Ukrainians” – and feared these types of strikes would escalate over the next few days.
https://www.thesun.co.uk/news/17680670/ukrainian-nursery-bombed-kyiv-putin-false-flag-attack/
Websites for several banks and government agencies in Ukraine — including the Ministry of Defense, Ministry of Internal Affairs and the Armed Forces of Ukraine — were facing disruptions Tuesday, according to multiple sources.
https://www.cyberscoop.com/ukraine-banks-defense-ministry-ddos/
NetBlocks metrics confirm the loss of service to multiple banking and online platforms in Ukraine, in a manner consistent with a denial of service attack. The incident comes amid heightened tensions with neighboring Russia.
https://netblocks.org/reports/ukraine-banking-and-defence-platforms-knocked-out-russia-conflict-JBQX7mAo
Ukraine, like other countries, needs to learn how to use manual operations at key locations to keep systems running in the event a cyberattack disrupts digitally controlled systems.
“This ability to operate through an attack is absolutely something that all countries should be looking at — not just Ukraine,”
https://www.washingtonpost.com/national-security/2022/02/15/russia-ukraine-cyber-attacks/
We should prepare, but not panic because our perceptions are also the target.
This isn’t just a Ukraine problem. In fact, we believe that after attacking U.S. and French elections, Western media, the Olympics, and many other targets with limited repercussions, Russia is emboldened to use their most aggressive cyber capabilities throughout the West. While they are unlikely to engage the West in combat, these tools give Russia the means to aggressively compete with others without risking open armed conflict. Should U.S. and allies deploy sanctions in the event of a full invasion, the risk of this only increases.
Many of the same steps defenders might take to harden their networks against ransomware crime will serve to prepare them from a determined state actor, if they take them now.
https://www.mandiant.com/resources/ukraine-crisis-prepare-not-panic
Clive Robinson • February 17, 2022 7:56 PM
@ vas pup,
Elon Musk says US is trying to ‘chill’ his free speech
The SEC clearly is, but that is not realy the point.
What Elon sees as “free speech” musings etc and most would probably agree with him, are unfortunately also seen as,”words of influence” by the SEC. So the SEC see Elon’s musings as the equivalent of “shouting fire in a crowded auditorium”.
It’s an issue that also effects our host @Bruce. You and I are not “public faces” so what we say to each other are musings not influance. @Bruce however is a “public face” so suffers “the price of fame”. So if he were to make the same musings that you or I made, the words would be seen as authoritative thus of influance.
I don’t know if you are old enough to remember Ronald Reagan’s little joke about nuking the communists when allegedly testing a microphone. At the time it caused a fair amount of news mileage. That is some chose to see it as authoritative words not humours comment as it would have been if some one said the same words whilst imatating Ronnie the Ray-Gun.
Is the SEC right to put a choke on Elon Musk?
Well they have been given not just legislation but agency by the elected representatives of the US to do so. But having such legal power does not make using it either morally or ethically right.
It’s fairly well known that a Police State uses laws for political control. That is as it’s leader you make those who do not agree with your point of view criminals for even daring to say “I do not agree”. Most of us find such behaviours iniquitous as it has a significant “chilling effect” on society as a whole.
Some think Elon Musk is “mad” but that does not make him “bad”. Most who try to imagine the future utopian or distopian get seen as being “mad” or “paranoid” (I’ve been called the latter several times, but in my defence, time has shown me to be if anything not paranoid enough or early enough).
The legislation the SEC is acting under is a form of “victim blaiming”. It’s basically saying that “investors” are not mentally competent to make choices so like the imbeciles of old[1] they are so weak minded they have to be protected even from everyday musings…
The problem is that such legislation is a very major boat anchor on society, not just holding society back, but actually draging it back into a form of intellectual apartheid[2] of a type that prefaced the shocking eugenics behaviours in the West shortly before WWII.
Therefore it is fairly easy to see that the legislation is deficient by being,
1, Incorrectly focused.
2, Too broad in scope.
Indicating it should be used with considerable restraint at all times.
