Greenpeace has published a report, “Squids in the Spotlight,” on the extent and externalities of global squid fishing.
News article.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
Clive Robinson • March 18, 2022 7:02 PM
@ Leon Theremin, ALL,
With regards,
“Protesters turn to tinfoil hats as increasing sickness blamed on Government beaming radiation rays”
I thought Wellington NZ had giant parrots not flightless cuckoos as an endangered species…
I guess the next thing no doubt reported will be stories of the “Boris and Natasha 30th Anniversary Tour”[1]…
[1] For those of more tender years, in 1992 the cartoon sprung forth a TV Movie… Importantly though,
Boris Badenov and Natasha Fatale are still the spies of old for the picayunish nation of Pottsylvania, corseted between the more powerful states of Wrestlemania and Yoursovania. Where the Cold War of old is still as frigid as glacial ice, as is their respect towards their Fearless Leader skulking in “Central Control” nashing his vulpine teeth, beneath the glassy dead cod-eye monocular stare as he carries out the unseen Mr Big’s orders.
ResearcherZero • March 19, 2022 2:34 AM
@Leon Theremin
An Australian MP, Craig Kelly has already been pushing a sonic conspiracy, suggesting perhaps audio speakers might be the source, and some kind of weapon to quell protests wielded by Australian Federal Police.
Mr Kelly has already been pulled up in the past about visits to certain places (known for “honey traps”) and frequented by Russian intelligence officers.
A lack of information, and disinformation pushed by the likes of Craig Kelly leads to hysteria. If people are worried about “microwaves” they should ask their governments about Russian intelligence operations in their country.
The information to avoid a direct energy weapon is very simple, “retreat to a room where the effects are no longer noticeable”.
Although there is a U.S. bill signed into law to assist victims, there is no such action from allied nations who continue to be completely mute on the subject. One such country is Australia which has disclosed nothing, though possesses a wealth of information about directed energy attacks by the GRU, and identities of the victims (who often remained uniformed).
“a new ambassador, Walter Stoessel, arrived in 1974 and threatened to resign unless everyone was told. “That caused something like panic,” recalls Mr Matlock. Embassy staff whose children were in a basement nursery were especially worried. But the State Department played down any risk.”
the State Department played down any risk. This is incorrect, it’s not just the State Department that played down the risk, it is also several allied nations and their governments and agencies.
“Then Ambassador Stoessel, himself, fell ill – with bleeding of the eyes as one of his symptoms. In a now declassified 1975 phone call to the Soviet ambassador to Washington, US Secretary of State Henry Kissinger linked Stoessel’s illness to microwaves, admitting “we are trying to keep the thing quiet”. Stoessel died of leukaemia at the age of 66. “He decided to play the good soldier”, and not make a fuss, his daughter told the BBC.”
“The beam came from an antenna on the balcony of a nearby Soviet apartment and hit the upper floors of the embassy where the ambassador’s office and more sensitive work was carried out. It had been first spotted in the 1950s and was later monitored from a room on the 10th floor. But its existence was a secret tightly held from all but a few working inside. “We were trying to figure out just what might be its purpose,” explains Jack Matlock, number two at the embassy in the mid-70s.”
“From 1976 screens were installed to protect people. But many diplomats were angry, believing the State Department had first kept quiet, and then resisted acknowledging any possible health impact.”
These kinds of incidents continued through the 1980’s and 90’s. Known victims, were not only military and intelligence, but also family members, neighbors, and a few people who got themselves a little too involved doing dirty work for officers from the GRU.
Disinformation is easy with all the 5G Nanobot/Cell Tower conspiracies, and Western Governments remaining very tight lipped about Russian operations over the years.
Government could release more information, what the mobile systems look like, the antenna, which unit of Russian Military Intelligence is behind the attacks for example, the identities of these individuals. These systems are not easy to build and require a considerable budget.
Considering these kind of activities, and others, continued unchallenged, it’s no wonder Putin has the idea there are no consequences for his actions.
Early in his career, before he became president, he employed “hybrid methods” (kidnappings, assassinations, poisoning and other covert methods) to gain power, and also directed attacks against innocent victims, including operations on foreign soil.
ResearcherZero • March 19, 2022 2:38 AM
On to something a with a little less tin foil…
“The researchers said they named the 19 vulnerabilities as Ripple20 not because they were 20 vulnerabilities in the beginning, but because of the ripple effect they’ll cause in the IoT landscape in 2020, and the years to come.”
“Researchers say they only scratched the surface when it comes to discovering all the devices that have implemented Treck’s TCP/IP library, and that many equipment vendors will need to verify their own code going forward.”
Vulnerabilies in Treck TCP/IP stack affect IPv4, IPv6, UDP, DNS, DHCP, TCP, ICMPv4 and ARP
Successful exploitation of these vulnerabilities may allow remote code execution or exposure of sensitive information.
https://www.zdnet.com/article/ripple20-vulnerabilities-will-haunt-the-iot-landscape-for-years-to-come/
This updated advisory is a follow-up to the advisory update titled ICSA-20-168-01 Treck TCP/IP Stack (Update G) that was published Aug 20, 2020, to the ICS webpage on http://www.cisa.gov/uscert.
CISA is issuing this advisory to provide early notice of the reported vulnerabilities and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.
The Treck TCP/IP stack may be known by other names such as Kasago TCP/IP, ELMIC, Net+ OS, Quadnet, GHNET v2, Kwiknet, or AMX.
https://www.cisa.gov/uscert/ics/advisories/icsa-20-168-01
ResearcherZero • March 19, 2022 3:05 AM
Antennas pointing up into the sky are not attacking you with radiation. By all means, if you see a couple of Russians pointing an antenna at you, record them on video, or at least some description, their license plate number. If you were attacked you would no be complaining, “errrr, I’m feeling a little sick”.
It’s highly doubtful you are going to be attacked, with all the news coverage, unless you work/worked for the CIA or another service, and the GRU has a very specific reason. If you want to campaign for something, campaign for the real actual victims.
Go for a jog, get out of the house, get a RAT test, check for Covid, and if you still are not feeling better, maybe see a doctor.
Boris • March 19, 2022 3:20 AM
Leon, that video from Tech Ingredients is sort of ok – I don’t think it’s just conspiracy theories. (Although many will assume it is)
He does a lot of interesting tech stuff on his channel. Sometimes controversial but always educational. It will appeal to many of the geeks on here.
His solid-fuel rocket series is a lot of fun.
lurker • March 19, 2022 6:32 AM
@Leon, All
It’s a sad reflection on the supply chain disruption caused by the pandemic that it has taken so long for such behaviour to get across the Pacific, along with the links between vax and 5G, and the microchip trackers.
Since abandoning most controls the NZ death rate is currently about 1 per million per day, which has caused some to ask if the pandemic is real, or is it just because we are being told about it?
Clive Robinson • March 19, 2022 8:07 AM
@ ALL,
Hobbies and security in a changing world
As some of you know I work with RF Comms very widely both as a hobby, in other hobbies, and professionaly in quite a few areas.
So not just the broadcast industry and commercial long haul comms but also for charities and the like who work in very remote areas where there is no “landline or Mobile Phone” and where “War-Lords” and similar represent a threat.
Then quite importantly there is “Emergancy Services Comms”(EmCom) as well. Because what many do not realise is even in some parts of the first world you do not have “phone coverage” or mobile[1] coverage at all. Or worse it is lost easily or fairly quickly due to even a little bad weather or human activity (even rodents can take down mobile service just by gnawing a cable or two).
Because VHF/UHF hand held two-way / walkie-talkie / handie-talkie equipment is of very limited range, sometimes less than a couple of miles, other solutions are required for longer ranges such as things like MF NVIS and HF comms and similar are still very much required even from cars and small teams of S&R and FR going more than a couple of miles.
In fact in this rapidly changing world there is something we should all “on-board”,
That is REMEMBER apart from the aim of their base activities there is very very little difference between Emergancy Services such as “Search and Rescue”(S&R), “First Responders”(FR) and the Military when it comes to Communications. Likewise any group of people including social groups, like family and friends etc.
In what were once “normal times” most communications used for hobbies do not need to be secure, and in the case of Amateur/Ham Radio, CB etc legaly you have to send things unencrypted and in an inteligable form sometimes called “In the clear”.
Less clear is if you use RF comms for a non communications related hobby or professional like maritime activities such as sailing, motor cruising, and other similar activities like flying gliders, hot air ballons etc.
Usually close to shore or inland these days you can often use mobile phone service[1], similarly from boats and ships if you can use Email or messaging or other data transmission for weather chart updates etc via mobile service provision.
But what of activities where you go over a horizon where “Line of Sight” comms does not work such as “offshore” activities, or wilder terrain or even forrests and woods. That is where mobile service is out of range and you do not for various reasons have satellite comms service through Imarsat or similar.
Well for maritime activities since shortly after the Titanic sank, the use of “Radio Telephony”(RT) has been required by law for all maratime vessels of a certain class or size and above (be it morse code or voice).
Obviously if you place a RT call on the MF/HF or even ship-ship VHF frequences it radiates out and can be picked up by anyone in range. So the system lacks “Privacy” hence the use of “commercial codes” has been allowed and still is.
But less talked about as quite a few do not want to go there, is there are times you either want to or are legaly required to use “privacy” measures.
Some are not immediatly obvious such as if a crew member becomes ill and you need to communicate with a Dr. There is all sorts of legislation you are probably unaware of comes into play, and you have a legal duty of care towards confidence (ie privacy). Likewise with semi-commercial or commercial activities.
As I’ve indicated the times have chwnged in many places in the world, and much more frequently there are times when “Privacy” is not sufficient. That is things need to be rather more “secure” as peoples lives are very much at risk. People like “Charity Workers” in hostile areas where there are War Lords, dictators and similar looking to kill those helping others for political or other gain.
This increase in “security” for communications is sometimes given names like “Operational Security”(OpSec), “Communications Security”(CommSec) and “Low Probability of Intercept”(LPI), etc.
One such way is to make your “Over The Air”(OTA) comms hard to be picked up via LPI techniques.
As it turns out many of the LPI techniques used by the Military etc, are also used by “Radio Enthusiasts” like Ham Radio operators in a desire not just to be more efficient and of higher reliability but to have fun. That includes the likes of Nobel Prize winning physicists who like the idea of “bouncing signals off of the moon” by the use of “Earth Moon Earth”(EME) techniques. EME used to be used by the NSA and Five-Eyes to get communications around the horizon, and they may well be doing so still today as “The moon is a satellite you can not shoot down”.
EME has given rise to some very interesting new “Data Modes” that use so little radiated power they are effectively “below the noise floor” if you do not know the precise time, frequency, and modulation mode in use. Also they can be fully automatic and of very short time duration and employ both time and frequency agile techniques. Whilst not impossible to find, these charecteristics wete the Military’s hotest dream for “behind enemy lines” LPI OpSec from WWII through the “Cold War” and certainly upto the second Gulf War if not still considered today.
You too can play these days as well… All you need is a laptop and “Low Power”(QRP) HF rig that can be easily “broadbanded” (MARS Mod etc). Which you can put together for considerably less than $1000. You can even find YouTube channels (look for OH8STN and KM4ACK) that tell you most of what you want to know.
But whilst the LPI techniques are fine legally, you still bump into the “in the clear” on the OTA interface issue and you will not find many people who will tell you directly how to do this.
Well when it comes to “voice comms” privacy is difficult, as any discussion about VoIP “voice security” will show.
But “Digital Modes” are just a “communications channel” into which you supply “data” any data, and as with all “information chanbels” you can “open a secure covert channel” within it. This has been “known” for longer than several millennium but it was only with the work of Claude Shannon and others that it got a mathmatical analysis methord and joined the ranks of other sciences with “Information Theory”.
As was widely known from the Boar War onwards if you “encrypt your message” you can still send it like any other message. In modern terms think about totally insecure text messaging, if you type in “Hi, how yer doing…” then your message content is known to anyone who knows how to intercept the message (which is probably in the millions of people). However if instead you sent “JDGHE QZPRS BKEGR DGNDI VEJFY BDJTV SJFHT…” although they could get at the message it has no know meaning to them without other information including the “encryption key”.
There is in most places know law against sending encrypted traffic, if there was then internet commerce would not be possible.
Interestingly though many Ham Radio software applications such as WinLnk are split into the “user interface” and “communications interface”. For historical / test reasons the user interface normally can use the Internet via the Telnet or similar protocol, as well as a myriad of radio interfaces,
As such you can set these Ham Applications up to use various communications interfaces. So if it communicates across the Internet, encryption is legal, but if you use a radio interface under normal usage then you are supposed to send “in the clear” on the OTA.
KM4ACK has just posted a YouTube video about using WinLink on a Raspberry Pi to use the Internet to send encrypted messages “Point to Point” with the encryption done outside of that (so “End to End Encryption),
https://m.youtube.com/watch?v=ZYCP4Xrn8UY
He speeds over the encryption but has a more indepth video on it, showing it for encrypting data files and the like.
https://m.youtube.com/watch?v=2OAbU3WSPV4
But if you are a Ham Operator he also has videos of how to set up WinLink to work over radio links. Switching between Internet and Radio as the communications channel is not difficult so Ham Operators should take care…
But WinLiink is also used by dayboat and offshore sailors through a paid subscription service, where “privacy” is often a requirment so they to can use such a setup and be able to use “privacy” techniques such as codes and ciphers.
KM4ACK also talks about LPI and other “obscurity” techniqies,
https://m.youtube.com/watch?v=oIyckKhZrpA
But also look into,
https://m.youtube.com/c/RadioPrepper
https://m.youtube.com/user/SurvivalTechEU
Put it together and if you find yourself living in a cave or similar in these rapidly “Changing Times” then you will have usefull skills quite a bit beyond the average.
