Friday Squid Blogging: Colossal Squid

Interesting article on the colossal squid, which is larger than the giant squid.

The article answers a vexing question:

So why do we always hear about the giant squid and not the colossal squid?

Well, part of it has to do with the fact that the giant squid was discovered and studied long before the colossal squid.

Scientists have been studying giant squid since the 1800s, while the colossal squid wasn’t even discovered until 1925.

And its first discovery was just the head and arms found in a sperm whale’s stomach.

It wasn’t until 1981 that the first whole animal was found by a trawler near the coast of Antarctica.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Posted on April 14, 2023 at 5:14 PM82 Comments


&ers April 14, 2023 5:24 PM

@Clive @SpaceLifeForm @ALL

Something strange.


But they are arrested now.
Anything similar in other countries?

OnlineAccounts April 14, 2023 6:58 PM

So… I have various accounts relating to online entertainment. Netflix, Steam, etc. Over the years I’ve spent a fair bit of money purchasing (unlocking) content on them. These days there are a seemingly endless series of scams intent on defrauding consumers like me, and endless sad hard-luck stories from the victims.

Recently I replaced my cell phone. Immediately, within seconds, someone started clicking the “I forgot my password” links for my accounts. And of course, I was sent emails with a link to reset my password.

But only on the accounts that didn’t have 2-factor authentication capabilities. The low-hanging fruit.

Now this isn’t really useful unless someone is reading my email.

Makes me wonder if my email on my new cell phone is compromised out of the box.

Being a long-standing reader of this blog, e.g. paranoid, I didn’t have my email hooked up to my cell phone. I changed the password on my email beforehand. And I immediately logged in and reset my accounts’ passwords. So I seem to have dodged the bullet.

Still, I can’t help but wonder if email over cell phones is… Perhaps not entirely secure?

Clive Robinson April 14, 2023 8:12 PM

@ &ers, SpaceLifeForm, ALL

Re : Secret Tunnels.

“Anything similar in other countries?”

There are such tunnels under London some are so old nobody knows they are there, who built them or why. With “lost tunnels” being found anew all the time, as new tunnels or excavations are dug for modern services.

One of interest goes from underneath “The Houses of Parliment” in Westminster Palace to the celler of a building outside of the Palace grounds.

Many might assume it was an “escape tunnel” and in a way it was, but the “enemy they were escaping” was not what you might think.

Because you can still see in the tunnel the supports for a “bell rope” much like those that used to be used in large country houses.

If you search carfully in the records you find something interesting about the building…

Let’s just say it has the hallmarks of an up market “house of ill repute” and that the bell would be rung shortly before a vote such the politicions could make themselves presentable, go through the tunnel and enter their respective chambers to register their vote…

A little up the road from that tunnel are two tunnels to nowhere that run in parallel and are as large as underground railway tunnels and were built by the same people that built many of the underground railway tunnels. They are from menory under the “Admiralty building” and “Horse Gaurds Parade” and join up to “The citadel”. It was actually a deep bomb shelter / control center built during WWII. The tunnels were lined with a 300mm sound and heat insulation made of natural cork. We heard about it in the 1980’s when during a refurbishment some idiot apparently tried to cut the cork out with a gas cutting torch and set the cork on fire. It burnt for days and they had no choice but to vent the acrid thick black smoke up and into the air where it was understandably quickly spotted and questions were asked.

We also know that there is a nuclear shelter under another part of London that is used for cabinate briefings etc and can be sealed of for months with stored food, water, fuel, and has a closed air recycling system etc. It even has a small shop like they have in hospitals where you can by toiletries, sweets, books, packs of cards, night attire, underware, shirts and other clothes and the like. There are numerous support fascilities including medical and dental.

It’s estimated that from WWII to the end of the Cold War a thousand miles of tunnels under London have been cut, none of which are for public transport systems.

Speaking of which, Westminster Underground Station was rebuilt not that long ago, and the design is unusual, and it has politicians offices above it. It is rumoured that there are “secret tunnels” that run underneath it.

The deepest part of the london underground is under Hampsted Heath, and there was a communications and control nexus built there. The reason, is the man who built the railway tunnels started building a railway station. Due to political pressure the station was never compleated as the building above ground was prohibited. Thus the already built inderground part of the station was abandoned and thus available for the nexus.

There are quite a few abandond underground railway stations and tunnels that few know about and some have been “capped off” and new above ground buildings built. Back in the 1970’s when I was involved with Pirate radio, the founder of the radio station was Nick Catford, and he was very much into tunnels and other “secret bases” and he took many photographs and later videos. He has his own web site as oart of “Subterranea Britannica” and he has organised tours of some fascilities. You can see him dressed for the part,“Nick+Catford”+secret+bases&iax=images&ia=images&

He was not the only one getting into such “keep out” places. Another name you might recognise who started his entertainmebt career at Nick’s radio station is stage hypnotist Paul McKenna

Who I remember being interested in Nick’s activities.

The problem is that there are so many tunnels and such, that there is freedom for a lot of imagination. Worse during the Thatcher era WWII bunkers and similar were upgraded for “nuclear war” rediness and the “secret nature” of them has encoraged various fantasies and conspiracy theories, and it’s very difficult to tell fact from fiction.

As you may remember from comments I’ve made in the past, I take an interest in “Industrial Archaeology” and have some knowledge of just a few of the “Tunnels Under London” and other places and it sometimes requires peoples “pet theories” to be “debunked”. Because the actual infrastructure age can be determind from the materials and construction techniques used and thus the actual time line does not align with the “pet theories”.

