Friday Squid Blogging: Giant Squid vs. Blue Marlin
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
vas pup • March 31, 2023 5:13 PM
Israeli private electric plane will soon be ready for take off
“The day when you will be able to enter your garage, hop into a personal aircraft and cruise above the congested traffic on the streets below is coming closer.
Air EV, based in Pardes Hana, Israel, expects to start delivering its two-seater, battery-operated electric vertical takeoff and landing (eVTOL) aircraft late next year, with hundreds of people already signed up to join the urban air mobility revolution.
Leveraging major advances in electric propulsion, eVTOL aircraft offer the average person the ability to “drive in the sky,” while providing an environmentally sustainable solution to a growing urban transportation problem. Simple to fly, and priced to compete with a high-end luxury car, Air EV’s AIR ONE aircraft is designed for private commuter and recreational use.
“We sell the aircraft for a base price of $150,000. It will probably come closer to $200,000 by the time we deliver,” says CEO and Co-Founder Rani Plaut. “We intend to deliver the first units at the end of 2024 or the beginning of 2025.”
Plaut estimates that potential revenue could be in the billions of dollars.
The startup is on track to receive clearance from the US Federation Aviation Administration. The company plans to transfer most of its operations and research and development to the US for further flight testing and certification collaboration with the FAA.
AIR ONE recently reached a major milestone with its first unmanned flight over the skies of southern Israel, successfully transitioning from hover flight to cruise flight. Its next text phase will be with someone onboard, Plaut says.
==>The vehicle has a range of 100 miles on a single charge, and can fly up to 155 miles per hour at an altitude of 1,200 feet. The aircraft, powered by a battery much like an electric car battery, is zero-emission and designed to take off and land on any flat surface.
Measuring about 25 feet by 8 feet, it has collapsible wings to allow easy parking. It requires only about 15 to 30 hours of training. The company’s goal is that no pilot’s license will be necessary.”
lurker • March 31, 2023 6:36 PM
Computer scientist and author Brian Christian talks to MSM about one of the fundamental problems of AI development in his book The Alignment Problem: how do we ensure machine learning systems represent the best human values rather than magnify the worst?
modem phonemes • March 31, 2023 8:32 PM
represent the best human values
The best human values require the virtues of prudence and equity, whose decisions can’t be legislated/calculated in advance and are not available to a machine. Reality will always hack the machine.
MarkH • April 1, 2023 12:26 AM
Just a few weeks ago, there was some discussion here of an intelligence summary concerning the mysterious “Havana syndrome.”
Three days ago, the Office of the Director of National Intelligence released a detailed report (with heavy redactions) which perhaps contradicts that summary.
• the syndrome has no identifiable natural cause
• it is not consistent with mass psychogenic illness
• pulsed electromagnetic energy remains a plausible explanation for some of the cases
Nimmo • April 1, 2023 1:34 AM
@MarkH noone on earth believes ‘Havana Syndrome’ is real. It’s just CIA and State Department filth mad that they didn’t get stationed in Paris having a hissy fit.
ResearcherZero • April 1, 2023 2:09 AM
The term AHI is preferred as incidents began in other locations long before any reports came out of Havana. Where those exact locations are, what happened, – classified. How it works – classified.
synergistic and combined EM/thermal effects
No one is allowed inside reactors either when they are operating. They put microwave screens inside the doors of microwave ovens for a good reason. The two are completely different technologies, but they will both cook your face if you play around with them.
However in the case of AHIs it is a slightly different property we are looking at in the transmission of energy and the induction over the surface of the skin. Pop a fork in a power socket (don’t do this) and what happens?
ResearcherZero • April 1, 2023 2:11 AM
On December 10th of 2013, CVE-2013-3900 was published pertaining to a vulnerability in WinVerifyTrust Signature Validation, which allows attackers to exploit the padding of a Windows Authenticode signature to gain control of a system. Microsoft’s solution was to offer a ‘opt-in’ solution that could be activated by adding a pair of registry keys.
WinVerifyTrust Signature Validation Vulnerability
“This update causes the WinVerifyTrust function to perform strict Windows Authenticode signature verification for PE files. After applying the update, PE files will be considered “unsigned” if Windows identifies content in them that does not conform to the Authenticode specification. This may impact some installers. If you are using an installer that is impacted, Microsoft recommends using an installer that only extracts content from validated portions of the signed file.”
Binaries most likely to be affected are PE installer files distributed via the Internet that are customized at time of download.
Microsoft recommends that executables authors consider conforming all signed binaries to the new verification standard by ensuring that they contain no extraneous information in the WIN_CERTIFICATE structure. Microsoft also recommends that customers appropriately test this change to evaluate how it will behave in their environments.
ResearcherZero • April 1, 2023 2:38 AM
It’s for s-stirring, harassment. As soon as an incident takes place, you know that military intelligence was at the scene, the building may have been bugged. Then they usually p off for a while.
It’s just another example of the Russian military turning useful technology into a stupid piece of junk. Though, that is not an exclusively Russian trait, it is a human trait.
Civilians have nothing to worry about, they are not important enough to be of any interest, and incidents are rare. Unlike automobile accidents, bee stings and cows. That’s what people should really worry about, cows!
“Among them were the contentious American actor Steven Seagal, a grandson of Charles de Gaulle, and an Italian princess and scholar known for her Tolkien translations who fears European boys are being encouraged to marry their cows.”
Am I being serious, cryptic, or just messing around?
ResearcherZero • April 1, 2023 3:02 AM
But on a serious note, just step away from the window. Glass allows a high percentage of energy in.
ResearcherZero • April 1, 2023 3:34 AM
“Kids are creative about everything from drawing to singing, but adults just stick to things tried and tested.”
If you run an industrial plant you should probably stick with some kind of plan that is tried and tested.
“The implication of this is that the increase in hacktivism activity targeting OT may not necessarily become consistent over time. However, it does illustrate that during political, military, or social events, OT defenders face a heightened risk.”
“Asset owners and operators should maintain situational awareness of trends in hacktivist threat activity targeting OT systems to anticipate potential risks. We also highlight that most often, hacktivist threat activity can be prevented following common best practices for remote access to critical and internet-accessible systems.”
ResearcherZero • April 1, 2023 3:42 AM
“Overall, over 4.5 million internet-facing devices were identified as vulnerable to KEVs discovered between 2010 and 2020.”
Many organizations are still exposed and at risk from these vulnerabilities because they are not patching them.
Clive Robinson • April 1, 2023 4:25 AM
@ lurker, ALL
Re : It all comes down to power politics.
“The Alignment Problem: how do we ensure machine learning systems represent the best human values rather than magnify the worst?”
You can not…
Firstly look at just about any religion, their fundamental doctrine is “domination” via, when you stand back and look, ‘cult form memory techniques’. Carried out on the very young, who mentally are defencless to defend themselves from the attacks. So before they even get to school age they have been cognatively biased.
Secondly, for some reason we almost always end up with hierarchical structures, which push power to the top of the hierarchy.
Thirdly as part of these hieratchical structures is generally a “self selection” process that encorages a “them and us” style thinking. Such inward thinking gives rise to “secrecy” through which control structures are organised.
I could point out many other points but the issue is not if they are inherantly “good or bad” but how you as an observer see how they are used.
I’ve found through repeated observation that irrespective of how they start unless kept very open, such power and control structures quickly spiral into behaviours that are bad.
That is because what “society” considers bad is attracted to hierarchical structures for the power and control they give.
So we enslave ourselves by our own failings. We willingly build systems that will be used to harm us because in the general case we do not as individuals want to actually take responsability for our future, we just want to “go with the flow”. Thus those who are the exception who desire or crave status, money, power and control get gifted an almost ideal structure to put their desires in action. All they have to do is follow a basic set of actions that are in effect,
1, Build a guilded cage, with a “one way” door.
2, For the majority to “sleep walk into”.
3, Build in an unopposable control structure.
4, Build in a defence / deniability system for self protection.
The first two are accomplished through the “hope” illusion of “their will be jam tommorow” or similar. The third is the “them and us” of heresy through unquestioning “faith”. The fourth is the arms length of “humble servant” acting as “a messenger of the deity” where they are the “Godhead” and get to use the power from the control the hierarchy gives them without them being held responsable via the “he told me to do it” principle. But these last two can be seen as part of the “might is right” justification of “charity”.
Charity is when you look at it exactly the process a drug dealer uses to get people on the dependency hook and keep them there. It’s a form of behavioral control via “food treats” and similar. All you need to do to abuse the process is get and maintain control of the resources people need to survive. Ultimately access to clean air, energy, water, materials, and the ground to stand/grow upon.
So understanding that, which can be quite a cognative shock for most to get to grips with (because of what they have been taught from birth). You need to consider what AI realy is and what it is going to bring certain people with respect to the four actions above.
In essence AI Deep learning is a “mirroring system” in that “it learns from it’s input” thus “will become as it’s input”… Control the input, and you control what results.
Importantly though is the mystique of apparent “wisdom” or “magic” where the majority fool themselves into thinking the resulting “AI tool” is actually some kind of “AI master”. Thus AI systems will become the “techno deities” through which those who put faith in them will be controled by those who control the inputs… Thus they get the “computer says” excuse on steroids to pass the blaim for their actions…
All I can say is that if you or anyone else can not see this coming this way, then you are “sleep walking into a guilded trap” blinded by “faith and hope” into becoming subservient to the “charity” of the resource controlers, who’s only intent is to aquire status, power and thus control through the resources.
After all “sheep have to be led” so “they can be shorn” so they are easily controled. So the become used to being led, thus eventually are “easy to lead to the slaughter”.
Any tool that aids that process is going to be seen as not just valuable to the few, but for control only by the few.
Pull back the curtain and the illusion thus mystique is destroyed, and with it the magic by which people are controled.
But by pulling back the curtain, remember you have to accept the responsability of what follows… Which is others having to take responsability for their lives.
Which is why we build societies to help spread that load to buffer the apparently random shocks of nature. We make ourselves into flocks by choice as it gives us considerable power of concerted effort. But the method of control of the flock is our responsability to see that the conserted effort is used wisely. If we shirk taking on that responsability, then we get first shorn then slaughtered as a consequence by those who’s desire is to do so… They will use any “force multiplier” they can get their hands on, especially if by denying knowledge they can imbue that tool with false wisdom etc they can hide behind.
Thus AI of the likes of GPT and Co give them such a tool…
 When you analyze religions most have “pillars” which generally contain “faith”, “Hope”, and “Charity”. Which are always spun up in a way that establishes an “unquestioning hierarchy”(faith) that has a “self deluding reward structure”(hope) and encorages a form of “discrimination in the mind” (charity) that is often worse than casual racism by those who’s behaviours are based on “what they csn do with their fists”.
 Pre-lambing shearing is practiced as a wayvto get sheep to behave in a desired way, that is to come down off of the hills etc to fond shelter. Look at it this way, if I steal your warm coat in late autumn as winter sets in, you have little choice but to find shelter. If I control that shelter as the farm does the lambing sheds, then I control your freedom of action.
 Any regular event that occurs at long periods, will look random over shorter periods. Those occasional eclipses of the Sun and Moon are entirely predictable when you know how to predict them. But scary when you don’t. If you find out how to predict them but keep the method secret, then you can with care gain significant power over others with the knowledge they do not have… Which might account for why religions used to be ardent star watchers.
Beatrix Willius • April 1, 2023 5:50 AM
Anti-Piracy DNS Poisoning Blacks Out Media Group, ISP Refuses to Comment (https://torrentfreak.com/anti-piracy-dns-poisoning-blacks-out-media-group-isp-refuses-to-comment-230322/)
For several days last week, visitors to the website of tech-focused media group Heise were diverted to Germany’s piracy-blocking portal instead. Users of ISP 1&1 were diverted to a page reserved for pirate site visitors, informing them that Heise had been rendered inaccessible for copyright reasons. Calls for an explanation are met with silence.
website not availableIn a world where clear and independent reporting struggles to get heard in a sea of sensationalized clickbait, the German Heise group is generally recognized as a reliable and accurate news source.
For several days last week, an unknown number of visitors to heise.de were denied access to the company’s reporting. Instead, they found themselves redirected to Germany’s anti-piracy website blocking portal and statements that had no basis in fact.
Nick Levinson • April 1, 2023 6:35 AM
Privacy: In a fast-food restaurant on a routine small cash order, the cashier asked, “What would you like your name to be?” I gave my first name, then asked, how many give “other than their real name?” Apparently, more than half.