[1] What many do not realise is that “mobile” services and quite a number of “Private Mobile Radio Services” there is actually a legal requirment for the “Over The Air”(OTA) communications to be what some would call “secure” or as most would think “for privacy”. This was due to the proliferation of “scanners” back from the late 1970’s onwards, and how Newspapers would publish stories based on Audio recordings “Scanner Enthusiasts” made of newsworthy people (celebrities / politicians / Royalty, etc).
Clive Robinson • March 19, 2022 8:24 AM
@ lurker, Leon, ALL,
Since abandoning most controls the NZ death rate is currently about 1 per million per day, which has caused some to ask if the pandemic is real
The “death rate” is not what should be looked at to answer that.
Firstly because it is seldom reported accurately.
Secondly and more importantly death rate is a measure of pathogenicity not infection.
So they should be looking at the “Infection Rate” which for Omicron B2 is quite high in both NZ and Aus.
There are graphs you can look at online that show just how fast things are ripping through populations where the figures are reported.
Which it the third problem…
For instance in the UK we know that the curent infection rate is about 1 person in every 25, or 4% of the population. Which is the worst infection rate we’ve seen in the entire pandemic, but other places are worse. The problem is as the “official figures” are incorrectly recorded or not recorded at all it looks better than it realy is.
Oh and for those talking about “Death Rates” just remember, that work at the University of Washington found that the under reporting world wide is atleast by a factor of three… That is the real number of deaths is up in 20million and it’s getting worse daily.
JG4 • March 19, 2022 9:34 AM
It seems improbable that the death rate in NZ could stay at 1 million per day for very long.
National population estimates: At 30 June 2021 | Stats NZ
https://www.stats.govt.nz › information-releases › national-population-estimates-at-30-june-2021
New Zealand’s estimated resident population was provisionally 5,122,600 there were 2,542,600 males and 2,580,000 females
I fondly recall 30 years ago hearing that an area of Brazilan rainforest equal in size to the State of Washington was being cleared every day. Needless to say, I called fermented grass clippings on the claim. It would be useful to see a graph of the actual rate. And the environmental impact of all that soil washing into rivers. They are sure to be happy about the price of beef and commodities these days.
lurker • March 19, 2022 10:06 AM
@JG4
One per million per day, or about five times the road traffic death rate.
@Clive
WHO method is used for reporting deaths. It is the high infection rate that has encouraged a loony few to protect themselves from various forms of EM radiation. And yes, with self-administered RATs, and self-reported results, our “official” epidemiologists have been warning they don’t know the real numbers.
Nick Levinson • March 19, 2022 11:06 AM
Postage stamps may show where they were bought, and maybe when and other particularist data, at least for U.S. stamps.
A proposal shortly after 9/11 would have required ownership traceability of every new stamp, but that was not implemented and the discussion was brief.
However, stamps bought lately at U.S. Postal Service self-service kiosks, which accept customers’ payment cards (I think both credit and debit) for payment, have codes on them. The codes are black and white dots and arabic numerals and formerly letters. There are more dot columns than numerals and letters and a column has many more dots than needed just for equivalents of the numerals and letters.
In one case, a potential serial murderer was arrested and denied bail because the suspect mailed threatening letters, the code showed which kiosk was the point of sale, and the kiosk’s camera showed him, with a match to a driver’s license photo. https://www.thedailybeast.com/daniel-alfred-gallegos-taunted-cops-every-time-i-see-young-beautiful-femalesi-want-to-strangle-them , with commentary in https://www.reddit.com/r/privacy/comments/d6e3vl/apparently_now_postage_stamps_are_traceable/ . (He pled guilty and the plea was upheld. https://casetext.com/case/united-states-v-gallegos-104 .)
I suspect there’s room to store a transaction number.
I saw one person’s mailing of roughly a dozen pieces using these stamps, and stamp codes were not identical. Probably they were bought in one purchase, each one a Forever stamp, so the codes may store even more information, and not just error detection or error correction. I have not seen much on the Web about them. One 29-cent design with sales in Texas shows different codes even on what seems to be a single sheet (https://www.meterstampsociety.com/news.html and to similar effect about apparently sharing a sheet see also https://www.ateeme.net/anglesw/ausa_apc.htm). The dot codes seem to be Data Matrix 2D barcodes. https://www.hackerfactor.com/blog/index.php?/archives/901-Zebras-and-Dots.html .
One person buying stamps for someone else could create a problem.
I doubt stamps sold at post office windows have those codes or anything like them, although maybe they could in the phosphor overlays meant to support scanning for face value. Old stamps without phosphor overlays are generally still valid for postage; and I’ve bought some without paying much over face value for mint stamps, but they can be annoying to buy and use, especially if you need glue.
Canada has something similar. https://www.meterstampsociety.com/news.html .
(URLs are as accessed 3-13-22 or shortly before.)
Ted • March 19, 2022 12:00 PM
SolarWinds hack what?
Russia’s Sberbank is advising users of its online app to not update their software.
Maersk is all eyes right now.
https://gamingsym.in/sber-warned-about-the-danger-in-the-online-application/
SpaceLifeForm • March 19, 2022 2:48 PM
@ Ted, Clive, ALL
Just can’t get the horses to drink.
hxtps://www.solarwinds.com/trust-center/security-advisories/whd1275
In an abundance of caution, SolarWinds recommends all Web Help Desk customers whose WHD implementation is externally facing to remove it from your public (internet-facing) infrastructure until we know more.
vas pup • March 19, 2022 3:11 PM
@Nick Levinson
All US mail/letters scanned and on both sides, scans recorded and stored. Just FYI.
Stamps may contain inside fingerprint of the person who attached it.
Unfortunately, can’t provide link, but as I recall in Japan was developed the machine which could read the content in folded letter placed in sealed envelope without opening it.
@Leon Theremin
https://ppjg.me/2009/01/31/silent-sound-spread-spectrum-ssss-the-all-digital-tv-broadcast-signal-connection/
”But the most insidious aspect of SSSS is that it is completely undetectable by those being targeted. Because it delivers its subliminal programming directly to the human brain via the auditory sense at frequencies that humans are incapable of perceiving as sound, there is no defense against it. Everyone on the planet is equally susceptible to mind control via SSSS and there isn’t any escape from it, as the UHF waves can be transmitted over very long distances from remotely located sources and will pass through walls and other objects as if they are not there.” Super tool for gaslighting of person who have a courage to have own thoughts.
Yeah, if you hear something and next person to you don’t, you are either delusional or see above.
@all I want to share with you quote just found
”Integrity is doing the right thing, even when no one is watching.” I guess the same applied to posts on this blog – be respectful even nobody (except collective O’Brien -1984) could know your identity. Happy weekend!
Ted • March 19, 2022 3:27 PM
@SpaceLifeForm, Clive, ALL
Woo. I don’t know if US critical infrastructure had to start reporting cyber incidents as soon as the law passed. But I bet a few of them are practicing pulling out their incident reports from their holsters.
SpaceLifeForm • March 19, 2022 4:40 PM
@ vas pup, Nick Levinson
Informed Delivery
It’s a great cover story.
The scanning is now decades old.
I’m not sure how the tech works, but I heard about this long ago, from insiders, that the contents could be read from the outside.
Guessing something like NFC or X-ray diffraction. THe tech could read folded paper inside an envelope, and discern the writing in layers.
I have no doubt this exists.
ResearcherZero • March 19, 2022 6:12 PM
There are a few methods for following stamps.
–
In Australia, Mr Deripaska and Rusal remained unsanctioned, prompting Transparency International Australia’s CEO Serena Lillywhite to tell Four Corners: “No individual or company that is sanctioned, as is the case with Mr Deripaska – there are personal [US] sanctions against him – should be allowed to do business in Australia”.
The call fell on deaf ears, until Russia’s invasion of Crimea prompted fresh scrutiny of Mr Deripaska’s Australian investment.
It was only on Friday, after questions were being asked in the media about Mr Deripaska’s omission, that he was added to Australia’s list.
Foreign Minister Marise Payne rejected allegations the government was too slow to target Mr Deripaska.
“I think Australians would expect that their government would want the due diligence done on sanctions processes, no matter where they apply, to make sure that we are addressing all those issues.”
https://www.abc.net.au/news/2022-03-18/russian-oligarch-oleg-deripaska-sanctions-ukraine-war/100921146
In what appeared to be a bureaucratic hiccup, the initial statement from the United States included Australia on the list. But Australia could not sign up to coordinated sanctions for a simple reason: It is yet to pass its own legislation in the vein of America’s Magnitsky Act.
https://www.lowyinstitute.org/publications/australia-under-pressure-implement-magnitsky-style-laws
Australia welcomed the sanctions in a joint statement with New Zealand, but it put no sanctions of it’s own in place.
https://www.theguardian.com/australia-news/2021/dec/02/australia-to-face-pressure-to-use-new-magnitsky-style-laws-against-myanmar-and-chinese-officials
The government is likely to pass the law eventually but “it seems it’s not at the top of the priority list and probably won’t be for some time,”
“If the legislation passes, there will be pressure within the government to use it.”
When asked why the administration hadn’t introduced the bill, Foreign Affairs Minister Marise Payne remained non-commital. “The government will continue to determine the path forward and respond when it’s able to do so,” she told a parliamentary hearing.
The Autonomous Sanctions Amendment (Magnitsky-style and Other Thematic Sanctions) Bill 2021 (the Act) commenced on 8 December 2021.
https://www.dfat.gov.au/news/news/autonomous-sanctions-amendment-magnitsky-style-and-other-thematic-sanctions-act-2021
Australia is yet to use it’s Magnitsky powers, relying on older sanctions powers which are less effective at directly targeting individuals.
Rusal remains unsanctioned here.
SpaceLifeForm • March 19, 2022 6:18 PM
@ Clive, ALL
I am smelling an APT inside SIM that Factory Reset will not clear.
Maybe I am just confused.
Maybe it is just a defect in the Silicon.
Maybe it was due to Cosmic Rays.
`
I get these texts from a 5 digit number, but I can not delete them.
I have done Factory Reset 3 times in past 10 days, and this keeps happening.
The only way to clear, is Factory Reset.
I am sure I will get another text from the same number within 48 hours. Have seen for years now.
It is always right wing, gun control propaganda.
I probably should just get a new SIM, and see what happens.
After retiring Bitdefender Free, Bitdefender launches Antivirus Free for Windows
Security company Bitdefender announced last year that it would retire Bitdefender Free at the end of 2021. Now, three months later, the company launched a new free product, called Bitdefender Antivirus Free.
In a surprising move, Bitdefender launched a new free antivirus product for Windows after cancelling the old one just three months earlier.
The company announced the launch of Bitdefender Antivirus Free on the company blog. The blog post reveals that the program has been created from the ground up. Bitdefender Antivirus Free “offers enhanced features, functionality, and improved user experience in comparison to the previous free version” according to Bitdefender.
The free section of the Bitdefender website does not list the new product yet. You need to visit this link to open the page with the download link. The download is small, but the installer requires an Internet connection and will download more than 500 Megabytes when it is run, provided that you allow it to do so.
The version requires a Bitdefender account. A sign-up and sign-in form is displayed on first run. Users who don’t want to create an account just for that can uninstall the antivirus product right after installation again as there is no option to use it without an account.
According to Bitdefender, the new antivirus adds Outlook and Thunderbird email protection, custom scanning schedule options, and exploit detection to the protective features.
The free version protects against all advanced threats according to Bitdefender. Several features, such as ransomware remediation, vulnerability scanning or a firewall are not included in the free version.
The free version includes antivirus protection, including on demand scanning of devices it is installed on, web protection, and advanced threat defense, which attempts to block zero-day attacks.
The interface is easy to use, but many of the options are locked for free users. The dashboard displays two actions, quick scan and system scan, that are available in the free version, and three, vulnerability scan, VPN and Safepay, that are not.
There are multiple upgrade buttons in the interface, and selecting any of the locked options will also display upgrade options. Users may also be notified about special offers and recommendations by default, which can be disabled in the options.
Closing Words
Bitdefender received quite a bit of backlash when it announced the end of the free antivirus solution. If it would have waited with the announcement until the new free product would have been ready, many users might not have taken the announcement that badly.
Bitdefender Antivirus Free offers basic protection against certain types of threats. Good news is that it uses the same antivirus engine as the paid products, and Bitdefender has scored highly in all recent tests.
The program may be an option for users who don’t mind the missing features and regular reminders about the paid upgrade options. Free trial options are available for users who want to test the extra features without having to part with their money right away.
Clive Robinson • March 19, 2022 7:41 PM
@ SpaceLifeForm,
I get these texts from a 5 digit number, but I can not delete them.
What we call “texts” or “SMSs” were actually an accident…
The underlying system was for updates for the SIM and Phone Base Band unit (the non-smart part of your phone). So things like User Intetface stuff like Network Provider logos and ring tones and other “Marketing Support” and similar junk could be sent to your phone by your “service provider”. As an underlying “engineering / maintanence system” they were not designed to be “deleted”…
The fact somebody worked out how to repurpose the system so users could send a hundred or so characters of text to each other was just “A late stage add on / after thought”. Some claim was started as a way to get in on the then very profitable pager market (if it was then it was both wildly successful and eye-wateringly profitable for oh a quater of a century or so).
In part this story is supported by the fact that the text system is “secondary traffic” with no guarentee of delivery let alone timely delivery. Not even “best effort”[1].
As a very rough rule of thumb, those 5digit numbers originate from your Service Provider as they are not “circuit traffic” originated.
Some service providers sell “bulk SMS” services to organisations that do “regional messaging” like traffic, weather, sports scores etc updates, even “Emergancy Service”. Some services are parallel feed or “General Broadcast”. That is all phones in the same cell get the message irrespective of the phones numbers or user prefrences (yes even turning SMS Off does not always stop them).
