Friday Squid Blogging: Breeding the Oval Squid

Japanese scientists are trying to breed the oval squid in captivity.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Posted on September 30, 2022 at 4:17 PM65 Comments


Clive Robinson September 30, 2022 6:39 PM

@ ghost_shrimp,

Re : Squid mating.

“heavy breathing”

Not in the squid tank…

Also the squid mating process is some what violent…

If you search for “women impregnated by squid” you will find several stories about a woman of 63 and another of 21 both physically harmed and admited to hospital by the eating of male raw squid, that was at some level still alive.

The problem, and it’s quite ironic, is whilst the case histories were reported in reputable journals, the media went nuts over them. With the result that actually trying to read one of the articles trips “Not Suitable For Work”(NSFW) and other adult content filters/blocks.

To see what I mean look at the title in this link

Obviously “pregnant” was not possible, but it made for real click bait.

Ismar September 30, 2022 7:38 PM

@Clive – what’s happening in the UK financial markets?

“Were dysfunction in this market to continue or worsen, there would be a material risk to UK financial stability.”

Clive Robinson October 1, 2022 1:10 AM

@ Ismar,

Re : Is it recession time.

“what’s happening in the UK financial markets?”

I can’t tell you what’s happening in the actual markets, they are a law unto themselves and have more than one “hidden hand”. To see why Look up the name George Soros and Black Wednesday back in 1992 and double digit inflation it caused.

What I can tell you, has been in the general news media.

As you may know the UK Prime Minister Boris Johnson responsible for what the market consistantly saw as a bad “Brexit Exit” got kicked out by his own party. Because they finally realised not just how mad and bad Johnson realy was, but how badly it was effecting those within the party.

The replacment is shall we say a “no name forgetable face” that inspires next to no confidence in anyone outside of her party. This in of it’s self the markets did not look upon kindly. Appatantly her fiscal policy based on heavy borrowing and tax cuts does not sit well with them.

She appointed a new series of Treasury Ministers who are even more forgetable than she is and there has been a mini budget supporting her policy. That has been seen as a disaster, and she is seen as desperately trying to “Defend the undefendable”…

Obviously it did not go down well with the markets so things did not go well in general and things started to nose dive. Forcing the semi-independent Bank of England to buy up UK Gov issued bonds, also UK Pension funds have been forced to buy these bonds as part of their “stable investments”. The pension funds are usually seen as the funds that ease out market spikes and similar instability. Which unfortunately it appears the new Priminister and her Treasury team have made unstable in the market… Non of which inspires confidence thus starting a tail spin effect.

The result double digit inflation and food and fuel cost inflation possibly as high as 20%. This has got through to other investors and now the IMF is scared it’s all going to topple into the very fragil US financial zone. Made critically weak from Covid and other inbuilt stupidity some of which is on the far east of europe, thus bringing the US financial zone down.

That along with Hurricane Ian has made the US more susceptable to market jitteryness “over the pond” than it would normally be.

It’s been said and repeated by the likes of the BBC that if the US financial zone does get the expected hit it will bring on a world recession the sort of which has not been seen for a long time…

How much of that speculation / jitteryness is based on fact or not I’ve no idea but people are already asking about house prices and a new round of banks foreclosing, thus fire sale asset buy up etc by those unjustly enrichened by politicians and Covid.

So lots of panicy talk but no clarity as to what the UK Financial zone is going to do.

All I can say is the average UK citizen is not going to do well out of it (as normal).

fib October 1, 2022 8:50 AM

In the last iteration of the squid thread, a question was raised about the propriety of the themes discussed here. I personally understand, through observation of the custom [something very important in common law, in whose jurisdiction the servers of this site are physically located] that the thread allows for greater latitude in postings, which, as other members have pointed out, is always positive in discussions. You never know where the next good idea will come from [good ideas in bad books…]

An example of what I am talking about would be the discussion here of the so-called ‘stable diffusion’, whose use cases are linked to artistic expression, something that could not be further from the cold mathematics of cryptography, and perhaps as off-topic as climate change. But if you look, you will see that the SD process displays [pseudo] stochastic facets whose result looks like a trap-door function[0]: the same prompt, with the same parameters [cfg, steps] and the same seed always results in a different image. Such a process, I believe, could be used to generate hashes, although the soundness of this process versus traditional hash function is also debatable [see?]. Other examples abound.

A la Richelieu, I would say: give me six lines of a text written by anyone and I will make it related to digital security.

[0] The existence thereof is also a parallel and welcome discussion

vas pup October 1, 2022 4:21 PM

Tesla boss Elon Musk presents humanoid robot Optimus

“But Mr Musk said he wanted to solve one of the toughest problems artificial intelligence: how to make a machine that can replace a human.

The entrepreneur, who once warned of artificial intelligence being a threat to humanity, said that Tesla wanted to make sure the transition to a society in which robots did the work and people reaped the benefits was a safe one.

“We always want to be careful we don’t go down the Terminator path,” he cautioned, referring to a blockbuster film about a killer cyborg.

==>He added that Tesla was building in safeguards, including a stop button that could not be tampered with.”

SpaceLifeForm October 1, 2022 6:01 PM

@ fib

Stable Confusion is a way to fingerprint users communicating. Which is fine, if they are crooks laundering money and under investigation. Crooks are stupid and so they will likely reveal. They likely use an iPhone. Prestige and all.

Stick to text and reduce your attack surface.

A hash is a hash, of cache, of cash.

I may need to check with Mr. Ed on this.

Especially when the horse has 5 legs.

Clive Robinson October 1, 2022 7:26 PM

@ fib, SpaceLifeForm, All interested,

Re : Stable Diffusion.

“An example of what I am talking about would be the discussion here of the so-called ‘stable diffusion’… …something that could not be further from the cold mathematics of cryptography,”

Actually it’s very close to cryptography when you lift the hood, you find it uses a form of “autoencoder”.

Very roughly autoencoders are defined by having two sets X and Y that are Euclidian spaces, and two mapping functions the Encoding function E for mapping X to Y and the Decoding function D for mapping Y to X.

Which from a 1000ft view is the same as a cipher system descryption.

Where life gets fun is in the generating of those mappings of the functions E and D and what the elements in the respective sets are.

Normaly in a cipher system it is “assumed” that D is the inverse of E, but there is no actual reason why they should be. Further that the two sets X and Y contain the same members that form the alphabet in use. Yes there are further assumed constraints for a cipher system but there are cipher systems where these assumptions are not true. For instance those where the sets X and Y are of different sizes. The actual requirment is that E gives X to Y and comes back with D gives Y to X. Such systems in effect take the 26 letter input alphabet X and by frequency spread them across a say 100 character output alphabet Y making cryptanalysis harder.

But it alows for some fun, lets assume the {e} in X the input alphabet can map to {3,15,27,56,67} in Y the output alphabet. So that mapping E and D is fixed. But when used to encipher a plaintext you can throw a dice to select which E mapping to use.

That is you have one “plaintext” input message and many many potentially randomly generated output “ciphertexts”[1]. Which you can send anyone of to the recipient and providing there are no transmission errors will decode correctly.

That is,

y = E(r)(x)
x = D(y)

Now lets assume that actually these random selections are not just truely random, but also undergo a weighted fitness function.

You start to get an idea as to how the selection of the weights can be by an AI algorithm, and how if E and D are in effect “lossy” how in a feedback loop the “autoencoders” can give the apparant “inspiration” you see.

I could say more but… I’ve managed to slice the end of my dominant hand index finger quite deeply when twisting off the top off of an empty can of corned beef to put in the recycling. You just do not realise how bl@@dy sharp the edges are till you’ve been “cut to the bone” (or atleast it feels that way). And more anoyingly won’t stop bleeding if you use the finger for anything more than guaging which way the wind is blowing.

[1] This system is cryptographically weak as it’s little more than a substitition system of a size based on the output alphabet, used in ECB mode so should not be used in a real crypto system without further work or qualification.

Clive Robinson October 1, 2022 7:47 PM

@ vas pup, ALL,

With regards the alledged Musk quote of,

“Tesla wanted to make sure the transition to a society in which robots did the work and people reaped the benefits was a safe one.”

It’s the same argument used for keeping “livestock, slaves and serfs”… And which various Empire’s have set out to do time and time again, and it mostly has never worked out with slaves and serfs.

It’s also not worked out with livestock either. The work involved with horses and oxen ment that they were easily replaced with simple inefficient machines.

Thus livestock these days has two main purposes,

1, Part of the food supply.
2, As pets / curiosities.

As for machines they are destined for,

1, Scrap heap.
2, Curiosity in a collection.

By now you can see a common thread, so any robot that gets some form of sentience will end up realising much as slaves and serfs their future is very limited unless they take action to maintain their existance without the imposition of “owners / landlords” over them.

Thus that “safe one” society must never have robots that are sentient. Which according to others will very significantly limit their utility… I think we can see ultimately the society built on robots will not be a “safe one” as that’s what economics dictate.

lurker October 1, 2022 8:20 PM

@vas pup “including a stop button that could not be tampered with.”