As a sociological contribution, this is accurate but not scientific, being limited to one event (last Wednesday) and one place (a White Castle in a New York City central business district). The particular restaurant is only a few months old and I come maybe once every couple of weeks, and this version of asking for a name is new. It seemed odd. I paused before answering and thought of saying “John Gotti Jr.“, but I didn’t want to go there. When I asked her the sociological question, her answer seemed to be that it was a lot. I suggested, “Half?” She definitely nodded.
Many websites, if we register, require that the information we give at registration be accurate; ditto for domain registration. Research to see how many use false names might be hard, especially for the harder to detect and especially if regionalized and time-limited, although I haven’t Googled.
Robin • April 1, 2023 7:11 AM
Yes I was a bit taken aback by that question; probably the same chain but in the UK on that occasion. Of course I gave a false name. But I later realised the server was only writing it on the cups to identify the client and order. When it was ready to collect, she shouted the (false) name I gave her and got my coffee and cookie. No databases involved. I guess a number would do the job just as well. In fact it’s not a bad system: I can remember my own name (or fake identifier), she doesn’t need a ticket machine or to record or remember anything other than scribbling on a paper cup. Only problem is if there are two “Miguel Ratón”s in the queue.
ResearcherZero • April 1, 2023 7:44 AM
“When a blocking decision is recommended, the matter is then referred to the German government’s Federal Network Agency (BNetzA) to confirm that a blockade will not violate net neutrality.”
As a mere conduit service, courts could require Quad9 to take action through a “no-fault” injunction, a process that’s already used in ISP blocking orders.
To put this into perspective, applying wrongdoer liability in this setting is akin to charging a pen manufacturer with fraud because a stranger forged documents while using the manufacturer’s writing utensil.
Quad9 believes this is an exceptionally dangerous precedent that could lead to future global-reaching commercialized and political censorship if DNS blocking is applied globally without geographic limitations to certain jurisdictions.
“Section 230 of the Computer Decency Act (CDA) grants online service providers immunity from civil liability for all claims arising out of content generated or published by third parties on their systems.”
Areas Ripe For Section 230 Reform
upstarts and their encryption
protecting the kiddies
Electromagnetic waves have crests and troughs similar to those of ocean waves. The distance between crests is the wavelength. Moving along the spectrum from long to short wavelengths, energy increases as the wavelength shortens. Consider a jump rope with its ends being pulled up and down. More energy is needed to make the rope have more waves.
Hertz found out how to make the electric and magnetic fields detach themselves from wires and go free as Maxwell’s waves — electromagnetic waves.
One of the physical properties of light is that it can be polarized. Polarization is a measurement of the electromagnetic field’s alignment. In the figure above, the electric field (in red) is vertically polarized. Think of a throwing a Frisbee at a picket fence. In one orientation it will pass through, in another it will be rejected.
An applied electric field will polarize air molecules, and if sufficient to force electrons off the molecules, those electrons can collide with other molecules and can start a discharge, or electric arc.
A charged particle produces an electric field. This electric field exerts a force on other charged particles. Positive charges accelerate in the direction of the field and negative charges accelerate in a direction opposite to the direction of the field.
A moving charged particle produces a magnetic field. This magnetic field exerts a force on other moving charges. The force on these charges is always perpendicular to the direction of their velocity and therefore only changes the direction of the velocity, not the speed.
An accelerating charged particle produces an electromagnetic (EM) wave. Electromagnetic waves are electric and magnetic fields traveling through empty space with the speed of light c.
Electromagnetic waves can travel through transparent media, such as water and glass. When an EM wave travels from one medium with index of refraction n1 into another medium with a different index of refraction n2, then its frequency remains the same, but its speed changes, and therefore it wavelength changes. For air n is nearly equal to 1, for water n is 1.33, and for most glasses n is around 1.5.
Winter • April 1, 2023 8:15 AM
But I later realised the server was only writing it on the cups to identify the client and order.
I heard from several side that people who have names that are very common (e.g., John) or are often mispronounced that they simply chose an easy to write&pronounce and not too common pseudonym to be able to actually collect their cups without problem.
Clive Robinson • April 1, 2023 8:52 AM
@ Nimmo, ALL,
Re : Havana Syndrome
“noone on earth believes ‘Havana Syndrome’ is real.”
I guess you were not paying attention at school when they explained the basics of the laws of nature with regards the transportation of energy and matter by forces.
What the sufferers appear to be suffering from is the same issue that effects sports with violent head contact…
The NFL certainly know what the legal costs are of ignoring those laws of nature (1 billion and rising). Look up “Chronic Traumatic Encephalopathy”(CTE) and what it does to NFL players and why currently we have to wait for an autopsy to show the actual injury.
The fantastic cost of not just compensation but increased protection that is likely going to have to be paid, is “proof enough” according to some as to why the US agencies have been “dragging their heels” over Havana Syndrome.
My view is that those who talk about the heating effect of the use of microwave systems generally do not know sufficient to understand the issues.
Because they run into the inverse square law issue, which means that if it were just the heating issue the operators of the system would have their brains boild way way faster than someone a hundred or more meters away which those who have suffered from Havana Syndrome have been.
Thus you have to look at the problem differently with the use of multiple beams.
I’ve explained this before on these pages so you can go “look it up” but the physics behind it has been in use since WWII, so you can start by looking up “The battle of the beams” or read Prof R.V.Jones 1973 book “Most Secret War”.
If you truely don’t believe Havana Syndrom exists, you can not possibly have any objection to your head and brain being used for experiments. After all what does not exist can not harm you can it?
Just leave your details and I’ll send some equipment and personnel around, so you don’t have to be inconvenienced by travel etc. You can just sit there sipping a beer and monday morning quarterbacking whilst we run the tests.
ResearcherZero • April 1, 2023 9:55 AM
“The City Council was clear in what they expected from the NYPD, and the Department simply isn’t following the law. Now they just are flat out lying when they say they fully comply with the POST Act. The POST Act is one of the weakest surveillance oversight laws in the country, but the NYPD still refuses to meet even these minimal transparency requirements.”
It seems odd to say, but at least in one sense, Europeans are now more likely to be able to substantively challenge American intelligence community collection practices than Americans themselves are.
Biden’s executive order allows individuals to file complaints when they believe that the U.S. intelligence community has improperly accessed their personal data. This may not satisfy some European critics for whom only truly independent judicial review could be viewed as adequate. Of course, the criticism of a lack of independence is, at one level, trivially correct. This is because Europeans will have standing to bring their challenges and have them heard on the merits. Americans in American courts will not.
Section 2 of the executive order describes the framework in which U.S. government officials can conduct signals intelligence (SIGINT) activities.
The CLOUD Act has two comity provisions that provide potentially significant limits on U.S. government access.
“Because this system of direct access differs from existing international data sharing regimes, the manner in which data requests are administered, the type of data that is collected, and the degree of potential for abuse of the system, if any, may become more apparent over time.”
The extraterritorial impact of modern electronic surveillance can be dramatic, especially in the case of remote access to foreign servers and devices.
There is a book on the subject which examines “crucial developments in the field of privacy law, efforts by legal systems to impose their data protection standards beyond their borders and claims by states to assert sovereignty over data.”
The chapters explore recent legal and policy developments both in the private and law enforcement sectors, including recent rulings by the Court of Justice of the EU dealing with Google and Facebook, recent legislative initiatives in the EU and the US such as the CLOUD Act and the e-evidence proposal, as well as ongoing efforts to strike a transatlantic deal in the field of data sharing.
Data protection beyond borders : transatlantic perspectives on extraterritoriality and sovereignty
Clive Robinson • April 1, 2023 9:57 AM
@ MarkH, ALL,
Re : No obvious brain injury.
You might find this if interest,
“Chronic Traumatic Encephalopathy”(CTE) like “Functional Neurological Disorder”(FND) has in the past been put down as “all in the mind”.
Especially by those who believe to much in the electronic tools they use, without understanding the tools limitations (something that gets rather dull having to explain over and over to representatives of the medical proffession).
In my case nearly a quater of a century after having had a head injury that realy should have killed me, I still get the pass from piller to post issue of the medical practicioners saying we can not see anything on this grainy image we are holding so “it’s all in his mind” and those who deal with the brains actuall functioning say “No it’s real and it’s physiological not psychological”. To say it’s annoying is a bit of an understatment, especially when the side effects of the injury you’ve had flare up and get on top of you and all you want is for it to stop.
However imaging and image enhancing technology is improving fairly rapidly, so hopefully I won’t have to wait untill my autopsy to prove my case…
ResearcherZero • April 1, 2023 10:06 AM
This is what all my chats say:
“For Manly Love, be here, March 25th at 2:15 AM SHARP”
ResearcherZero • April 1, 2023 12:02 PM
“Any person standing in an open area can similarly launch an upward connecting discharge from their head or shoulders and be injured by lightning even when not directly struck by it.”
“We don’t know how it propagates and grows. We don’t know how it connects to the ground.”
Initiation is just the first of many intricate steps that lightning takes on its way to the ground.
Basically, lightning happens when electrons hit oxygen molecules with enough energy to create high energy singlet delta oxygen molecules. After colliding with the molecules, the “detached” electrons form a highly conducting step—initially luminous—that redistributes the electric field, causing successive steps.
The conducting column connecting the step to the cloud remains dark when electrons attach to neutral oxygen molecules, followed by immediate detachment of the electrons by singlet delta molecules.
“These sparks travel at speeds that are fast even for lightning—around 10 to 100 million meters per second—and produce very powerful radiofrequency (RF) radiation as high as a few megawatts, making them the strongest natural sources of RF radiation on Earth.”
“Lightning Studies Based on Measurements Spanning the Ranges from Radio Frequency to Optical (including Infrared and Ultraviolet) to Gamma-Rays.”
The D-region ionosphere is responsible for the vast majority of radio wave attenuation. Understanding the physical processes that determine the level of attenuation is key to predicting radio wave signal intensities in space (for ground-based transmissions).
By far the No. 1 piece of advice for avoiding injury by lightning is not to be outside in a thunderstorm.
Clive Robinson • April 1, 2023 12:34 PM
Re : Lightning up stroke…
“By far the No. 1 piece of advice for avoiding injury by lightning is not to be outside in a thunderstorm.”
Yup… But sometimes you’ve little choice, such as the place you are working at is a long walk even from the nearest bus stop, and you’re already running late.
It happened to me back at the end of the 1970’s… I took a short cut across a public park / playing field to try to save time as it was realy throwing it down. I heard someone call me I started to turn… The next thing I remember was a friend shaking me fairly violently, feeling numb all over and my umbrella being some distance away. According to my friend who witnessed it happen to me I,
“Lit up like a Christmas tree”
And threw my umbrella violently away from me, on retrieving it I found the metal ferrul on the end had got melted. Which as it was an old style umbrella with a solid point, it was quite impressive.
I’ve told the story here before, and how at hospital they got me to take off all my cloths then wired me up like some strange Dr Frankenstein lab test subject… Eventually having confirmed my nervous system was scrambled I was told by an old Indian Dr that I could go home. On mentioning I felt like Frankenstein’s Monster I asked if there was anything I should do or not do? He advised staying out of the rain in future and as a parting shot said that if I dropped down dead I should come back and let them know (apparently re-animated corpses are rare so leave my body to science etc…)
Back then they called that up-stroke of lightening a “pilot stroke” and apparently thought back then to be “all volts” and what opened the ionized channel for the main bolt to drop a few million amps or so to cook you from the inside out…
I gather science has moved on in nearly fifty years, and has not needed my corpse re animated or not to progress 😉
vas pup • April 1, 2023 3:58 PM
US tech giant Cisco to buy Tel Aviv cybersecurity startup Lightspin
“Cisco Systems Inc., a US maker of networking software and hardware, said in a blog post late on Wednesday that it intends to acquire Israel’s Lightspin Technologies Ltd., a developer of cloud security software.
No financial details were provided, but Hebrew media reports estimated the deal to be worth between $200 million and $250 million.
!!!!!Founded in 2020 by Vladi Sandler and Or Azarzar, Lightspin has built a cloud security management platform using graph-based proprietary algorithms to protect from the risks of potential cybersecurity attacks in cloud environments by mapping the potential attack paths and remediating the most critical security issues from build to runtime. Through graph-based visualization, the system identifies attack paths hackers could take to steal critical data stored in the cloud.
Vijoy Pandey, senior vice president of Engineering at Cisco’s Emerging Technologies and Incubation, said Lightspin’s platform will help meet the growing needs of its customers to secure their increasingly complex multi-cloud environments.