The fact you can not delete them suggests either,
1, Your phone brand/model/update has a bug.
2, Someone is playing fast and loose with the service settings.
Either way, they are unlikely to stop… Unless it’s the latter and you take it up with your Service Provider, or better still swap to another service provider and take your number with you.
[1] I’ve mentioned before that back last century before Smart devices were even a twinkle in marketings eyes, I had decided to use SMS as a side channel for security with Banking and similar online systems on PC’s. But I ran into the secondary traffic and slow/non delivery issue, and partly solved it (by sending primary traffic to the phone so the network was forced to find the phone thus would know where to send the SMS rather than just cache it).
JonKnowsNothing • March 19, 2022 7:56 PM
@ SpaceLifeForm, @ vas pup, Nick Levinson
re: I’m not sure how the tech works … the contents could be read from the outside.
There are several versions of how this can be done now, I dunno how it was done then without steaming the envelope (see Banksy Spy Booth).
Historical documents use a variety of inks and those inks have chemical signatures. By isolating the chemical trace for each ink ingredient the letter, font design and images can be read.
That same thing can be done for paintings. They can trace the chemical signatures of the paints used and often track them to their source of origin. In ancient times, artists had to roll-their-own paints and colors. This is still commonly done by historical preservers, forgers and historical recreation specialists.
Now there are special scanners (X-Ray etc) that can be set to read just a filament slice of the scroll and derive the letters from within that slice. They have been successful reading burnt scrolls using that sort of technique. Think: very thin salami slices.
===
Search Terms
Iron gall ink used in Europe for the 1400-year period between the 5th and 19th centuries, remained in widespread use well into the 20th century, and is still sold today.
Clive Robinson • March 19, 2022 9:45 PM
@ ResearcherZero, vas pup,
I had a pal who used to communicate with Satan via the television screen.
I once worked for a very friendly company that unfortunately got taken over by a ball of 541t…
The new corporate owners a very large publishing (ie Journals) Mega-Corp set the Human Resources people onto the “taken over staff”.
Not only did it feel like “A night of the long toothed zombies” horror flick, the HR people would not communicate… You got “Hellish edicts” handed out like “Satan’s spawn” that you could not stop and like bullets from a robot machine gun, they came fast and furious and only in one direction…
Basicall You would get Emails that you could not as such reply to as they used “setver lists” and “holiday mode” to bounce any replys… Likewise the HR phones all went to “out of office” messages that then did not alow you to leave a message, just flipped you to a phone that was permanently “engaged”, so you got that automated message of “The person you are calling knows you are calling, and you are number one in the que”.
Well as the HR droids found out the hard way more than one person can play that game… And some play to win no cheats exempted…
For some reason one night an auto-update and re-configure went out that “accidently” set the “holiday mode” on all users email clients…
The following morning long before “Sparrow F4rt” when HR’s latest Devil Spawn bunch of Emails got auto-sent, the entire network rapidly dropped to it’s knees and for a short while crawled to a death march pace, and then keeled over faster than a fainting goat…
Some of you have probably heard about “Ping Storms” as a DDoS attack, well back then if you sent out a bulk Email and all the recipents did a “Reply to All” with an automated “out of Office” message then you got N^2 multiplication with every round, and the rounds were automatically endless, limited only by network capacity… I gather a few “seniors” were mightily upset by this, so demanded “Action this day”…
But the Net-Admins were not able to help other than say they would have to disconnect all effected computers from the network. The Email server SysAdmins were likewise unable to help, and unfortunately the way things had been set up the “tech support” people for users desktops could not do anything either as they could only send new updates to an automated delivery system that only sent them “at night”… With the admin of that service being out that morning with a dental appointment…
For some reason, with nobody able to do any work, it was not “a quiet day in the office”… Many assumed that it must have been the update service admin, but as he pointed out, he had not logged in to the service or sent any updates etc so not him.
Anyway, as I said a few “seniors” were mightily upset… So they payed a very very very expensive firm of consultants to come in immediately and find out what had happened with a view to a publicl evisceration of the culprit when found. The oh so expensive consultants apparently spent the weekend going through all the computers with the proverbial “fine tooth comb” or as we used to call them “bug rake”[1]…
Apparently all they found were some “time holes” in system logs, and some disk sectors in the free list that had been zeroed out… And very little else… I guess someone was as smart if not smarter than the ultra expensive consultants…
A couple of years later I was reminded about the incident because in the IT news it was reported that a serious bug[2] had come to light when someone was caught using it to “make their employer pay” (and was dumb enough to get caught).
[1] Half a century ago, schools regularly had plagues of “knits” or “hair lice/mites” whilst there were treatments back then you had to go visit a Dr to get a perscription, that only killed the adult knits. So part of the two week treatment was to comb out the eggs at the base of the hairs with a “knit comb” atleast twice a day. This was a very “fine toothed comb” and as you used it like a garden rake, you sometimes also raked out live mites so it got called a “bug rake”. If you can imagine what happens when it hits knotted hair, you can imagine why it was detested… I was lucky in that I never got knits, but as I have very fine hair, I did not like using the aluminium combs that were popular at the time. So the soft plastic “bug rake” was better than the metal comb for me, so I tended to use it most of the time.
[2] It was a little known bug with Microsoft’s equivalent of “cron” called “at”[3] in that a user could get it to run a simple command that would startup a command shell… So if you went to a system console and set it up to run a command shell in say two minutes, and then you waited, you got a command shell owned and with all the privileges of SYSTEM (the MS equivalent of the local superuser, which is kind of bad news on a privileged server…). The odd thing is that this was a “known problem” way back last century with “cron” in the early days of *nix… So why MS did not test for it years later with NT is anybodies guess… It only took very minimal skills to find, and so I suspect it must have been known to several people.
For instance “Pen-Testers” tend to be a bit “dishonest” in that they keep a few tricks –aka zero-days–
in their bag they do not tell clients or vendors about. Because it gives them “Market Advantage” thus repeate work (Consultants do the same thing, in that they only solve say 80% of your problem, thus they get to make a second bite of the apple as repeate business).
[3] https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/at
But the security bug comes and goes, as can be read at,
Nick Levinson • March 19, 2022 9:58 PM
@vas pup, @SpaceLifeForm, @ResearcherZero, & @JonKnowsNothing:
Scanning inside unopened envelopes was, in a British system decades ago, perhaps during WWII, by using a very bright light and a camera with a very shallow depth of field, with a series of photos, each focused on a different layer of the folded paper. This was sketched out in a public source very critical of the CIA, perhaps CovertAction Information Bulletin or CounterSpy.
In the U.S., unless for national self-defense or not first class, this might require a court warrant even without opening the envelope, and then a court warrant could authorize covertly opening anyway. I imagine warrants don’t normally specify the means of executing the warrant, so that the choice of opening or scanning would be at the prerogative of the searcher.
It also is tedious work, especially when paper isn’t quite flat and if squeezing the envelope between glass sheets doesn’t flatten it enough. This may raise doubts about how many mail pieces someone could thus scan in an hour. Philip Agee’s book Inside the Company discusses opening mail where he was stationed, not this kind of scanning, which should already have been available, and I think the opening was at the embassy, where such equipment could have been kept.
Maybe the system didn’t work very well. If lenses with that shallow a depth of field aren’t widely available in 2022, and I don’t see why they wouldn’t be, such as for studies in biology or human health, maybe they don’t work very well even now.
And erasure-caused smudges could be hard to distinguish from adjacent sheets that are fuzzy because they’re slightly outside the depth of field even without trying to read the pre-erasure content, unless the depth of field was so shallow that there was virtually no next-sheet imagery to confuse an observer looking at the area of the smudge, but then even a slight bend of the paper would require even more photos.
On a fingerprint being on the stamp: Yes, front and back. Also DNA.
Informed Delivery: The U.S.P.S. also televises handwritten envelope obverses through a closed circuit so a clerk in someplace like North Carolina can type addresses into a terminal and a machine can imprint the proper delivery barcode or can return the envelope to the sender as undeliverable even before it would get to the delivery post office, which might have recognized the address and the addressee and delivered it.
I think the U.S.P.S. Zip code database, which publicly is based on addresses, may, for internal use of the U.S.P.S., have names of who’s at each address, and not just for PO Boxes. If you attempt to renew forwarding for a name past a time limit, attempts fail, even for apartment houses. They likely barcode to the address line, but I don’t know if they barcode to the addressee organizaiton, last name, or person.
@-:
Your posting reads like an “Advertorial”
It came from ghacks, linked within the post. It is not meant as an advertisement nor would I waste my time doing so. I run Linux, so this news is of little interest to me but I thought I would post it for the Windows users among us, it’s certainly more security/tech oriented than most of the garbage political noise being posted here.
I don’t use nor would I recommend the AV software posted. It’s proprietary software and requires a proprietary OS.
Is that good enough for you?
name.withheld.for.obvious.reasons • March 19, 2022 11:50 PM
Human resilience is limited in scope, and the persistent barrage of million monkeys on typewriters continues unabated. Shakespeare would not be jealous in the lest. The following is strongly worded and expresses more passion than most find readable–it is not an abuse of language though, except a mangled word appearing as the second to last word. And they are all my words, strung together to form a…
The ABA is setting its historical predation of jurist prudence and contempt for professional ethics into stone. As a profession, a number lawyers and attorneys are demonstrating a dual contempt; one for the duty to the truth and justice, the other is for the institutions required to populate seats for judicial officers to the court. History will reflect that utter banality precedent, the disgorgment of trust, and the role in society one might think necessary for civility, and how law and its practice plays a major role. Of course no amount of legal judicial system or systems can survive first contact with a deliberate war upon itself.
It will be a pleasure to write the history of the legal practice in the U.S. and the large part played by the licensers and those practicing law in a malevolent manner and all the while testing and exceeding the boundaries of legal malpractice. The level of embarrassment and dishonor the legal profession is bestowing onto itself is simply stunning. It would be worthy or a Shakespearian play if it werent for the fact that even Shakespeare had limits to his satire.
To me, the flight from the “rule of law” to the “law of the jungle” has landed, we are now all captives to a world of animalist omnovores preying on the least resistent. A mad and devolved (ironically) form of beastial pursuits will pass as our collective enterprise. Art, beauty, truth, and a humble humanity capable of love is gone…thank you, you f’ing psychopaths
Hung • March 20, 2022 12:39 AM
https://www.americanpurpose.com/articles/preparing-for-defeat/
“Turkish drones will become bestsellers”
Leon Theremin • March 20, 2022 1:21 AM
@ALL
“Futuristic device from Israeli firm puts music in your head, without headphones
‘Sound beaming’ 3-D technology from Noveto Systems tracks ear and sends it audio using ultrasonic waves, creating personal listening pockets”
https://noveto.com/technology.html
Any guess about if a more advanced version of this is not already embedded covertly in every telecom tower?
“If there is any doubt, there is no doubt.”
— Ronin
Winter • March 20, 2022 6:46 AM
As has been commented here before, Putin will sell Russia to China to survive:
Putin’s Russia will ‘have to become China’s colony’ to survive after Ukraine war
ht-tps://www.mirror.co.uk/news/world-news/putins-russia-have-become-chinas-26511058
Winter • March 20, 2022 7:46 AM
@Clive
“So I guess the real issue is,
1, Spotting a bad leader.
2, Dethroning them quickly.”
Plato wrote the book about rulers and politics which set the question for 2 millenniums:
Who should rule? Or, what is the ideal ruler?
In the 20th century, Karl Popper argued convincingly that this was entirely the wrong question. The real question is: How can we get rid of rulers?
What brings down every empire, authocracy, dictatorships, and tyranny is the fact that there is no sane way of retiring rulers that have outlived their usefulness, or even sanity.
Putin will be the next textbook example of this question.
Clive Robinson • March 20, 2022 8:00 AM
@ Leon Theremin, Hung, ALL,
With regards,
“‘Sound beaming’ 3-D technology from Noveto Systems tracks ear and sends it audio using ultrasonic waves, creating personal listening pockets”
You need to note there are two parts to this system,
1, The tracking system.
2, The directed projection system.
There is actually very little that is either new or patentable in either part.
As readers here will know automated tracking systems have been improving steadily for the past couple of decades. So much so that “surveillance systems” can tell what your hands are doing through a brick wall by signals emitted from WiFi systems. Such tech has turned up in gaming console systems over the years but has been somewhat crude in resolution. The think about such systems is once you’ve cracked the basics, getting better resolution follows as technology becomes more focused and the VR industry has been desperately chasing tracking for the past couple of decades for obvious reasons.
As for the projection system…
It uses constructive interferance, and a technique that goes back to WWII and radio navigation systems for bombers which got titled “the battle of the beams” by Prof R.V.Jones in his early 1970’s book “Most Secret War”.
As I’ve mentioned on this blog in the past many years ago I was involved with a project that spun out of work to try to make underwater holographic images by the use of ultrasonics.
Holographs are produced by the interference patterns of two wave fronts from “wave based radiative energy sources” those we see use coherent light sources (often lasers) that then get split one directed at the “object” and one directed at the recording media. The reflection from the object also gets directed at the recording media. The result is the media records an interferance pattern. This pattern when later illuminated with a coherant source, makes the interferance pattern work in reverse, thus the object image appears to be projected out of the recording media. Obviously what you csn do with coherant light you can do with other coherant radiative sources.
The idea was in a water tank used for testing ships hulls coherant sound in the form of millimetric ultrasound would be used instead of light thus a holographic image could be recorded and played back in a visable form. The problem was the technology of four decades ago was not upto making an effective recording media…
But during the experiments a side effect was noted, the technicians could develop intense itching, enough for them to scratch themselves raw and bleed.
Investigation showed that the constructive interferance was causing the ultrasound to be demodulated in the nerve endings just under the skin[1]. Further investigation showed that nerve signals could be “controled” enough to induce fits similar to those experienced by those suffering from epilepsy.