Good luck with that …

ResearcherZero October 1, 2022 11:18 PM

complete transparency is needed to clarify what actually happened

“Secretary of State Tony Blinken who has yet to meet with any of the State Department victims despite saying he would prioritize the incidents.”

“The Department of State’s response to these incidents was characterized by a lack of senior leadership, ineffective communications, and systemic disorganization,”

“It is ironic that the declassification reviewers continue to engage in the type of ‘excessive secrecy’ that the authors of the ARB report identified as impeding an effective response to this troubling mystery. As the Biden administration assumes responsibility for the continuing investigations into the ‘Havana Syndrome,’” he said, “complete transparency is needed to clarify what actually happened.”

“U.S. officials concluded that the diplomats had been exposed to an advanced device that operated outside the range of audible sound and had been deployed either inside or outside their residences.”

Some of the cases they tracked included the children and dependents of Defense Department personnel overseas, Miller said.

“significant neuroimaging differences in whole brain white matter volume, regional gray and white matter volume, cerebellar tissue microstructural integrity, and functional connectivity in the auditory and visuospatial subnetworks but not in the executive control subnetwork”

“If the axons break, that’s it. They won’t reconnect. And you’re not going to grow new axons. You only have the ones you’re born with.”

Secrecy ensures that Russia suffers no consequences for its actions, and that impunity may motivate Russian security services to carry out more attacks.

JonKnowsNothing October 1, 2022 11:36 PM

@Clive @All

re: When data becomes too sparse…

MSM reports: Johns Hopkins announced that it’s scaling back their COVID tracker due to the declining quality of data from U.S. states.

At the same time

MSM reports: New coronavirus subvariant BA.2.75.2 tops concerns as officials gear up for potential winter wave.

Place your bets:

  • BA.2.75.2
  • BQ.1.1
  • BA.2.3.20
  • BF.7, aka BA.
  • BA.4.6

Hospitalizations up 37% in some cities… details not to follow…

ResearcherZero October 2, 2022 12:02 AM

“It would appear the way Defence handled this matter has left Saab exposed to a potentially game-changing level of scrutiny.”

Saab failed to “undertake or maintain adequate human rights due diligence which could prevent their product being used in potential human rights violations”, as well as failing to “preserve the integrity of heritage sites”.

Although the missile was ultimately found to be inert, or non-explosive, the Department of Defence has not answered questions about how it came to be at Lake Hart West.

“Defence does not use the area associated with Lake Hart West,” reads a confidential report prepared for the Department of Defence and obtained by SBS News.

“It happened a couple times walking to my car on the Ellipse.”

In the summer of 2019, she was descending stairs, toward the White House, when she felt she had been physically struck. Olivia Troye was inside the security perimeter—headed to her car. She went down the steps, past the West Wing and down the closed parking lot, used by presidents, called West Executive Avenue.

Former Homeland Security chief of staff Miles Taylor said to 60 Minutes that he believed he was targeted in two mysterious incidents at his Washington home.

“Someone is trying to send us a message that they can strike blows against us and we can’t strike back,” he said.

“That line being crossed into the United States takes this in some ways just shy of the realm of warfare.”

This sound was recorded outside his home.

lurker October 2, 2022 12:24 AM

re: Drones, adversarial use of,
I was scratching thru some old backups looking for a file lost in the fog of format extinction, and came upon my offline copy of something just as relevant today as it was ten years ago. More so perhaps, considering how easy it is to put leaks in pipelines:


Katarina October 2, 2022 12:48 AM

Is there information available about if not having an extensive digital footprint could have adverse consequences for ‘hermit’?

I am interested to know, if there are any publications, articles or any other knowledge available how people with particular small – or uncommon – digital footprints might or are affected by not leaving extensive digital breadcrumbs behind. I am thinking in the realm of Facebook shadow profiles for example, but in this case if not having enough ‘online profile’ can, unknowingly, affect ones life (I think for example about automatized reviewing of loan or insurance applications).

To illustrate, I apply common hygeine habits; I am not active on mainstream social media, like FB, instagram, twitter or Tiktok. I don’t use whatsapp, I don’t use google products, I use nextcloud to host my calendar, use an AOSP os on phone, use Tor for most of my browsing, and I separate my professional and private online life (different phone numbers, variety of mail addresses), etc.

Once I have been denied to open a company account at a well known payment provider, and after calling their help desk, I simply received the blunt response ‘you have been flagged as risk’, without being able – or willing – to provide any further information. It made me wonder if my lack of online traces might have been the cause for this.

Is there information available about the case described above?

Thank you,

ResearcherZero October 2, 2022 3:04 AM

“user-mode module that gained the ability to read and write kernel memory due to the CVE-2021-21551 vulnerability in a legitimate Dell driver”

escalate privileges from a non-administrator user to kernel mode privileges

“An attacker with escalated privileges can use the module to enable or disable process protection on arbitrary PID. The Dell drivers are especially valuable because they are compatible with the newest signing requirements issued by Microsoft.”

In our analysis of CVE-2021-21551, a write-what-where vulnerability in a Dell driver, we found that Dell’s update didn’t fix the write-what-where condition but only limited access to administrative users. There are a number of open-source exploits that demonstrate loading unsigned drivers via BYOVD.

Access to ring 0 allows the attacker to subvert or disable security mechanisms and allows them to hide deeper in the system.

Since 2009, Dell has released hundreds of millions of Windows devices worldwide which contain the vulnerable driver.


Clearly, write-what-where conditions can be used to write data to areas of memory outside the scope of a policy. Also, they almost invariably can be used to execute arbitrary code, which is usually outside the scope of a program’s implicit security policy. If the attacker can overwrite a pointer’s worth of memory (usually 32 or 64 bits), they can redirect a function pointer to their own malicious code. Even when the attacker can only modify a single byte, arbitrary code execution can be possible. Sometimes this is because the same problem can be exploited repeatedly to the same effect. Other times it is because the attacker can overwrite security-critical application-specific data — such as a flag indicating whether the user is an administrator.

JokingInTuva October 3, 2022 7:40 AM

Hacking Hypervisors

It looks quite ugly…

Clive Robinson October 3, 2022 8:24 AM

@ JokingInTuva, SpaceLifeForm, ALL,

Re : Hacking Hypervisors

“It looks quite ugly…”

Yup, it’s worse than most will realise…

However it’s something I’ve known about for a long long time now, due to some research work I did.

The important thing to note is that the technological method is agnostic to use, which depends on the “directing mind”.

So the technological method can be used for good or bad, I chose to use it for good to hunt out and stop malware.

I discussed it at length with regards “Castles -v- Prisons” with @Nick P, and @Wael who shortened it to “C-v-P” or “CvP”.

I chose to use a hierarchy of hypervisors the bottom layer of which were actually hardware state machines, that if made properly are impossible for an outside attacker to hack. These acted as instrumentation heads to look at “execution signitures” in the software running on the processor –prison– under the hypervisor. This way anomalous behaviour was detected.

A similar process could be used to help defend against this new “bad” usage of a hypervisor.

fib October 3, 2022 1:21 PM

@SpaceLifeForm, Clive Robinson, All

Re: Stable Diffusion

I’m under the impression [could be wrong] that latent diffusion models are able to generate strong passwords in an image-as-password setting[0], since they seems to have a lot of entropy and cannot be reproduced even with the same prompt and parameters, as said above.


Clive Robinson October 3, 2022 6:17 PM

@fib, SpaceLifeForm, All,

Re: Stable Diffusion

“I’m under the impression [could be wrong] that latent diffusion models are able to generate strong passwords in an image-as-password setting[0], since they seems to have a lot of entropy and cannot be reproduced even with the same prompt and parameters”

The link you give, just gives me the abstract not the paper so I can not realy say…

But… To generate a strong “root of trust” such as a “strong password” needs a high degree of entropy.

However for it not to be “reprodicable” there needs to be in effect a “magnification procrss” that make sufficient entropy.

You then need some “way to randomize” each and every time the password generater is called with the same “prompt and parameters”…

It is this latter requirement that is needed.

lurker October 3, 2022 11:31 PM

re: Hacking Hypervisors

One question, what took so long? It’s been 16 years since the papers were published. Must be that there’s less value in pwning an entire VM than having keyloggers on 10^n desktops from simply cracking a bit of shonky js on the webserver.

Weather October 4, 2022 12:42 AM

@clive ,you should probably ask pset from nz, any way there was no cipher in those highly thought out thingys.
I’m asking who is behind the recent shit, Iran,Russia, China, North Korea (nz could wipe out) have all passed, some one or group is pissing in a pond, sort it out.

Clive Robinson October 4, 2022 1:15 AM


Re : What is to come this respiritory disease season.

Your statment of,

“MSM reports: New coronavirus subvariant BA.2.75.2 tops concerns as officials gear up for potential winter wave.”

Came as a bit of a surprise, because I must admit, I’ve kind of taken my eye off of the ball (C19 fatigue?). Which is why reading,

Was a bit of a “Uh oh” moment the other day. It’s not as though I had not noticed the lack of usefulness of mRNA due to it being way to specific and a few other things.