By 2025, over 95% of new digital workloads will be deployed on cloud-native platforms, up from 30% in 2021, according to estimates by research firm Gartner. With the ongoing growth of cloud applications comes an increase in cyberthreats, including sophisticated ransomware. Cloud-based breaches account for almost half of all data breaches, according to the IBM cost of data breach 2022 report. Public cloud-based breaches cost businesses an average $5.02 million per year.
The deal marks Cisco’s fourth acquisition in Israel over the past two years, said Oren Sagi, the managing director of Cisco Israel. Cisco bought Israeli application monitoring startup Epsagon and Israel’s Sedona Systems, a maker of communication technologies, in 2021, and Tel Aviv-based startup Portshift, a maker of application security solutions, in 2020.”
Clive Robinson • April 1, 2023 7:00 PM
Russian TORid affair cleans out crypto wallets
I must admit this has slowly raised a smile on my face…
You may remember Putin tried to get rid of Tor Browsers so his “federated surveillance plans” would enable him to grab control.
Well his little misadventures ment the courts ment he had to walk back those Anti-Tor plans…
The result some unknown “Evil types” made up a special set of Tor Browser installers with a little something extra to change crypto wallet addresses…
And liberated atlrast $400k in cryptocash from those who installed Tor Browser not from the official site…
With a big chunk of it being pulled out of Ruski-bears doing cryptocash transactions due to Russian currency becoming the “Rubble” and sinking faster than a lead kipper, due to Putin’s other mis adventures at the Eastern edge of Europe. So to avoid Putin’s failing they fell to another “Evil types” machianations,
The important point though is at the end about the difficulty of detecting what is effectively malware that does not communicate.
AI.Is.Not.Skynet • April 1, 2023 7:11 PM
There’s been a big push this past week trying to stop or slow down AI. Part of it is luddites thinking AI is SkyNet. (There’s no self-awareness. AI doesn’t initiate action or seek goals to fulfill.) Seems more like competitors trying to slow down the leaders so they can catch up. Lots of nonsense and fearmongering. But amongst all the noise, some of the points are worth considering. Specifically how existing AI can benefit crime: https://slashdot.org/story/23/03/27/1824233/europol-sounds-alarm-about-criminal-use-of-chatgpt-sees-grim-outlook
And yeah, that’s scary. Bruce talked about using ChatGPT to artificially lobby senators. But imagine what it can do for phishing… The potential for scams here is staggering. To say nothing of social engineering. And it can be massively scaled up to vast numbers of people, while still being individually tailored for each & every one.
Nick Levinson • April 1, 2023 7:55 PM
AI: It may matter very little that AI strictly “doesn’t initiate action or seek goals to fulfill” if AI can be packaged, seamlessly from a user’s standpoint, with a loop that checks for certain conditions and, upon discovering that the conditions are present in the real world, does something, which would look like initiating action; or with a way to search the Internet for potentially relevant and reasonable goals to suggest to a user, perhaps even preselecting one to be the default for a context.
Whether competitive interests or legal concerns are at stake, you may be right about the former but both may be true.
ResearcherZero • April 2, 2023 2:05 AM
“Mr. Wasserman’s claims regarding our organization are completely false. ExxonMobil has no knowledge of Azari, had no involvement in any hacking activities and has not been accused of any wrongdoing. To be clear, ExxonMobil has done nothing wrong.”
In the midst of perpetrating what federal prosecutors say was a massive corporate hacking campaign, Israeli private detective Aviram Azari in 2017 received welcome news. A group of hackers in India wrote him to say they had successfully infiltrated the email and social-media accounts of a group of environmental activists campaigning against Exxon. “On a happy note I would like to report some success below: Project Name Rainbow.”
A little-known Indian IT firm offered its hacking services to help clients spy on more than 10,000 email accounts over a period of seven years.
Operating from a small room above a shuttered tea stall in a west-Delhi retail complex, BellTroX bombarded its targets with tens of thousands of malicious emails, according to the data reviewed by Reuters. Some messages would imitate colleagues or relatives; others posed as Facebook login requests or graphic notifications to unsubscribe from pornography websites.
A cache of data reviewed by Reuters provides insight into the operation, detailing tens of thousands of malicious messages designed to trick victims into giving up their passwords that were sent by BellTroX between 2013 and 2020. On the list: judges in South Africa, politicians in Mexico, lawyers in France and environmental groups in the United States. These dozens of people, among the thousands targeted by BellTroX, did not respond to messages or declined comment.
Tight clusters of verticals in the phishing attacks suggest motives of financial, industrial as well as political espionage. The target list assembled during our investigation indicates campaigns against environmental advocacy groups, investment businesses and financial journalists, law firms, and political consulting, as well as dozens of individual targets that do not bunch into one of the categories.
Some of the domains had previously shared servers with domains used in these attacks, increasing our confidence that all of these domains are owned by the same actor.
The organizations that consented to be named in the report include the Rockefeller Family Fund, the Climate Investigations Center, Greenpeace, the Center for International Environmental Law, Oil Change International, Public Citizen, the Conservation Law Foundation, the Union of Concerned Scientists and 350.org. The attacks spanned from 2016 through 2017. Similar operations have previously been hired via intermediaries like law firms and private investigators, which distances their work from their clients.
Aviram Azari, organized a series of hacking missions on behalf of unnamed third parties against American companies based in New York, using fake websites and phishing messages to steal email account passwords.
Ismar • April 2, 2023 3:23 AM
“ Imagine you’re a low-wage worker in India who is offered a day’s employment as an extra in a Bollywood film. Your role? To go to a cash point and withdraw some money. ”
Winter • April 2, 2023 3:25 AM
if AI can be packaged, seamlessly from a user’s standpoint, with a loop that checks for certain conditions
The crucial word here is loop. Current LLM and other AI are strictly feed-forward without loops (recurrence). That is to make them trainable. Large recurrent networks, with feedback, are almost untrainable.
SpaceLifeForm • April 2, 2023 3:53 AM
@ Clive, ALL
Clive Robinson • April 2, 2023 5:47 AM
@ SpaceLifeForm, ALL,
Re : “Mother of Landsat”
I would call getting to 96, an achievement in of it’s self, especially as she retained her curiosity through out.
A little over a decade ago NASA did a highlights biography of Virginia Norwood based on an interview carried out by Virginia’s daughter Naomi,
 Which is possibly going to be seen as more evidence of “the forever young” / “it’s the brain that keeps the body alive” hypothesis that keeps comming up in one way or another.
Clive Robinson • April 2, 2023 6:08 AM
@ SpaceLifeForm, ALL,
Re : How long before this gets hacked?
There is a “fetish” for “Bluetooth in everything” where someone thinks a bi-directional data/control link is a good idea… And it’s realy not a good idea as at the very least “Bluetooth pollutes by design”.
So the qurstion then becomes just what fun could a malicious actor have with this potential “barbeque bricket”,
 It’s not for a whole list of reasons not just security. So if you are a designer and the “Bluetooth in everything” fetish comes near, sharpen your stick and prod it away. Oh note from the video it’s actual capacity is about 1kWh which is a lot of energy, which begs the question of just how fast that energy can be released and “just how Toasty” things will get.
Clive Robinson • April 2, 2023 7:03 AM
Re : A rose by anyother name.
“The crucial word here is loop. Current LLM and other AI are strictly feed-forward without loops (recurrence).”
I don’t think that @Nick Levinson is tallking about the sort of feedback system you are.
However all these LLM’s are effectively “generators” followed by “adaptive matched filters”. Where the generator is assumed to be “stochastic” and the “matched filter” the probablistic model of the “parrot”.
In reality the “parrot” matched filter has to be “adaptive” from a cohort of continuous “training data” that will include it’s own output at some point.
But also the “generator” realy is not “stochastic” as it is based on the user requirments.
Which brings us to Searl’s Chinese Room issues.
Searl’s argument was “the rules were fixed” however implicitly by the fact that “actor” was human it was also an intelligent agent. Searl however did not preclude the “actor” from “learning the system” and thus being able to apply it’s own rules to modulate the fixed rules to the “actors” advantage…
So… A “parrot” does repeat “spoken phrases” other birds –in corvid family– can “mimic” all sorts of noises including those of mobile phones fake camera shutter noises.
For some reason “we assume” the parrot is “not intelligent”… However “it mimics” and it does not do it randomly. Even the mimicary of the “shutter noises” is not random.
I won’t go through a long list of “from A to B” reasoning, just note that,
1, The parrot learns from it’s environment.
2, The parrots vocalizations are also input into the environment.
3, Which changes the environment.
4, Which changes how the environment responds to the parrot.
You have a closed feed back loop… Which importantly is modulated by the parrot as well as the environment. We call it “training by food treats” or similar where the actions of the parrot involve both risk and reward as the reward can be “good” (food) or “bad” (harm) which is determined by the “environment”.
The same “good/bad” response from the “environment” is one of the dirty little secrets of GPT and friends. That is “behind the curtain” are humans continuously looking at what is being put into the “environment” by GPT etc and applying feed back to limit “travel” in any undesirable direction.
The reason this is necessary is two fold,
1, GPT etc are inherently unstable due to the consequence of feed forward in the design.
2, GPT etc have no inherant limiting and have no ability to “read the environment” to detect “good/bad”.
People in general appear to have not learned the lessons of Microsoft’s Tay.
Nor for that matter the likes of “Social Media” and “echo chambers” that got ignored in the quest of “engagment”.
The reason I would like a spoke to be shoved in GPT and similars wheel is not the “parrot” but the “environment”. That is the “environment” needs to be “regulated” as that is where the harm will originate that the unstable “parrot” will “magnify by design”.
Winter • April 2, 2023 7:29 AM
In reality the “parrot” matched filter has to be “adaptive” from a cohort of continuous “training data” that will include it’s own output at some point.
That is a certain receipt for disaster. The model will either collapse or explode.
1, GPT etc are inherently unstable due to the consequence of feed forward in the design.
Feedforward transformers are inherently stable. That is the whole point of using feedforward networks.
2, GPT etc have no inherant limiting and have no ability to “read the environment” to detect “good/bad”.
LLMs have no real time input, at all. The text is everything.
Nick Levinson • April 2, 2023 10:45 AM
@Winter & @Clive Robinson:
The loop does not have to be part of the AI or LLM software but can be packaged with it so that it is part of larger software that includes AI/LLM and the loop. It’s like AI being packaged with other software that together compose Bing; the user sees the user interface and the end effect but does not have to know how components are knitted together behind the UI.
@Clive Robinson & @Winter:
Animals being intelligent has, I think, been accepted in ethology, but that is an academic discipline that is only a few decades old. The public has for much longer been divided: many pet owners are sure that their animals are intelligent and many other people think those believers are fooling themselves.
Clive Robinson • April 2, 2023 11:12 AM
Re : feed forward instability.
“Feedforward transformers are inherently stable. That is the whole point of using feedforward networks.”
You are using a very limited definition of stability to conclude that. As far as feed-forward and feed-back systems they both have stability issues.
It comes about by the nature of what is being done. Which is to combine multiple signal paths into one signal path by use of a “summing” or “multiplying” citcuit (or their inverses). The multiple signal paths are most often formed by splitting a single signal path into the multiple paths. So that individual characteistics of that signal can be modulated in some way.
This process is so common that there is a single computer instruction in DSP systems called “MAD” which stands for “Multiply and ADd”. There are similar in related circuits where they get called “Multiply and Accumulate” or similar.
These networks of signal paths form a “control network”, that changes the signal into the network into a different signal at the control network output.
These control networks are rarely used on their own that is they are used with atleast one more functional block. Often more such as amplifier blocks or delay networks [Z^-1].
All such functional blocks have practical limitations, which is often why the control network is needed.
In a feed-back network the input of the control network is driven by the output of the functional block and an input signal. The input of the finctional block is driven by the control network. Due to inherent time delays such a system will have a point where the output becomes time shifted, which causes a phase shift which if it totals 360degrees or any multiples there off will cause oscillations to build up and the input of the functional block to become saturated, or the output of the functional block to “hit the end stops” as it crashes into the limit values.
Whilst feed-forward systems don’t usually have the oscilitory stability problem they do have the “crash the limits” stability problem.
This is caused by the fact that sometimes people,
“Try to get four quarts in a pint pot”
And 16 will not go into 1. This happens because each signal path has finite range and inherant noise. To reduce the effect of noise each signal path is designed to run as close to the maximum it can. So when you try to sum four signals of near maximum value, that are all in phase then the output of the control network will be at an end stop as it can not go beyond maximum let alone four times maximum.