I won’t go into the details as someone will no doubt pop up and complain if I do, as they have done in the past and echos take time to die away… But a demonstration system of a “non-leathal weapon” using the principle was slightly changed, and could render imdividual pigs in a field not just unconcious but dead more than a thousand feet away…
But as with most technological discoveries,
1, You can not “unring the bell”.
2, Stop the “trickle down effect”.
It’s why I’m very cautious about LRAD[2] devices that use similar directed coherent sound sources.
I suspect that should this Noveto system get put in the consumer market place it will have unanticipated neurological effects or be easily made to do so.
But… Like my crude holographic touch system, the Noveto system will almost certainly suffer from an object shadow problem. In a room with support columns or other things in it if you wear real head phones it does not matter where you move, the sound will reach your ears. However with projection systems, anything in the way “blocks the beam” or part of it and the sound you hear will be at best down graded. It’s not a problem that is easy to fix, and in some case can not be…
So my advice “don’t put your money” anywhere close to it, oh and stay away from them as nurological harms and issues can be hard to make good.
[1] Quite a few years ago now I did a little personal research into this effect and found you could induce feelings much like touching things. It was very crude but holding your hand open to the ultrasound sources you could kind of feel not just textures but large shapes. As I indicated to some money people at the time, with refinment the technology would add “virtual touch” in what we now call a “VR Environment” but without the “clunky gloves”. The trouble was I was to honest with my time scale projections…
[2] Let’s just say I can see the “path followed” to get to, C Vigil Maratime and their,
http://www.cvigil.co.uk/pdf/Klarion%20Brochure.pdf
Oh and how to make it work slightly differently…
Winter • March 20, 2022 11:37 AM
@Clive
“There is something about the Russian Social psyche that is like a mass recidivism[1].”
Recidivism is the hallmark of the psychopath.
lurker • March 20, 2022 1:01 PM
@Winter, @Clive, All
‘have to become China’s colony’
A little context around that quote might help:
“If he survives, he’s going to have to become China’s colony at this point.
“That’s the only way he’s going to get the financial support he needs to survive.
“And it’s not a sure thing that the Chinese are going to want to do that. It’s a really bad situation.
“It is in their interest, provided the war doesn’t go nuclear.
Note all the conditionals in there. In particular the last “their”. In whose interest? Without being present at the conversation it’s difficult to say. Note that this is the opinion of one man, “Harry Kazianis, an expert on US foreign policy and national security issues involving China”.
Mr. Kazianis apparently hasn’t asked the Chinese for their opinion. China at present is standing back and watching, as befits somone who only wants to pick over the bones afterwards, and leave the rest to rot.
SpaceLifeForm • March 20, 2022 1:27 PM
@ Clive, ALL
How is that Random working for you today?
How will that Random work for you later?
It is a fairly long and technical read, but recommended. Today is Sunday.
hxtps://www.zx2c4.com/projects/linux-rng-5.17-5.18/
The random number generator has undergone a few important changes for Linux 5.17 and 5.18, in an attempt to modernize both the code and the cryptography used. The smaller part of these will be released with 5.17 on Sunday, while the larger part will be merged into 5.18 on Monday, which should receive its first release candidate in a few weeks and a release in a few months.
…
However, since we just keep track of a single counter, a single malicious entropy source could be responsible for all of the credits except for the one or two or forty or so that an attacker would then bruteforce. Typical solutions to this usually involve something like the “Fortuna” scheduler,
https://www.schneier.com/blog/archives/2014/03/the_security_of_7.html
SpaceLifeForm • March 20, 2022 2:12 PM
Network Security questions
What does it really, truly mean that a user is authenticated in a networked environment?
Are we really sure that a security token passed over a communications network can really be trusted by a server?
Are you sure your security token has not been captured by malware?
How long should a security token be valid?
How much seasoning should be applied before one passes the hash?
There are no simple answers.
hxtps://arstechnica.com/information-technology/2022/03/a-big-bet-to-kill-the-password-for-good/
“Schemes like Passkey could work and be more secure than passwords as they stand now,” says Johns Hopkins cryptographer Matthew Green. “But if the user interface for inter-device transfers sucks on some devices, it will suck for all of them, which would continue to discourage use.”
Clive Robinson • March 20, 2022 2:19 PM
@ lurker,
In particular the last “their”. In whose interest? Without being present at the conversation it’s difficult to say.
You pull in the opposite direction to me..
Where I asked with respect to the Russian citizens,
“Will it be any different than being a colony for arguing oligarchs, mafia and the corrupt as they currently are?”
You go with,
China at present is standing back and watching, as befits somone who only wants to pick over the bones afterwards, and leave the rest to rot.
It will be interesting to watch this from the side lines. However I suspect it will be protracted maybe more than half a decade of conflict.
Eventually Russia will fail to have the whole of the Ukraine, but I suspect that the politicians of the “intetnational community” will “sell them out”.
The reason is simple, as Putin is fully aware, the world needs Russian raw resources. The various economies in the world, especially the Western ones need those resources be the food, energy or feedstock. Thus their politicians will compromise any integrity they have just like drug addicts who attack the weak and inferm to get their next fix.
The solution to Putin is directly through Putin, not through the Russian people. Who let’s face it are so cognatively biased, they will believe any nonsense Putin pushes out rather than admit Putin has repratedly made fools of them.
Putin has shown he has no respect for International law, by sending out hit squads under his personal authority to kill those abroad he does not like or see as a threat.
As he started walking down that path…
If you remember back the US’s Paul Bremer, under the Bush Executive put a price on Sadam Hussain’s head, nearly two decades ago. The “dead or alive” bounty was a mear $25,000,000 and $15,000,000 for each of his children, and surprise suprise people called to collect. So how much is Putin’s head worth? and those of his more extensive family in comparison?
As the US can legally grab the money stolen by Putin and his cronies that they have “stashed abroad” in the US and other places, it’s not as though it’s going to be the US tax payer that will be stumping up the cash for any bounty on Putin and Co’s heads.
Is it a bad idea? Yes such things always have blow back effects. Would it do the Russian people a worthwhile service? Probably. As for the Ukranians and the Belarusians almost certainly yes.
The issue is how to deal with the “power vaccum” that would arise, there are ways to make that work provided you can stop the Russian predilection to corruption from causing the same nonsense to arise again.
My own view starts however at the Security Council of the UN, for stability to happen, the permanent members and their veto powers have to go, no ifs, buts or maybes.
lurker • March 20, 2022 2:39 PM
@Clive
I asked a couple of weeks ago where was the policeman to arrest P for his war crimes, but that post got the kiss of death, perhaps because I quoted the UKR UN ambassador. Somebody else also posted about him later and it stayed up about two hours. Is he persona non grata here?
Winter • March 20, 2022 2:39 PM
@Clive
“The reason is simple, as Putin is fully aware, the world needs Russian raw resources.”
The world needs the resources, but they do not need the Russians.
I think the “world” (i.e., Europe) has listened to Putin’s rants and realized that he is an immediate, lethal threat to all of Europe. That doing business with Putin is financing your own murder. Europe has waken up to a real world staging of
The Fire raisers
https://en.m.wikipedia.org/wiki/The_Fire_Raisers_(play)
(tl;Dr: the protagonist gives matches to the fir raisers that have stuffed his attic with gasoline.)
That insight will not disappear soon.
SpaceLifeForm • March 20, 2022 4:57 PM
Breaking news! Big evil corps do not really want to hire IT folk that actually know stuff.
If it takes you a few months of prep to get past an interview, you do not want to join the cult.
hxtps://nitter.net/hussien_coding/status/1505272836524589058#m
[FYI: eff ess bee is a spam filter eh eye issue]
SpaceLifeForm • March 20, 2022 5:07 PM
eff ess bee is a spam filter eh eye issue
hxtps://nitter.net/KyivIndependent/status/1505518177932955649#m
SpaceLifeForm • March 20, 2022 5:40 PM
@ Clive, -, Moderator
eff ess bee is a spam filter eh eye issue
Yep. Because I blockquoted the tweet that had the magic keyword, it did not get thru the spam filter. THe post with the blockquote was ‘held for moderation’. But you can read it, if you follow the link.
The spam filter eh eye is psychopathic.
It is stupid if it thinks a three letter acronym is bad , even when that is known to everyone,
Clive Robinson • March 20, 2022 5:53 PM
@ lurker,
“I asked a couple of weeks ago…”
There was a link put up about a week back to the United Nations Official TV feed of the U Amb giving a speech –that also had been seen on MSM outlets– and it to got nixed PDQ. So unless it was the same link you saw, the answer to your question might be yes…
lurker • March 20, 2022 6:16 PM
@Clive
I agree with you on the veto, but I think the current permanents should stay, always at the grace and favour of the Gen Assy. Hopefully such a threat might encourage good behaviour. Apart from the ego massage, those people need to be kept in where they can be watched.
EvilKiru • March 20, 2022 6:19 PM
Informed Delivery only involves scanning the address side of the envelope or package. There is no scanning of the contents, but the mailer is allowed to provide a grayscale preview image of the content that is then included in what the post office emails the recipient.
EvilKiru • March 20, 2022 6:32 PM
@Nick Levinson: The bar code is intended to include an 11-digit location, which consists of the 5-digit ZIP code, the +4 add-on, which narrows the location to a “central region” near a group of addresses, and a 2-digit delivery point, that can narrow it down to a specific building, floor, hallway, or apartment/suite.
lurker • March 20, 2022 6:36 PM
@SpaceLifeForm, Network Security questions
Anybody else notice ads on that page for “AI powered Security”? Brrr…
As for “a post password world”, for my sins (a couple of otherwise good merchants whose least antagonistic payment methods involve PP) I have an account at PP and have studiously ignored their requests for my mobile Nr. After getting an email, You are permanently logged in on this trusted device, I cannot access my account settings to turn this off…
Winter • March 21, 2022 1:42 AM
What a dictator needs more than everything is surveillance. That is, facial recognition, speech recognition, location, communication taps, etc.
What does surveillance need? Hard drives.
Russia faces IT crisis with just two months of data storage left
ht-tps://www.bleepingcomputer.com/news/technology/russia-faces-it-crisis-with-just-two-months-of-data-storage-left/
Russia may face a shortage of server hardware in the coming months
ht-tps://europe-cities.com/2022/03/14/russia-may-face-a-shortage-of-server-hardware-in-the-coming-months/
ResearcherZero • March 21, 2022 5:10 AM
“Think you’re typing into a pop-up window? Make sure that you try to drag it OUTSIDE OF the content area of the page first.”
“Surely normal human beings do this.”
https://mrd0x.com/browser-in-the-browser-phishing-attack/
ResearcherZero • March 21, 2022 5:30 AM
@Winter
They used to have a guy who just walked in and out of agencies with the required folder under his arm. However, Australia had it’s access downgraded, which increased the time it took for information coming in, to then find it’s way out.
That same fellow and his comrades are still hanging around in political circles. Sidling up to people, fishing, then literally dashing off to his nearest handler. He no longer has a clearance, though the government still employs enough of them to be effective. Australia is not real keen on oversight, mainly to avoid scandal and embarrassment, which is battle long lost.
–
“The CIA gathering American data, a defense agency buying consumer data from a third-party broker and the Department of Homeland Security (DHS) participating in a program stealthily compiling money transfer records.”
Multiple covert government surveillance operations hoovering up Americans’ information without oversight have been exposed in the last year. Those not following closely may not have noticed.
A group of 45 civil liberties groups on Friday sent a letter to the chair and ranking member of the intelligence and judiciary committees in both chambers calling for Congress to flex its oversight power and act on legislation.
https://thehill.com/policy/technology/598809-major-government-surveillance-revelations-fail-to-make-a-big-splash too big
SpaceLifeForm • March 21, 2022 5:31 AM
It Was Easy to Hack a Billionaire
hxtps://nitter.net/RachelTobac/status/1504116311202283522#m
SpaceLifeForm • March 21, 2022 3:22 PM
@ ResearcherZero, lurker
A lot of people always use their browser in max mode, so there is no real estate to drag any window to.
Malicious ads. If the ad contains JavaScript, it is a problem. Most are not self hosted by the website. uBlock Origin stops those.
Thankfully, I did not see the oxymoron ad for “AI powered Security”, because I use FireFox with uBlock Origin and Privacy Badger which knocks out a lot of junk.
You may want to check the comments on this ElReg article. There are not that many to go thru. 27 currently.
https://www.theregister.com/2022/03/18/browser_in_browser_phishing/
Also, even if the screen real estate exists, dragging may not work if the attacker is crafty. It may be possible to make the parent window drag anyway. It should be very difficult, but I would not say impossible via JavaScript tricks.
hxtps://stackoverflow.com/questions/26389950/allow-drag-and-drop-of-an-element-containing-an-iframe
SpaceLifeForm • March 21, 2022 4:34 PM
@ Clive
As expected, I got another spam SMS within 48 hours.
So, I did some research, and it is some kind of troll op.
At least this time, I was able to delete.
Apparently, you can text STOP back to them. Yeah, sure. That is the same problem as an unsolicited email that says you can opt-out if you click on a link.
Anyway, the number is 64433.
Their TOS is a joke. Not going to link to it, but it does say this:
SMS alerts are available on AT&T, Verizon Wireless, Sprint, T-Mobile®, U.S. Cellular®, Nextel, Virgin Mobile, and others. Message frequency varies. We collect mobile phone numbers and consent to send messages when you text message the Providers’ SMS number(s) with a short code (such as 64433)…
Clearly that is legal word salad and a lie as I never made any action nor gave any consent. This org is not who they pretend to be.