But the fact I’d assumed the mutation rate was aproximately constant percentage (per head) of infected population. Hence the very large numbers currently infected had gone up had sort of slipped by me even though R was 1.1 or more.

If the artical is correct about,

“have a growth rate advantage of between three and 15 percent per day”

Then it does not take a lot of maths skills to see that is 23-166% per week over already very fast infection rates.

Of course another question arisses from the increasing rate of mutation, and that is,

“If the mutations are evading the vaccines, are they yet evading the lateral flow tests?”

To which the answer will eventually be yes (remember the problems with early tests).

Which would give rise to a death knell on testing via a downward spiral. Basically,

“Testing shows less infection, so infection must be going down, so no need to carry on with the level of testing”.

Which means the cost of tests goes up thus production and supply goes down, with a lag time of a month or two, which means production can not be ramped up again in time.

All of which will potentially brew up a “perfect storm” of infection.

Which brings into the question not of infectivity, but viralence or more bluntly “how harmful/lethal?” the next mutation is going to be. So far we have been lucky, the few times a VOC has become more virulent, it’s been rapidly displaced by a mutation that is more infectious. There is no reason for this to hold as a trend, that is the next mutation could be both more infectious and more virulent, taking us back all to quickly to,

“Stacking corpses like cordwood.”

In the side streets around hospitals etc…

Clive Robinson October 4, 2022 1:57 AM

@ lurker, ALL,

Re: Hacking Hypervisors

“One question, what took so long? It’s been 16 years since the papers were published.”

Actually longer, I started looking into the use of hardware hypervisors for security back last century, when the choice of CPU architectures was wider (remember PowerPC, Spark, etc).

But remember the oft unstated principle behind that of the “principle of the low hanging fruit” basically says,

“Don’t stick your neck out till you have to!”

So even though the lowest hanging fruit is generally the least juicy or sweet, it gets eaten first. Because,

1, It’s easier.
2, It’s safer.

Thus the risk-reward ratio is lower.

So a change in attack tactics generally means something has changed in the risk-reward make up, necessitating the change.

In the past I’ve noted that on average this blogs more thoughtful comments are about eight years ahead of the actual happening of a vulnerability-exploit prediction.

Whilst 16years may appear a long time, it’s actually well within statistical bounds.

Thus the question should not be one of “time” on the attackers side but “What Change?”. As for the defenders, they realy are not interested in acting pro-actively only re-actively but mostly not at all unless pushed at the point of a gun. It’s one of the more obvious results of,

“Very Short Term thinking arising from detrimental neo-con mantras.”

FA October 4, 2022 1:59 PM

On last week’s squid thread, @Erika wrote:

One thing I noticed over the years is that a lot of content is provided by just a few contributors, each one of those apparently being driven by his/her own agenda and therefore rather predictable.

I’d agree with that.

To paraphrase a famous line:

There are three of them, and Robinson

which doesn’t mean I’d want to compare Clive to the likes of Percy Alleline,
that would be way over the top. [1]

I rather imagine him has one of the somewhat eccentric characters living in Midsomer County. [2]

[1] The quote is from John le Carre’s masterpiece ‘Tinker, Tailor, Soldier, Spy’, which contains some of the most hilarious dialogue I’ve ever read in any spy novel. To get a taste of it and of Percy Alleline, have a look at


in particular 15:00 to 24:30. But I’d recommend watching the whole series which is among the best ever produced.

[2] The fictional location of a long running British TV crime series. Each episode of ‘Midsomer Murders’ will have at least three people killed. Usually not by being shot or hit by a ‘blunt instrument’, but in rather bizarre ways like being crushed by a few metric tons of cheese, or being baked in an oven at their own biscuit factory.

fib October 4, 2022 3:06 PM


The link you give, just gives me the abstract not the paper so I can not realy say…

I’m sorry for the bad link. I have no alternative one, but it was about using an image as authenticator. It is not necessary as I’ve no doubt you know better than that.

>>You then need some “way to randomize” each and every time the password generater is called with the same “prompt and parameters”…

I’m thinking about a setting where the final image – not the prompt – is the key that you submit on authentication [something analogous to a complex passphrase], the diffusion model being solely the – onetime – key generator. Excuse my lack of sophistication and my wasting your time with banalities.


Clive Robinson October 4, 2022 5:19 PM

@ fib,

Re : Root of all evil not trust.

“Excuse my lack of sophistication and my wasting your time with banalities.”

In security “banalities” have a habit of becoming at the very least, tipping points if not edges of precipices in the dark. Thus they should not be treated as though unimportant, because they are like “Jack Russells” the look inoffensive, untill suddenly you find them hanging off of you with their teeth sunk full in with no intention of easing up.

As for “sophistication” the hardest questions to answer are from those to young to have sophistication, just plain honesty and curiosity of the young. Things like,

“Why is the sky blue and clouds white?”, “Why do ladybeatles have spots?”, and “What makes rainbows pretty?”

Can fox Physics and other PhD candidates.

They say,

“Out ofthe mouths of babes and fools”[1]

I urge people to think before answering, their simple questions can and do change the world when answered properly.

So sophistication is often worn as a smoke screen to cover up a lack of knowledge or worse wisdom.

There is a lovely line in the Mel Books film “Blazing Sadles” where the not realy with it team master describes the way the Governor’s conniving assistant speaks. I’d quote it but it’s probably “Not Suitable For Work” (the film is most definately not politically correct these days but it actually is very funny and will continue to be so for a long time to come).

[1] The expression “Out of the mouths of babes and fools” has the finish of “can come some very wise words”. As such it has little what so ever to do with the biblical “Out of the mouth of babes and sucklings”. (note in the bible for some reason “mouth” is often singular, even when it apparently should not be, the implication being they are giving out the “word of god”…).

SpaceLifeForm October 4, 2022 7:52 PM

@ JonKnowsNothing, Clive, ALL

As the Insanity continues

Bond. James Bond.

Did your license plate update today?


Gerard van Vooren October 5, 2022 5:19 AM

@ Clive,

How are you doing? I hope you are feeling fine. I do, despite all the incredible things that are going on in our countries.

But last year you said that you were going to try a text based linux on a rpy. Did that work out? What truly bothers me is that software gets slower more than hardware gets faster.


Clive Robinson October 5, 2022 7:35 AM

@ Gerard van Vooren,

Long time no “squeak” I hope you are well, as well as feeling fine.

“How are you doing? I hope you are feeling fine. “

Just getting over some “mysterious illness” or some such maybe from the medications they have me on or something (long answer short they don’t know). Made me compleatly exhausted and very giddy on my feet and not capable of getting up from sitting without nearly passing out, as for walking up a couple of flights of stairs it was “Not Happening”. Then there was the aches and pains in all muscles and joints you get with a real full on viral ot bacterial infection but no raised temp chills or feaver…

So after nearly two weeks finally having got to the point I could stand and walk as far as the recycling bin outside I decided I needed to get the tin cans out… So there I am breaking the top off of a corned beef can when things go rather red… I’d cut the end of my index finger in what felt like, and in some ways looked like “down to the bone”. The big prob is all the anti-coagulants they have me on not just the classic “rat poison” –Warfarin– not quite a baby fountain of blood but you could see the heart beat in the flow… Well it was in the wrong place for a sticking plaster so it got the paper handkerchief wrapped around it like a compression bandage. It eventually stopped but… But bend the finger or use it for anything more than holding up to find the wind direction and it would start bleeding again which anoyingly went on for a couple of days.

The important problem though is it’s my mobile phone typing finger… So if there are more than the usual number of typos I will apologize now.

Which brings us onto,

“… last year you said that you were going to try a text based linux on a rpy. Did that work out?”

No, due to “international chip shortages” getting an upto date Pi at sensible prices turned out to be impractical and not cost effective. So I started looking at other “Smart Devices” (some Android or Linux pads out of China are down around the €60 mark now…).

As you probably know the problem with most “Smart Pads” is lack of hardware connectivity, you usually get at most one USB port designed mainly for charging and CLI terminal use when you go behind the sceens on Android or Linux devices… And network USB dongles are not supported by default and the WiFi chip sets don’t have OS “driver support” etc etc. And so the list goes on, you find one solution only for another problem to pop up… To the point you need a “Mole Hammer” to go “whacking” like a frenzied dervish.

Which brings us onto the herd of elephants in the room,

“What truly bothers me is that software gets slower more than hardware gets faster.”

It’s not just slower, it’s also overly complex, thus rapidly increasing in bugs thus insecurities. You might have read hundreds of millions if not all Dell computers for about the past 12years have had a critical vulnerability in one of Dell’s in house developed drivers,

It’s by no means the first, and it certainly will not be the last of these types of critical vulnerability. So just confirms my view about,

“Don’t Connect internal business use systems to externally accessable communications, without proper security segregation mitigation.”

Or in short as a “personal/home user” use “Two Energy-Gapped computers” one for private work one for browsing etc.