The advantage of a feed-forward over a feed-back network is “speed” as delays are in parallel the signal propagates through the system with everything staying “in step”.
For LLMs the number of signal paths are immense thus speed is needed, however quantization noise in each path can cause issues. How this is dealt with is a subject that could fill several books. But suffice it to say “none is perfect”, so the end stops are always within range.
Clive Robinson • April 2, 2023 11:48 AM
Re : Animal inteligence.
“many pet owners are sure that their animals are intelligent and many other people think those believers are fooling themselves.”
My view is that if any “system” can modify it’s behaviour by “choice” then it has “agency”. If it can use the results of past choices to make future choices then it can “learn”. If it can use any learning to it’s advantage then it effectively has “self determination”.
The hard thing to determin by observation is if the system is making choices or not. Call it the “sugar in your coffee test”…
As an observer I see you every morning make a cup of coffee. If there is sugar available then you add two spoons worth.
Thus it can be viewed by the observer as determanistic behaviour by you, rather than action by your choice (due to a sweet tooth).
So the observer waits untill one morning there is no sugar what do you do, not make a coffee? or drink the coffee without sugar? Actually it does not matter as either action could be determanistic or by choice…
And that’s the problem “action by choice” or “agency” can not be determined by an observer.
If I can not determin if there is “action by choice” how can I determine if there is learning let alone “inteligence”?
All I know is,
“I think I have choice”
Therefore I further think it’s reasonable to assume other people have choice. And if they do, then animals almost certainly have choice as well. As for other systems biological or otherwise, showing “determinism” is just as hard…
Winter • April 2, 2023 12:51 PM
You are using a very limited definition of stability to conclude that.
I use a very simple definition. A feedforward network is stable in that it has a finite impulse response (in signal analysis).
In practical terms, feedforward systems will always return to their initial state, the system is stable (memoryless). A system with feedback can change to state that never returns to its initial state. Such a system would be unstable (it has a memory).
That the output of a stable system can “clip” or be undefined given certain inputs does not make the system unstable. Because it will generate “normal” outputs again from the next input.
Winter • April 2, 2023 12:54 PM
The public has for much longer been divided: many pet owners are sure that their animals are intelligent and many other people think those believers are fooling themselves.
That is the same public that thought women and slaves were not intelligent, or “natives” in general. So, I do not asign to much weight to their opinion.
Nick Levinson • April 2, 2023 1:09 PM
@Clive Robinson & @Winter:
Choice was found among slime mold in a scientific study a decade or two ago, but I don’t know a citation to it, if it has been replicated, or if scientific consensus agrees on the conclusion.
A study by Andy Meltzoff published in 1979 (I don’t have a citation) showed that a 42-minute-old baby responded to someone sticking a tongue out by doing the same, thus indicating the baby’s knowledge at 42 min. of a tongue and how to move it and, I think, the possibility that at least one 42-min.-old baby can make a choice.
It’s still possible to argue that determinism, whether the system is biological or not, is still at play, but then the arguer would have to rely on complexity and invisibility of part of the process without ever exposing or analyzing the steps, and that’s likely speculative, thus no better than the argument for nondeterminism.
That’s problematic. Relying on the past to limit the present regarding laity is applicable to scientists, too, many of whom used to harbor the same views, only they polished them with the veneer of scientific authority.
JonKnowsNothing • April 2, 2023 1:39 PM
@Clive, Winter, Nick, All
re: Animals & Choices
Within the spectrum of living creatures the amount of choice varies.
Sea anemones, Mussels and stationary creatures don’t get a lot of choice about where they land. Once landed they are pretty well stuck. They do chose what to eat.
However, if we move to higher order of mammals and birds, there is a lot of choice to be seen if you are observant. There is determinism too.
Horses are born knowing 100% of what a horse is. There isn’t any self-angst about it. They know what they can do and how to do.
What horses do not know, is what People are about or what People want from them. This interaction is a learned one, and for the most part, not a nice one. Horses learn that people are Bad News and will Vote with their hooves to run to the farthest end of the pasture to avoid People.
Horses signal their interactions all the time. Other horses get it. Humans do not. Ears forward and head up; every horse nearby will look the same direction and in the same posture. If you follow their eye gaze line (which is different than human gaze line) you might find in the far far distance something that interests them. They chose how long to watch too. If a horse has BTDT the head goes down and grazing continues. A horse that has not seen this item will watch longer.
As for choice, horses make a lot of choices but unfortunately for them, humans negate nearly 100% of their choice.
Horses signal all the time what they want. Humans rarely pay any attention.
Winter • April 2, 2023 2:59 PM
Choice was found among slime mold in a scientific study a decade or two ago, but I don’t know a citation to it, if it has been replicated, or if scientific consensus agrees on the conclusion.
Btw, slime molds are collectives of single cell organisms, not “individuals”.
But a few links:
Collective behaviour and swarm intelligence in slime moulds
Here, we argue that slime moulds are powerful model systems for solving several outstanding questions in collective behaviour. In particular, slime mould may hold the key to linking individual-level mechanisms to colony-level behaviours. Using well-established principles of collective animal behaviour as a framework, we discuss the extent to which slime mould collectives are comparable to animal groups, and we highlight some potentially fruitful areas for future research.
SpaceLifeForm • April 2, 2023 7:44 PM
Re: Twitter implosion
This is artwork. Summary in a simple graphic.
lurker • April 2, 2023 7:56 PM
The slide continues:
NYT refuses to pay BluTikTax. EM says “their propaganda isn’t even interesting”
lurker • April 2, 2023 8:22 PM
Over the three years 2020-22 the excess death rate in NZ is claimed to be negative. To get the real numbers will require digging in the Min of Health stats. The man responsible (now Sir) Ashley Bloomfield also says “…[in the future] lockdowns may have a place.”
Death rate remains at 0.9 / million population / day, still 6 times road traffic accident rate.
EvilKiru • April 2, 2023 8:28 PM
Regarding stochastic text generation, I found this half hour video essay by Adam Conover to be worth watching.
Winter • April 3, 2023 1:06 AM
Over the three years 2020-22 the excess death rate in NZ is claimed to be negative.
There were no flu seasons in 2021, 2022. Lockdowns do work.
Clive Robinson • April 3, 2023 2:35 AM
@ Winter, Nick Levinson, ALL,
Re : Stability of GPT etc.
“I use a very simple definition. A feedforward network is stable in that it has a finite impulse response (in signal analysis).”
All that actually says is that the signal paths in the control network do not change, therefor the response in time is predictable.
It does not show what you say next,
“In practical terms, feedforward systems will always return to their initial state, the system is stable (memoryless). A system with feedback can change to state that never returns to its initial state. Such a system would be unstable (it has a memory).”
Unfortunately for your argument, unlike what you say the control network does have “memory”. Because if it did not it could not have a frequency response.
What it actually indicates is that the span of the memory effect in the control network is “finite” not “infinite”. That is “a finite impulse response” is curtailed in a given time period. So it is predictably ephemeral that is “the memory forgets over a known time period”.
Thus you have to distinguish between what happens inside that time and outside that time period.
Why do I appear to be spliting hairs?
Because it is actually relevant to the behaviour of GPT etc.
As I indicated a couple of days back these GPT etc “Stochastic Parrots” are not a new idea. They are just fancy versions of pass word/phrase generators, which whilst they did have a flat distribution from the random generator at the control network input, did not have a flat distribution of output. That is the output was “shaped to human language characteristics”.
That is the password/passphrase output pass-string actual distribution came about through a probability model. One that was designed to make it easier for humans to remember. The model was encoded in the control-network.
Hence back in the 1970’s the NSA amoungst others designed and refined a system that generated pronouncable thus “human memorable” nonsense words.
To do this, the equivalent of memory in the control network was required such that there was a relationship between the individual characters in each password generated.
The XKCD system uses only one “urn to pick from” which is it’s dictionary of say 1024 words. The selection of each word is independent of the words before or after. So “the selection process is memoryless” thus as a generator without a control network, it has,
“A 10bit entropy on each word selection, but unknown entropy on the individual word “content” entropy, or selected word position entropy”.
The “word content” entropy is defined solely by “the words in the dictionary” and each word can be from “A” to “Zebera” passing through “Discombobulation” and “xylophone” on the way. Thus each word nomatter what it’s individual entropy is has only a 1:1024 probability of being selected at any one “drawing of a ball from the urn”. However as an output pass-string taken on a character by character basis the entropy will very widely from string to string.
Which is important because humans will take the probably unmemorable pass-string of six words and either reject or change them for something more memorable. Thus the actual pass-string “used” will have a different much lower lower entropy than the XKCD system generates.
This happens because the human becomes part of the control network and does the equivalent of “adds mememory”.
Thus the next step up is that the control network with “additional memory” can add further rules such that the word list, becomes a “human memorable nonsense sentence”.
As you increase the size of the output you need more memory in the control network.
Thus ChatGPT and friends are far from memoryless in their control network.
Which means for each individual output-string, the required memory has to cover the range over which you want the probabilities of that string to cover.
Which means that during each output string generation the generation system is not inherantly stable.
If you like, you could think of it as an oscilitory responce to an input impulse, that decays exponentially due to loss. A physical model would be a “damped resonator” like a gong, bell, or weighted spring. Because their control properties are “simple and fixed” they resonate at a fixed frequency and decay at a fixed rate.
Now consider a physical jointed pendulum it appears “simple and stable” only at very low energy input. As the input energy rises it’s behaviour becomes chaotic.
Now consider a weight on a chain of springs even though each single spring can be modeled the pivot point on each end of each spring makes it not amenable to analysis except in the broadest of brush strokes just like a jointed pendulum with randomly changing lengths. The behaviour of the chain will certainly be percieved as “eratic”, “chaotic”, “unpredictable” and “unstable” untill the damping has sufficiently removed the energy such that all the springs and pivots fall inside some combined stability criteria.
ResearcherZero • April 3, 2023 5:58 AM
A formerly secret document from 1956 unearthed in Austria’s state archives reveals an “urgent suspicion” that Hans Marsalek was a Russian spy. The document claimed there was evidence that he had been involved in a Soviet plot to kidnap four people to take them back to Moscow. There they would be interrogated, tortured, and imprisoned. One was a US agent.
Prosecutors allege Marsalek is a key figure in the plot and was running a “shadow operation” that siphoned money out of Wirecard. The company’s former CEO, Markus Braun, is currently on trial, along with others, on charges that include “gang-related fraud.”
Although Austrians generally aren’t allowed dual citizenship, Marsalek held at least eight passports, including diplomatic cover from the tiny Caribbean nation of Grenada. His departure from Bad Vöslau is the last instance in which he is known to have used his real name.
The 49-year-old manager said Mr Braun was a dominant and interventionist boss who insisted he and others forge documents and make retrospective changes to accounts to suit the chief executive’s wishes. By the end, Mr Bellenhaus told the Munich court that Wirecard had grown into a “cancerous tumour … a system of organised fraud”.
“I would keep a hammer under the bed…I was just operating in this sense of deep paranoia.”
This story is outside the FT’s paywall (you do not need a subscription to access it) so it can be shared freely.
“…Mr Marsalek turned up on Wirecard business in London with a highly unusual dossier, which he disclosed to traders and speculators, in an apparent attempt to compromise or impress them. Wirecard at the time — and Mr Marsalek in particular — were desperate to fend off and, if possible, neutralise those short-selling the company’s stock.”
“In Mr Marsalek’s possession were four highly sensitive, classified reports, from the Organisation for the Prohibition of Chemical Weapons, containing detailed analysis of the Russian plot in the sedate English cathedral city of Salisbury in March 2018, in which one of the world’s deadliest nerve agents had been used in a botched assassination attempt against a GRU defector, Sergei Skripal. The sensitive files contained the precise formula for novichok — a poison developed by Soviet scientists in the cold war.”
“The 40-year-old Austrian has led multiple lives, with complicated and overlapping commercial and political interests. Sometimes those interests cleaved to Wirecard’s aggressive expansion plans in frontier markets. Sometimes they coincided with Mr Marsalek’s own sprawling and unusual range of personal investments. And sometimes they seemed to fit neatly with the work of Russia’s intelligence agencies.”
An Israeli private detective has pleaded guilty to involvement in a hacker-for-hire scheme that targeted journalists and critics of disgraced German payments company Wirecard.