Something that is being argued is not the case, with the significant adverse disparity shown towards Elon Musk.
Especially when it can be shown as has been, that the SEC is not behaving legally or ethically, and worse acting for it’s own pecuniary benifit thus imorally as well.
[1] https://en.wikipedia.org/wiki/Imbecile
[2]https://en.wikipedia.org/wiki/Apartheid
Clive Robinson • February 17, 2022 9:22 PM
@ ResearcherZero, ALL,
Ukraine, like other countries, needs to learn how to use manual operations at key locations to keep systems running in the event a cyberattack disrupts digitally controlled systems.
Sorry but this gets my “stuck record” response.
It is the same issue we see with any “supply chain” which has been made fragile by having robustness measures removed.
Banks have been closing branches/offices where ever they can to make more profit.
It’s the neo-con mantra of “Don’t leave money on the table” that through the likes of the Chicargo School taking significant neo-con funding has spread to most MBA courses. Question it and you fail to graduate is the attached message.
But I do question it and for good reason, nature teaches us that as a policy it’s a recipe for species suicide.
That is nature is sufficiently chaotic in the short term as to appear random but falling on a normal/bell curve distribution[1].
If your system has no storage of energy then it fails the instant the demand exceeds the supply, which for living creatures means death. So evolution has given creatures the ability to store energy in the good times to cover the lean times.
Without going into the maths behind it it comes out to very nearly 2/3rds or 66% efficiency is optimum for survival over a given cycle time.
What Banks have done is try to aim for 100% efficiency in the money supply to it’s customers by,
1, Closing branches / counters.
2, Outsourcing ATMs to third parties.
3, Forcing debit cards on customers.
So the Banks want “cash” gone, they want it all electronic and “On-Line” in the cheapest thus most vulnerable way.
So one person can write code that can bring every payment terminal down[2]. Whilst there is an “Off-Line” fall-back this is extreamly limited so is in no way a “fail safe” mechanism. In times past “truck loads” of cash would be delivered from central reserves to branches and cash would be issued “in branch” using either computers on private networks or limited paper ledgers.
Without those branch offices and their cash issuing staff, the economy stops functioning in the normal manner…
An examination of what happened in the US when major weather conditions of “hundred year storms” brought everything power / communications crashing down shows that humans can “work around” as a matter of survival by falling back to “trust”.
Kind of demonstrating trust as a basic survival mechanism.
But… Even trust needs some kind of infrastructure to work[3]. If you’ve ripped that out in the name of “efficiency” as the mindless mantra dictates, then it takes no great brain to work out what is going to happen.
[1] A random distribution is normally considered flat. So you roll one dice you expect all numbers to come up evenly. But what happens when you add to flat distributions? Well if you roll two dice you find that a total of two or twelve are rare whilst seven is common. If you plot the addative distribution it is triangular. If you add a third dice the minimum are three and eighteen but the curve now looks bell shaped. The more dice you add the better the curve becomes especially in the tails. For most mathmatics if you draw five random numbers from a flat distribution and add-n-normalise them the approximation to the bell or normal distribution is sufficient.
[2] The “army of one” principle, made possible by autonomous functioning code, that has zero cost to the attacker of not just replication but distribution of the attack code. The actual cost is carried by others be it the intended victims in a direct attack or the bystanders in a “Distributed Denial of Service”(DDoS) attack.
[3] In some war-torn parts of the world “Mobile-phone top-up cards” have become currancy. This observation led some years back to the UK Cambridge Computer Lab looking into putting “electronic wallets/purses” onto phones that worked by bluetooth “Mesh Networking”. But whilst this could be made reasonably secure information wise, it was still dependent on the power infrastructure to charge phones. It’s why having the abilityvto “Off-Grid” charge phones is so important. In the UK there were before Covid kicked in, padestrian area Solar Benches being installed, that gave USB power charging ports and a seat to sit and wait on.
ResearcherZero • February 17, 2022 9:38 PM
@Clive Robinson
Sorry but this gets my “stuck record” response.
The important message is that everything is under control. The government would like to reinforce the words, “control”, “planning” and “fear”.