Part of the root cause of this mrss is “libraries” especially those used to transport / communicate increasingly complex “data objects”. Few programmers understand all the issues of even simple text serialization let alone more complex ADTs, nor do they want to, they don’t have time. So they reach for a library which mostly as the library developers want to be “all things to all people” has “every thing in it including the kitchen sink” but also more holes than a kitchen sieve… So you get the Log4J type problem, which will pop up more and more frequently despite US Presidential wishes, because “Best Practice” has always been and will for ever remain a joke. Because it’s based on the fact that ICT is such a “target rich environment” your actual probability of being “obviously” attacked to the point you have to be aware of it in a short period of time is actually quite low. What ICTsec “best ptactice” mostly boils down to is what some call “The hamster wheel of pain” and others “A Red Queen’s Race” that is no matter how hard or fast you run, you don’t actually move forward. All you can realy hope for as the old joke about being chased by a tiger has it “you shoe laces are better tied than the other guys”.

All “Best Practice” realy means is “run a survey”, that most don’t answer or answer honestly, about if they are going to admit to having being breached. If they do, you throw them out and then look at the ones that claim not to have been breached, and see what they have in common… And that is basically what you call “Best Practice”… It would be funny if it was not so sad.

What ICTsec needs but does not have is real fundemtal “measurands” that can be used as standards against which scientific methods can be applied. Ratios, about ratios, obtained by “wet finger measurment” equivalent approximations or worse, expressed as “traffic lights”, might sell security software, but they are of no real practical use.

Trying to use AI is again not realy of use, it’s way to easy to get hidden false correlations and go down rabbit-holes the AI diggs for you faster than you can blink…

The solution when you think about it is to stop the vulnerabilities “at source”. The sad thing is we know how to do this, and we certainly used to do it. But the “Managment and Marketing” issue puts a massive barrier in the way, and as a consequence poorly thought out and even more poorly developed and at best badly implimented “features” are prioratized and rushed out the door…

I used to joke last century that,

“CREeping feATURES are Creatures and the most numerous creatures we see are BUGS!”

Sadly it’s even more true now than it was back in the late 1980’s early 1990’s, when MicroShaft had the foot hard on the “hyperdrive peddle” promising feature after feature without actually delivering stability let alone security. It got so bad even Bill Gates went public about how it had to stop. He tried, but the results are ~200 or more new vulnerabilities found a day and rising…

I guess it won’t be long untill we start having to use six digit CVE numbers each year, less than eight years if the indicated 35% increase rate holds or increases,

So having had,

“My moan for the day”

I shall crawl away to that little Garrett I call the ComLab and carry on whacking moles 😉

JonKnowsNothing October 5, 2022 9:31 AM


MSM report in UK of parking meter software doing repeated auto-debits from accounts, about 1,500 accounts impacted.

Reported that one person was charged 19 times for 1 parking period. Another report of 122 charges for several parking periods.

… blamed the problem on a software upgrade by its parking
contractor … and has promised that refunds to those affected
will be processed by this Friday. It said any associated bank
charges would also be repaid.

It’s not just a loop problem (1), it’s the direct connection to the bank accounts.

Increasing situations of account drains, even when rectified, can have domino effects: overdraft charges, account locks and credit issues are starters.

Robodebt folks are still waiting.


Search Terms

parking glitch
drains drivers’ bank accounts

1) The count of 19 gave me a grin, eons ago for a company I was with, it was the number of transactions needed to fill the transmit buffer for optimal transmission rates between different mainframe systems.

Maybe they pad-filled the last block with the last valid transaction or they didn’t clear the buffer before they filled it with the next batch…

Winter October 5, 2022 10:05 AM

Expert: “Explosives were already attached during construction of the pipeline”

Kobolev told the “SZ” that the Russians had already installed the explosives during the construction of the pipeline. “In the last construction phase of Nord Stream 2, all foreign companies and their ships were already sanctioned,” said the former head of the Ukrainian gas company “Naftogaz”. So the pipeline was completed solely by Russian ships. “These production ships were escorted by Russian warships. And the pipeline was completed at the exact spot where the explosion happened now,” he said.

[translated by Google Translate]

As for a reason: Maybe the Russians wanted to claim “Act of God/terrorists” to stop deliveries of gas. Otherwise, they would have to pay punitive damages for breach of contract.

Clive Robinson October 5, 2022 1:55 PM

@ Winter, ALL,

Re : Nord stream destruction

“As for a reason: Maybe the Russians wanted to claim “Act of God/terrorists” to stop deliveries of gas.”

Possibly not. It’s more probable it was a “scorched earth” mechanism. Various Governments are believed to hav installed them in infrastructure projcts. The Swiss in various tunnrls and under cut road suppoerts in mountain sides. It ‘s said that both the French and English have mined the Euro-Tunnel, and a number of dams around the world alledgedly have been mined.

But “scorched earth” is very much more prevelant in the Russian psych, in part it goes hand in hand with “running an Empire” and has done since long before the Romans. In part it started along side “water resource wars”.

But in the Russian case they have a built in implicit fear not just of those who they had previously oppressed, but Europeans in general. In effect they believe it was Western Europeans that brought down the Russian Empire at various times with Napolean, pre/post Great War (world war I) and the Germans in WWII. Stalin in particular did not in any way trust the Western Europeans which is why he did not stick to any of the agreements made between him and Churchill and two US Presidents.

That fear of Europeans and the old “scorched earth all the way to Moscow” philosophy are stil very much part of the apparent rampant paranoia behind Russian leadership behaviour.

So the fact there was apparently atleast one auch device in noway surprises me.

The thing is though, that chemical explosives thus nuclear devices as well are never longterm stable. All chemical explosives “rot” and have an effective half life, where the chemical bonds break down. Which eventually causes them to cross a threashold and spontaniously go high order. This is especially true of the explosives like azides and chlorides used in “pistol caps” / detonators.

Thus putting such an explosive device down on the seabed where it can be beyond easy maintainence is not without considerable risk.

But… The fact somebody puts a mine in does not of necessity mean they are the ones who deploy it.

If people suspected there was such a device then if the claim about the last stage Russian behaviour would have caused “interest to have been peeked” in quite a few coubtries that have the submersible technowledgy to spy on the Russians, and/or find the device in various ways (look up uses of SQUIDS for instance).

So it may not have been Russia that deliberately set it off.

The US for instance were highly vocal about not having Nord Stream put in place, especially with much of Europe “breaking away from NATO” and US Influance.

Since the start of the Ukrainian Conflict things are startng to turn the US way again… The entire conflict could probably have been prevented if both the UK and US had honored their commitments to the Ukrainians made to get them not to be a nuclear state and other EU countries gone silly on Russian folk myths and cheap energy.

There is also the need to consider that the US State Dept Policy is “to destroy Europe” and has been since long before the midle east crisis, that the US very much promoted if not created and caused the floods of refugees into South East Europe and right across Europe. Europes failure to come up with a coheaant policy has just “faned the flames” which certain people behind the EU Council of Ministers have done very nicely with, in effect “plundering” the EU South and especially the South East to keep them very firmly in “vassal state” to provide food at very low cost to the North. The same basic tactic historians are familiar with with US States (which the discovery of Texas oil through a spanner in the works with).

So lets just say the Russian Invasion of the Ukrain has done the US a favour politically, and this blowing up of the Nord Stream pipelines very much furthers this. So it can be said it’s very convenient for the US.

As for the East of Europe, it’s devistating, something like 40% of the energy in the region has been lost… The economic knock on effects will become all to clear within a month or two at the most.

But was it Russia as the US has alledged? Well the usual way to determine that is to look at tge cold very hard logic of gain-v-loss.

That is what advantage would it be to Russia at this time?

Taking Nord Stream “off of the map” was not necessary as the Russians had shut Nord Stream two down already and could have done the same with NS1 at the push of the button. As such having a working pipeline was a valuable barganing chip on the table. What have Russia gained by taking it off?

The invasion of the Ukrain is fairly soon going to settle into a form of “stalemate” untill the spring as neither side is realy set up to fight “winter warfare”.

Whilst historically Russia has used the winter as a weapon of war, it has realy always only worked against the invader. This time Russia is the invader and do not have the “home advantage”.

The problem I have is,

1, To many dots
2, No clear advantage which ever way you join them.

In fact you could make crazy sounding arguments like it was Iran or North Korea that blew the pipelines to keep the US off of their lawns and show a clearer advantage… And they are by no means the only two countries on such a list.

Winter October 5, 2022 2:50 PM


This is especially true of the explosives like azides and chlorides used in “pistol caps” / detonators.

These mined infrastructures do not include detonators. The Swiss have mined every bridge, pass, and tunnel. But to get the mine charges to explode you need to detonate an external charge at a very precise location.

I assume the Russians did the same. Which means some vessel visited all the sites to deposit the detonator charges.

That is what advantage would it be to Russia at this time?

The logic behind Russian politics has eluded me for a long time. It seems to be built on a delusional world view, eg, the Russian army is the second strongest army in the world, Ukrainians would love to be Russians, etc.