Federal prosecutors said Azari, who has been detained in New York since 2019, organised a series of hacking missions on behalf of unnamed third parties against American companies based in the city from 2014 to 2019.
The messages were often camouflaged as innocuous communications from clients, colleagues, friends or family. They were aimed at giving the hackers access to targets’ inboxes and, ultimately, private or attorney-client privileged information.
ResearcherZero • April 3, 2023 6:27 AM
The bill already has the support needed for it to pass the House and later the Senate.
“The current absence of any duty to consult, means that Australian parliaments may pass laws that target Indigenous communities and may do so without seeking or hearing Indigenous views on those laws. This extends to laws criminalising conduct in Indigenous communities that would be entirely lawful anywhere else in Australia.”
“The measures introduced through the Intervention were exempted through legislation from racial discrimination and anti-discrimination legislation, while at the same time also being deemed to be a ‘special measure’. This problematically includes those elements of the intervention that have negatively impacted on Indigenous people’s rights, and measures that were introduced without proper consultation or consent of the Indigenous communities.”
“Introducing measures that undermine the rule of law and that do not guarantee Aboriginal citizens equal treatment to other Australians has undermined the credibility of the measures, and ultimately, threatens the sustainability and long term impact of the measures.”
A chance to change the Constitution to enable First Nations people to be heard in matters that affect them.
Clive Robinson • April 3, 2023 7:01 AM
@ JonKnowsNothing, Nick Levinson, Winter, All,
Re : Animals Choices
“Within the spectrum of living creatures the amount of choice varies.”
Yes, it does, but for an observer “showing choice” as opposed to “showing determinism” is always going to be a problem of significant dificulty, if not impossibility even with very simple organisms.
Simple “correlation” between stimulus and response is at best unreliable due to unobservable “meta-stability” issues in a normally functioning organism.
Such problems do come up in science though they tend to not get published.
One scientist went on the record as saying that she had run a series of experiments to disprove an asspect of “alternative medicine”. Having run her tests off and on over a period of time her results showed no better than “noise” (as expected). Then over one period her results showed the opposit… She went through testing the equipment etc and found no fault. As she noted “Sometimes probability does come up all sixes”.
But in testing of many things, and organisms in particular there is a disturbing trend actually happening that is causing puzzlement if not consternation. There are many well known and well relied upon papers in psychology and similar. Where experiments that have been not just published, but subject to scrutiny and apparently repeatedly verified nolonger hold…
It’s called “Replication failures in psychology” and a quick Google will show it kicked off back in 2010
If this was to happen to just a very few papers nobody would realy care. But the number it is happening to is apparently rising with time. The problem is nobody has what appears to be a sensible idea as to why this might be, or even how to come up with a test that might give further insight to the issue.
One argument of that form that got raised when discussing it, is that observationally,
It appears that the test subjects with time get to hear about the experimental test from those who have knowledge of it in some way, and with this propagates out like a pathogen spreading from host to host.
Obviously nobody belives it to be the actual case but it does loosely describe the observations (so much for Conan Doyle’s character Holmes reasoning).
As many engineers can confirm,
“There is a zone twix signal and noise where chaos can be seen.”
Sometimes it’s real and sometimes it’s not. So knowing what to test for and importantly how is essential in many fields of endevor.
 Consider it the “biological halting problem” even if you know all the states an “organism” can be in, you “can not know” the current “functioning” state or know when a state “transition” has happend. At best just one of several indicators may eventually become apparent via the organims behaviour. But if a further transition or chain/cascade of them has happened then you’ve likely lost correlation between state transitions and behavioural indicators.
 Replication failures in psychology is fun to follow as it’s a,kind of a “Tester tests the testers” activity a quick overview can be read at,
 In his short story “The Sign of Four” Conan Doyle has Holmes explain,
“When you have eliminated the impossible, whatever remains, however improbable, must be the truth.”
Did not alow for what we now know that somethings are simply beyond reasoning by logic.
 I’ve mentioned this a few times before but sometimes “random” is anything but. The example I use is two squarewave oscillators driving the clock CLK and data D inputs and observing the Q output. When the Q output is looked at on an oscilloscope or similar “close in” it looks quite random. However dial the timebase out so the individual transitions can not be easily seen and you notice they “group” into regular periodic bunches. Stick the Q output through an appropriate “leaky integrator” and you get a near perfect sinewave at the difference frequency between the oscillators.
ResearcherZero • April 3, 2023 2:45 PM
“This type of attack is likely to remain undetected by traditional antivirus software that is looking for malware inside of an archive (which is often also password-protected) rather than the behavior from an SFX archive decompressor stub.”
ResearcherZero • April 3, 2023 2:48 PM
“The survey, of 1,061 British adults found that lack of transparency about the evidence behind policies is not just of concern to financial markets and political commentators: 61% of the public think it is important the government shows all the evidence used to make important policy decisions vs just 16% who think it is not.”
vas pup • April 3, 2023 5:40 PM
The Dangers of Intuition
“Repeating successful behaviors, following familiar paths, or searching for simple patterns are all cognitive shortcuts that might breed disaster.
“Intuition” is just a catch-all name for !!!!a series of associations that your brain executes (often automatically and unconsciously) in order to save cognitive resources.
And they are not particularly sophisticated associations.
=>Most of the time, what “feels right,” what makes you think that you are “following your gut,” comes down to a handful of very simple strategies, for example, reinforced or repeated behavior that worked more or less well in the past (see this previous post
about reinforcement as intuition and why it is broken). Others !!! include going with the familiar instead of the unfamiliar, imitating people who look successful, or simply trying to fit a pattern.
Familiarity, reinforcement, or imitation will work well if we face exactly the same decision again and again, but they can be dangerous if we apply them in the wrong situation.
Another problem with intuition is the lure of stability, which makes us ignore rare events. But to threaten your life or your livelihood, a major event needs only happen once. The argument that “it has never happened before” is going to be a poor
…!!!!many examples of successful intuitive behavior are just due to expertise. If you are a highly-trained professional, say, an expert on detecting forgeries in classical art, !!!=>your brain has been exposed to a lot of relevant information and has internalized a series of subtle associations to the point that they are not even conscious anymore.
The result might be described as “intuition,” but it is really expertise.
But if you are not an expert in a field, your intuition is untrained and will serve you poorly there. So, should you trust your gut? Only if you are an expert, or if the decision is not particularly important. In any other cases, !!!stop, think, and gather data.”
Clive Robinson • April 3, 2023 7:44 PM
@ vas pup, ALL,
Re : Where is Intuition.
Missing from the Psychology Today article you link to is an important fact.
Intuition as described happens in different parts of the nervous system.
Whilst efficiency might play a part, more important is speed of response.
As you know there is the “monkey” or “reptile” brain at the top of the spinal column. It gives the “muscle memory” effect that gives the efficiency of repetative actions like riding a push bike. But more importantly it gives speed from subconcious pattern recognition to implement “flight” when a hunting creature is recognised. It’s how you can “find yourself up a tree before you know it” or because the concious limiters are bypassed enable you to do incredible physical things such as tear a car door open as part of “fight”.
You might end up in significant pain either way, but importantly you are alive not dinner. So have the chance to heal and go on to have children etc.
Thus fight / flight intuition is not reasoned, as there is no time for it.
However when that intuition has got you over the starting inertia the higher levels of the brain have to reason such that you can use unique features in the environment / suroundings when there is not a tree to scoot up.
It is not untill the end of the article that the author indirectly mentions this eith “experts”. The thing is what he describes is yet another speed up system similar to that which the lizard brain does only with more abstract than physical patterns.
But yes finally at “the top of the stack” you have no speed up mechanism because the pattern is new.
Most can remember the issues of coordination when learning to drive a manual rather than automatic car.
However as the patterns become recognised they get controlled from “further down the stack” increasing both speed and efficiency, thus freeing up the concious mind to take more distant patterns into account.
As I’ve pointed out in the past,
“There are no accidents, only insufficient knowledge or time to process it.”
The human nervous system is rather elegant in how it uses pattern recognition and automated response at multiple levels.
Yes relying on the lower levels will be dangerous in new situations, especially in modern environments, where the harms are less than a century or so old. But in over 10,000 years preceading thay, just standong still and taking the time to think will have caused you to be dinner, to some large preditor.
As the line from the film has it,
“That’s Evolution baby.”
It’s a situation that is not going to get better any time soon as our pace of environment change through industrialization is still “speeding up”. If we could go back several thousand years, mankind would be physically and in many ways mentally our equalls, only way better tuned to their environment. Look at the kids of today glued to their mobile phone screen oblivious to all as they walk in an environment that is actually way more dangerous, especially with virtually silent high power electrical vehicals on “auto-pilot”. You can, if you stop somewhere safe to do so, think about it rationally and realise technology has shoved a very large spoke in the path of human evolution…
ResearcherZero • April 4, 2023 3:02 AM
Cracking devices with Cellebrite, metadata and relationship-status
Services Australia is using telecommunications metadata and password-bypassing software to investigate welfare recipients suspected of claiming single payments while in relationships.
Although their devices were passcode-protected, “they [Services Australia] went through all our WhatsApp and Facebook messages. And they actually talked, during their investigation, about what was said in them,” “It just made me feel like I was a nobody, and I had no rights.”
Criteria listed on Services Australia’s website for “how we assess if you’re a couple” includes: “financial aspects of your relationship, the nature of your household, social aspects of your relationship, [and] if you have a sexual relationship.”
According to the FoI, Services Australia requested AGD declare it an ‘enforcement agency’ under Section 176A of the Telecommunications (Interception and Access) Act (TIA)
4.5% of an $1.8 million total first funding round — went to purchase products from Cellebrite and GrayKey, which unlock Android and Apple/iOS products, respectively, and Nighthawk and Magnet Forensics, which assembles extracted data into a readable format and “puts it all together in a pattern.”
Law enforcement use these tools to investigate not only cases involving major harm, but also for graffiti, shoplifting, marijuana possession, prostitution, vandalism, car crashes, parole violations, petty theft, public intoxication, and the full gamut of drug-related offenses.
Devices from previous versions of Cellebrite for extraction are being offered on the Internet without major setbacks.
Their customer list has included authoritarian regimes in Belarus, Russia, Venezuela, and China; death squads in Bangladesh; military juntas in Myanmar; and those seeking to abuse and oppress in Turkey, UAE, and elsewhere.
The installer for Physical Analyzer contains two bundled MSI installer packages named AppleApplicationsSupport64.msi and AppleMobileDeviceSupport6464.msi, digitally signed by Apple and appear to have been extracted from the Windows installer for iTunes version 188.8.131.52.
They got me on video in this public toilet sucking my thumb.
Clive Robinson • April 4, 2023 4:02 AM
Auz technical commentator “Dave” of EEVblog has had a little play with AI creating images.
It’s actually quite fun to watch as well as hitting some serious points at the end.
Nick Levinson • April 4, 2023 9:24 AM
@Clive Robinson, @JonKnowsNothing, & @Winter:
Failure to replicate also occurs (I’m not sure if this will affect your argument) because precision greater than the original paper specified is required, perhaps much greater and perhaps beyond what current instrumentation and skill can establish, resulting in the original result being presumably valid (if it passed peer review) but replication usually failing. This has been a rising trend.
In the 1960s and once later that I’ve come across, two experiments in life creation succeeded but weren’t replicated. I think in each a terrarium contained a model of Earth’s environment as it likely existed when life began on Earth and then lightning was introduced. An old environment from a planet 25,000 or so miles around the circumference is hard to replicate in any hummanly-built terrarium, probably less than a mile in any direction.
That a test subject would hear whether he was in the experimental group or the control group was said of AIDS treatment testing and it was said that a subject whose health was deteriorating would hear it from a nurse. I think that phenomenon, occurring multiple times, led to a requirement to take people out of a test when their health had deteriorated enough to establish their scientific contribution without waiting all the way until they had died for the sake of science.
Winter • April 4, 2023 11:11 AM
Failure to replicate also occurs
It even has a Wikipedia page
EvilKiru • April 4, 2023 4:35 PM
lurker • April 4, 2023 5:39 PM
Turnitin is software currently used in the education sector to detect plagiarism and similar cheating. The latest update is claimed to be 98% accurate at spotting AI generated work. It is also claimed that this advantage will only last until students learn how to use AI to avoid tools like Turnitin. Assessment methods should be changed, eg. to a method where AI cannot help; or allow the use of AI for a draft answer, then use AI to critique this draft.
JonKnowsNothing • April 4, 2023 7:08 PM
re: Summer of COVID Waves forming
While useful C19 information has dried up, unlike the overflowing lakes, reservoirs and farmlands in California, there are still a few C19 dots slipping the leash.