Clive Robinson • February 17, 2022 10:32 PM
@ ResearcherZero,
The important message is that everything is under control.
Two things to note,
1, Neither you nor I credit politicians and those that surround them with “social responsability”.
2, By a process of basic logic it can be shown that it is impossible for “everything” to be “under control”.
But this is not exactly news…
There is an old song[1] a verse of which is,
“The Captain said to Stoker Jim, Now you will teach me how to swim!
But jim just answered with a frown, We can both learn together as the ship goes down.”
Which kind of tells you how politicians (captains) and for that matter most others (stokers) do their disaster preparation…
[1] The song is “He Played his Ukulele as the Ship Went Down” which on the song sheet is quite long. A shortened modified version was recorded by Clinton Ford,
SpaceLifeForm • February 17, 2022 10:36 PM
@ ALL
International Virtual Currency Initiative
https://therecord.media/doj-appoints-official-in-charge-of-cryptocurrency-related-investigations/
“We are issuing a clear warning to criminals who use cryptocurrency to fuel their schemes. We also call on all companies dealing with cryptocurrency: we need you to root out cryptocurrency abuses. To those who do not: we will hold you accountable where we can.”
Monaco: More disruptions before arrests
And last but not least, Monaco also signaled a change in philosophy inside the DOJ, with prosecutors now getting a green light to disrupt and seize criminal cryptocurrency assets even before official indictments are unsealed.
[Reminds me, I need more popcorn]
SpaceLifeForm • February 18, 2022 12:36 AM
You are a passenger on the Microsoft Train
The train has reached the hill crest.
The conductor has just jumped off.
What do you do?
Abort, Retry, Fail?
But tucked away toward the bottom of the changelog is one unwelcome addition: like the Home edition of Windows 11, the Pro version will now require an Internet connection and a Microsoft account during setup.
[I will need more popcorn to watch this Train Wreck]
SpaceLifeForm • February 18, 2022 2:38 AM
@ ALL
So, I just read nearly 300 comments posted to the Ars article that I linked to above.
A couple of notes.
There are a lot of people ‘this close’ to dumping Windows and moving to Linux. A lot.
But, one specific comment caught my eye. My bold.
On the sixth page of comments, a ‘Jim Dow’ wrote:
This makes it impossible for the business I work for to ever use Microsoft Windows 11 going forward as it is a termination offence to link any of the business machines to a “Microsoft Account”. Thats why we had to move off of office because of the requirement for the store. And it now shows what we thought might happen earlier, that we would be forced to move off of Windows itself soon.
Get started.
Gettr done.
Clive Robinson • February 18, 2022 3:24 AM
@ SpaceLifeForm,
The train has reached the hill crest.
Does it have “30,000 pounds of bananas” on board[1]?
It’s a long time since I did a Micro$haft instal…
But I suspect that Micro$haft are going to find some law student in the EU might just rattle the chains of the European Court. If caught under the EU GDPR, Micro$haft could find their stock value taking a very significant nose dive.
I’ve not tried this but this “work-around” should get people installed upto a point “off-line” where hopefully things won’t get instantly attacked with three year or more old zero-days Micro$haft could not be bothered to fix properly…
“Audit mode with SysPrep. Works on both Home and Pro. Ctrl-Shift-F3 will take you out of the OOBE.
It’ll let you install software and drivers, make many configuration changes, run Windows Update, and even create local users. Once you’re done you can set it to shut down and enter the OOBE on next boot.”
But another complication for Micro$haft, is some people have,
“A legal duty of care that prevents them having any part of their user computing network having extetnal communications access”.
That’s Lawyers, Accountants, Medical Professionals, and Religious Ministers who have a direct legal “Duty of Care” of confidentiality, but also Financial services oh and some others like Engineers and Architects.
But also in some places, others that have had certain fiduciary reporting requirments like “Anti Money laundering” placed on them… So in some places, that list of “professions” and “trades” can be very very long.