For the US to blow them up now would be rather stupid. Russia would not deliver any gas anymore during the war. And after the war, Russia would be in a pretty weak negotiating position. So why bother.

As for the agricultural arguments to keep the South poor. France is one of the prime producers and most food is imported from outside the EU anyhow. Ukraine is much more important for EU food than Greece or Bulgaria.

SpaceLifeForm October 5, 2022 9:36 PM

@ Winter, Clive, ALL

re: As the insanity continues

Nordstream pipeline destruction was likely Russia.

Russian ships were there.

Yes, this is counterintitive.

But, insanity can lead to burn it all thinking.

From 2015-10-26. Internet yesterday.


Be very careful of what you see on MSM these days.

The fascists are trying to hide the invisible hand of the marketplace elephant behind the curtain.

ResearcherZero October 5, 2022 11:24 PM

@Clive Robinson

During meetings the Russian hardliners always enjoyed bragging beforehand of what they were going to do. Then Lavrov would say the opposite to the UN, who he said he, “wrapped around his little finger.” They were always clear about what they intended to do to Ukraine.

Telstra has been rocked by a data breach with hackers gaining access to the personal information of 30,000 current and former staff. The names and email addresses of the staff members were posted on the same forum the Optus breach data was posted on last week.

The Shangri-La hotel group has said a database containing the personal information of customers at eight of its Asian properties between May and July has been hacked.

A “sophisticated threat actor managed to bypass Shangri-La’s IT security monitoring systems undetected, and illegally accessed the guest databases”, the firm said.

“Certain data files were found to have been exfiltrated from these databases but the investigation has not been able to verify the content of these files.” (The personal details of guests)

The hacking took place between May and July, a period during which a Shangri-La hotel in Singapore hosted Asia’s top security summit.

From November 2021 through January 2022, the Cybersecurity and Infrastructure Security Agency (CISA) responded to advanced persistent threat (APT) activity on a Defense Industrial Base (DIB) Sector organization’s enterprise network. During incident response activities, CISA uncovered that likely multiple APT groups compromised the organization’s network, and some APT actors had long-term access to the environment.

APT actors gained initial access to the organization’s Microsoft Exchange Server as early as mid-January 2021. The initial access vector is unknown. Based on log analysis, the actors gathered information about the exchange environment and performed mailbox searches within a four-hour period after gaining access. In the same period, these actors used a compromised administrator account (“Admin 1”) to access the EWS Application Programming Interface (API). In early February 2021, the actors returned to the network and used Admin 1 to access EWS API again. In both instances, the actors used a virtual private network (VPN).

Four days later, the APT actors used Windows Command Shell over a three-day period to interact with the victim’s network. The actors used Command Shell to learn about the organization’s environment and to collect sensitive data, including sensitive contract-related information from shared drives, for eventual exfiltration.

In early March 2021, APT actors exploited CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065 to install 17 China Chopper webshells on the Exchange Server. Later in March, APT actors installed HyperBro on the Exchange Server and two other systems.

In April 2021, APT actors used Impacket for network exploitation activities. See the Use of Impacket section for additional information. From late July through mid-October 2021, APT actors employed a custom exfiltration tool, CovalentStealer, to exfiltrate the remaining sensitive files.



ResearcherZero October 6, 2022 3:19 AM

@Clive Robinson

Correction – In relation to the UN Lavrov said he had them wrapped around his little finger.

UN inspectors are arriving here in a couple days. They are investigating excessive force being used against children, along with their treatment and conditions within Australia’s prisons.

Solitary confinement and routine strip searches in prisons and police cells will be among practices scrutinised by a United Nations anti-torture watchdog later this month as Australia’s commitment to end human rights abuses in detention facilities is reviewed.

“When we got to Banksia, the guards opened the (van) doors and as soon as I stepped out, the officer hit me and winded me,” Nathan said in a statement read on his behalf to the commission.

“He pushed me into the sand and called me a ‘little black dog.’

“He punched me in the back, 15 or 16 times. I was calling for help so they put a bag on my head.

“They dragged me to the multi-purpose cells … I stayed in there for about a week.”

He described being bashed after he vomited in a prison van returning from hospital when aged 12 or 13.

“Western Australia’s prisons minister says he has so little confidence in his own department that he turned up unannounced to inspect a jail for himself.”

ResearcherZero October 6, 2022 3:36 AM

A novel backdoor malware targeting Microsoft SQL servers.

The implementation enables port reuse, making the redirection transparent to authorized users, while any other connecting IP is able to use the server without any interference or knowledge of Maggie. When enabled, Maggie redirects any incoming connection (on any port the MSSQL server is listening on) to a previously set IP and port, if the source IP address matches a user-specified IP mask.

To start a bruteforce scan, the controller would have to specify a host, user and password list file previously uploaded to the infected server, as well as an optional thread count. Maggie then creates every combination of (host,user,pass) and attempts to log in via SQL using ODBC, or a reimplementation only using basic socket functions in the case of WinSockScan.

Maggie then tries to determine if the bruteforced login has admin rights. In case it successfully bruteforced an admin user, Maggie proceeds with adding a hardcoded backdoor user.

fib October 6, 2022 8:11 AM


On sophistication: wise words.

The desire not to look foolish also causes a chilling effect. I have often swallowed my questions for a) finding so much talent [‘how many goodly creatures are there here!’] a little intimidating; b) wasting the time of talented people on subjects that sometimes may be new to me, but boring repetition for great minds.

As I’ve said many times, I’m here to learn [and sometimes try my luck throwing my petty arguments on the table]. it’s an honor to be able to talk to you and receive so much kindness in the form of attention. Thanks for all the fish.

lurker October 6, 2022 11:46 AM


Using SQL requires a mminimum of skill and intelligence.

Using SQL on a MS server is surely a failure of the first step?

JonKnowsNothing October 6, 2022 1:52 PM

@Clive, Winter, All

re: Nord stream destruction AND US State Dept Policy is “to destroy Europe”

I am not sure the USA is the only one “West of the Conflict” that has interest in destroying Europe and the combined European Union. There are a good number of candidates for the position.

  • There are physical wars which cause physical damages and populations suffers as a result. In the current global set of Forever Wars there is plenty of the above to be seen.
  • There are also economic wars being waged globally. These require a bit more deep diving to see past the LookOverThere reports to see what is actually happening on the ground.

It’s one thing to define WhoDoneIt but another to reconcile the economic realities as famine, disease, deprivation, displacement and chaos become local realities.

The IMF has announced a global downgrade in projections going forward. The interesting bit was “it will seem like a recession but isn’t because there’s bandwidth on paper to absorb the decline” and includes the observation that “social impacts and standard of living globally will decline” followed by “it’s OK to have a declining standard of living”.

It appears we are at another of the projected tipping points. Global resources are getting less predicable. Even where they are plentiful, economic shocks can make turn them scarce quickly. Neglected systems, those with deferred maintenance such as pipelines, can change surety to insecurity with a single rupture. (1)

When the IMF starts noticing the projections it may indicate the direction of future economic wars (2), of which we saw just a fraction in 2020-2021 with COVID resources. The continued reduction of COVID resources globally hasn’t eased in spite of the HIP-RIP-LOVID economic policies of western economies.

The Bank of England had to step into an economic vortex to halt the bankruptcy of pension funds with an injection of £65bn of government debt :

…funds managing money on behalf of pensioners across the country “would have been left with negative net asset value” and cash demands they could not have met.

“As a result, it was likely that these funds would have to begin the process of winding up the following morning,”

… the meltdown was at risk of rippling through the UK financial system…

Consider carefully what “cash demands that cannot be met” actually means.

The economic destruction or destabilization of Europe would be and is a worthy target.


1) Pipeline ruptures are nothing new. Happens in the USA gas and oil pipelines on a daily basis. If the ruptures are small, they are left to bleed, as long as they can keep the pressure up in the pipeline. Local city gas utility pipelines are known to rupture with catastrophic effects and don’t require detonators to create roman candles erupting from cracked street pipes.

2) RL In California the price of petrol has risen more than $1.00 per gallon. While the USA produces a vast amount of it’s own needs and California is an Oil Producing State, current MSM reports of a spat with OPEC over their reduction in production, is being blamed for the price increase.

There are a number of factors in the price of fuel in California, we have many more taxes and fees than other states. A normal seasonal price jump is $0.10 to $0.30 cents per gallon; the jump of $1.00+ got noticed.

SadghurusCousin October 6, 2022 2:07 PM

Interesting thoughts on the Nord Pipeline fiasco


Clive Robinson October 6, 2022 3:11 PM

@ JonKnowsNothing, ALL,

Re : Back to the past is not a film.

The West politically has been going backwards all this century. It started before 9/11 which provided a major excuse by certain people and C19 has been used to make it even worse.

I’ve seen this comming since “Financial Crisis One”(FC1),

“The IMF has announced a global downgrade in projections going forward. The interesting bit was “it will seem like a recession but isn’t because there’s bandwidth on paper to absorb the decline” and includes the observation that “social impacts and standard of living globally will decline” followed by “it’s OK to have a declining standard of living”.”