But… It is said “Nature abhors a vacuum” well it might, What I do know it certainly it dislikes spaces remaining empty… So such places do not remain empty for long. One thing that happens is “repurposing” so what was once built for one thing gets later used for something entirely different. And military and civilian organisations may post guards etc, who do not get informed about why they are guarding something. So they might,

“Put two and two together and come up with six”

Which they then tell to others and so a another “conspiracy theory” story gets launched…

not an easy target April 14, 2023 10:30 PM

It’s not even fresh news that many “tech support” call centres in India and Pakistan(?) and former Bangladesh(?) have become malevolent hacking and malevolent phreaking stations stealing info and money and accounts from citizens of United Kingdom and USA. Some of the remorseful rich already confessed after they quit and changed their names, locations, and appearances. They became stinking rich after stealing so much so easily. Some of them claimed that the allure of the stolen contraband was addictive and too easy as well as widespread.

I have some personal experience with this problem, so I know it’s true.

Furthermore, there’s similar problems with online “tech support” websites.
Most of the ones that I know for sure are malevolent are not yet marked.

But here’s what they tend to do:

1) gather your IP address (they have that as soon as you use their site, especially if you become a “regular”.

2) if you register, their info about you becomes greater assurance of your ID, similar to webpage canvas fingerprinting, only you gave it to them voluntarily, and the info is in a human-readable form and is even more thorough.

3) as you increase interaction and participation, your behavioral internet biometrics become observable and recordable. this solidifies their access to your IP address and your ID and personality type.

4) if you ask any kind of technical question, they tend to learn which malware attacks are already working against you if it matches the known symptoms. malware creators / managers know which symptoms to look for. so now they know you are vulnerable and know to hack into your system more.

5) even if you don’t reveal any technical weaknesses, if you voluntarily reveal your locale, ethnicity, location, occupation, vocation, hobbies, purchases, language, softwares, firmwares, hardwares, operating system use… then they get a very detailed dossier on you as a target and since they already have your IP address or general GPS location, then they are that much deeper into hacking you.

6) some sites entice you into listing your recent purchases; this also gives maleware cultures deeper access into harming you and your systems and gear and livelihood as well as your fellow subculture members.

7) if you’ve fallen for asking them for help, or even if you are just a bystander trying to help someone else via comparison, as soon as you run and upload system audit data of any kind, you’ve pretty much given them indirect access to your system. if they are skilled hackers or have access to skilled hackers, and sometimes even if they are just “script kiddies” they can now remotely break into your stuff and mess with your property and your life.

8) even if you’ve given up no technical information, too much social networking style conversation with them allows them insights into how to assault your subculture via “civic hacks” and behavioral interloping (and just plain hostile and invasive forms of espionage).

9) if you upload any contents whatsoever, usually those data are somewhat forensically linked to only you and your location and your behavior and your belongings and your habits. in combination with some known vulnerabilities, sometimes these uploads contain your computer user names, directory listings, email addresses, etcetera.

10) if you upload any photos of yourself or your surroundings, sometimes these can be used by rogue surveillance groups and individuals and by malevolent forms of espionage to cause you personal harm or to jeopardize your safety in person, sometimes via covert warfare techniques and other surrepticious ways.

11) even uploading an avatar can reveal alot about yourself, usually too much. culturally, those can be interpreted by hostiles to read your personality, thus they might gain too much info on how to distract or disturb you or to violate you or your systems or allies.

12) if you happen to mention your travel plans or travel tools, past or present or future, you’ve accidentally set yourself up to be violated by strangers.

&ers April 15, 2023 4:11 PM

Can anyone explain me why people still keep their
cryptocurrency in online (hot) wallet?


&ers April 15, 2023 5:00 PM


“He is a desperately immature person who behaved immaturely, and it played out in the usual way.

If he had adult comprehension, he would never have dumped these on a gaming forum.”

After reading a lot of this incident media covering i’d like
to come back to your post.

Yes, that person OG/Teixeira broke the rules and smuggled out
classified information, BUT he didn’t directly put it on public
or gave it to enemy (read – Russia). He shared that info inside a
small closed community and specifically told everyone NOT to share
that material on.

Now, if everyone would comply we wouldn’t have that situation on our hand and Russia couldn’t get that info.

However, there was one person in that close community why didn’t
comply. He shared that classified information on, without any permission, despite that it was specifically told not to share. Because of that person we now have that incident, Russia knows
how US gathers intel, Ukrainian attack plans are down to toilet etc.

Sorry, but i hold that unnamed person here responsible what happened. He shared info on without permission, because of him
now Teixeira is arrested. Now Teixeira name is everywhere in the media, yet we don’t know that other person who actually committed
the “real leak”.

Read this. There Teixeira even threatens to end sharing classified documents.


There is a good chance that he eventually had done that.

I’m not defending here Teixeira, but somebody acted here much worse that he did. He trusted that person, shared info with him,
told him specifically not to share that info on and yet that person didn’t listen.

Media in now black-painting Teixeira but keep a tap on that “real leaker”. Very biased.

MarkH April 15, 2023 6:04 PM

@ &ers:

From a moral standpoint, I partly concur with your assessment.

However, “OG” was literally the old man of the group — apparently, most of them were still schoolboys.

American society restricts the very young from a broad range of decisions and responsibilities, based on a shared understanding of the limitations of their judgment, self-control, and capacity to project the consequences of their actions.

I expect that most will hold the military officer — who as part of receiving security clearances, accepted that he can be imprisoned for unauthorized transmission — much more responsible, than the even younger man (or boy!) who aggravated the offense.

Clive Robinson April 15, 2023 6:35 PM

@ &ers, ALL,

Re : Hot Wallets being picked.

“Can anyone explain [to] me why people still keep their
cryptocurrency in [an] online (hot) wallet?”

Err because in some cases, they lack knowledge, and/or do not understand about probability in “a target rich environment” for criminals.

But there are other “Fan buoys” bobing about still evangelizing for crypto coins, because they don’t have the sense to realize they are being “used as tools”, “fowl to be plucked”, or in other parlance “piggy chopped”…

As the old saying has it,

“A fool and their money, are soon parted”

Especially when,

“They have more money than sense”

@ ALL,

Crypto-coin is not an investment opportunity in any shape or form. Because the are a mixture of Short and Long cons and are effrctively illegal unlicenced financial instruments.