[1] According to the Harry Chapin song, they ate 30,000lb of bananas a day in Scranton back in the late 1960’s… That is well north of a hundred thousand bananas…
ResearcherZero • February 18, 2022 3:31 AM
ching! (cash register sound)
“Your idea of justice is an illusion …because everyone is involved.”
-anonymous source
Unregulated Spyware and Cyberweapons
“The fact that this market is almost completely unregulated is very disturbing.”
Verint has sales in countries including Australia, Brazil, the United States, Mexico, Colombia, and Switzerland.
https://apnews.com/article/f799cfd080b04b93a34df61fc007b096
“Any tin-pot dictator with enough money to buy the system could spy on people anywhere in the world,”
https://www.smh.com.au/technology/surveillance-system-being-sold-that-can-track-mobile-phones-across-the-world-20140826-108cb0.html
Zebra solution is a nationwide monitoring centre that is able to collect data from international cables at the scale of an entire country’s communications. The solution was sold to Colonel Gadhafi, who used it to spy on up to 40 million minutes of mobile and landline conversations a month.
https://www.ibtimes.co.uk/creepy-ways-companies-are-spying-new-privacy-international-database-reveals-disturbing-details-1573854
Unregulated Arms Trade and Corruption
The international arms trade is highly prone to corruption. Reasons for this include the size and technical complexity of deals, the secrecy and lack of transparency surrounding the trade and the broader military sector, and the crowded nature of the arms trade where exporting nations and companies are often desperate to make sales to maintain their business and technological capabilities.
https://www.epsjournal.org.uk/index.php/EPSJ/article/view/332
so called arms trade offsets, that have become integral parts of most arms trades
https://sites.tufts.edu/corruptarmsdeals/tag/offsets/
Rather than being globe-trotting shadow brokers with influence and connections all around the world, independent third-parties are usually geographically limited in their usefulness and have highly specific business and political knowledge. This type of localized third-party, which this paper dubs “national conduits,” predominate within the cases in the compendium. They are supplemented by lesser numbers of sales agents, gatekeepers, money-launderers, and offset brokers, some of which play multiple roles at once. Each of these types will be defined and discussed in this study.
Agents in the legal trade have evaded the attention of scholars and policy advocates. To the extent that they do receive any scrutiny, it is when major arms corruption scandals break into the forefront of a nation’s public consciousness, potentially becoming household names. Nonetheless, their role and notoriety usually remain secondary in comparison to the arms companies or corrupt public officials who are the main protagonists of any corruption drama.
Corruption-enabling third-parties are arrangers or facilitators of monetary bribes or personally beneficial political favors. Non-corrupting agents in the arms trade are a likewise under-studied component of the arms trade and merit further, separate investigation.
https://sites.tufts.edu/wpf/files/2020/04/A-typology-of-corrupt-third-parties-in-legal-arms-trade.pdf
40% of corruption in international trade was related to the arms trade. This was based on a detailed survey of materials not in the public domain, relating to complaints of corrupt activities in international trade
https://sites.tufts.edu/corruptarmsdeals/
The arms trade is one of the largest industries in the world (total expenditure US$1917 billion in 2019), generating colossal profits to private companies and individuals at the expense of taxpayers throughout the world.
World military expenditure is estimated to have been $1822 billion in 2018. It was 2.6 per cent higher in real terms than in 2017 and 5.4 per cent higher than in 2009. Global military spending has been gradually rising following a post-2009 low in 2014. It is now 76 per cent higher than the post-cold war low in 1998.
https://www.sipri.org/publications/2019/sipri-fact-sheets/trends-world-military-expenditure-2018
The Hegemonic Framework
government support, equivalent to 2% of global GDP (at least $1.8 trillion a year), is directly working against the goals of the Paris agreement and draft targets on reversing biodiversity loss, the research on explicit subsidies found, effectively financing water pollution, land subsidence and deforestation with state money.
https://www.businessfornature.org/news/subsidy-reform
…not only has humanity not succeed in reducing emissions following warnings on climate change in the late 1980s and 90s, but the emissions have also grown substantially, and we have now emitted as much since 1990 as in all of history before that time.