Todays spam requested that you text your zip code.
hxtps://www.huffpost.com/entry/as-a-gun-violence-survivor-i-feel-betrayed-by-everytown-for-gun-safety_b_59a04fe5e4b06d67e3375190
Clive Robinson • March 21, 2022 7:43 PM
@ SpaceLifeForm,
As expected, I got another spam SMS within 48 hours.
What you say confirms what I thought, your network service provider is very much complicit (the stop mechanism needs their involvment on the short number).
But you also need to realise there is a “political” component in the campaign, and that makes a difference…
Whilst the US alows for “free speech” it does not require you to be forcefully subjected to it as an individual…
However the same is not true of “political speech”. I can not remember the actual legislation / case law[1], but it boils down to you can not refuse or have banned political speech being directed at you in all manner of ways of delivery that are considered as “broafcasts” no matter how objectionable.
It involves the notion of third party restraint. That is you are free to put in ear plugs, but you can not get a restraining order to stop tannoy trucks in the street as it’s a “broadcast” by a third party entity and you would be placing an unsuportable constraint on them to block only your house… Likewise you can not get the Postal Service to just withold political flyers etc (look up common carrier status).
Personally I think the ability to “opt-out” of “SMS Broadcasts” is wrong, it should always be “opt-in” via a paper based signed full terms contract with a “14day cooling off” period and no “joint compulsion” tied to other goods or services directly or indirectly. Obviously breaches should be tied to hefty fines and imprisonment for transgretion. Also to stop fine avoidence etc, the entire entity has to be “in jurisdiction” with atleast three years of independently audited accounts, “insured”, and have “posted a bond” with a third party legal entity[2].
[1] If memory serves it arose over the use of “tannoy trucks” blaring out political claptrap at odd hours of the day.
[2] All of these measures are in place in various parts of the world as normal for the purposes of limiting bribary, fraud, extortion, and other crime in the supplying of goods and services, so they have been seen as quite justifiable.
Clive Robinson • March 21, 2022 8:42 PM
@ name.withheld…,
… when is the last time the U.N. demonstrated meaningful results in the area of conflict resolution–especially the security council.
Rarely, primarily because of the permanent members and their vetos.
But, this brings us to a more general question of the one you raise about the UNCHR,
Though the UNCHR is a good start, it has never had any teeth.
Is it lack of fangs, or being muzzled?
Hence my reason for wanting to get rid of the permanent members and their vetos, but not the function the security council is supposed to provide.
Lets remove the selfinterested vetos an positions that are without a doubt a form of muzzle, and see if there are actually teeth that csn not only be bared, but used to bite.
With regards,
Humanity is on this continuous loop of constant struggle and not necessarily bringing about the change required to be affirmative and stabilizing for the peoples of the world.
The problem is ages old and has three components,
1, Eternal foe,
2, Complacency,
3, Eternal vigilance.
The world has a degree of evil in it, that is there are those who put themselves so far above others that death, destruction and genocide, are but minor steps to their personal agenders.
The issue is that they can and do plan, especially when they are a collective entity with agency.
What they rely on is that most people do not plan, and certainly do not plan against what is in effect “covert enemy action” from “within the heart of society”.
This can be seen with the likes of the FBI and DoJ, who wage a war against not just the citizens, but the legislature and judiciary, all payed for by the citizens. Most importantly they suffer no penalty for failure other than not succeeding on that one occasion.
As such it is just like unrestrained terrorism, they get to try over and over and only have to win once. The citizens however have to fight on every occasion and have to win 100% of the time, which is mathematically improbable at best.
The founding fathers being mainly lawyers well practiced in English Law based on “trial by combat” were very well aware of the iniquity of such systems by the “imbalance of arms”. Which is why they drew up various documents to limit the powers of Church, legislature, executive, and all guard labour. They did this by trying to “silo” them and prevent to much power being in any one set of hands. Unfortunately their good intent has been subject to attack by “the evil within” consistently, and evil is prevailing. The reason was identified at the time, hence the truisms about,
1, Entetnal vigilance.
2, Refreshing the tree of liberty.
To some it would appear to be a choice of one or the other. Unfortunately it has to be both. Because of what is called “boiling the frog”.
Even Etetnal Vigilance can not see all outcomes, there is simply not enough time in the universe. Thus those intent on evil take small but broad in scope steps, with non obvious but planed overlaps. The result is evil gains ground, which necesitates push back, the longer it takes for the push back to occure, the more likely it is to be destructive not just to the intent of evil, but the whole of society.
It’s why in the past I’ve said every piece of legislation should have a “sunset clause” after say seven years, that has a mandatory and unavoidable mechanism where it must be properly subject to not just over sight but public debate.
Why the oversight and public debate, well ask how many “Wars on XXX” there are? And how often they should be subject to scrutiny? Then ask how often that scrutiny actually happens, followed by why it does not.
Hence my second thinking is to forcefully take the money and equivalent out of politics, by limiting campaign funds and making every single penny involved not just publicly visable but fully auditable, with penalties of sufficient severity that proven transgrettion is a bar to further participation. This requires a level of transparancy that is entirely lacking, thus gives evil plenty of places to hide and act out of sight.
But perhaps we should consider stoping the beauty pageant aspect. Why are we forced into voting for selected “Monkeys in Suits”?
Public service, is a duty as recognised by “jury service” and “conscription” why should politicians not be selectived by similar processes?
If we do not discuss such things, then we blinker ourselves against the possabilities they may well offer, thus condem ourselves to a path laid out by those with evil intent.
JonKnowsNothing • March 21, 2022 11:14 PM
@All
Just FAB… Just FAB… got at forced stealth upgrade on FF Browser…
All for the sake of what? Rounded menu-message-box corners ….
FWIW: All upgrades were turned OFF, everything set-able was set to NO.
Hijacked browser care of Mozilla – who needs the Ruskies when Mozilla does the same thing…
name.withheld.for.obvious.reasons • March 22, 2022 1:01 AM
@ Clive
If we do not discuss such things, then we blinker ourselves against the possabilities they may well offer, thus condem ourselves to a path laid out by those with evil intent.
Wholeheartedly agree. And I understand your position and underlying thinking with respect to the UN as much as one might expect from a long time correspondent and fellow time traveler. For many in the United States, the failure to recognize and encourage problem resolution through that body has been deliberately undermined and propagandized to the degree that people in the U.S. fear U.N. uniforms or mechanized systems. And what they fail to see is when the U.N. steps in somewhere in the world during a violent intra or inter-state conflict to resolve things like, oh I don’t know, ethnic cleansing (said in my Dana Cavey “Church Lady” voice). The U.S. will contend that Zimbabwe or Rhodesian problems are none of the U.S.’s concern–failing to externalize the inherent fabric of connection between states and the health and well-being of said states. It’s like MLK’s statement (I will paraphrase here), “… an injustice anywhere, is an injustice everywhere.”
But I think the construct of the UN is not sufficiently thought through. What do mean by that? Look at it from a formalized legal perspective, countries that may or may not have legitimate claims to borders, peoples, assets, and other things collectively agreed to abide by such as charter member statutes and agreements. Contractual obligations under membership only make sense if the members take the charter seriously. You can see via Julian Assange, for example, the Crown Court and the Home Office have forsaken their duty under the charter to recognize the U.N. finding of Arbitrary Detention in Assange’s case. The UK has selectively self-imposed, or more specifically self-uninposed response to the UN’s findings. How convenient, what’s good for the goose, is good for the, goose and f’ the gander. Guess the UK was disingenuous when in signed the convention on human rights.
I will argue that the nation state as a construct is flawed to the degree that the collective states cannot use the current functional mechanisms to achieve what was envisioned after the League of Nations. My own work has included revisiting what a similar organizational structure might look like and it has lead me to rethink nation state models. And in a sense, it may seem funny, but the nation state model I’ve constructed looks more like a GNU scheme then I am comfortable with. And no, Richard Stallman did not put me up to it–this is from my own pandemic research that sprouted the little gem I’ve polished (I recognize the highly subjective statement, and am fine with that for now).
ResearcherZero • March 22, 2022 4:46 AM
@Clive Robinson
Lets remove the selfinterested vetos an positions that are without a doubt a form of muzzle, and see if there are actually teeth that csn not only be bared, but used to bite.
Our own governments always interfere with UN actions, accusing them of internal interference when the UN tries to deal with human rights issues.
This must end.
The Australia government frequently calls out other nations for human rights violations, but Australia jails 10 year old children, uses solitary confinement as a form of torture, and has an absolutely terrible record for prosecuting police officers for serious crimes like murder.
Australia regularly engages in a wide range of human rights abuses, has very few human rights protections, is a signatory to UN conventions, yet refuses to follow these very same international conventions. To have any legitimacy then UN members have to begin taking their commitments seriously.
Otherwise it is increasingly going to be a world of ‘winners and losers’, where the most vulnerable will increasingly suffer.
In fact Australia has been called out yet again.
“It’s very unusual for the UN secretary-general to call out any country, specifically. I don’t recall a time when this has happened. It’s striking to see,”
“What it indicates is that we’re going to keep seeing that pressure on Australia until we step up. We’re still the only one of those big developed countries that hasn’t significantly increased its commitments for this decade.”
https://thenewdaily.com.au/news/2022/03/21/un-chief-australia-holdout-climate-action/
The “climate wars” as they are referred to, are actually real wars to secure resources and create ‘buffer zones’ to protect the empires and their borders.
The “losers” are the poor and the vulnerable, the young and the elderly, not white enough or rich enough to relocate.
The “winners” are those cashing in on tragedy and conflict, trading in seats for lifeboats, before the ship collides with an inevitable iceberg.
The surveillance industry is booming from providing services to monitor the fleeing victims of disasters both natural and man made. Most are Western companies, though they’ll quite happily fill the gaps any modern dictatorship.
ResearcherZero • March 22, 2022 5:29 AM
@Clive Robinson
I remember a briefing on Odessa in the 90’s, there might have been free sandwiches? Hardly anyone showed up from the bureaucracy, mainly military showed up. I’m pretty sure that presentation was meant for politicians and bureaucrats. Though they seem interested now.
Ukraine heavily relies on the port of Odessa for exports of bulk goods including minerals and grains, so losing it to the Russians would be a “massive strategic blow”, General Sir Richard Barrons, a former British military chief, told The Times.
“Losing the coast is a massive strategic blow to the Ukrainian economy. They would only be able to export by road and rail into the European Union effectively,” he said. “As we know those transport links in no way replicate what you can do with a port. It’s like losing Dover for the British economy.”
A Western senior intelligence official in January floated the idea that Russia would seek to take Odessa, saying it would be a “major victory” for Mr Putin.
https://www.thetimes.co.uk/article/is-odessa-the-next-target-in-putins-battle-plan-57lpmbt9b
it is the last major city between Russian forces advancing past Kherson to the east and the border with NATO member Romania to the west.
https://www.reuters.com/world/defiant-odessa-is-seen-vulnerable-russian-sea-assault-2022-03-18/
“It isa politically sensitive area, has huge natural resources and is a major, strategic transport and energy corridor. Whoever has control over this region has control of Euro-Asia.”
https://www.academia.edu/367981/Strategic_Geopolitical_Significance_of_Odessa
ResearcherZero • March 22, 2022 5:45 AM
Australian PM’s department cocks up women’s network logo
The logo, comprising a cursive W and accompanying shaft of purple colour, has been removed from the department’s website, “pending consultation with staff”, the Department of the Prime Minister and Cabinet wrote in a statement this Monday (14 March).
https://www.itsnicethat.com/news/womens-network-logo-graphic-design-160322
–
Stealthy stalking
LTrack, a new tracking attack on LTE that allows an attacker to stealthily extract user devices’ locations and permanent identifiers (IMSI). To remain stealthy, the localization of devices in LTrack is fully passive, relying on our new uplink/downlink sniffer.
https://www.usenix.org/system/files/sec22summer_kotuliak.pdf
Winter • March 22, 2022 8:10 AM
Hacking Russia back:
Anonymous says it has hacked printers ‘all across Russia’ to spread anti-propaganda messages
‘People of Russia must find horror in Putin’s actions,’ says translation of one message spread by Anonymous
ht-tps://www.independent.co.uk/tech/anonymous-russia-printers-hacked-ukraine-invasion-b2041031.html?src=rss
ResearcherZero • March 22, 2022 8:31 AM
This is my favourite piece of propaganda this year…
“Chinese communist-owned companies with the help of the Labor Party built and constructed a private jet airport,” the ad claims.
The ad goes on to explain the airport could “in effect” support a “Chinese communist” army.
Mr Palmer said he had heard stories about “a lot of heads of state going up to China” with an offer of millions of dollars.
https://www.news.com.au/national/federal-election/clive-palmers-newest-ad-picked-apart-by-experts-in-politics-and-defence/news-story/41b84f2461d77f02784ce87dcebf94f1
An advertising expert, who has worked on dozens of political campaigns, said the ads were “absolutely woeful” and called the political messaging around China a type of personal therapy for the billionaire, who is embroiled in a legal stoush with Chinese company CITIC.
China made Clive Palmer one of the world’s richest people with a $3.8 billion fortune, and China is about to make the outspoken Australian even richer.
In the latest twist to a complex legal dispute Palmer and the Chinese conglomerate CITIC appear to have cleared the way for CITIC to expand its Australian iron ore mining activities. The most recent estimate, based on the current high price for iron ore, points to Palmer collecting around $1 million a day in royalties from the original deal.
https://www.forbes.com/sites/timtreadgold/2021/04/05/china-adds-to-clive-palmers-38-billion-fortune/
Far better than Russia’s attempt at German Nazi propaganda…
Lt. Gen. Igor Kirillov — the head of the Russian military’s radiation, chemical, and biological protection force — speculated that a document showing that researchers in Ukraine had sent blood samples to labs in Australia was proof of a secret Pentagon effort to study “Slavic DNA,” in order to construct a biological weapon that would infect only ethnic Russians.
https://tass.com/world/1419965
Konashenkov, the defense ministry spokesperson, also claimed that the documents from Ukraine showed that “certain experiments were carried out with samples of coronavirus in bats. The goal of this and other Pentagon-funded biological studies in Ukraine was the creation of a mechanism for the covert spread of deadly pathogens.”
https://tass.com/world/1419559
Obviously, that was me… I caught the bats in Australia… and then I coughed on them, covertly, when no one was looking! 😉
Ted • March 22, 2022 9:15 AM
Who is Lapsus$?