Likewise investing in “crypto-coin” and similar scheme “development companies” especially those being pumped up by venture capitalists are a scam. That is not lawfull –due to intent to defraud by the venture capitalists– but currently technically not illegal as buying shares even in a deliberatly created faux market is still “buyer beware”…

As for the related Web3, “Non Fungible Tokens”(NFT), and “Smart Contracts” nonsense they are just another “bubble con” designed to seperate those with less sense than a goose from their money.

Clive Robinson April 15, 2023 6:51 PM

@ &ers, MarkH,

Re : Pentagon Document leak.

“If he had adult comprehension, he would never have dumped these on a gaming forum.”

I suspect it’s a case of “Non Neuro Typical” development and lack of “Emotional Inteligence”.

The fact he is a young adult trying to impress what are mainly children is a “red flag” indicator of emotional development that is not in the norm.

Thus whilst he might be quite intelligent in an IQ type measure, he probably has “arrested emotional development” and might even be “Special needs” in that area. Such people do get attracted to a military environment as it gives them what appears to be a social life etc they otherwise lack, and is another “Red Flag” indicator.

Thus he may turn out to not actually be legally “Mentally Competent” enough to be put on trial.

vas pup April 15, 2023 7:00 PM

EU: ChatGPT spurs debate about AI regulation +

“It is not clear whether ChatGPT or a similar product would even be covered by the EU regulation, which defines levels of risk in AI that run from “unacceptable” to “minimal or no risk.” As the legislation stands, only programs assigned scores of “high risk” or “limited risk” will be subject to special rules regarding the documentation of algorithms, transparency and the disclosure of data use. !!! Applications that document and evaluate people’s social behavior to predict certain actions will be banned, as
will social scoring by governments and certain facial recognition technologies.

Legislators are still discussing to what extent AI should be allowed to record or simulate emotions, as well as how to assign categories of risk.
Voss said that “for competitive reasons and because we are already behind, we actually
need more optimism to deal with AI more intensively.

But what is happening in the European Parliament is that !!! most people are being guided by fear and concerns and trying to rule out everything.” He added that the EU members’ data protection commissioners wanted AI to be =>monitored by an independent
body and that it would make sense to amend the existing data protection legislation.

Mark Brakel from the US-based nonprofit Future of Life Institute told DW that companies also had to be held accountable by regulators. He said that it did not suffice to apply risk levels to AI applications. He suggested that developers themselves should have to monitor the risks of each individual application and that measures should be taken to ensure that “companies are mandated to do this risk management and publish” the results. He added that sometimes =>companies could not predict today what their AI products might be able to do tomorrow and were sometimes surprised by the results.

What is striking about ChatGPT, which is causing a stir in Europe, is that it was developed in the US for global use. OpenAI could soon face stiff competition from other US companies such as Google and Elon Musk’s Twitter. Chinese tech giants are also in
the race, with Baidu already having created a chatbot called Ernie.

So far there do not seem to be any European chatbots on the horizon.”

&ers April 15, 2023 7:01 PM

@Clive @MarkH

Now this is an interesting development


If Trump will become the next president he’ll probably pardon him.

vas pup April 15, 2023 7:08 PM

@Clive said:”Thus he may turn out to not actually legally “Mentally Competent” enough to be put on trial.”

That is in perfect world and probably in UK, but in US that is doubtful. It is going to be made example for future potential leakers with tough punishment. Right now court system is in very unpredictable mode of operation. It is difficult to predict outcome in the same way as kind of legal ‘casino roulette’. Just opinion.

MarkH April 15, 2023 7:40 PM

Clive perceptively suggests that the leak suspect might not be neurotypical.

If so, his limitations would most likely be of a social/emotional nature, irrelevant to the legal standard of competency to stand trial: the abilities to understand the significance of court proceedings, and to express oneself within them.


This was not the first instance of classified document disclosure on gaming forums, and will not be the last.

Russian and/or Chinese intelligence might quite reasonably be snooping certain combat-game forums, in which case OG exhorting his boys to be careful could not have prevented access to secrets by hostile states.

A military officer can face discipline for putting classified material in the wrong kind of safe inside a secure facility — dumping secrets to the internet is reckless and dangerous.

MarkH April 15, 2023 7:49 PM

I just speculated about malevolent actors snooping on gaming forums … as it turns out, I needn’t have speculated:

In a chat on stage at at Semafor’s World Economy Summit, Microsoft President Brad Smith has said the company is currently dealing with attempts by various types of Russian agents to “penetrate” online gaming communities, with particular emphasis on those associated with Minecraft.

It’s not just kids: Microsoft has traced some of these attempts to the Russian government, and Yevgeniy Prigozhin’s “Wagner Group.”

Ironically, US counterintelligence would be subject to legal strictures. For other states, no problem.

&ers April 15, 2023 8:02 PM


That’s why it’s so important to track down the “real leaker”.
Was he really a kid?
Or did he just acted like one for disguise?

Media catched Teixeira, they are happy, case closed,
news articles gets click-points.

lurker April 15, 2023 8:19 PM

Friend or Foe? A French frigate “accidentally found” in NZ territorial waters, assists in a search and rescue, but does not explain its presence …


Canis familiaris April 16, 2023 11:54 AM

Hmm. If false information is given a security classification, then subsequently disclosed in an unauthorized fashion, is a defense that the leaked information is not true? (You don’t need to answer that).

One way of finding a ‘bad apple’ in a trusted group is telling the group not to do something, and seeing who does it anyway.

Sometimes, the people transmitting false information don’t know it is false. And neither would the ‘bad apple’.

It is not beyond the bounds of possibility that JT’s behavior was already known to the intelligence community and he was used to flush out other people and channels.

When given lemons (an immature young man playing ‘fast-and-loose’ with information), the intelligent make lemonade.