https://ieep.eu/news/more-than-half-of-all-co2-emissions-since-1751-emitted-in-the-last-30-years
“Respondents rated governmental responses to climate change negatively and reported greater feelings of betrayal than of reassurance. Climate anxiety and distress were correlated with perceived inadequate government response and associated feelings of betrayal.”
https://www.sciencedirect.com/science/article/pii/S2542519621002783
ResearcherZero • February 18, 2022 3:43 AM
@Clive Robinson
“Similar to Windows 11 Home edition, Windows 11 Pro edition now requires internet connectivity during the initial device setup (OOBE) only. If you choose to setup device for personal use, MSA will be required for setup as well. You can expect Microsoft Account to be required in subsequent WIP flights,”
…though most likely, the same workarounds as on Home will continue to do the job.
SpaceLifeForm • February 18, 2022 4:13 AM
@ ResearcherZero
though most likely, the same workarounds as on Home will continue to do the job.
For now, maybe. Imagine a person that is not technical, and just purchased a new OEM box. Do you really think they will be able to learn of the workarounds on their new machine without a functional browser?
These days, you have to have a working internet connection on an older machine so you can research the issues involved with a new machine, before you ever boot it.
Non-technical people would never even think of that in the first place.
I still have this now 18 month old machine behind me, that has Windows 10 preinstalled. It still has not seen power yet.
Anders • February 18, 2022 7:43 AM
@Clive @SpaceLifeForm @MarkH @ALL
hxxps://www.washingtonpost.com/world/2022/02/17/ukraine-russia-putin-nato-munich/
Important here is:
“Two of the U.S. officials said there was additional intelligence indicating a false flag by Russia would involve the use of a chemical agent that would immobilize civilians, then use cadavers to make it appear as though the Ukrainians had gassed and killed civilians. One of the officials said the blame might also be pinned on Americans.”
Winter • February 18, 2022 8:05 AM
@Anders
“Two of the U.S. officials said there was additional intelligence indicating a false flag by Russia …”
Quite common. Russia and Germany did this in 1939 with operation Himmler (Poland) and Mainila (Finland). Russia did the same in 2008 Georgian war and in 2014 in the Crimea.
Operation Himmler
ht-tps://en.wikipedia.org/wiki/Operation_Himmler
Russian False Flag operations
ht-tps://share.america.gov/how-russia-conducts-false-flag-operations/
Winter • February 18, 2022 9:42 AM
@All
Clearly, Russia is desperately looking for an excuse to destroy Ukraine:
Donbas Separatists Announce Mass Evacuation To Russia; Putin Sees “Situation Deteriorating”
ht-tps://www.theburningplatform.com/2022/02/18/donbas-separatists-announce-mass-evacuation-to-russia-putin-sees-situation-deteriorating/
MarkH • February 18, 2022 9:44 AM
@ResearcherZero, Clive, re using manual operations for hardening against cyberattack:
Consider electrical power networks, because (a) targeting such systems can make such attacks extraordinarily destructive, and (b) Russia already made a proof-of-concept attack 6 years ago.
Much computerization is in the interest of cost-saving, but power grids are geographically extensive and require coordinated operations over long distances.
Unfortunately, the “manual method” (using person-to-person communication in place of more automated systems) has its own vulnerabilities:
• impersonation (“social engineering”)
• increasingly high-tech telephone systems are also subject to cyberattack
• radiotelephone links may be jammed
While I’m confident that hardness can be improved, doing so is more than following a simplistic formula.
lurker • February 18, 2022 11:57 AM
OOBE? With a little brain fog here, I put OOBE into 4 different search engines and got the first three hits for an Apple store of that name, then an apparel design outfit. Win 10/11 OOBE was well down the list for all searches…
Requiring internet and MSAcct is only stupidity. Evil will come if/when the OEM licence prevents F12 boot select a USB stick Live Linux.