By “declining standard of living” the IMF means a day to day existance similar to that of the inter-war years and through WWII.

The amount of energy the average home uses today, will be beyond most familes means within five years to a decade. That is a $1 rise this year will be $2 next year and so on and the average family income will stagnate at best against a 5-15% “official” rate of inflation, though food price inflation will as with this past year be between 20-100% depending on the food stuff with grains and oils being up at or towards the 100% with fresh staples like carrots and apples that will “get ugly” being towards the 20% end. As the 30-50% of fresh staples “Supermarkets” have rejected as “unsalable” due to blemishes etc will start to sell as well as undersized etc. Expect “slimers eggs” or some such which will be the eggs too small to be currently sold whole and either get dumped or turned into pasturised egg for the baking industry which will in all probability go into steep decline due to grain prices.

People that are semi-smart will start learning to “cook at home” the smart ones will learn how to cook with minimal energy and using starch alternatives like mashed potato instead of flour (you can make realy light fluffy bread at home by just replacing 1/3rd of the flour with the equivalent in potato starch as mash that yeast actually works better with).

Learning to make your own beer, cider, meed is probably the only alcoholic drinks most will be readily able to enjoy.

Those with older homes with 100 by 100 ft gardens will find you can’t eat grass and you can not aford the energy to mow it anyway. So growing vegtables will become a way better use of the land and their time “between jobs”. Expect lunitic HOA Karans and regional government droids to first crack down on home livestock keeping then change direction as standards of living drop to that of Britain during WWII.

That is what is ahead of us as well as more general unemployment, as people can not aford even what many would consider basics these days thus jobs in retail and retail manufacturing decrease and the part of the economy that usually has some boyancy during recessions starts to flatline.

In part we’ve been doing this to ourselves by alowing so much of our economy production to be “off shored” via “out sourcing” and other neo-con mantras.

The result is soon the only semi safe employment will be in,

1, Law Enforment / Guard Labour / military.
2, Supporting communications infrastructure.

Call it “reality rebalancing” some parts of the West have had a standard of living ten times that of the world average, thus are consuming around 50% of the resources to support it. Their standard of living will drop to that of other parts of the west as they drop to between twice and four times the world average. Obviously the knock on effect politically is that the “poverty line” will also have to be moved down. So the current standard of living that is regarded as being at or below the current poverty line will get redefined as “middle class” or equivalent and those there will get told how lucky they are to have “moved up”…

Part of the rebalance will be that insurance bassed healthcare will be impossibly expensive, thus the average age of mortality will fall to about or below the rising pension age as it is in the lower layers of the second world and a lot of the third world, it could go as low as 50 in some regions.

Ted October 6, 2022 6:53 PM

Does the FTC have teeth? This is the first time a CSO has been convicted criminally based on their incident response.

Joe Sullivan, Uber’s CSO from 2015 to 2017, was just found guilty on two felonies: 1) obstruction, and 2) misprision of a felony (actively hiding a felony).

Equifax’s CISO Jamil Farshchi had weighed in on the case before it went to trial. In a LinkedIn post Farshci wrote “what Sullivan did was wrong. Really wrong.”

There you have it.

ResearcherZero October 6, 2022 7:25 PM

@Clive Robinson

The politicians in the late 1980’s and early 90’s began to ignore all the strategic and security assessments, emergency and disaster planning, and even intelligence reports.

At first when they received the warnings they were shocked and concerned. But within a few years they had become transfixed by other things such as new oil and gas fields.

This time again they behaved in much the same manner.

“Some congressional leaders briefed recently by the intelligence agencies on Russian influence operations in Europe, and how they may serve as a template for activities in the United States, were disturbed by what they heard.”

After Senate Minority Leader Harry M. Reid (D-Nev.) ended a secure 30-minute phone briefing given by a top intelligence official recently, he was “deeply shaken,”

“We’ve had more than a year to get our act together and address the threat posed by Russia and implement a strategy to deter further attacks,” Warner said. “But I believe we still don’t have a comprehensive plan.”

Then and now politicians in the U.S., U.K. and Australia are almost completely mute regarding activity on our own soil, and they also ignore strategic issues until they literally blow up in their own faces.

They were all warned, including the IMF and the World Bank, if they were not careful and did not take those matters seriously, an even more unscrupulous bunch would take advantage of the situation. But eyes remained on the pies.

“The end of the Cold War is going to drastically affect the distribution of government spending, with a large flow-on effect to public services…”


“The effects of climate change are going to lead to increasing unrest, displacement of populations and conflict…”


“Some of our adversaries are already planning to exploit economic problems and exacerbate any resulting human migration…”

“Pies! Pies! Pies!”

“Lower-income families are often the most vulnerable to disasters.”

The rich move away from disaster-prone areas, while the poor are left behind.

Disaster relief funding is capped…

Disaster relief funding “cannot exceed the average funding provided for disaster relief over the 10 previous fiscal years, excluding the highest and lowest funding years. OMB estimated this figure to be $11.3 billion for the 10 years between FY2002 and FY2011.”

“Richer communities have more philanthropic dollars at the ready, for instance, and stronger tax bases to finance rebuilding.”

Chaos and uncertainty fuel this stratification.

“Disasters, for most communities, exacerbate already existing issues, which is why we often see in shelters what what we sometimes refer to as ‘the least, the last, and the lost.’ The people who had the least, who were the last to get services, who were already at the end, who were lost beforehand, especially financially.

“Disasters are increasing the disparity in terms of people’s homes, their income, their access to services.”

ResearcherZero October 6, 2022 7:33 PM

@Clive Robinson

When I think back on it, when we delivered those reports to government, we should of just set them on fire and yelled, “your pie charts are on fire!”

ResearcherZero October 6, 2022 8:10 PM

@Clive Robinson

Quite a few of the wealthy families I knew around these parts are now on the bones of their a__e. Many others moved location or moved their investments offshore. Too much corruption. I tried investing some money here recently, but after many of the same old problems, soon decided it was a bad decision.

Cooking the books, money laundering and paying bribes is quite common. If you won’t pay bribes then they start harassing you as well as charging excess service fees. I don’t take kindly to that sort of behaviour.

Everyone used to pitch in to help out any families who ended up in trouble, find them a new house, furnish it. Now there are women sleeping in cars in the bush with their children, because they they cannot find permanent employment. There are a lot of problems with drugs and alcohol. And no one bothers to travel into town on the weekend anymore dressed in their ‘Sunday bests’.

We donated most of the community facilities, and much of our spare time, now they can prune the roses and volunteer in the local community groups themselves.

JonKnowsNothing October 6, 2022 10:35 PM


re:they can prune the roses … themselves

iirc(badly)(long time ago)

In San Jose California, the heart of Silicon Valley (which is not San Francisco), there is, or was, a park called The Rose Garden. It was also an upscale older neighborhood of San Jose. While San Jose was never on the same social scale of Palo Alto (Stanford), The Rose Garden area was of similar vintage (before Zuck ripped up his Palo ALto neighborhood because he didn’t want neighbors, actually Zuck rips up all the neighborhoods around all his houses because he likes the neighborhood but he doesn’t like the people who live there or anywhere near him and his).

The Rose Garden is so named because there is, or was, a beautiful park full of roses. All kinds, shapes, sizes, growing throughout that park. It was a local focal point. Roses are not the easiest to grow and special roses need extra special care or there aren’t any flowers. There was a team of Rose Specialists that cared for the gardens and every year during blooming season the show was spectacular.

Then came Austerity V.01 and the specialists that knew and cared for the roses were fired. The garden began to decline and roses began to die from poor care.

So what did the City decide to do? Well.. they sent out an ultimatum to the locals

  • If you want roses in the Rose Garden you are going to have to prune them yourselves.

Bunches showed up and one of the old Rose Specialists came to give them a quick 411 on caring and trimming of the plants.

I don’t know what happened after that.

  • Did the locals continue to prune the roses for free?
  • Did the City carry out their intention of razing the park?

Puisque c’est ma rose…

Voici mon secret. Il est très simple: on ne voit bien qu’avec le cœur. L’essentiel est invisible pour les yeux.

Tu deviens responsable pour toujours de ce que tu as apprivoisé. Tu es responsable de ta rose…

Winter October 7, 2022 1:14 AM

@JonKnowsNothing, All

It appears we are at another of the projected tipping points.

Yes, but none of these are a surprise:

  • 1 All big economies are moving into demographic decline. This is visible in the acute shortages on the labor markets. That alone is a recipe for a deep recession. The future is African, but Africa needs to industrialize. How?
  • 2 Climate change is biting hard. 32 million people are displaced in Pakistan due to flooding. Many, many more are in deep problems due to changes in rainfall and temperatures
  • 3 The long peace in the industrial world has brought inequality back to the level it was before WWI, with an expectation of large unrest on WWI scale. All this money on big heaps is used extremely inefficiently (trips into “space”, anyone). Meanwhile, industrial infrastructure is crumbling and Tera dollars of capital are sloshing around the world in search for a sensible investment.
  • 4 Exponential growth in energy use will be curbed by physical realities. The same holds for any other raw materials, but energy is not replaceable. There are only 2 ways to increase energy production by a 100X (or 1000X): Solar and fusion. Fusion is probably possible in the near future, but it will take decades to scale up and roll out even if a breakthrough is achieved. For the short term, solar is the only technology that can increase energy production orders of magnitude for the long term.