JonKnowsNothing April 16, 2023 1:27 PM

@ Canis familiaris

re: If false information is given a security classification, then subsequently disclosed in an unauthorized fashion, is a defense that the leaked information is not true?

(USA) All that matters is the classification stamp and BATES number on the document.

Corollary: True information given a security classification, followed by un-truth statements by “officials authorized” to have seen the documents and pronounce on them, followed by disclosure that THE OFFICIALS LIED TO US/USA, gets the same treatment … or worse.

Current and Historical dead bodies everywhere.


see: Current Events w ExUSAPres
see: Gulf of Tonkin incident

Clive Robinson April 16, 2023 1:30 PM

@ vas pup,

“Right now court system is in very unpredictable mode of operation. It is difficult to predict outcome in the same way as kind of legal ‘casino roulette’.”

It’s, not the courts but the legislation that is the actual problem which means the legislators who are politicians are passing bad legislation.

To see why you need to understand a little history. Otherwise Law can look atleast a little odd,

The US system is effectively young and only about three centuries old. In most but not all US states it is based on the old English system, of law that stretches back through twenty centuries of “common law”.

Thus certain things used to be condidered foundational, to the good order of a courts job of enquiry into the facts.

Part of that is from old,

“actus reus non facit reum nisi mens sit rea”

That Latin phrase effectively translates to the English,

“the act is not culpable unless the mind is guilty”

Which gives the two part test from old common law of,

1, “actus reus” : to act unlawfully or failure to act lawfully when required.
2, “mens rea” : possesing a guilty mind ie to have intent to act or not act.

So the prosecution had to first prove an act was infact a crime, and that the act was commited with intent and the latter beyond reasonable doubt. Which is quite a high burden of proof.

It’s one of the reasons children are not held to the standards of “competent adults”. Importantly though is that “competent adult” is not about physical age and abilities, but mental.

Hence the questions of if the alleged person has actually commited a crime and if he had the mind of a competent adult.

I suspect he may not have a competent mind in a sufficiently strict sense.

But… as always these days there is “a fly in the ointment”. In more recent times politicians wishing to be seen as “tough on crime” have been unhappy with the conviction rate and the costs involved.

That is the politicians for political reasons want 100% convictions at zero cost as an ideal. In the US they have tried plea deals, and they have not been seen as working to achive anything close the the politicians ideal.

So the politicians have stupidly increasingly pushed for “strict liability” and “no legal defence” legislation. Some with a scope so broad “no definable act” that can be tested is required…

So for the alledged person, we need to wait and see what if any criminal charges are brought against them to see if a defence can actualy be mounted. As you note,

“[I]n US that is doubtful. [They are] going to be made example for future potential leakers with tough punishment.”

Or worse subject to civil action for which “intent” is not required, and thus have “failure to make restitution” by way of paying fines be converted into a criminal action in various ways.

Honest Judges now in a politically corrupt justice system are thus saddled with trying to make “justice work” under increasingly impossible conditions.

But even this draconian political act does not actually work. As those that truely have “mens rea” have learnt how to put a barrier between them and the “actus reus” that the law can not break through. In effect by either not having an identifiable “Directing mind” for the intent, or by using a second party “proxie” to engage a third party “actor”, or both along with other tricks like not being in the jurisdiction of the act.

This is why legal entities such as “corporations” are so usefull to such people… They get away unpunished by law, and the corporation at worst gets “fined”… That it just gets back via the tax system in one way or another. Likewise the legal costs.

Whilst you as an individual not only get sent to prison you are bankrupted and incapable of finding a way to get out of the trap…

It’s just another form of “Rights stripping” for “political reasons” and is a very particular problem in the US.

&ers April 16, 2023 4:51 PM

@Clive @SpaceLifeForm @MarkH @ALL


MarkH April 16, 2023 5:09 PM

@ &ers:

Probably you can well understand my disgust toward U.S. military veteran Sara Bils (see WSJ link above).

It’s interesting that she might have crossed the line of violating Federal law.

Her survival might depend on quick relocation to a place where she can’t easily be found.

vas pup April 16, 2023 5:16 PM

@Clive “It’s, not the courts but the legislation that is the actual problem which means the legislators who are politicians are passing bad legislation.”

100% agree. Moreover, deep state as well just opportunists using bad legislation to their own interests sometimes very far from the interest of general public.

Vague legislation is just legal pond out of which any fish (guilty or innocent) could be pulled out.

On a funny note: “One judge asks another: “Tell me, can you imprison a completely innocent person?” “Why, don’t I have a conscience at all?” I’ll give to him a probation.”

MarkH April 16, 2023 5:17 PM

Computerized Voice Impersonation is Quickly Growing Better and Cheaper

This article provides a nice summary of the current state of the matter:

What’s missing from this article, is an assessment of how deeply destructive abuse of this technology will be. Problems like actors cheated of pay, or fraudulent recordings to discredit public figures are surely harmful — but hardened criminals (and their lawyers) will use it do things incomparably worse.

Fasten your seat belts.

SpaceLifeForm April 16, 2023 6:22 PM

@ JonKnowsNothing

Re: Stop the planes


vas pup April 16, 2023 6:35 PM

Leaked Pentagon docs show the shot-down Chinese spy balloon may have had a feature known as ‘synthetic aperture radar’ that can see through certain materials, WaPo reports

“The shot-down Chinese spy balloon may have had synthetic aperture radar, the Washington Post reports.

The technology has the ability to observe objects in the dark or through clouds.

SAR is used around the world by organizations like NASA and the European Space Agency.

At the time, much about the balloon wasn’t known publicly, but a new trove of Pentagon documents leaked on Discord show it — and up to four other previously unknown spy balloons like it — could have had a feature known as “synthetic aperture radar” that can see through certain objects, the Washington Post reported.