JonKnowsNothing • February 18, 2022 12:05 PM
@Winter
re: Clearly, Russia is desperately looking for an excuse to destroy Ukraine: Donbas Separatists Announce Mass Evacuation To Russia
That appears to solve the problem nicely. All the Russian-Heritage folks move back to Russia leaving the region “All for the Ukrainians”, who didn’t want them to be there anymore anyway.
Of course, it depends, if the Russian-Heritage folks really leave.
Yes indeed, Russia is going to destroy Ukraine by emptying a region of all those tax payers and workers. Clearly they worked, it isn’t clear they paid taxes…
Don’t it always seem to go That you don’t know what you’ve got Till it’s gone
Anders • February 18, 2022 12:21 PM
@lurker
“OOBE?”
It’s long known fact that when dealing with MS stuff, “MS”
prefix should be added.
Search MSOOBE
(known already from XP time…)
Anders • February 18, 2022 12:27 PM
@ALL
Another false-flag op.
hxxps://twitter.com/MarQs__/status/1494710814405804032
Winter • February 18, 2022 12:27 PM
@JonKnows
” All the Russian-Heritage folks move back to Russia leaving the region “All for the Ukrainians”,”
They go so the Russian tanks can take their place. They are not going to give it up.
The Duma has just this week asked Putin to recognize the Donbas as an independent state:
ht-tps://euromaidanpress.com/2022/02/15/russian-duma-urges-putin-to-recognize-donbas-puppet-statelets-is-the-minsk-peace-deal-dead/
Anders • February 18, 2022 1:23 PM
@ALL
hxxps://twitter.com/360Netlab/status/1493797519725367302
“We have been asked about if we see the Ukraine related DDos attacks, the answer is yes, mirai is behind it. and the C2 is located in Netherlands.”
Anders • February 18, 2022 1:33 PM
@ALL
hxxps://edition.cnn.com/2022/02/16/politics/us-russia-defense-contractors-hackers/index.html
“Russian government-backed hackers have acquired sensitive information on the development and deployment of US weapons by breaching American defense contractors over the last two years, US security agencies said in a public advisory on Wednesday.”
Clive Robinson • February 18, 2022 2:49 PM
: JonKnosNothing, Winter, ALL,
That appears to solve the problem nicely. All the Russian-Heritage folks move back to Russia leaving the region “All for the Ukrainians”, who didn’t want them to be there anymore anyway.
Nobody want’s them actually, they were “wasterals” to start off with, history shows many of them being non-indigenous to the area. Moved in by Russia to make the region more Russian (same as China is doing in other parts of the world). In effect it”s the next stage after “ethnic cleansing”.
Have a look at the History of Ireland, where the indigenous mainly catholic Irish got displaced, repressed and replaced by mainly protestant Scotts. Most of whom were very much not wanted in Scotland either in the areas from which they came… The main reason for them to be driven there was the English from Oliver Cromwell’s time onward, the English wanted rid of Scotlands clans and to use the lands as they saw more profitably for producing wool.
The result was long periods of Terrorism which caused many indigenous Irish to end up in the Americas, where they were used as the cheapest of labour to build out what are now major US Cities.
History shows that nearly all such “repopulating” ends up being “Terroristic” and often causes “blow back” on those who used the repopulating.
I suspect the East of Ukraine will cause such problems for the next couple of centuries. Because the “deported” have “dreams” that are basically a fiction fed to them as a way of holding control (it’s like any religion or cult used for political reasons).
In more modern times such people are moved in effectively as “cannon fodder” to provide a defensive barrier for a parisitical “Empire State”. Which Russia has been for so long now, they are in reality a “failed state” as they have no real economy having been parasitic for several centuries.
As I’ve indicated “Strong Russia” or “Empire Russia” which Putin had been pushing a faux history of it’s past glories and what could be again… Is a false narative ploy to keep the Russian Rus on his side. It is another “The Streets of London are paved with gold” nonsense that is still believed by many trying to make their way to England…
The problem for Putin is he’s not realy delivering on a viable economy and “Strong Russia” will fairly rapidly fail yet again. That is Putin selling of Russian mineral wealth at “fire sale prices” does not build an economy. An economy is built by rhe people of a nation being industrious and producing an excess of “value added” products that can be traded with other nations. If you look at Spain’s history you can see what is going to happen, likewise with the oil rich nations in the Middle East and more recently in South America. The incoming money gets squandered for political reasons, and the nation actually becomes rapidly economically unviable as the money raised from selling off the mineral wealth cheaply just gets given back to the nations buying the minerals to get “finished goods”. It’s a stupidity that there is an English truism for, of “Selling off the family silver”.