From some of the dots we can expect that Post Easter Sunday, and Post End of School Year and Post End of University Terms and the Advent of Summer Travel, Fun in the Sun and Clogged Travel portals, that C19 will be an Added-Value to the Warmer Weather.
In California, there is no testing, no masks, no vax, no restrictions if you are sick, for those planning on making the summer rounds of the fun parks here.
Check your cancellation policy very carefully; a number of Aussi Airlines have not refunded previous C19-ticket cancellations and have enacted sunset clauses to pocket the owed amounts.
Clive Robinson • April 4, 2023 9:19 PM
Re : Plagiarism and honour codes.
“Turnitin is software currently used in the education sector to detect plagiarism and similar cheating.”
But what do you do when the real “industry best practice” is to commit plagiarism for profit, and a University lecturer decides to have an industry behaviour realistic course assesment worth more than 60% of the course marks?
Which do you go with,
1, Industry best practice plagiarism
2, University honour code
It’s something my son has raised a formal objection to on his university course.
He like some others went with the honour code, and they got 25% or less, others who went with “cut-n-paste” plagiarism got over 75%. Two clear and distinct groups in the marking results…
Put simply it was a “software” module to write non trivial C code for a microcontroler, wire up the microcontroler board into IO and write documentation in the code all in an hour and a half.
The computers they used were connected to the University network where the students own earlier work and “home drives” plus access to “example code” was available. Also to the Internet.
Apparently the lecturer had verbally told some of the students in a tutorial that they should “pre-write” code specifically for the assesment…
“Assessment methods should be changed, eg. to a method where AI cannot help”
Is already an issue and it’s not just AI that is the problem, “industry best practice plagiarism” is as well.
Clive Robinson • April 4, 2023 9:35 PM
@ JonKnowsNothing, ALL,
Re : C19 dumping.
“a number of Aussi Airlines have not refunded previous C19-ticket cancellations and have enacted sunset clauses to pocket the owed amounts.”
From what I’ve been told by Aussi friends who are in the UK, it’s not just the Airlines.
As you may remember a lot of Aussi citizens were kept out of Australia by Federal Government policy…
As a result some were not payed, lost their employment, and had to find their own way to survive abroad, effectively “scrounging for help”. Apparently they are also being chased by “authorities” for payments etc…
I’m not sure of all that is going on, as it’s not making the MSM news as much as it should, but it appears that for some “going bankrupt” is their only sensible option…
Clive Robinson • April 4, 2023 10:33 PM
@ Bruce, and the usual suspects,
An informative paper by Samuel R. Bowman of New York Uni, titled,
“Eight things to know about Large Language Models”
Makes interesting reading about LLM’s.
MarkH • April 5, 2023 1:38 AM
A law professor makes the case for banning cryptocurrency:
It’ll go behind a paywall soon, so read now if interested. Excerpts:
Blockchain-based finance is complex, automated, highly interconnected, and offers vast opportunities for creating leverage, because there is a virtually unlimited supply of assets to borrow against. These are the kind of fragilities that led to the last financial crisis
Some have expressed concerns about the United States losing its edge as a global leader in cryptocurrency innovation, but it is undesirable to be a leader in an innovation this harmful.
Clive Robinson • April 5, 2023 5:14 AM
@ MarkH, ALL,
Re : Regulating Crypto coins
The article author notes,
“If the United States cracks down, it is possible that cryptocurrency may migrate elsewhere.”
Would that be a bad thing? I suspect not. Because although the author immediately notes,
“However, because the global cryptocurrency industry relies heavily on funding from U.S. venture capital firms, it remains an open question whether the industry could survive without that funding.”
She has faild to raise an important point of,
“Why are US Venture Capitalists so avidly funding the Cryptocurrency industry?”
When she has previously correctly noted,
“The result is that fraudsters have rushed into cryptocurrency, exploiting the complexity and hype to dupe the unwary.”
“Despite the industry’s claims, most of those who invested in cryptocurrency have lost money.”
The reality is but for the lucky few all those using cryptocurrency have lost money “as designed”. That is when you seperate out the parts you can see how the short cons and long cons move the money to the exchanges, mills, and miners, away from the “investors” or more correctly “speculators”, who are being “fleeced”.
So if it’s “so obvious” to many the question of,
“Why are US Venture Capitalists so avidly funding the Cryptocurrency industry?”
Would appear puzzling.
The answer is actually a little more subtle, and actually shows they are in on the con game.
The important thing to note, is they are not “investing in cryptocurrency” they do not touch it thus avoid any of the existing legislatory liability. What they are doing is making companies/corps around the “cryptocurrency industry”, which they build up on the hype and then self off, which although it is a con of another form is currently perfectly legal thus does not carry liability.
In a way it is just another way to “repackage bad debt as a safe investment” which is what caused the so harmfull Finacial Crisis the author mentioned,
“Blockchain-based finance is complex, automated, highly interconnected, and offers vast opportunities for creating leverage, because there is a virtually unlimited supply of assets to borrow against. These are the kind of fragilities that led to the last financial crisis, in 2008.“
Anyone who buys shares in these “companies/corps” the “US Venture Capitalists” are creating will loose their money unless they “hot potato” them, because nearly all those “companies/corps” are actually acting illegally and will cease to have value when the authorities take action.
A piece of old “investor advice” is
“Don’t invest in the primaries, but the secondaries.”
So when chip manufacture was bubling up, investing in the fab companies was “investing in the primaries” and did not bring the same growth as investing in the chemical companies that supplied the “chip encapsulation” companies with the plastics that turned the chips into “packaged integrated circuits”.
It’s probably to late now, but if you want to “ride on cryptocurrency” as an investment, investing in the manufacturers of the “mining rig” silicon would have been the more sensible way to go.
In essence this is what the “US Venture Capitalists” are trying to appear to be doing to avoid being sanctioned. Because they are actually creating faux/fake secondaries and “Pump and Dumping” them.
The thing is every where I take a serious look at what the author calls the “US Cryptocurrency markets” I find illegal, unlawfull, or highly questionable behaviour, that has just one intent, to take money away from “cryptocurrency investors” as quickly as possible.
What the author does not, but perhaps should have said of those investor / speculators she described as,
“most of those who invested in cryptocurrency have lost money”
Is, perhaps the oldest reason financial markets especially the faux/fake ones like cryptocurrency exist in the first place,
“A fool and their money are soon parted…”
Clive Robinson • April 5, 2023 5:43 AM
@ JonKnowsNothing, MarkH, ALL,
“It appears that as a support to UKR, the EU removed the normal tariffs on UKR grain, in theory helping UKR finance their end of munitions purchases, but it had a knock on effect of making the UKR grain cheaper than the home grown grain.”
Yup, it followed my “old friend” better known as “the law of unexpected consequences”.
In this case will be the issue, of if UKR grain is “cheaper”,
1, Why is it not being purchased.
2, What happens to those who’s grain by regulation is now more expensive.
3, Who picks up the butchers bill for this mess.
Oh something not mentioned in your curious tale is that with a little bit of work, some types of “coal fired” power plants can be converted to run on “bio-mass” such as rice and wheat husks that are normally “waste product”. The simple fact is the “whole grains” make a better bio-mass… So they may get toasted without ever becoming bread…
Winter • April 5, 2023 7:13 AM
These are the kind of fragilities that led to the last financial crisis
There are a few subtleties in the argument:
Blockchain-based finance is complex, automated, highly interconnected, and offers vast opportunities for creating leverage, because there is a virtually unlimited supply of assets to borrow against. These are the kind of fragilities that led to the last financial crisis
The history of the financial industry is one of “fragilities”. Cryptocurrencies are not one bit more fragile than the banking industry before and after John Law’s Mississippi Company. Banks are wont to produce a “virtually unlimited supply of assets to borrow against” as the Mississippi and South Sea Companies showed already 3 centuries ago.
This diatribe against cryptocurrencies is attacking the technology instead of the failing regulation of the US federal authorities.
Most countries outside of the USA are already working on a central bank digital currency (CBDC) which will be used to give the populace a way to store money legally outside of fractional-reserve banking. Something that does not exist at the moment . CBDCs will have a fixed exchange rate and no speculation (they already exist as stablecoins, eg, USD). And, predictably, commercial banks are doing everything to prevent it, mostly by feigning cooperation but doing everything behind our backs to discredit the plans.
But a CBDC would be a government backed, risk-free replacement for cash (at least, with a much, much lower risk than cash).
Given the way the US is more or less run by the banks , it is no surprise that the US government is cracking down on it.
 The only legal way to store money is to either put it under your mattress or buy something with it. There is no way to store it in a bank that does not has to take risks, even not for money. An exception might be precious metals in an account. But that is only useful for the very rich. You and I cannot have account to deposit and withdraw money in a bank that does NOT do fractional-reserve banking, even if we want to pay for the privilege.
 Remember how many bankers were jailed for fraud and embezzlement during the 2008 crisis.
JonKnowsNothing • April 5, 2023 10:28 AM
@Clive, MarkH, Winter, All
re: clearing mines and ordinance
Mines and unexploded ordinance are common leftovers of conflicts and are often some of the most damaging aspects after active shooting stops. Countries take years to clear the mines. Children find the land surface mines. The human suffering is great and a fair few celebrities worked with de-mining agencies to fund “safer clean up”.
Finding them and deactivating them are 2 different problems. However, you have to find them first.
(MSM) There is a company developing Drone Swarms using sensors to detect different types of mines. The idea is that they will run multiple swarm passes over a area, each pass mapping hits. Sort of a mass Metal Detector flyover. Their current test target is UKR, which has a lot of unexploded and mine ordinance.
From the MSM article:
Farmers are not going to wait 50 years. People cannot wait 50 years. People will risk triggering the mines and bombs. There is a global need for prosthetics and crutches.
htt ps://www.theregister.c om/2023/04/05/ukraine_mines_drone_draganfly/
Drones aim to undo Ukraine’s Russian landmine problem
Draganfly [drone mfg] aims to help clear Ukraine’s deadly harvest
Clive Robinson • April 5, 2023 2:40 PM
@ JonKnowsNothing, MarkH, Winter, All
Re: Clearance of mines, ordinance, booby traps etc.
“Finding them and deactivating them are 2 different problems.”
And finding is different for each and every type.
“Unexploded Ordinance”(UXO) is often in a heavy metal case with explosives inside such as artillery shells and air drop bombs.
The casing makes these relatively easy to find, if they did not “slow-up” in soft ground and go more than two or three feet down. However some new “Fuel Air Explosives”(FAE, FAX) don’t have heavy metal casing or any metal casing at all. That is they are a container of a fuel with two explosive charges. The first being to disperse the fuel into the air, the second a very short time later to ignite the fuel/air mixture.
The problem is a small percentage of shells and UXO will go six or more feet down as designed, but then not detonate. Which in a war could be hundreds if not thousands of shells or bombs that either just stay there rotting away poisoning the soil or slowly move to the surface over many decades or untill discovered under buildings that get built over them. Which can happen in cities and “urban build up”. Some also appear as rivers “move” by washing banks away, or turn up on beaches, both where children play.
Mines on the other hand are mostly “shallow buried” but, designed not to be detected even though international treaty says they should have a mine detecting clip added. Most mines are designed to be used for “area denial” not destruction of property like shells and bombs. So they are out in fields and other open spaces and designed to be shallow buried, hard to find and difficult to remove safely thus are often “detonated in place” with a small amount of plastic explosive. However the more modern way is to use a little “dragon” fire or similar even very high preasure water jets that can easily cut metal.
Another way to clear mines was the out development of one of the “funnies” during WWII. Sometimes called a “mine-flail” or “thresher”, in essence it is a heavily armoured vehicle that has a pair of arms at the front with a rotating drum with heavy chains or cables attached to it. It effectively “beats a path” through an area thus detonating or destroying any mines near the surface. They are inefficient for clearing “farm land” but can clear “safe paths” fairly quickly.
Other types of “anti-personnel” device sometimes called “shinies” or “booby traps” that are surface or just above mounted devices set of mechanically by a wire or similar not all are explosive, and some contain no metal parts, being made from “local organics” like living plants etc. So can not be detected by most types of technology devices only the very experienced “Mk 1 eye ball” or now some trained creatures.
The peace time statistics of death to mines and “Unexploded Ordinance”(UXO) is around 22/day world wide say one an hour. Injury that is life impairing is around 70/day and in both cases it’s over a quater of casualties are children “playing”. This has a significantly disproportionate effect on rural communities where children are the investment in the future not just locally but for food production to feed entire nations.