!!!Synthetic aperture radar is the solution to the problem with real aperture radar, which cannot create high-resolution images without an impractically large antenna. SAR “synthesizes” a large antenna, but the concept is the same — it releases bursts of
electromagnetic energy to an object on Earth, and a sensor then records the wavelength of energy it receives back, according to NASA. These sensor readings then allow the radar to create a reconstruction of whatever objects are below the energy beam.

!!!Because SAR isn’t taking photos and is instead using electromagnetic data to create a high-resolution image, the technology can “see” in the dark, as well as through clouds,
smoke, soil, and rain. It can also help with three-dimensional reconstructions, unlike cameras, which can only capture what is openly visible from above.

The technology, invented in 1951, is used all over the world by science organizations like NASA and the European Space Agency to observe the earth’s topography.

=>It is also used in war to spy on adversaries. Recently, a Canadian satellite operator helped Ukraine by providing SAR imagery to officials. The imagery allowed Ukrainian officials to monitor Russian troop movements during inclement weather and cloudy days.

The documents also reveal that certain functions of the balloons are still unknown to US intelligence, as certain sensors on the device are labeled as “unidentified” in photos.

The Pentagon did not immediately respond to Insider’s request for comment.”

lurker April 16, 2023 8:42 PM

@vas pup

“The technology has the ability to observe objects in the dark or through clouds.”

Yeah, well, that’s what radar does and has done since before 1942. Laughing at this tripe from MSM slows down reading that they really mean SAR, which has been around since 1951, and lots of people use it. Quelle Horreur, the Chinese have SAR too!

Or at least somebody suspects they may have it. What MSM can’t tell us because a) they don’t know, or b) they’ve been told not to say, is if the Chinese kit works better than ours.

Made In China = US Ally April 16, 2023 9:15 PM

I’m of the opinion that the media frenzy about the so called “leaked” documents is just another form of clickbait.
I think we ought to just ignore most of the hype.

Besides, it’s important to remember “innocent until proven guilty in a (legitimate) court of law” ought to apply to internacional courts and tribunals as well.

Meanwhile, some of the hackwares are designed to hide and spoof the id of the attackers and make it look like somebody (or something) else. These days, that method is as commonplace as user-agent spoofers and VPN’s and TOR etc.

Really, don’t throw your IQ and knowhow out the window just because this year is a positive integer higher than any other previous year.

As for fearmongering about China, check every item you ever own. Notice what percentage is “Made In China”.

Clearly, China is a longtime ally of United States of America; “Made In China” appears on almost everything of every kind in USA. That’s because China has been a reliable trusted supplier for such a long time that they are seamlessly built into our culture.

Too many Americans were not yet educated about this forensic evidence everywhere or they simply forgot.

Ivana Linhartová April 16, 2023 9:19 PM

A team of US scientists is turning dead birds into drones to study flight techniques that may help the aviation industry


“Scientists in New Mexico are working to turn taxidermic birds into drones to study flight patterns.

For now, the bird drone prototype can fly for a maximum of 20 minutes, scientists told Reuters.

The research has no relation to the Gen Z conspiracy that “Birds Aren’t Real,” a project lead told Insider.”

MarkH April 16, 2023 10:15 PM

From an article about how the murder of Mexican journalist Miroslava Breach Velducea was investigated by fellow journalists, after an apparent cover-up by civil authorities:

[one journalist said] a military source warned a fellow-member of the group to stop trying to obtain information about Breach’s murder. Just moments after that warning, the contacts and call history on the reporter’s cell phone were wiped clean. According to the Citizen Lab, a watchdog group based in Canada, a powerful spyware tool called Pegasus was then being used in Mexico … to surveil journalists and hack into their phones.

ResearcherZero April 17, 2023 5:17 AM

The review will seek evidence from whistleblowers, charities, employers and regulators. It will run until autumn 2023, the government said.

Article 8(3) of the WBD prescribes that each legal entity in the private sector with 50 or more workers is required to establish channels and procedures for internal reporting. …there is no exception from this rule for group companies who have historically relied on central reporting channels operated by group functions.

This means employers who meet the threshold will need to establish local entity level reporting systems alongside existing global channels.

Member States should enact provisions to hold perpetrators accountable for forms of retaliation.

Protection for whistleblowers has been enshrined in UK law since 1998 through the Public Interest Disclosure Act (“PIDA”).

The EU Directive imposes much more stringent obligations on organisations than PIDA, particularly around the processes for responding to whistleblowing disclosures and protecting whistleblowers’ anonymity. Following Brexit, the UK is no longer obliged to implement the Directive.

who is covered by whistleblowing protections.
the availability of information and guidance for whistleblowing purposes (both on and that provided by employers).
how employers and prescribed persons respond to whistleblowing disclosures, including best practice.


Clive Robinson April 17, 2023 5:22 AM

@ ALL,

Apple don’t care they have put a family at repeated risk.

At first this story sounds just odd, but as the victim of Apple’s repeated incompetence he and his family with young children have been put at risk at all hours of the day by angry potebtially violent people.

For some reason Apple will not address it’s “Find me” is sending people who have lost their Apple products. They turn up on his door step at all hours of the day and all to frequently they are “confrontational” and make threats at the very least to call the authorities.

Apple have been made aware of the issue not just by the victim, but by an MSM but have faild to acknowledge the issue let alone resolve it.

Effectively Apple are “swatting” the family and their negligence could end up in a tragedy.

ResearcherZero April 17, 2023 6:41 AM

@&ers, Clive, MarkH

MAGA would have to defend him due to examples of past behaviour. The rules of handling classified information are very clear. The penalties for mishandling classified documents are also very clear, though there is wiggle room for severity of penalty.

“Trump showed classified documents, including maps, to political donors. The nature of the map and the information it contained is not clear.”

It does depend on how you cooperate with the investigation…

18 U.S.C. 1519 makes it a crime to alter, destroy, mutilate or conceal a document or tangible object “with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency.”

“Screwing around” with documents is frowned upon, or “monkeying around” in the same room. Even if the room is locked you are expected to behave responsibly at all times. It is made very clear that sharing classified documents with individuals who lack clearance, even unwittingly, is strictly a no-no, – especially at that level of classification.