If the Russian Rus want “the good life” then they have to create “the value added” wealth with their own resources and effort. Being a parasitic Empire will history shows fail, often in some form warfare be it by invasion or internal civil warfar. Likewise history shows selling of the mineral wealth to “buy security” will just “empty the cupboard” and make the eventual end of Empire even more distressing (something Russian Rus should realise from their “living history” since the end of WWII).
Russia’s only way out is to give up the illusion of “Strong Russia” it’s only going to lead to more longterm pain, and concentrate on industrializing it’s self with it’s raw resources to provide value added goods and services that bring in wealth by trade.
But every nation surounding the West of Russia can see what is going to happen to them something the idiot Rus in the East of the Ukraine do not seem to realise. There is a perfect example of what Putin’s “Strong Russia” is going to lead to, just north of the Ukraine it’s called “Brlarus” (White Rus).
Further there is another example to the Ukraines South West called Moldovia[1]. They were heading the way of Belarus under Russian influence and agression. However a recent directional change has started because of the “Party of Action and Solidarity”(PAS) gaining political power. Hopefully they will go in the right direction economically and give others an indication of why Putin’s “Strong Russia” is a very bad idea for all.
The EU especially should realise that “cheap Russian Gas” is actually very bad news, and the equivalent of having a “Crack house” on every street corner. There is a very clear history of Putin “turning off the tap” for political reasons.
In the past the EU was buffered from this nonsense by the Ukraine and it’s storage fascilities that the NIMBY’s of the EU do not want to have near them.
So Putin has simply bypassed the Ukraine “storage buffer” which helped protect the EU from his influance, with the Nord Stream piplines. So now Putin has all the “instant power” of the “off switch” under his hand… EU leaders are going to find that actually Damocles was better off under that sword suspended by just a single hair, because at least there was food on the table…
As others have observed “This will not end well for Europe” and Germany in particular.
MarkH • February 18, 2022 3:46 PM
@JonKnowsNothing, Winter, All:
Don’t believe what you hear about “ethnic Russians” or “Russian speakers” in Ukraine. Only a small fraction of Ukrainians identify themselves by ethnicity or preferred language.
It’s the norm — not the exception — to have ties of ancestry, other kinship, family history or sentiment to both countries. It’s common among young Ukrainians to not even know which countries their ancestors may have been from.
Anders • February 18, 2022 4:04 PM
@ALL
hxxps://twitter.com/NotWoofers/status/1494785046254915594
“Local sources confirm that the Druzhba gas pipeline has exploded. This is one of several lines that provides gas to all of Europe.!
Clive Robinson • February 18, 2022 4:53 PM
@ Anders, ALL,
More on the FosFuel pipeline “alleged” explosion and fire in East Ukraine in “Russian influance zone”.
Treat all these as “fog of war” reports, that are probably not at all accurate,
Some are claiming it was due to “shelling” with “mortars and grenades”,
And others apparently think it is Russia pretexting for a faux “Casus Belli” to start an invasion,
SpaceLifeForm • February 18, 2022 6:54 PM
@ Anders, Clive, ALL
Casus Belli, Fog of War, and Oil prices
Druzhba oil pipeline isn’t anywhere near Luhansk.
Evacuation announcements were actually recorded on Wednesday.
If you want to stay on top of this mess, then read both
hxtps://twitter.com/bellingcat and hxtps://twitter.com/IntelCrab
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Anders • February 11, 2022 4:35 PM
@Clive @SpaceLifeForm @ALL
Bad news.
I really hope this is false.
However always prepare to worse…
hxxps://twitter.com/christogrozev/status/1492239848807317517