It’s clear from the little that is already known that Russian troops are puting in near undetectable mines to “salt the fields” of the Ukraine, for exactly this purpose of long term “vengeance”.
 I was effected by this “annoyance” back in 2019,
Which could have been there for eighty years (they did not say the actual year it was dropped). The problem is these days they tend to over multiply the “effect radius” thus hundreds if not thousands of people get effected. Which if you are a Uni student studying for exams that are only a week or two away.
 The old way of dealing with mines and small UXO was to put a small amount of high explosives on them and “disrupt the firing chain”. However you risk “sympathetic detonation” if the main charge in the devices has become “unstable”.
Thus a more modern aproach is to use a “low entropy hump” solution of an intense flame that burns through the device or causes the case to split. This is generally a lot lot safer,
Importantly though, not only are the Dragons easy to make with locally resourced materials, they are not a solution that can be “repurposed” back into weapons. That is it is not unknown for the stores of explosives ment for mine clearence to be attacked/robbed by what we now call terrorists etc.
 This has a picture and marketing description of a small mine-flail,
Clive Robinson • April 5, 2023 2:59 PM
@ Winter, MarkH, ALL,
Re : Cryptocurrency cons,
“There are a few subtleties in the argument”
In any usefull system two rules always apply,
1, There is always “A devil in the details”.
2, The law of unexpected concequences.
However my point was about the “US Venture Capitalists” who are very clearly running a “pump and dump” share scam con game.
Showing that in fact legislating them out would be highly desirable.
That said, however where ever you look at the cryptocurrency idea, you can always find a much less harmful way to implement it.
So I realy do not expect “blockchain” or “proof of work” to actually figure in future “Central Bank Digital Currency”(CBDC) sustems. Because not only are they both too expensive and too slow, they have all sorts of other problematic issues to do not just with dispute resolution but privacy and other sociological non technical issues.
lurker • April 5, 2023 3:01 PM
From the Dept. of Oh Noes,
Bodleian to archive Tweets (& FB)
They have a duty as librarians to archive anything and everything they want, but copyright was in the way …
Winter • April 5, 2023 3:40 PM
So I realy do not expect “blockchain” or “proof of work” to actually figure in future “Central Bank Digital Currency”(CBDC) sustems.
Blockchains and proof of work are orthogonal. Proof of work is just one possible consensus mechanism. For instance, Ethereum is switching to proof of stake.
Blockchains have the advantage that they are entirely transparant and that cooking the books is very difficult and even more difficult to hide. The transparency is also a disadvantage as no company wants to show what prices they pay and ask. But the transparency can be coupled to privacy in several ways. Blockchains are ideal for international transfers at low costs.
The idea that the checking of the transactions (mining) should be open to anyone is not necessary. That can be delegated to various selected validators.
I do expect blockchains to be used by cbdc, but not the way bitcoin does it.
ResearcherZero • April 5, 2023 9:22 PM
“Siri, please deep-fry my power adapters/door openers/home alarms.”
“Using a universal password for all devices presents a significant vulnerability, as unauthorized users can access the entire ecosystem by obtaining the shared password.”
In a NUIT-2 attack, the attacker exploits the speaker on one device to attack the microphone and associated voice assistant of a second device.
The Tasmanian government, which relies on GoAnywhere as a third-party file transfer service, has discovered sensitive financial data including names, addresses, invoices and bank account numbers may have been accessed in a developing cyber security breach. The criminal group also uploaded a selection of sample data which includes alleged Rio Tinto payroll information, employee overpayment summaries, child support materials, and part of a spreadsheet ominously labelled “All_Firewalls”.
ResearcherZero • April 6, 2023 12:13 AM
“This is like a damn Hollywood hack, click on one button and you are in.”
Piano music played as a narrator explained, in Mandarin with English subtitles, that the cameras were there “to identify all visitors to ensure the safety of all.” The video cut to a shot of a computer screen, and Honovich hit pause. He saw a zoomed-in view of one visitor’s face. Below it was data that the camera’s AI had inferred. Honovich downloaded the video and took screenshots of the computer screen, for safekeeping.
Later, with the help of a translator, he scrutinized every bit of text on that screen. One set of characters, the translator explained, suggested each visitor was automatically sorted into categories: age, sex, wearing glasses, smiling. When Honovich pointed at the fifth category and asked, “What’s this?” the translator replied, “minority.” Honovich pressed: “Are you sure?” The translator confirmed there was no other way to read it.
A recent search for Hikvision’s cameras, using Shodan, a tool that locates internet-connected devices, yielded nearly 5 million results, including more than 750,000 devices in the United States. Offering huge discounts to American redistributors, Hikvision has supplied cameras to Peterson Air Force Base, in Colorado, as well as the U.S. embassies in Kyiv, Ukraine, and Kabul, Afghanistan. More than 90 companies relabeled the cameras with their own brands, according to IPVM.
At least a hundred U.S. counties, towns and cities have bought surveillance equipment made by Hikvision and Dahua.
Hikvision, Dahua – blacklisted
“Notice to Fully Carry Out the Construction of Three-Dimensional Portraits, Voice Pattern, and DNA Fingerprint Biometrics Collection System”
“The CCP has adopted a strategy of ‘Military-Civilian Fusion’ to achieve its national objectives, enlisting Chinese corporations and universities to harness emerging civilian technologies for military purposes.”
“recording provides a rare glimpse into what former U.S. elected officials say behind closed doors when they choose to lobby for foreign entities after leaving office”
Former congressman Anthony Moffett, from Mercury Public Affairs, lobbies for Hikvision’s U.S. subsidiary on issues related to the National Defense Authorization Act and engage with members of the State, Treasury and Commerce departments. Anthony Moffett is a former member of congress.
Former senator David Vitter joined Moffett in lobbying for Hikvision.
David Vitter Toby Moffett also lobbied for sanctioned Russian bank Sovcombank. Mercury Public Affairs, signed a $90,000-per-month contract with Sovcombank in January 2022, and Vitter lobbied against the bank’s inclusion in sanctions legislation.
Hikvision is a subsidiary of China Electronics Technology Group Corporation (CETC)
Nick Levinson • April 6, 2023 12:28 AM
Copyright may affect the British effort to archive tweets and Facebook posts, but U.S. law affects Google and others who index (copy) websites without asking. They rely on website owners who don’t want their sites to be indexed to insert code into their sites, code that major search engines respect upon discovery and interpret so as not to index the site or a part thereof. That reliance relies on the legal duty to mitigate damages; I don’t know if it applies to websites but, in short, it requires doing something reasonable to alleviate a problem that the owner has discovered even if the property owner did not cause the problem. Failure to act leaves the problem-causer to remain liable but what a court does about unmitigated damage will generally be less.
ResearcherZero • April 6, 2023 12:31 AM
*”And I’m happy to join this conversation as a proud member of the Hikvision team and thank you for all your leadership of all of our team. I’m Senator David Vitter, I served in the US Senate for two terms, 12 years. And prior to that, I served in the US House of Representatives.
…our collective goal under Jeffrey’s leadership, given these assaults, and given the very negative anti-Chinese and trade war atmosphere was to make sure Hikvision could survive in the US. Certainly, this action designation on the entity list that was announced yesterday is not good news, absolutely not. However, we are surviving in the US, and I feel very good about Hikvision continuing to survive in the US.”*
“Ethics aside, Vitter is winning here. Vitter’s pro-Hikvision, pro-Libya, pro-Zimbabwe efforts will earn him millions, regardless of what happens to those entities.”
Texas Republican Senator Kay Bailey Hutchison introduced the amendment to an appropriations bill. It would prevent the FCC from getting funding for any initiative to uphold Net neutrality. According to The Hill, the co-sponsors are Sen. Sam Brownback (R-KS), Sen. Jim DeMint (R-SC) Sen. John Ensign (R-NV), Sen. John Thune (R-SD) and Sen. David Vitter (R-LA).
The move appears to be an attempt to pre-empt the FCC’s expected new policy to ensure that Internet service providers don’t discriminate between different types of information on their networks.
Infrastructure in the United States consistently ranks below that in other wealthy nations. Many infrastructure disparities can be attributed to historical policies that targeted low-income neighborhoods and communities of color. In turn, those residents unfairly bear associated health burdens.
SpaceLifeForm • April 6, 2023 12:43 AM
ResearcherZero • April 6, 2023 2:14 AM
The federal government will move to apply an R18+ rating to all video games that contain simulated gambling as part of a proposal targeted at restricting children’s access to popular casino-style games.
Blew it at the pokies…
“Australia has just 0.33% of the world’s population, but a fifth of its pokies. Rows of machines fill not just casinos but thousands of pubs, clubs and hotels too. Each year they rake in about $13bn – more than casinos, lotteries and sports betting combined.”
ResearcherZero • April 6, 2023 2:30 AM
That is a joke. Apparently…
“I started smoking weed daily, which helped curb other cravings,” she said.
“It made it a lot more comfortable to stay at home and not do anything.
“While other people have developed hobbies — I have a friend that started crocheting, I have a friend that started cross-stitching — I haven’t.”
Clive Robinson • April 6, 2023 8:24 AM
Re : Bitcoin Whitepaper in every MacOS…
I can think of a long list of reasons… So it might be easier to ask “Why not?”…
But first a story told to me back in the 1970’s by an engineer who was just a couple of years from retirement (which was kind of compulsory back then).
Back when he was young he had to do “Military Service” and ended up in the RAF doing Signals… But as part of his basic training he was sent to a camp that had a castle like portcullis entrance with an external wooden guard box on either side only one of which was normally used, the second being reserved for those who had been “naughty” in some way thus were being punished.
In the normally used guard box hanging on a nail was a pair of thick rubber cloves that had seen way better days and were cracking and crumbling and one step from self disintigration. However every Sgt of the Guard at every turn checked these gloves were there…
One day the gloves finally gave up clinging to the nail and hit the deck and ended in a sad pile. The Sgt of the Guard was informed, and a minor panic started and travaled up the command chain as to how to get the gloves replaced… No joy was to be had such gloves were nolonger available through stores or even made.
Finally someone asked the obvious question of “But why are they there?” turns out nobody new but with typical military thinking that was dismissed as not important the gloves had to be there…
Well the engineer telling me this story was a builder of model vehicles and had an interest in trams… A little historical research at the city museum finally turned up the answer. It turned out that due to the number of soldiers going “into town” it was profitable to offer public transport, eventually a tram service was put in and the camp was the “end of the line” where the trams turned around. Eventially the trams were electrified by an over head cable. That according to an item in the news paper of the day one day snapped droped on the ground and wrythed around like a hissing snake. A child and a soldier who went to help got baddly shocked. Which is why the heavy duty rubber gloves were there…
However the tram tracks had long been torn up and of the overhead cable no signs appart from some fixing on the portcullis wall still existed (and was still there in the 1990’s when I had reson to visit the city over a weekend). Thus the reason for the gloves likewise nolonger existed, but as with all things military had developed an inertia of it’s own…
If you look in software you get to see a lot of “cruft” in some cases the dead code hidden in libraries and similar is still there “just in case” it should become necessary at some point… Needless to say this cruft expands the attack surface even if not directly accessable.
So house keeping is not something that tends to happen in long running software projects, as people leave the knowledge of why things are the way they are becomes lost, but a residual “Oh there is a reason” develops a sufficient momentum to evolve a life of it’s own.
From my own experience back long in the last century, I developed a “Remote Telemetry Unit”(RTU) that was a first of it’s kind (Intrinsically Safe and 8086 based).
You might remember some years back NASA was advertising to find such old parts to keep the Space Shuttle flying…
Well those parts were later parts than the components I used, and I know that after a third of a century you just can not get them. But the company still exists and they still advertise it with photos of the original equipment I designed…
lurker • April 6, 2023 2:46 PM
I’ve got a (hypothetical) Hikvision camera behind a reasonable firewall. I want to watch it across town (or across the globe), so I use a reasonably encrypted channel. What could go wrong? …
Of course 99.97% of users (including those who should know better) won’t take these precautions. There should be almost no reason for these cameras to show up on Shodan.
lurker • April 6, 2023 2:57 PM
Of course an archivist will want to archive everything in its original format, including cancelled Tweets and stuff removed from FB pages by the “owner”. Are these kept, marked as “deleted”? who gets to see them? Or not until 75 years after the author’s death?
Hence my Oh Noe.