&ers April 17, 2023 6:52 AM

Teixeira case FBI special agent affidavit is interesting and sheds some light
how they catched him and what methods were used.


“27. In addition, according to a second U.S. Government Agency, which can monitor certain searches conducted on its classified networks, on April 6, 2023, TEIXEIRA used his government computer to search classified intelligence reporting for the word “leak.”

ResearcherZero April 17, 2023 6:59 AM

Sharing of Vegemite is allowed, at least person to person.

“The variance in reports seems to stem from a confusion over the difference between importation for commercial use and importation for personal use.”

&ers April 17, 2023 7:08 AM


Biden isn’t clean here either.


But we all know that government and government agencies tend to
“overclassify” things. It is similar problem here, politicians and
government institutions classify information that is either already
public knowledge anyway or to hide some shady deals.

I like this:


Clive Robinson April 17, 2023 8:26 AM

@ ResearcherZero, &ers, ALL,

Re : The higher you are the less chance you will be pulled down.

“But we all know that government and government agencies tend to “overclassify” things.”

But also those at the top of the heirachy can effrctively ignore it. Because punishment is for the little people who lack the resources to rip those in power out of their seats.

Personally I suspect that whilst be a lot of noise over hierarchical heads and thus agency seniors not playing by the rules, they won’t get more than a slap on the wrist if even that with regards “classified information”.

Remember those Obama “group photos” where TS was visable on screens in those “official” photographs shared with the world?

The excuse argument would have been along the lines of no “mens rea” so no further legal action to take.

JonKnowsNothing April 17, 2023 11:24 AM

@Clive, All

re: Game Exploit v Game Mechanic

A good number of games have social hierarchies (guilds, kins, factions) and have mechanics in place for Top-Down ownership and membership. Some games have extensive rules in place and levels of trust, some have only rudimentary layouts.

There are 2 main issues in (nearly all) such games: Exploit v Mechanic. There is often a debate among the game players about what fits into each section. Exploits tend to fall into Unintended Benefits and Mechanics are Intended Play.

In the Mechanic category:

ex: Hostile Takeover. Some games have a mechanic that if the Leaders, Heir, Officers have stopped logging in for N-Days, the organization is open to Usurp by any existing member no matter how long ago they last played. If they login and see Usurp, the organization and all the kit belongs to them. (this is the actual mechanic of the article).

There are some games where this mechanic is a significant part of the game play.

ex: Lapsed Subscription: In one game, after players have lapsed their subscription by N-Days, all their buildings, materials, chests and contents, is open for Usurp by any other active subscription player. Some items can be claimed en-mass and some must be claimed 1×1. In this game, after the initial 3-6months of a new round of play, many players stop playing and let their subscriptions lapse. The remaining players plan and monitor carefully the timer for when things can be claimed. It’s a mass scavenger event at 3month and 6month intervals that is part of the game play. The key is that the subscription must have lapsed. If the subscription is current, then this cannot take place via that mechanic.

ex: Trusting the Untrustworthy: This mechanic is based on gaining the trust of a player or leadership into adding the Mole to their Trust List. Large playing groups hold group wealth, items donated by other players, generally for the purpose of assisting new players “gearing up” or enabling group play (raids) and special kit for challenge mode (hard mode) events. The Mole gains access to the chests or vaults where this highly desired kit is stored (in game terms) and Takes The Lot. (this was the implied mechanic in the article).

Under Exploits:

Account Theft by Share: These are conditions were someone has shared or given their ACCOUNT and ACCOUNT PASSWORD to someone else. Either they shared it with a family member or a friend. They may have disclosed it inadvertently without any intention of sharing. The MOLE logs into the account, changes the email and pw and Bob’s Your Uncle, they own 100% of everything that Account Owns. Normally Game Makers do not do anything at all about this because Account Sharing is against TOS/EULAS. At best, they will ban the account and lock it.

Account Theft by Hack: This is like any other hacking system, where someone figured out your login and pw but you did not share your information. Normally Game Makers will compensate you with a minimum of kit and coin but not fully restore your game assets. They will lock the old account and deactivate it permanently.

Of Note: There is a difference in most games with Micro-Store purchases and In-Game acquisition. If you paid through a micro-transaction, for which their is an audit trail, like purchasing a Grand House rather than crafting a Standard House, these assets maybe recovered or their credit-tokens returned. The original locations and contents will have been liquidated by the MOLE.

It’s not safe playing Pixels on a Screen.

Al April 17, 2023 11:38 AM

@Made In China = US Ally

China is a longtime ally of United States of America

Only in the sense that the enemy of my enemy is my friend. In the 1990s, the “enemy” was American labor. The oligarchs who run America decided that moving work to the low cost centers of the world would put downward pressure on American labor, and China offered itself as a low cost center.

All this big bad China stuff boils down to one thing, trajectory. The U.S. is freaking out over the trajectory in this chart.

But absent the policy changes in the 1990s, there would be no big bad China. Meanwhile, to China’s credit, they did lift 300 million out of extreme poverty. And the oligarchs did manage to see to it that a lot of labor missed out on economic gains.

But, where does it go from here? If the status quo continues, China’s economy will be larger than the U.S.’s in short order.

&ers April 17, 2023 11:57 AM

Don’t underestimate the power of fart.


Winter April 17, 2023 1:44 PM


All this big bad China stuff boils down to one thing, trajectory.

Not China’s GDP so much as China using the US$ it earns as trade surplus to invest in the belt and roads initiative instead of “reinvesting” (=donating) it in US government bonds.


China has around US$4 trillion in foreign reserves; so far more than 60 percent of the foreign reserves are used to buy US government bonds. The return on these bonds is low, with China’s foreign reserves constantly losing value due to appreciation of the Chinese yuan. Instead of lending money to the US government, China is investing some reserves in infrastructure along the routes to gain better financial returns and build political friendships.