“Please note: We are not state sponsored and we are not in politics AT ALL.”
The hacking group is thought to be based in South America, perhaps Brazil?
“One of Lapsus$’s trademark antics is to run polls on its Telegram channel where onlookers can vote for whose data the gang should publish next.”
Lapsus$ is claiming responsibility for supposed recent hacks on Microsoft and Okta. They hacked Nvidia in mid-February. They previously focused almost exclusively on Portuguese-language targets.
I don’t know if this is a great time to being looking for lulz.
https://www.wired.com/story/lapsus-hacking-group-extortion-nvidia-samsung
Jörge • March 22, 2022 11:26 AM
@Ted, on Lapsus$:
“Please note: We are not state sponsored and we are not in politics AT ALL.”
Nowadays any org that says something like that could well be working for any side of the Ukraine conflict.
It’s kinda like the case of those who have been called out for enriching themselves by unethical means and then whine about how unfair the charachterization is.
Like the case of GrubHub at the beginning of the pandemic, where they ran a discount called “Supper for Support,” ginning up business by claiming to help struggling restaurants, and then stuck restaurants with the bill.
https://twitter.com/AGKarlRacine/status/1505914226711351301
GrubHub says about that their “practices have always complied with D.C. law, and in any event, many of the practices at issue have been discontinued”.
“Many” practices being discontinued means that some have not, apparently.
And anytime something is not explicitly outlawed you can, technically, do it and claim to be complying with the law.
Another case is that agent for the pitcher Tyler Skaggs (he died of opioid overdose) who for several years had urged him to keep pitching through pain.
https://www.washingtonpost.com/sports/2022/03/22/tyler-skaggs-injuries-opioids-death/
In retrospect, I guess it is obvious that the agent does not want his source of income to just quit the career.
fib • March 22, 2022 12:15 PM
Brazilian hacking groups breaking through telecoms and government systems just tells how weak the security policies of said companies/institutions are. If such organized group really exists it will be a first.
SpaceLifeForm • March 22, 2022 1:18 PM
@ Clive
What you say confirms what I thought, your network service provider is very much complicit (the stop mechanism needs their involvment on the short number).
Yep. It is a legal loophole. I think the agreement between the spammer and the cellco basically reads as:
Cellco consents to provide a list of active phone numbers to spammer for $X per month.
However, parsing the TOS
We collect mobile phone numbers and consent to send messages when you text message the Providers’ SMS number(s) with a short code (such as 64433)…
Who is the ‘you’ in this picture if it was not ‘me’, the end user.
The way I read it, anyone could text 64433 to any random number, and then that random number will start getting the spam SMS.
Winter • March 22, 2022 2:12 PM
The very basics of insecurity:
(note, this news comes from Ukraine)
Russian troops ‘can last just three days’ as food and ammunition run out
ht-tps://www.dailystar.co.uk/news/latest-news/russian-troops-just-three-days-26528697
Mr Geraschenko also said via his own Telegram channel: “Due to the unwillingness of the reservists to return to the (Russian) army and the massive refusal to sign contracts, the Russian prosecutor’s office is purposefully looking for people who have problems with paying loans, paying alimony, and other debts.
lurker • March 22, 2022 2:33 PM
@Winter, “… purposefully looking for people who have problems …”
In 18th century England such were called Press Gangs.
Winter • March 22, 2022 3:08 PM
Some things that might be true, or not:
(Caveat Lector)
ht-tps://www.ukrinform.net/rubric-ato/3436566-russian-troops-have-stockpiles-of-ammunition-food-for-no-more-than-three-days.html
Clive Robinson • March 22, 2022 5:45 PM
@ ResearcherZero, ALL,
Ukraine heavily relies on the port of Odessa for exports of bulk goods including minerals and grains, so losing it to the Russians would be a “massive strategic blow”
Remember ports work both ways, and it’s not just the Ukrain egfected by Odessa from a stratigic point of view…
Have a look at a map and see who else would be effected by the Russians effectively having a shortend supply line…
The area around there is almost perfect “tank country” with little cover for drones or other defensive systems.
JonKnowsNothing • March 22, 2022 6:58 PM
@All
As I continue to watch the UKR-RU war via the AI/ML auto populated images on my pages, 2 images of interest appeared. Live, Memorex or Deep Fake?
Image 1.
Beach Front Combat Area.
This image appeared as a large banner image. No location specified.
Blue sky (no clouds). Blue ocean (no boats). A sandy beach. A tidal area of sand. Next a row of concertina wire. Followed by a row of green Czech hedgehog anti-tank barriers. The green paint is not flaking and the metal beams do not show obvious rust.
In middle ground there is an area that is a hasty scrape, a shallow dug area. On the ocean side a barrier of white sandbags, 2 deep, @6 bags across the ocean side.
Exiting the hasty scrape is a soldier in full kit + weapon, head down, balaclava or face mask, no insignia. The soldier is moving away from the ocean towards whoever is holding the camera.
Initial impression: a soldier leaving his defensive beach position along a fortified coast line.
Next The Odd Ducks:
There is a very clear wind pattern in the sand. The wind has created sand ripple formation along the beach. The hedgehog barrier is clean, either recently painted or recently placed. There has been enough time since placement that the sand ripple pattern replaced any terrain disruption by the installation (no truck or lorry or crane ruts).
The sand bags are bright and clean white. There is no visible sand build up along the edges or between the placed bags.
The hasty scrape is wind blown smooth. There is no sand disruption in the scrape.
The only disruption is 1 pair of boot prints going towards the hasty scrape. As there is no foot print or other disruption to the sand formation or ripples in the hasty scrape, the soldier did not sit, move or lay down in the scrape.
The is no sand on the soldier’s uniform, his weapon, his helmet. The uniform is clean and recently laundered.
It is likely the beach front is not part of the current war-zone of combat. It is more likely an anti-immigrant landing deterrent. The hedgehog might be a deterrent against military landing but more likely a deterrent to humanitarian refugee pickup.
The hasty scrape may have been dug during previous exercises or a previous repulsion of refugee landing. Dug more as an observation post rather than a combat defensive one. It had been abandoned for enough time for the scrape to be wind cleaned and the edges rounded.
Image 2.
A young boy peering through a chain link fence.
Background in soft focus suggests a train station or metro with people queued up. The boy has a distinctive eye disorder, likely strabismus where one eye is misaligned. The location is unspecified.
Initial impression: a sad boy evacuating alone. Perhaps an orphan, with no adults in evidence.
Next The Odd Ducks.
This eye condition is treated first with corrective glasses or a eye patch or eye drops and if those are not successful then surgical fix maybe done.
The cross-eye implies the condition is untreated or the patch+glasses were removed for the picture.
====
Search Terms
Strabismus / Strabismus surgery
Winter • March 23, 2022 5:52 AM
@JonKnowsNothing
“As I continue to watch the UKR-RU war via the AI/ML auto populated images on my pages, 2 images of interest appeared. Live, Memorex or Deep Fake?”
An image in itself is never evidence. There must always be an “eyewitness” who can vouch for the truthfulness of the image.
When looking at photographs, ask the following questions:
1) Is there a name of the photographer? Can you reach the photographer?
2) Is there a place and date where the photograph is taken? Can you go to Google earth, streetview or other sources to look at the place as it was before?
3) Is there a name for the person who delivered the photograph? Can that person be reached?
Any serious news outlet will print identifying information alongside the photograph, or will indicate that these people are known to the editors. If none of the above is available or credible, an image is nothing better than a drawing of a scene.
Then, when still in doubt, compare the photograph with existing pictures of the place and look for information and previous work of those who took the photograph or delivered it.
If deep fakes are suspected, search for corroborating eye witnesses.
ResearcherZero • March 23, 2022 6:57 AM
@Clive Robinson
One of the ‘nightmare’ battle zones we used to sit around discussing where would you not want to be at the ‘end of the world’. Or where you would want to be if you are into that kind of thing.
Speaking of which, and this is a true story.
Australian Government promises to open “Hells Gates” if re-elected
“We’ve done the homework on Hells Gates”
The Hells Gates project has been on the drawing board for nearly 80s years.
https://thenewdaily.com.au/news/politics/2022/03/23/hells-gate-dam-queensland/
A whistleblower who spent years working on the integrity of the Australian government’s carbon credit system has launched an extraordinary attack on the scheme, describing it as a fraud that is hurting the environment and has wasted more than $1bn in taxpayer funding.
https://www.theguardian.com/environment/2022/mar/23/australias-carbon-credit-scheme-largely-a-sham-says-whistleblower-who-tried-to-rein-it-in
How to rob the serfs, privatise the water, and profit from their misfortune. You couldn’t make this stuff up.
ResearcherZero • March 23, 2022 7:13 AM
@Clive Robinson
Actually, come to think of it, there are a bunch of water privatisation schemes ready to go in Australia, and it’s the politicians and their pals who just happen to own the land and the water licenses. Quite a coincidence.
It’s almost like they had been planning it. The majority of the aged population in Australia has a remarkable ability to ignore reality, similar to that of Russia, so they probably won’t even notice. Maybe that’s a good thing for their mental health? Just don’t tell the people getting flooded downstream, or if there is a sudden drought, and everything will be fine.
Clive Robinson • March 23, 2022 7:25 AM
@ Bruce, the usual suspects, ALL,
This might be of interest,
https://www.theregister.com/2022/03/23/russia_it_pro_exodus/
If correct –and onky time will tell– quite a few Russian Software Developers are leaving or preparing to leave Russia.
The reason is a combination of sanctions and internal blocking by the Putin regime.
Put simply the developers can not work without access so they are voting with their feet where possible and going where they can work.
Sounds all warm cuddly etc etc…
But me I’d be cautious. We know that with the many refugees from the various war torn nstions in the Middle East, where Russia has actively created or increased a refugee problem, it provides a “cover” for undesirables such as,
1, Terrorists.
2, Criminals.
3, Extremist Recruiters
4, Under cover agents
5, Deep cover opperatives
And worse, if what has appeared in some “inteligence briefings” over the past decade are correct.
Lets just say I would treat any fresh face with a degree of caution, and keep them away from anything sensitive.
After all what better way to destroy an industry etc but from within…
Am I being paranoid?
Well lets put it this way, for quite a number of those leaving, yes, I’m being overly cautious, but for a few well very probably not.
Look at it this way, Putin alowed a lot of cyber-criminals to ply their trade from within his boarders with apparent impunity. Well if certain stories are true, they are nolonger as welcome/free, and they have in some cases we know have had their wealth etc confiscated for Putin’s idea of the “common good”…
So they obviously want to get out, with what they can, even if it is only the shirt on their back, but can they realy leave free?
Probably not, two reasons,
Firstly, Russian needs technologists thus attempts to keep them within Russian boarders will almost certainly go well beyond free mortgages, tax holidays and such effectively worthless incentives (who want’s a house in Russia where it’s value is going to go down faster than a cannon ball dropped off of the roof in a proof of gravity experiment).
Secondly as anyone who has studied history knows, Russia’s self appointed elite has a long long history of holding relatives hostage to ensure compliance with it’s wishes by those abroad. Also it has been happy to send out not just “scare teams” but “assassination teams” such as men with ice picks rare poisons, radioactive issotopes, and virtually unknown forms of nerve agent. Under Putin he has put in law to “make it legal” and he is known to have sanctioned several fatalities and is suspected in many more –over thirty in the UK alone– all to ensure his writ gets complied with…
As I said “time will tell” but I would be cautious, very cautious, because even if they are not undesirable, Putin might think otherwise and you don’t need people you employe being suicided…
Winter • March 23, 2022 8:20 AM
@Researcher Zero
“Actually, come to think of it, there are a bunch of water privatisation schemes ready to go in Australia, and it’s the politicians and their pals who just happen to own the land and the water licenses. Quite a coincidence.”
Water privatisation has been a clear and consistent failure everywhere in the world, all of the time.
Water privatisation: a worldwide failure?
ht-tps://www.theguardian.com/global-development/2015/jan/30/water-privatisation-worldwide-failure-lagos-world-bank
Burst pipes: Why water privatisation failed
ht-tps://www.politics.co.uk/comment-analysis/2018/03/05/burst-pipes-why-water-privatisation-failed/
Top 10: Why Water Privatisation Fails
ht-tp://waterjustice.org/uploads/attachments/whywaterprivatisationfails_PDF.pdf?mi=1&res_id=349
Water Privatisation Fails to Fulfil Its Promises
ht-tps://archive.globalpolicy.org/social-and-economic-policy/the-three-sisters-and-other-institutions/global-governance-and-the-three-sisters-1-11/43401.html
Some science?
Privatisation and the failed promise of free market theory in water services provision: towards developing an alternative theoretical framework
ht-tps://www.researchgate.net/publication/228788387_Privatisation_and_the_failed_promise_of_free_market_theory_in_water_services_provision_towards_developing_an_alternative_theoretical_framework
Winter • March 23, 2022 8:31 AM
@Clive
“So they obviously want to get out, with what they can, even if it is only the shirt on their back, but can they realy leave free?”
History has shown time and again that Russians are not free to travel.
Russians Fear Putin Will Put Nation On War Footing, State Of Emergency, Close Borders
ht-tps://tsarizm.com/news/eastern-europe/2022/03/03/russians-fear-putin-will-put-nation-on-war-footing-state-of-emergency-close-borders/
This would put Russia on a war footing and close the borders to those trying to get out after the Kremlin invaded Ukraine.