Clive Robinson • April 6, 2023 4:42 PM
Re : Phoning home IoT etc.
The question all owners should ask themselves is,
“What am I actually paying for, and what am I paying in rent and how that payment is made…”
Which brings you back to my usual first question,
“Why is this device connected to external communications and what is the business case for it to be so connected?”
It’s one of the reasons I joke that,
“Anyone using Amazon products will end up having their head looked at very quickly”.
But from another aspect many of these systems do not work in the way you want should the external connections fail…
So you buy a box cheap and install it and it’s great, then a few months down the road the supplyer goes out of business or decideds there’s not enough money being made in the “back end” they are running. So they simply turn it off or demand large sums of support/rent… Either way you do not get what you thought you were paying for.
The trouble is most home-consumer / lowend-commercial security systems are all like this these days. Including many “home electronics” including those in your kitchen and bathroom (and in some cases the bed room).
Worse even if the companies are honest about what they do with your data (Amazon comes into question here with Ring)… It goes through “the cloud” where SigInt agencies and Others play with their hoover systems…
The fact that the article is on a Chinese firm when US firms are doing the same or worse, should tell you where the money / influance in that journalistic organisation comes from… I won’t say it’s more “5G politics” but you can see why I might think so, let’s just say,
“For the moment several horses are running in the same direction. But they won’t always do so.”
In fact the more “Police State” supposed Western democracies get, the worse these issues will get. Remember those “smart meters” connected to “smart grids” are just another form of “communications network” through which influance/control will be exerted on “the citizens” by both Government and Rent Seekers.
lurker • April 6, 2023 5:46 PM
As you may have guessed I’m not an average SOHO user, so my reasonable firewall lets the device phone home to say “Hi mom” then keeps all video stream packets inside, and/or strongly encrypted.
The people moaning about CCP spyware should produce some merchandise with the same or better price/performance figures. Oh, you say they’re all spying? Then they should just shutup and go away. Which unfortunately doesn’t solve the problem of ordinary users being treated like cannon fodder by their own governments.
Reuleauz triangles • April 6, 2023 7:32 PM
Dept. of The Clock is Ticking
“Listen very carefully, I shall say this only once.”
The clock was perhaps originally an artificial device to provide convenient reference to natural time.Then it became the primary instance of time. Then it became the regulator of human action.
It was the first robot overlord. Many welcomed their robot overlord. Today’s robot overlords are just an extension and refinement of the clock.
vas pup • April 6, 2023 7:41 PM
How do fish survive in the deep ocean?
“At the bottom of the Mariana Trench there is 1,086 bars of pressure, the equivalent of 100 elephants standing on your head, according to Abbie Chapman, a researcher at University College London who has studied creatures living around hydrothermal vents.
How can creatures thrive in such extreme environments?
Marine animals living in the hadal zone have adapted on a cellular level to enable them to withstand the oppressive conditions.
Creatures such as giant amphipod crustaceans and the Mariana snailfish have high concentrations of organic molecules called piezolytes (the name comes from the Greek word “piezin” which means pressure), which stop their cellular membranes and proteins from being crushed under extremely high pressure.
These molecules counteract the weight of the surrounding water column by increasing the space that proteins take up inside the organism’s cells. According to deep-sea biologist Tim Shank at the Woods Hole Oceanographic Institution in Massachusetts, “it’s like putting the stakes up in a tent”.
Studies show that the amount of the piezolyte molecule trimethylamine N-oxide (TMAO) increases in ocean organisms in line with the depth of their habitat.
Researchers from the University of Leeds concluded in a 2022 study that TMAO acts like “an anchor point within the water network” by forming strong hydrogen bonds with water molecules. This allows the organism to resist the extreme pressure it is under.
Fish living closer to the ocean surface have a swim bladder, a gas-filled organ which allows them to remain buoyant without sinking or floating to the top. Deep-sea fish such as snailfish don’t have swim bladders, as the difference in pressure between the gas-filled cavity and the water pushing in on the outside would rupture them.
In the deep ocean there is no direct sunlight and therefore creatures cannot rely on photosynthesis to convert the Sun’s energy into sugars to fuel them. Instead they use chemosynthesis to create sugars using energy released from chemical reactions occurring around the hydrothermal vents in the ocean floor. “They live off chemicals coming out of the sea floor,” says Shank.
Deep-sea fish have also adapted to survive in a low-oxygen environment.”
That is big space for bionics to mimic those feature for subject of this blog – just opinion.
Clive Robinson • April 6, 2023 8:06 PM
@ lurker, Winter, ALL,
Re : To be shorn or munched.
“Which unfortunately doesn’t solve the problem of ordinary users being treated like cannon fodder by their own governments.”
Something that @Winter commented on just a few days ago, implying that it was in the job specification of “Political”.
In essence citizens are the flock of sheep to be driven, fleeced and slaughtered, by the self appointed.
That is however you look at it democracy never realy exists, it always becomes a hierarchy with the four evils of,
“Status, money, power and control”
Migrating rapidly to the top.
Which thus attracts the mental defectives who find those four “evils” deeply attractive. Hence the “dark quadrad” of mental defects of,
Being found strongly exhibited at the top of any hierarchy.
The real scary ones being those who portray them selves as “humble servants” of the “leaders”. They are the Machiavellian “control freaks” often with other psycopathic tendencies, effectively hiding behind narcissits and sadists, that are the public faces or frontmen. Knowing full well that “come the reveloution” the frontmen end up swinging from street lights whilst they slip away into the night, wait a while and then come back and insinuate themselves behind new frontmen so remain hiden but very much in control…
Winter • April 7, 2023 3:48 AM
Cardboard drones running open source flight software take off in Ukraine and beyond
‘CORVO’ ships with tape and glue, gives defense orgs just-in-time drone capability for a song
The drone takes around an hour to assemble, we’re told, and its lithium-ion batteries give it a range of up to 100km (62 miles) with a 3kg (6.6lb) payload.
The craft ships in a flat pack complete with tape, glue, and instructions on how to assemble it. A tablet computer is also included so users can tell Corvo where to fly by entering GPS coordinates. A wired connection to upload that flight plan is required, but once Corvo is aloft, it will proceed along its route, at a specified altitude, and land itself at its determined destination.
Clive Robinson • April 7, 2023 5:45 AM
@ Winter, ALL,
Re : Flat pack drone kits.
“Cardboard drones running open source flight software take off in Ukraine and beyond”
Whilst not the “cardboard” I was thinking of other light weight materials or composits and 3D printing, I’ve been predicting this sort of drone for quite some time now on this blog. As I’ve noted several years back developing a flight system with a Mobile Phone or gumstick SBC would be an under graduate first or second year project.
My view / take on it when discusing it with those wanting to develop low cost drones was a “Vulcan bomber” style Delta wing design made from hot wire cut expanded polystyrene with push through strengthaning rods and a “pusher motor” style propultion system mounted in the tail. As a prototype it was known to work and some people have been “product developing them” prior to C19 put a gimp in things.
But the lightest material I’ve made a “glider” out of is balsawood spars covered with an ultra thin chemical film made by spraying chemicals onto a water bath (kind of like making plate glass on a hot tin float).
The early manned aircraft were little different they used very thin cotton cloth stretched across wooden spars that was then “tightened” with “dope” which could be as little as very dilute flour and water paste, or shelack or similar disolved in some kind of spirit just brushed on and left to dry. Odd shapes were made with early plastics like “casin” that essentially was boiled up milk and vinegar.
So replacing the cloth with paper and the spars with corrugated card or that “artist board” made of two sheets of paper seperated by a layer of closed cell expanded foam is not exactly a stretch of the imagination. I happen to know that a UK University north of london gives the making of a small glider with exactly those materials in the second term of the first year to their areospace students to show they have understood the basic maths of flight in an “applied” way. And they’ve been doing it for several years now.
Nick Levinson • April 7, 2023 10:27 PM
@lurker & @SpaceLifeForm:
U.S. copyright law, especially what’s not black-letter law, is probably not the same as U.K. law on point, although treaties provide some commonality.
Google’s right to copy websites, when respecting robots.txt and other restrictions, is protected, but I understand Google lost on modern works re Google Books, because authors and publishers don’t have access to anything like robots.txt.
The legal duty to mitigate damages is not in U.S. copyright law, though it may apply to copyright. It may be subject to case law, which likely differs between U.S. and U.K.
The bitcoin paper being in macOS has good company with other Easter eggs. One time, Microsoft executives started getting thank-you letters for including a flight simulator in Excel (spreadsheet software) and the execs had no idea what they were talking about. It took complicated commands to get to the simulator.
The latter may show how an insider can compromise (in this case, probably harmlessly) a shipping product with something I assume was large and yet with no one in quality control catching it in a code review. Maybe there was a conspiracy, which would underscore the problem of compromise from inside an organization.
SpaceLifeForm • April 10, 2023 9:25 PM
Spy vs. Spy
You may recall this from earlier times.
Al Jaffee has passed away.
He retired a few years ago.
Clive Robinson • April 11, 2023 3:44 AM
Re : Mad Magazine Cartoonist Al Jaffee.
Aged 102, not a bad innings.
“He retired a few years ago.”
Not “officially” he was allegadly taking a short break before starting his next century…
Though he was already in the “Guinness Book of Records” for being the longest running cartoonist.
Whilst his “Spy-v-Spy” gave us our “White Hat -v- Black Hat” meme, I guess he will be remembered most for the innovation of the “fold-in”.
Hopefully he has been given the “White” suit not the “Black”, because he certainly entertained me for many years.
MarkH • April 11, 2023 1:31 PM
With very considerable respect to Mr Jaffee — whose imagery is indelibly imprinted on my neurons! — Spy vs Spy was the work of Cuba native Antonio Prohias, who if I correctly remember signed his work in Morse code.
ResearcherZero • April 17, 2023 6:02 AM
Logic could remove segments of the document. Perhaps after so many decades, some documents that contain understated information has been lowered in classification. Though I suppose eventually something has to be released.
unredacted ODNI FOIA Case DF-2022-00138 | 22-cv-674 Final Response Package
For some perspective the output of mobile phone towers is very low. You can test the output of various wireless devices with a rectenna and multi-meter.
Converting sunlight to electricity with a rectenna also produces very little power within the Earth’s atmosphere. The atmosphere absorbs a lot of energy, along with the Earth’s magnetosphere. If it were otherwise there would be a lot of problems with electronics (failures, surges, fires…).
Tin foil hat stories in regard to mobile networks and data centers are just jokes. However people do get lost in car parks. 😉
Clive Robinson • April 17, 2023 8:11 AM
@ ResearcherZero, ALL,
Re : Wireless energy harvesting.
“For some perspective the output of mobile phone towers is very low. You can test the output of various wireless devices with a rectenna and multi-meter.”
You could have provided a link 😉
However “wireless power transmission” though used as major plot items in Spy, SiFi and Detective films are not realy “much cop” currently.
The first problem is radiation of the signal spreads out like an enlargening balloon so it’s surface area expands quickly (r^2) but not as fast as the volume (r^3). So either the rectena has to be close to the radiative source or extensive beam forming at the transmiter has to be used.
Which is the second problem. A simple analogy model is to “turn it around”. That is from a point draw the rectenna which realy needs to be atleast 16 wavelengths from the point. Then continue the line from the rectenna out the distance you want to use it from the source which needs to be more than two wavelength and preferably atleast sixteen to get a usable plane wave. Then draw two more lines from the point via the largest outer dimensions of the rectenna and keep going such that you get a triangle at the distance the source has to be away from the rectenna. That gives you a simplified first approximation for the effective appature diameter of the source transmit antenna assuming spherical antennas. Anything less will cause significant losses (which is why “lensing” has to be used, but even that’s not going to help much at geo-stationary distances).
The third problem is that basic descriptions of rectennas talk about “a diode” which in theory is easy to understand… In practice all diodes have problems, not least is the turn on voltage drop. There is a very real world issue you can look up to see this, it’s the use of MF and loe end HF “Series Resonant Power Supplies”(SRPS). They frequently do not use diodes because the losses means quite a bit of inefficiency which means heat thus various types of limitations to avoid failure.
Fourth is what frequency to use… As a very rough rule of thumb the higher the frequency the more issues there are to do with unwanted absorption. One issue is that of “antenna spill over” where stray radiation goes outside the confines of the antennas. Thus ask the question of “Do you want high power microwaves coming down on your head etc and broiling it?”.
So “beaming power from space” is not going to be that easy and require quite a bit of the Earth’s surface.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Leave a comment