Not “reinvesting” US$ from trade surpluses into the USA is a life-threatening danger for US financial industry and politics.

Everything that endangers the US$ is a casus belli for the USA.

ResearcherZero April 17, 2023 2:31 PM


When politicians want to leak information it’s totally cool. They can block information from being released as well. They hate a scandal, and love a good political opportunity. Even when it can be helpful for the public, and it may assist the public to make well informed choices, they can still block release.

Be on guard for people described as pseudonyms!

“An Australian man has been charged with selling information about the country’s defense and national security arrangements as well as those of other countries to two foreign spies. The couple offered him money for information about Australia’s defense and security arrangements, which he subsequently supplied in reports.”

The 55-year-old claims “large scale data”, “predictive analytics” and artificial intelligence are his areas of expertise.

The businessman has been charged with one count of reckless foreign interference, which carries a maximum penalty of 15 years in jail.

The AFP said it was believed that more people in Australia had been approached by “Ken” and “Evelyn”.

Current living standard of Indigenous Australians “completely unacceptable in today’s world.”

Indigenous people are 15 times more likely to be sleeping rough or living in improvised dwellings or tents.

Census data also shows that Indigenous people are more likely to live in a house with three or more people and are more than twice as likely to live in a house with six, seven or eight people.

McLeod says the reality is different and some houses have four or five families, each one living in a single room.


Indigenous households are about half as likely as other households to own their own home (36% compared with 68%).

After her mother died, the bailiff came to evict Knapp and her siblings from her mother’s public housing property before the funeral had even been conducted.

“Why did they throw us out when Cody still needed home care?” He’d suffered from kidney disease since he was three, and had been on dialysis for years.


used Housing Department funds to buy a $2.9 million home

(worked for foreign spies, kidnapped and ransomed children allegedly)


Paul Whyte’s corruption ‘pre-dates his time at Dept of Housing’ (early 1990’s)

ResearcherZero April 17, 2023 2:40 PM

Although Paul Whyte was caught by police in the early 1990’s, and found guilty of kidnapping and fraud, he walked free and was allowed to continue. Along with others. But don’t worry, many of the victims are in the local cemetery.

Clive Robinson April 17, 2023 3:21 PM

@ &ers, ALL,

Re : Natural Gas.

That is one heck of a lot of rare beef to deal with…

However I suspect many did not get burned alive, but more likrly crushed to death, suffocated or similar, when panic from a potential/probable stampede set in.

In essence herd survival at an almost genetic level would have set in and the animals on mass would try to force their way away from flames and smoke. In a closed barn which is what the report indicates it would have been fear driven madness on the hoof.

Even in open fields where there is no threat, if one animal gets spooked and runs, then herd instinct makes the rest follow from “Survival 101”.

I’ve seen this in a herd of maybe twenty cattle, and I asure you the Pamplona bull run has little on it. In narrow streets there are doorways you can dodge into and the bulls try to run down the center of the street. In a field there is neither a place to hide or a place to run and they not just out weigh you, they outnunber you as well…

About the only thing that scares me more on a farm is a paddock with a dozen horses in it because unlike cattle that have a poor turning circle horses on the run can change direction way faster than you can… And horses are not nice creatures, they are half mad and malicious even when they know you and you are coming to feed them.

Whilst goats can be troublesome it’s generally only the dominent males that can cause you real harm. Most goats are more curious and playfull than anything else and picking one of their hind legs up so their hind feet are off the ground generally stops any nonsense fairly promptly especially if they are biting. Goats are actually quite social creatures in a complex way but get used to people being around, and can get quite stressed when people are not around if they expect them to be. To keep goats happy give them platforms to stand on, and cover to hide out of sight and weather in and don’t put their food on the ground theyvlike it at chest hight or above. Oh and don’t forget to take then for a couple of mile walk on a stony surface every day, if you want to keep the vet bills down. Oh and no household food scraps… They get expectations and will be cantankerous if they are not met. A friend made this mistake and ended up having to make her goats toast and marmalade each morning just to get them out of the barn…

Clive Robinson April 17, 2023 7:30 PM

@ ALL,

Hybrid Warfare and Information Warfare within it

Some of you know about “Perun” and his YouTube channel where he puts up some well researched analyses of events at the far east of Europe.

His latest is,

“Russian Hybrid Warfare – Methods Theory & Ukraine : Propaganda, cyberwarfare & hybrid war”

I found it an interesting and at times amusing watch and I’m sure other readers here will do as well,

just remember he’s from down under so a little more robust in language than some wilting flowers might like, (ie calling something “Marketing W4nk” and pointing out why).

There is kind of an add at the front, you can skip to the 4min mark where things actually get going if you want to avoid it.

ResearcherZero April 18, 2023 1:01 AM

In January 2023, the Trojan was observed using icons of different software, such as ChatGPT, Chrome, Bitcoin, etc., to infect Android users…

Chameleon malicious applications are distributed through compromised websites, Discord attachments, and Bitbucket hosting services.

Putting pressure on banks to adopt a UK-style confirmation of payee (CoP) scheme.


“passing the buck”

The ACCC said: “As banks move towards more real time payments, there is a greater need for real time solutions that can identify and halt scam transactions via bank transfers. In addition, the ACCC notes that better processes could be developed to alert customers when an account number does not match a name.”developed to alert customers when an account number does not match a name.”

It pointed to the UK ‘Confirmation of Payee’ scheme as an example…

Fraud prevention tool ‘Confirmation of Payee’ (CoP) will be extended to a further 400 financial firms by mid-2024 under new plans outlined by the Payment Systems Regulator (UK)

The PSR has proposed that a group of almost 50 firms expected to have the biggest impact in terms of preventing APP fraud will adopt CoP by 30 June 2023.

Six of the UK’s major banks, including Barclays and HSBC, have introduced new security checks for all customers who transfer cash to friends, family, businesses and other payees. They were originally expected to start making CoP checks by June 2019 but multiple delays meant this wasn’t introduced until 30 June 2020.