Ted • March 23, 2022 9:33 AM
There was a Security Now! podcast on ‘Rogue Nation Cyber Consequences.’ It’s from March 8, but it had a lot of info I hadn’t heard elsewhere.
https://www.grc.com/sn/SN-861-Notes.pdf
Re: Ukraine’s IT Army
“Since creating the volunteer organization over 175,000 people have subscribed… But let’s all be clear that the perceived justice of the cause doesn’t make it legal.”
SpaceLifeForm • March 23, 2022 12:43 PM
@ Winter, Clive
From my readings (over a week ago), the only way a Russian IT person can escape is to lie their way out. They have to be a non-IT person.
Curious • March 23, 2022 3:12 PM
Apparently there is to be some kind of US congress committee hearing about FOIA:
Tuesday, March 29, 2022, 10:00 AM. Apparently to have a live feed, whatever goes for being “live” these days.
MarkH • March 23, 2022 4:05 PM
@Winter, JonKnowsNothing:
There are plentiful internet resources pushing hoaxes or conspiracy theories with doctored photos. Aside from those, it seems to me that deceptively altered photos are rare in typical journalistic outlets.
What is far more common, is that no-budget click-bait news repackagers show stock or file photos which some slob judged as seeming related to the story.
Unfortunately, more substantial news outlets are increasing using stock/file photos, but in general are careful to label them as such (usually in tiny fonts).
Jon has several times described suspect photos without furnishing any means for other readers of this blog to locate them for our own inspection.
MarkH • March 23, 2022 4:07 PM
continued:
Of the two images referenced most recently, I found one I think must be the same of the little boy with severely crossed eyes behind a fence, on The Guardian (which I would not expect to publish fake pictures).
I can imagine more than one simple scenario by which such a condition might fail to receive necessary treatment. Perhaps one has to spend some time in a country with per-capita GDP 6% that of the U.S. to have some feeling for health care in such an environment.
As for the beach scene, I found an NY Times photo with a gray sky (unlike the one described), with no vessels, hedgehogs, and a soldier working on a sandbagged dugout.
&ers • March 23, 2022 4:30 PM
@Clive @SpaceLifeForm @MarkH @ALL
Important capture!
To read, disable JS.
hxxps://www.telegraph.co.uk/world-news/2022/03/23/ukrainians-capture-russian-warfare-equipment-used-intercept/
&ers • March 23, 2022 4:40 PM
@Clive @SpaceLifeForm @MarkH @ALL
More on subject.
hxxps://www.thedrive.com/the-war-zone/44879/ukraine-just-captured-part-of-one-of-russias-most-capable-electronic-warfare-systems
SpaceLifeForm • March 23, 2022 4:44 PM
@ JonKnowsNothing
Yep, Covid.
hxtps://www.theverge.com/2022/3/23/22992066/stephen-wilhite-gif-creator-dies
SpaceLifeForm • March 23, 2022 5:22 PM
@ &ers, Clive, MarkH, ALL
When I first saw a pic of this (guessing 36-48 hours ago), I was like, ok, where is the power? There was no other equipment in the pic I saw.
I did not see any extension cords.
Must have been batteries that died, site then abandoned.
No power. No XMIT. No Jamming.
Keystone Kops.
Petre Peter • March 23, 2022 6:41 PM
“A nation does not learn from disaster-only from discovering its cause.” — Peikoff
Jake • March 23, 2022 10:17 PM
Russian lawmaker Alexei Zhuravlyov on state TV threatens nuclear strike on Warsaw, Poland and NATO forces or any peacekeeping contingent that might try to enter Ukraine.
https://mobile.twitter.com/JuliaDavisNews/status/1506699248758362118
Winter • March 24, 2022 1:32 AM
@ResearcherZero
“Yet the politicians need to embezzle money somehow,”
Depends on the voters/public. Power corrupts, so if the voters/public distribute power in small amounts, there will be less corruption.
The corruption lists of Transparency International shows a clear correlation between corruption and power concentration. And the countries with least corruption are also the countries where the public neither expects nor accepts corruption, even if it helps them personally.
Winter • March 24, 2022 2:06 AM
@Clive, SLF
“If correct –and onky time will tell– quite a few Russian Software Developers are leaving or preparing to leave Russia.”
They even exempt IT pros from military service in Russia:
ht-tps://www.heise.de/news/Russischer-IT-Branche-winkt-Freistellung-vom-Militaerdienst-6618432.html
(in German)
That is not only good for not having to fight in Ukraine, the abuse of Russian conscripts are legendary and claims thousands of lives every year:
Russia: Military Conscripts Caught In Deadly ‘Cycle Of Violence’
ht-tps://www.rferl.org/a/1055451.html
Every year, some 800,000 conscripts enter the Russian military. For their first 12 months, as described in the Human Rights Watch report, they are virtual slaves to their older colleagues, forced to hand over money, food, personal effects, and perform tasks day and night for their “masters.” Insubordination is punished by beatings and humiliation. The climate of scarcity in the Russian military — where food supplies and proper supplies are often inadequate — encourage this system.
The drop in the quality of both recruits and junior officers over the past 10 years also helps to perpetuate the cycle of violence. Any young man with hopes of getting a higher education or who has parents with any contacts or savings will try to purchase his way out of the draft. That leaves the poorest and most uneducated young men to serve. Many of them come from broken homes. Some have already been in trouble with the law.
Winter • March 24, 2022 2:47 AM
Putin wants to rule by intimidation. Currently he is indeed not making new friends. However, it is questionable whether the increase in intimidation will make up for this drop in popularity.
How war in Ukraine fuels a food crisis in Africa
ht-tps://www.scmp.com/news/china/diplomacy/article/3171582/how-war-ukraine-fuels-food-crisis-africa
War in Ukraine threatens world food security
ht-tps://www.jpost.com/international/article-702134
Even the remaining “friends” feel the heat:
Ukraine invasion: China braces for effects of global fertiliser shortage on food security
ht-tps://www.scmp.com/economy/china-economy/article/3170851/ukraine-invasion-china-braces-effects-global-fertiliser?module=hard_link&pgtype=article
JonKnowsNothing • March 24, 2022 10:21 AM
@ MarkH, @Winter, @All
re: Fake or Not Photos: Attribution is hard and that’s the point ain’t it
As noted, I make ample description of a few of the images particularly when it appears to be “Odd Duck”. There are plenty of images of “True Ducks” in MSM that the “Odd Duck” sticks out.
One of the issues involved is that the images come and go. These are not static images from a personal photo album. They come and are replaced by an AI/ML mechanism. They are sized according the the requirements of the column-width of the article. In the old days of paper news: they had column width and column inches which indicated the prominence of the article (those that had photos, The Wall Street Journal had drawings).
So, the images have some ranking to them. The boy with the eye problem must have had a high ranking because it became a banner sized image on my page. The oceanfront hasty scrape was replaced by the boy with the cross eyes.
So… Why was one picture swapped out for the other?
It shouldn’t be a surprise that you might not find the image later even after an ample description of it because the provenance of the images maybe in question.
MSM have historically been hoaxed by images and historically taken down the images as soon as they know about them or have verified they are not accurate.
This leads to another issue: Did the Guardian remove the image of the hasty scrape because it was an altered or composed image purporting to be a UKR-RU war image or because they had out sourced the image system to a 3d party image auction house and that image auction house AI/ML system shoveled up the “Odd Duck”?
This leads down the rabbit hole a bit farther: What was so important about the image of the boy with the eye problem that it ranked as a banner image? The boy is cute, he needs eye specialty care for sure, but what’s the message intended by the photo?
There are plenty of emotional cyclone images of UKR-RU. Plenty of images of the misery of the people and the devastation of the cities. There’s no shortage of REAL DEAL IMAGES. So why put up an image of a faked hasty scrape sea front battle station and replace it with the image of a child with a medical condition?
Inquiring minds want to know but links tell you nothing and it would disturb the AI/ML Click Bait calculations going on in the background. As you know, you get more of what you click on. If you don’t click the AI/ML will shovel up something else. It’s that “something else” that is interesting.
Attribution is hard, sourcing is hard, validation is hard.
It is interesting, you were able to find an image of the boy with the eye problem. It may or may not be the same one that I saw, but it might imply that the photographer flogged the images in more than one place. That’s what professional photographers do: they get something good and they sell it to the media outlets. Same with many news articles; same article published in news media chains and aggregated in many more.
Here is one difference between the hasty scrape and the boy.
Anyone could have taken the image of the boy: parent, guardian, passer by. Normal news or professionally published photo require a “release” from the person. Professional photographers are careful to carry the forms and get the signatures. A parent or guardian doesn’t need a release to take or publish the picture. The image is well framed, cropped and focused. The average smoe doesn’t know Depth of Field from Focal Length. The person who took the picture of the boy certainly did. I’d guess a professional or advanced amateur.
The staged image of a sea front battle station can only be done with the approval and assistance of a military authority or perhaps a movie company with Central Casting.
There are professional reporters and photographers in combat zones everywhere. They can take monumental historical images at great risk to themselves.
Why was the hasty scrape replaced by the boy?
Exactly…
fib • March 24, 2022 10:26 AM
As I thought, there is evidence that the ‘lapsus group’ is made up of only two teenagers. Indeed, to a natural speaker of Portuguese, the grammatical constructions in the texts sound pathetically immature. He uses [I think there’s only one – male – writer] corporate and academic terms just like the proverbial teenager would use when trying to impress.
htps://www.bloomberg.com/news/articles/2022-03-23/teen-suspected-by-cyber-researchers-of-being-lapsus-mastermind?sref=ylv224K8
With pain in my heart I see that there is no intellectual critical mass on these shores [I blame excessive attention channeled to the banalities of social media] for the emergence of an organized and high-profile hacker group. Take attribution to Brazilians with a grain of salt.
My anecdote: I am totally unable to establish a technical or scientific dialogue with people in my own social circle, which an occasional observer might call the local elite [I’m a good fun and can even sing]. My friends don’t read my tech blog.
Brazilians are drowning in a sea of social sciences diplomas.
Enough said.
JonKnowsNothing • March 24, 2022 11:09 AM
@Winter, @Clive, @All
re: The coming famines
IF people want to prevent the global food-famine system from degrading farther they have to STOP and STOP NOW.
It is already too late in some places for a spring crop. An early summer crop might be possible and maybe a squeezed in fall crop.
Famines have been on going for centuries but in modern times, mechanized farming and global supply chains have mitigated some food shortages. Not all, not by a long shot.
The COVID-Famine, with empty store shelves and out of stock items is still in evidence. The next part will be more brutal. You may not be able to make your own bread. The Preppers might just use up their stockpiled foods.
The choice between food and war isn’t a simple one. It’s complicated by human emotions and ideas. The result is the same: Death, Famine, War, and Conquest.
The 4 horses are riding hard.
I’d suggest a review of Clive’s excellent commentaries on Making Do With Little and Stocking UP. And don’t forget about the water…
===
lurker • March 24, 2022 12:04 PM
@ResearcherZero
Solomon Is. have shown a persistent inability to maintain the standards of civil obedience to law, political stability and competence in making and administering law, that we expect from a modern nation [There, that’s exposed a nest of bias and prejudice].
China has recent (<100 yr) domestic experience in dealing with such matters. They can probably provide the required services at an attractively lower $ cost than any of SI's bigger neighbours. It's the non-$ costs that we can't match either…
vas pup • March 24, 2022 3:11 PM
Do octopuses have emotions?
https://www.dw.com/en/do-octopuses-have-emotions/a-61246001
Very interesting article! Read to the end and enjoy.
SpaceLifeForm • March 24, 2022 6:10 PM
@ name.withheld.for.obvious.reasons
You might get a chuckle
hxtps://nitter.net/KinseyAndrew/status/1506974797615534086#m
p.s. nitter is still having growing pains, so you know what to do as fallback.
Clive Robinson • March 24, 2022 10:12 PM
@ SpaceLifeForm,
You might get a chuckle
I actually find it rather sad, and some what frightening.
The attorney was put in an impossible position by his client, and the Judge was likewise put in a very difficult position.
Look at it this way, what do you think the judge is going to get accused of, when “she” has to have the “client” dragged before her by if required US Marshals, and the client lands up doing jail time with a criminal conviction?
Remember the “client” has already effectively incited a bunch of “nut bars” to criminal activity. That is behaviour well beyond that covered by “free speech”.
What should be a “civil case” is heading fairly rapidly to what is likely to be a “criminal prosecution” of the “client” with attendent prison time as well as civil forfeiture.
What do people realy think the “nut bars” are going to do?
That is some if not all of those “nut bars” are in “full on cognative impairment” mode as it is. How do people think they are going to respond to what they see as an,
“Inferior woman acting as a tool for some shady shadow government within a government trying to not just disarm them, but turn their hero into a martyr etc etc etc”
I would suggest that it is not unreasonable to assume that the judge has now become a target for their delusions, and as the nut bars have already resorted to physical criminal acts, her life may well now be in danger for an indefinite period of time…
But what of the Attorney? As the Judge has reminded him, his first duty is as “an officer of the court” not to make what may well be false representation for his client. His professional life is teetering on the edge of an abyss. If he does not pull back, he topples in, if he does pull back then he to will be seen as a “tool” by the nut-bars…
I’ve no idea what “end game” the client is planing / hoping for, but it suggests he is not of what many would consider a “sound mind” in the accepted societal sense.
ResearcherZero • March 25, 2022 12:58 AM
@Clive Robinson
I’ve seen some appalling misrepresentations by attorneys and more disappointingly, prosecutors. Though the law here in Australia is not always what would be called ‘professional’ in other countries. Misrepresenting clients who have to be strapped into their chair and gagged on occasion for screaming threats of murder.