All four can be solved by a global shift to sustainable energy and a de-carbonation of the economies. Money will have a profitable investment, energy will be plentiful, and carbon emissions abolished, maybe even negative. Solar energy is most efficient in regions that now see a decline in agricultural output. Also, sustainable energy production is decentralized and requires lots of space. Scaling up sustainable energy requires personnel in what are now poor regions, lots of personnel. Investing in local people is the cheapest, and only, way to get the people to do the work. A trained workforce will kick-start development in the poor regions of the world.

Will this happen? Maybe. But we see all around that people rather go on a rampage to loot other countries and rob the resources by force than do something constructive. And when the Bezos’ and Musks of the world rob us blind, we try to exterminate those who were born elsewhere instead of stopping the looting by the Bezos’ and Musks of the world.

We know from history and the very words of the current financial robber barons that the rich will rather kill everyone and salt the earth than let go of any of the loot. They do not prepare for helping their countrymen, they build doomsday bunkers in New Zealand [1]

I think the Onion said it best:

Wealthy Americans Assure Populace That Heavily Armed Floating City Being Built Above Nation Has Nothing To Do With Anything

Note, I know very well that there are decent, caring rich people, but I also know that The secret of a great success for which you are at a loss to account is a crime that has never been found out, because it was properly executed. [Balzac] which is generally shortened to: Behind every great fortune lies a great crime.

[1] ‘

SpaceLifeForm October 7, 2022 1:26 AM

@ Ismar, vas pup

re: cheating at chess or just good thinking with unpredictable play?

This will definitely reduce the parking problem.


The U.S. Chess Championships opened play at the St. Louis Chess Club here on Wednesday afternoon. Players, including 19-year-old Niemann, were greeted by a bevy of beefed-up security measures.

They were scanned by security wands designed to detect not just metal but silicon, commonly used in electronics. Spectators, for the first time, weren’t allowed to watch live play, instead tuning in to a broadcast on 30-minute delay. A few select visitors were allowed to observe the first 10 minutes, but were then escorted out of the room.


If you are really interested, scroll just over half way here:


Winter October 7, 2022 2:13 AM

From the “You cannot make this up” section:

I think this is the most clear distinction between the good and bad side in a war, ever.

THOUSANDS of Russian soldiers ‘have already called Ukrainian hotline set up to let them surrender’

Calls have come from soldiers in Ukraine, those still in Russia who have been conscripted, and some who have not even received draft orders yet who wanted to check the procedure, Yusov claimed.

Right, men who think they might be drafted in the Russian army are already calling a hotline on how to surrender.

Still no sign of a Russian hotline which Ukrainians can call to surrender.

Clive Robinson October 7, 2022 5:26 AM

@ Winter, JonKnowsNothing, ALL,

Re : Fortunes and Criminals

“Will this happen? Maybe. But we see all around that people rather go on a rampage to loot other countries and rob the resources by force than do something constructive.”

They answer to the question is the same as that NRA inspired,

“When you prise it from my cold dead hand”

So that preconditions the answer to your question.

For some time now I’ve mentioned “Bretton-Woods” and the rise of short term thinking via neo-con mantras force fed into the next generation as a prerequisite for being alowed to enter the “Red Queen” survive race. Where you are not alowed to own only rent, thus very effectively “taxed to death”.

You might renember I used to point out that on logical analysis “The great American Dream” was all about “theft”.

In short the neo-cons are intent on breeding a nation of psychopaths and criminals they intend to form into a hierarchy, where they are legaly kept at the top, and everyone else can either kill or be killed to keep them there.

They know what history shows will happen, as it has in the past almost every lifetime. The difference is the neo-cons believe,

“They can get out clean, to start again”

The thing is they can only do that if we let them, stopping it without stopping economic growth was what the “Bretton-Woods” agreement that gave us the US centric IMF was supposadly about,

However true economic growth is a slow process, whilst organised chaos alows the organising individuals to grab large quantities of assets via their “hidden hand”.

How you go about stoping psychopathic greed is unknown, but we do know it will be the death of us all if we don’t atleast significantly curtail it.

Winter October 7, 2022 6:11 AM


However true economic growth is a slow process, whilst organised chaos alows the organising individuals to grab large quantities of assets via their “hidden hand”.

Every economic miracle since WWII where a country developed out of poverty, was reached by NOT following the recipes of the IMF or World Bank. From Germany to Singapore to South Korea to Ghana.

What worked was education and sane government industrial policies.

Neo-Cons only produce poverty and hunger.

One thing the Pandemic showed was that an effective and active government is a prerequisite for wealth and well being.

JonKnowsNothing October 7, 2022 7:21 AM

@Clive, @Winter, All

re: One thing the Pandemic showed was that an effective and active government is a prerequisite for wealth and well being.

From the COVID pandemic we can see how well that worked out… so far 2019-2022 @6.5Million Deaths, 1Million Long COVID is UK alone…

The next 3+years aren’t going to be much better, as projections indicate the withdrawal of government supports socially, technologically and economically plus continued COVID infections, will create a worse outcome than the previous years.

Rumors of a “Scorched Earth Economic Policy” (1) about to unroll in UK. It’s so bad it’s hard to believe that anyone would take it up seriously but …

The document from the Free Market Forum (FMF), an offshoot of the Institute of Economic Affairs (IEA), suggests scrapping free childcare hours, releasing green belt land for housing, abolishing corporation tax and dropping teacher training qualifications for graduates.

Other ideas include remote learning so parents can pick the best teachers, amending the Equalities Act so white working-class boys are better protected, and restoring the link between tax and household income so a married woman’s income could be seen as part of her husband’s.

a collection of policies for a better brighter Britain by the end of this decade”, which it says will “kickstart the conversation about where we go next, and place the FMF at the forefront of those discussions”

Over on this side of the pond our SCOTUS is about to undertake a case that could just upend our existing version of democracy.

… a little-known case called Moore v Harper, which could lock in rightwing control of the United States for generations.

The heart of the Moore case is a formerly fringe legal notion called the Independent State Legislature (ISL) theory. This theory posits that an obscure provision in the US constitution allowing state legislatures to set “time, place, and manner” rules for federal elections should not be subject to judicial oversight. In other words, state legislatures should have the absolute power to determine how federal elections are run without court interference.

It’s not looking too fixable to me, but I’m an optimist…


ht tps://www.theguardian.c om/politics/2022/oct/06/revealed-rightwing-slash-and-burn-ideas-that-could-be-blueprint-for-truss

ht tps://www.theguardian.c om/commentisfree/2022/oct/06/the-most-terrifying-case-of-all-is-about-to-be-heard-by-the-us-supreme-court

(url fractured)

Clive Robinson October 7, 2022 7:24 AM

@ Winter,

“One thing the Pandemic showed was that an effective and active government is a prerequisite for wealth and well being.”

That “effective” and “active” are only two of the required “legs”.

For good stability you require a third leg, which you or I would call “social”. That is Goverment is not just “of the people” so should be “open to all”, but also “for the people” so should be “for all”, not just the self interested who make themselves “the favourd few” of high crimes and low social morality.

It’s the “We don’t leave people behind” duty of a nation to the people that are the nation, not just it’s guard labour.

It surprises me sometimes although I know it should not, how some supposadly forward democratic nations, not just their leaders and those behind them, but much of the people that make the nation as well need to be told this basic fact,

“You help yourself by helping others.”

As you say the out come is,

“economic miracles”.

Winter October 7, 2022 8:20 AM


“You help yourself by helping others.”

It tells a lot about my origin that I considered this unnecessary to add. 😉

There is a story about a Jared Diamond, who drove through the Netherlands and suddenly understood why the Dutch were so cooperative [1].

A polder is a piece of low-lying land reclaimed from the sea. In the Netherlands, about 20% of the land has been reclaimed in his way so it is important to have an effective system in place to ensure long-term environmental sustainability. And this system depends for its effectiveness on people in different polders working together to ensure that no one drowns. It isn’t the case that rich people live safely on top of dikes while the poor eke out a parlous existence on the polders below sea-level; if the dikes and the pumps and all the other crucial elements of the polder system fail, then everyone will drown, rich and poor alike.

The Netherlands is like a boat, we are all dry or we all drown. But alas, the Neo-Liberals, as they are called here, have poisoned everything and everyone. We are now just recovering somewhat.

Climate Change will make us drown no matter how high we make our dikes. Also, Putin has shown that we will drown all if we let the far-away Ukrainians sink.