Misrepresenting someone like that as a prosecutor is ‘bottom of the barrel’, and using the victim’s evidence to do it… (in Australia the prosecution can both prosecute on behalf of the victim, and defend the accused if that individual worked for the state), that is likely a conflict of interest.
*”We have lived in a time of change and corrosive skepticism and cynicism concerning the administration of justice.
Nothing can more weaken the quality of life or more imperil the realization of those goals we all hold dear than our failure to make clear by word and deed that our law is not an instrument of partisan purpose, and it is not an instrument to be used in ways which are careless of the higher values which are within all of us.”* ~Attorney General Edward Levi
*”Therein is the most dangerous power of the prosecutor: that he will pick people that he thinks he should get, rather than pick cases that need to be prosecuted…
It is in this realm… that the greatest danger of abuse of prosecuting power lies.
It is here that law enforcement becomes personal, and the real crime becomes that of being unpopular with the predominant or governing group, being attached to the wrong political views, or being personally obnoxious to or in the way of the prosecutor himself.”* ~Attorney General Robert Jackson
ResearcherZero • March 25, 2022 1:05 AM
Obviously I just murdered the formatting and have been sentenced to code jail.
JonKnowsNothing • March 25, 2022 1:35 AM
@MarkH
re: 2 photo links
It appears something hit road rash but I was able to snag the links prior to it hitting the tarmac.
Very well done on finding parts of the image sequences, they are likely part of the same photo sessions.
1) Hasty Scrape. In my image the sky was blue, the ocean blue and the seas calm, no rough water. The hedgehogs look the same, although Military Procurement probably buys them by the thousands. The flat sand area looks similar. In my image there was no boardwalk, no entrenchment, no fighting pit, no civilian digging out the sand. The sand bags are similar, one sand bag might look like another but these all appear newly filled. There were no warning poles, signs or markers as can be seen along the boardwalk going seaward. Another missing item is the concertina wire and the wire-roll drums. In your picture there are some lines on the ocean side of the hedge hogs; it suggests a regular barbed wire fence 3-4 strands but it might be some other marker or warning area.. You can see in front of the trench some disturbance in the sand but it is not a hasty scrape. The rest of the beach is wind swept. If you check the shovel dump area, the sand is darker, newer. It could be the person is clearing out sand that has blown into the trench or that water is sitting in the bottom of the fighting pit.
2) The boy. This is a picture of the same boy with the medical eye condition. It may not be the exact framing but it is the same boy.
Even though I was able to grab the links, ai/ml might still be working in the background. NYT and Grauniad holding the linkage.
Always interesting what the AI/ML shovels up…. You get grey sky and I get a blue one.
Winter • March 25, 2022 1:41 AM
@Clive
“The attorney was put in an impossible position by his client, and the Judge was likewise put in a very difficult position.”
I read that differently. The client made an effort to mislead the court that he had a medical condition that required him to stay indoors, at home. The judge refrained from saying that the letter from the doctor was a fabrication, but it clearly was. Then the client went to his studio and broadcasted a program life during the very proceedings he was “unable” to attend.
I have zero pity for the attorney as she/he must have been in on the deception/fraud from the start. If the attorney was not in on it, it is worse than corrupt, it is totally incompetence.
Winter • March 25, 2022 1:48 AM
This is the case where Jones refuses to appear. Obviously, because he lost big time.
Alex Jones fails to show again at Sandy Hook suit deposition
ht-tps://www.kwtx.com/2022/03/24/alex-jones-fails-show-again-sandy-hook-suit-deposition/
Ah, the drama of US’ dysfunctional courtrooms.
Winter • March 25, 2022 2:20 AM
Good use of geotargeting 😉
FBI trolls Russian embassy with geotargeted ads for disgruntled spies
ht-tps://arstechnica.com/tech-policy/2022/03/fbi-trolls-russian-embassy-with-geotargeted-ads-for-disgruntled-spies/
In the wake of Russian President Vladimir Putin’s unprovoked invasion of Ukraine, the FBI stepped up its recruiting efforts in the US, hoping to attract Russians who are dissatisfied or disillusioned with the war. People standing in close proximity to the Russian embassy in Washington, DC, can see the ads, which appear in Russian, on Facebook, Twitter, and Google.
…
“It’s a brilliant recruiting strategy because I think there’s probably a lot of folks within the Russian government that are incredibly dissatisfied with Putin’s war, and therefore it’s a great opportunity to see if any of those dissatisfied people could help us understand Putin’s intentions better,” Peter Lapp, a former FBI counterintelligence agent, told the Post.
Winter • March 25, 2022 2:49 AM
The imago of Russia/the Kremlin is not going to improve soon:
US DoJ reveals Russian supply chain attack targeting energy sector
Poisoned SCADA apps could have disrupted power supply – perhaps even at nuclear plants
https://www.theregister.com/2022/03/25/us_indicts_russian_state_hackers/
The trio allegedly spent 2012 to 2014 working on a project code-named “Dragonfly” during which a supply chain attack targeted updates of industrial control systems and supervisory control and data acquisition systems (ICS and SCADA). Legitimate updates to that software were infected with malware named “Havex” that allowed the attackers to create back doors and scan networks for more targets. Over 17,000 devices were infected in the US alone. The indictment states that their efforts gave Russia the chance to “damage such computer systems at a future time of its choosing.”
From 2014 to 2017 the crew moved on to “Dragonfly 2.0” and “transitioned to more targeted compromises that focused on specific energy sector entities and individuals and engineers who worked with ICS/SCADA system.”
I think the worst mistake of Putin, besides bodging the invasion, is to lay down in detail his plans with the EU and NATO members in the East. If you want to rob people, do not advertise that, especially, not ranting about it.
Clive Robinson • March 25, 2022 4:56 AM
@ Bruce and the usual suspects
A new security concern is comming up and you may want to keep a weather-eye open.
It’s no secret that,
1, There is a global silicon chip shortage.
2, Where there are shortages there are opportunities for crooks and such like.
As I’ve mentioned over the past couple of years various events have caused chip manufacture to decrease. In some areas such as analog to digital etc components it’s been almost total on some devices.
But behind these I/O devices there are other devices, such as “System on a Chip”(SoC) and “Micro Controler Units”(MCU).
These do not use the latest nano meter scale designs methods and they tend to be made in second or third line fabs where,
3, Profit margins are very low.
Well this news appears ro be slowely getting more “main stream”,
https://www.theregister.com/2022/03/25/chip_shortage_report/
The result that gets only passing mention at the bottom of the article, is that there is a suply line security hole opening up.
Scarcity has driven delivery times from a couple of weeks through a couple of months and now sufficiently over a year that some are cancelling new design projects all together and nixing features in existing projects as they have to redesign to use inferior parts that are available.
Worse as with all shortages price gouging has started with some products now at five to ten times the price they were just a year or so ago.
Which means that the opportunity to make profit illicitly is very much back on the cards (not that it went away).
Some may remember the RS232 to USB “FTD-Chip” shock, when FTD changed the driver for their chip sent out by MicroSoft, and over night hundreds of thousands if not millions of mice and similar PC products stopped working.
The reason was “Grey Supply Lines” of “knock-offs” of the FTD chips used in millions of PC products.
What was happening was non FTD parts many of them barely functional were made to look like real FTD parts and sold as “recovered stock” and the like so got in the supply chain.
Well due to scarcity and rising prices the “Grey Supply Lines” will be comming on-stream big time.
Whilst “knock-offs” are bad news in their own right as they are often sub-standard. It also opens up a new potential threat vector.
“Grey Supply Cyber-Weapons”
Many “Grey Supply” chips come through China one way or another and it’s probably not missed to many peoples attention that saber rattling and drum banging in the South China seas has been getting worse.
It’s one of the reasons the US Gov has been preasuring the Taiwanese Gov and the Taiwanese high end chip manufacturers to up sticks and mov the fabs to the US (something the Taiwanese are very reluctant to do for several obvious reasons).
Well whilst the Chinese do not have state if the art fabs they do have a lot of second and third line capacity.
Thus the opportunity to inject considerable “Grey Supply” parts into products made and sold all over the world.
Sooner or later some Grey-Supply parts will get found to be deficient or sub-standard, that is to be expected as the FTD Chip incident highlighted.
But it also opens up something rather more insidious. The opportunity to embed “Cyber-Weapons” in the “Grey Supply” chips.
These chips would not be sub-standard, but would have “a little extra within” part of which would be a triggering mechanism.
Whilst “malware” can be a real nasty to deal with, in the main it effects things at the software level where simply doing a full re-install with backups means you can get back functionality within a relatively short time.
Now consider that the malware is as is increasingly happening in the “firmware” level, where the average system owner can not do a re-instal of the operational code…
But take it a little further and consider it’s actually embeded in the chips in a way where very very few you can re-instal operational code, and then only problamatically.
Imagine what would happen if not just computers but smart devices and phones of all kinds stopped working…
The hardest hit Nation would be the US as just one or two “Ransomware” attacks have very much demonstrated in recent times (Colonial for example). The next hardest hit would be First World Nations such as much of Western Europe and also nations that have “jumped over” much of the infrastructure of the last quater of the last century and begining of this –1985-2010 technology– so the Oil Rich etc nations. Many Second and most Third world nations would hardly be hit, if at all.
Back in the 1950’s Issac Asimov started his “Foundation” series of books. In one he has as a plot line a technically sophisticated but not militarily powerful world facing war from a heavily militarized significantly larger population wise, but not as technologically sophisticated coalition of planets. On paper they were going to loose. However they had sold much of their sophisticated technology into the coalition not in military technology but ordinary everyday domestic and commercial technology products.
These products started to fail and the coalition discovered that their military was actually heavily reliant on these failing products, so could not prosecute a war.
In this world in modern times the West is effectively the coalition and China the supplier of all that domestic and commercial products we so heavily rely apon at one or more levels. With a little thought it’s not to difficult to see how China could easily build in a “Big Red Off Switch” into the very heart of the US, Europe, etc with “Grey Supply Cyber-Weaponised” parts.
If of course they have not already done so…
ResearcherZero • March 25, 2022 12:42 PM
@Winter
If you are going to make a mockery of people’s misfortune, in order to profit from it or not, at least show some courage and show up for court.
Even better would be to not do it, especially in front of a microphone.
Joke about Pacific islands threatened by climate change caught on overhead boom mic.
“Mr Abbott, Mr Dutton and Social Services Minister Scott Morrison were waiting in Parliament House for all participants to arrive for a meeting on community assistance…”
Cameras allowed in for the start of the talks were rolling as they chatted.
“Time doesn’t mean anything when… you’re about to have water lapping at your door,”
Mr Abbott again laughed. Mr Morrison pointed out the microphone.
https://www.adelaidenow.com.au/technology/microphone-picks-up-peter-duttons-tasteless-joke/news-story/625456d3a15242327f14f275c87557a4
Prime Minister of Tuvalu Enele Sopoaga has warned Australia that its “Pacific pivot” risks being fatally undermined by its climate change policies ahead of crucial talks in Poland. “They know very well that we will not be happy as a partner, to move forward, unless they are serious.”
https://www.abc.net.au/news/2018-12-04/tuvalu-pm-says-australian-pacific-pivot-undermined-by-emissions/10579424
Mr Morrison and his Pacific counterparts are on Thursday negotiating the final communique from the Pacific Islands Forum, with Australia at odds with smaller nations over the mention of coal and reducing emissions.
Ahead of the final negotiations Tuvalu’s prime minister Enele Sopoaga said it would be “symbolically unfortunate” if Australia waters down the communique while stressing the nation is an important partner of the Pacific.
During negotiations, the prime minister announced $2 million to help the Pacific deal with oil spills and other maritime pollution events.
https://www.sbs.com.au/news/article/scott-morrison-commits-2m-in-pacific-climate-talks/04dne26kj
Five of the Solomon Islands have submerged underwater and six more have experienced a dramatic reduction in shoreline due to man-made climate change, according to a paper published in the journal Environmental Research Letters.
https://www.yahoo.com/gma/five-solomon-islands-disappear-pacific-ocean-result-climate-205505994–abc-news-topstories.html
Pacific island nations have pleaded with wealthy countries to help their people migrate and find work if they are forced to flee their homelands because of the consequences of climate change.
https://www.theguardian.com/environment/2015/oct/14/pacific-nations-beg-for-help-for-islanders-when-calamity-of-climate-change-hits
The prime minister of Tonga was brought to tears over concerns that climate change could lead to the destruction of the Pacific’s seaside communities.
https://www.sbs.com.au/news/article/tongas-prime-minister-reduced-to-tears-over-climate-change-inaction/fe7h4qtb7
An example of how to fail at National Security, while demonstrating a total lack of humanity.
Winter • March 25, 2022 1:18 PM
@ResearcberZero
“If you are going to make a mockery of people’s misfortune, in order to profit from it or not, at least show some courage and show up for court.”
Alex Jones, courage? These concepts seem utterly incompatible to me.
What a world, we live in. We have a comedian who played a president, who became a president and a global hero, a strong man shirtless bear rider that does not dare to sit at a table with others, and a conspiracy fighter who does not dare to sit in a court room to face a few parents.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Leon Theremin • March 18, 2022 4:47 PM
“Protesters turn to tinfoil hats as increasing sickness blamed on Government beaming radiation rays”
hxxps://www.nzherald.co.nz/nz/politics/protesters-turn-to-tinfoil-hats-as-increasing-sickness-blamed-on-government-beaming-radiation-rays/FDCP6NEFJUQWWINL2GXI7OKS6E/
Prompted by this news, someone release a video title “Defeating Microwave Weapons!” demonstrating how microwaves work, how they effect objects within a certain range and how to defend yourself against them.
hxxps://www.youtube.com/watch?v=Lg_aUOSLuRo