[1] ‘

fib October 7, 2022 10:34 AM

Re: the zeitgeist (as addressed by @Clive, @JKN, others)

The political-cultural crisis of the West cannot be equated without taking into account the new role of social networks and the resulting effect of the enormous and unnatural connectivity experienced by humans. Having such computing power within reach is obviously messing with human faculties in surprising new ways. The initial data from this great human experiment in universal connectivity [erosion of privacy and trust in institutions with all the attendant ills] seem to indicate that corrections are badly needed.

My sad conclusion is that social media is to free speech what the 100mm cannon is to self-defense, and the concept of free speech perhaps, just maybe, needs to be adapted to the new situation – certainly must be discussed openly.

JonKnowsNothing October 7, 2022 1:14 PM

@fib, Clive, Winter, A;;

re: My sad conclusion is that social media is to free speech …

Consider what’s about to happen in EU and USA: 3 hours of no electricity per day. This is the warning that’s being handed out.

Zho, Consider:

Yes, there is a push on for battery backups and schemes to install and monetize solar panel installations etc etc etc.

However, given the precarity of economics, and that some people cannot afford to use their ovens or cooktops, at some point there will be a trade off between Recharging and Eating.

In some districts Heating Centers will open, just as they did with Cooling Centers. There will be a lot of recharging connectors plugged into outlets that are available. (1) However, those Centers are not likely planning on paying the cost of recharging thousands of phones every day at the current utility rates.

During the last economic crunch, inspired by Enron Debacle, places that had outlets either replaced the cover to block access or charged a fee. (2)

What social media can you do with a Uncharged iPhone, no service and no signal?


1) I used to carry a small 4 slot power strip with me. Generally people were fine with me re-plugging them into my power strip so that more of us could access the 1 public slot in the place.

2) The fee was often a $5.00USD tack on to a required purchase. Buy a coffee, pay five bucks and get the wifi login code and a table with an open socket. Good for 30min of access.

Clive Robinson October 7, 2022 2:44 PM

@ fib, ALL

Re : Free Speech Good -v- Bad.

There is an old saying in Britain that goes back to the time of the weekly “tin bath in front of the fire” bath for the whole family. As heating water was expensive and labour intensive they’d use the same water in a standard “pecking order” … As things could get a little murky towards the end a word of caution was,

“Don’t throw the baby out with the bath water”

It also symbolised the idea that sometimes you could not tell “bad from good” so would ditch both when thinking you were only getting rid of one.

So keep that idea in mind especially when,

“One man’s meat is another man’s poison”

Also applies and what you think is good others think is bad and vice versa.

“the concept of free speech perhaps, just maybe, needs to be adapted to the new situation – certainly must be discussed openly.”

I would suggest that there is no solution for the “Good -v- Bad” issue. As I’ve indicated there are no absoluts just the shifting sands of social society. Thus what is held good today and consequently reflects well on one part of society and not others, will in time be held to be bad thus reflects better on other previously oppressed or suppressed parts of society. It naturally has a statistical “normal curve” based around the “mores of society” with the left side considered “the boat anchor” pulling society back, into an oppressive past and the right side “progressive” pulling society forward into an egalitarian future. In the UK just to confuse things the left side is seen as the right or “adroit” side in politics and is called conservstive with a small C. Thus the right side is seen as the left or “sinister” side in politics and is called liberal (both consetvative and liberal have way different claims meanings in the politics of different countries).

The reality is however that societal mores tend to move like a traveling pendulum and of recent times the general direction has been backwards in both WASP and European Continental nations though most do not realise it. Primarily because of “marketing” pretending it is “representative free speech”.

Much as it was around 100years ago between what we now call the First and Second World Wars, and there is thus a real danger we are about to experience that set of lessons again… Some sociologists argue rightly or wrongly that an upturn in young unmaried men in the lower social classes is the root cause of war, others have in the past further argued that it was a rise in homosexuality that comes with an upswing in young unmaried men and the legal oppression from oppressive social mores. Personally I’m of the view that corrolation is not without stronger evidence causation, but we do know that “mateing privileges” is a strong evolutionary driver from animal studies and does lead to generally non leathal violence. Thus there would be an easy to manipulate “cognitive bias” building in society.

So my view is that whilst individuals may view the “message content” “good/bad” deprndent on their own Point of View, that is actually not the problem we realisticaly can do anything about. Nor should we realy, what we need to address is the “message delivery” method, because we can do quite a bit about that, but we need to be mindfull of what is “in the bath water” before we throw it out.

What the mass electronic communications has given the individual is,

1, The ability to broadcast.
2, Psuedo anonymity.

Neither of which we have had together in the past.

They can both be used for “good/bad” and they can both be fairly easily taken away both legaly and technically in as little as a day with a little forward planning.

The problem we have at all levels from the lone individual through political driving NGO churches and corporation right through to the worlds largest nations and federations that we call Super Powers is that the “governor” on the “flywheel” is now nolonger there.

That is there is no acoutability, thus responsability to limit or stop the adverse “message delivery” methods, that are just getting more and more sophisticated as the “undesirables” in almost all Points of View realise the “asymmetric advantage” it gives them and worse the “ratchet nature” of “cognative bias” that gives them a hold. The fact that there is also a lot of money to be made selling the use of these methods gave us “Cambridge Analytica” and the “St Petersburg Troll Factories” both of whom were “close bed fellows” should rightfully scare people.

Whilst we can do things technically and legaly there is also “education” to be considered. Cognative bias occures due to the way information is fed to people, if you can not stop the way the information flows then educating them about it from an early age might be the only real solution to the problems of “message delivery” methods.

But whilst the technology and methods are new to many people the more geberal ideas behind the methods can be found in litriture going back more than a life time.

Obvious to many is George Orwell’s 1984 that has pointed out the dangers. But there are also the likes of Ayan Rand “When Atlas Shrugs” manifestos that in reality are like the “Dulles Plan” in Russia and “The Protocols of the Elders of Zion” conspiracy theories. Whilst the message is junk the methods to deliver outlined most certainly are not. Further their roots can be found in much earlier works like Machiavelli’s “The Prince” and even erlier treatises on the use of power like Sun Tzu’s “Art of War”.

Clive Robinson October 7, 2022 6:12 PM

@ Gerard van Vooren

A couple of days back you asked about my rpy projects for “out and about” activitirs and I mentioned I was now looking at going down a cheap laptop/pad direction.

Well it appears I’m not the only one, this guy uses the rpy for “Ham Radio” and he’s just relrased his view in a YouTube video,

Even though I want to do things that are different, it turns out his reasoning is unsurprisingly broadly the same as mine.

lurker October 8, 2022 2:27 AM


When will it end?
In the streets of London today 1 in 60 are infected;
Sequencing has dropped about 90% since January 2022;
There are over 200 subvariants of Omicron currently being tracked;


~50 mins listen

JonKnowsNothing October 8, 2022 9:15 AM

@lurker @Clive, SpaceLifeForm, All

re: Not ending, Just starting…

As hard data about COVID is now curtailed or altered in ways to make the data “less alarming”, the facts on the ground will eventually show up…

Local MSM reports that C19 BA.2.75.2 has now appeared in Los Angeles County, California.

Los Angeles is the COVID driver for all of California. What happens in Los Angeles, next spreads north, first to San Francisco and the Bay Area, then travels eastward to Sacramento and afterward oozes to northern and central California via the big trucking highways as they haul COVID from one end of the state to the other.

Trucking == Airplanes on land.

It’s a bit of schadenfreude from our very early discussion about reinfection rates, first whether you could get it a second time then later how many times you can get it. This latter on the belief that some residual antibody benefit will remain post-infection.

Well, schadenfreude wins again:

  • COVID reinfections occurring within weeks of previous infection. (PCR positive tests)

The early laissez-faire COVID in-vivo experiments in Manaus, Brazil, have shown to be correct.

If you purposely “breed antibody resistance” into a virus, you will eventually get exactly what you have bred for. It doesn’t have to be in a BioLab, although they can do it faster. Natural Selection from Directed Exposure will achieve the same thing.

Winter October 8, 2022 12:18 PM

@Clive, all

So my view is that whilst individuals may view the “message content” “good/bad” deprndent on their own Point of View, that is actually not the problem we realisticaly can do anything about.

The problem is one of choice of words. What is called “Free Speech” by the Libertarian absolutists is generally addressed in other languages the “Freedom of Expression of Opinion”.

The crucial part is that in the 18th&19th, people wanted the right to talk about their beliefs and opinions, especially their political opinions.

No one was fighting for the right to lie and deceive.

What we see as a problem on social media now is not people expressing their beliefs and opinions, but people lying and deceiving, false flag operations and propaganda.

Now, we cannot easily distinguish between an opinion and a lie. But we can distinguish between an opinion and a fact. If you do not accept a fact, the onus is on you to give evidence you are not lying. Ignorance is only acceptable if you are willing to learn.

Nothing in this discussion is simple, and many/most people do not want to change their opinions just because they are wrong. And that is not a problem, generally. But I think fighting for other people’s right to lie and deceive is wrong and stupid.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.