ResearcherZero April 18, 2023 2:09 AM

“One of the ethical obligations particular to prosecutors is the duty of disclosure. It has been described as an incident of the entitlement to a fair trial, analogous to the right to legal representation, to be protected by the grant of a stay or discharge on appeal where a failure to comply with the duty will or has compromised the fairness of the trial.”

Under both the common law and professional conduct rules, Australian prosecutors are required to serve upon the defence all material in their possession that is relevant to determining the guilt or innocence of the defendant.

That requirement extends to material that is adverse to the prosecution case, and is fundamental to ensuring the defendant receives a fair trial.


Crown’s disclosure obligation

Prosecutors regularly withhold evidence from the defense that could blow holes in their cases. (and from victims of crime)…

…”The prosecution will not only release evidence that the defendant might be guilty of a crime but also release all evidence that might show that the defendant is innocent as well.”

Brady Violation

“the evidence is either willfully or inadvertently withheld by the prosecution”

Examples of when a prosecutor commits a Brady violation.

no accepting of bribes !!!

Criminal Code Amendment (Theft, Fraud, Bribery and Related Offences) Act 2000

lurker April 18, 2023 2:11 AM

When is a Service Centre not a service centre?
When it’s a 公安局, PSB or Public Security Bureau. The 2nd character 安 usually means peace or safety rather than Spy vs Spy security, and the colloquial translation is Police Station. It’s where the Chinese go for administrivia to their ID Cards, Drivers Licence, &c. Common Chinese citizens might be forgiven for expecting to find one in New York City, but the respective Chinese Govt Ministry ought to know better.

Mechnical April 18, 2023 5:52 AM

Big wave to everyone. I’ve been following this blog for almost 2 decades. This is my first post.

Thank you for all you have done and still do for the good of mankind.

Your “thinking hinky” and willingness to share your knowledge and experience with us all, is much appreciated. I do hope that you are healthy and will continue enlightening us for years and years to come!

A great website for a little insight


This caught my attention… (emphasis mine)

“A geofence warrant was sought in 2019 for Google which provided several subject phones in the vicinity of a murder. The court finds the warrant was not particular enough, but applies the good faith exception because geofence warrants were so new when this one was issued, officers were clearly acting in good faith. People v. Meza, 2023 Cal. App. LEXIS 282 (2d Dist. Apr. 13, 2023). Interesting read on particularity and overbreadth, but good faith will usually carry the day. I suspect GFE will always apply.”

Link to the ruling, long read but very informative on the controversial use of GeoFence warrants.


&ers April 18, 2023 12:23 PM


Something for you.


Scroll down a little bit, there’s a video, marked as a
“Russian diplomatic facilities serve as SIGINT nests in Europe”

OR, direct link


There’s an apartment house for Russian diplomats in Warsaw,
roof full of antennas on that video. What’s your estimate?

SpaceLifeForm April 18, 2023 4:57 PM

Re: OG

Connect the dots.


“I have a feeling that at least one, if not multiple people on the security side were asleep at the wheel,” Moss said. “How did he manage to not only get through supposed security improvements after Manning, Snowden, and Reality Winner, but also extract it without anybody noticing?

“Something’s not working,” Moss said.

Clive Robinson April 18, 2023 9:03 PM

@ SpaceLifeForm, ALL,

Re : Trust requires more than most have.

With regards,

““Something’s not working,” Moss said.”

In that he is correct…

It’s known that like the US Federal and State Governments have ICT issues so do their various “Guard Labour” organisations/entities.

In the UK we have a sarcastic expression of,

“You can’t get the staff”

Said behind somebodies back to imply to another that the person is not what they want in employees in some way[1].

But the reality is there is not enough actually suitable ICT staff and because bureaucratic organisations have fixed pay scales for what they see as “blue collar” thus low payed staff, they have difficulty filling the posts they desperately need filling.

Thus they often use the “any warm body” approach after all it’s a trade not a proffession in their eyes thus “A trained monkey” could do it in their view…

So when a capable person does come along, others will bend oak trees with their bare hands to get them on board…

Mostly appart from a few personality issues it works out, the job gets done even if not every face has a rosy smile on it.

However when mandated security is part of the job, it’s one oak tree that it’s best not to bend.

As I’ve already said the airman sounds “non neuro typical” as there are “Key Observables” in his reported social behaviours.

He might have a High IQ and be tchnically more than competent but is his mind that of an adult when it comes to what are mostly illogical conventions of bureaucratic hierarchies?

There is an expression you can look up called “Emotional Intelligence” which can explain quite a few seemingly odd things such as some people whilst exceptional at the jobs they do, and possessed of a very high IQ etc do not get rewarded or promoted and find for them that the glass ceiling is actually pushing them down.

I suspect from what has been said not only is the airman non neurotypical they also lack emotional inteligence. Possibly their actual social level is not yet realy that of an adolescent.

Whilst they may make a good technician and as a member of the military tick all the “first class” boxes duty wise, at security they will almost certainly “suck”.

The notion of security is a whole different ball game to technology and basic soldiering which basically mack sense. Security as practiced by bureaucrats is mostly illogical behaviour by incapable people basically “waving it around”…

To a non neuro typical person the response is going to be basically disregard it for what it is “nonsense”. Some will just “push through it”, others will just “work around it”, whilst others will just ignore it. Thus they will “do their own thing” to varying degrees.

Some will actually sit there and work out as many ways to subvert the nonsense as they can as a form of ridicule, and actually carry some of them out. When their emotional intelligence starts to “catch up” they become very adept at “thinking hinky” and whilst they can not “walk in anothers shoes” they can predict what they can do with a great deal of precision.

As I’ve indicated old English common law recognised that a childs mind was not capable of making certain decisions which is why the ages of 11, 18, 21, 25, and 35 had and in some cases still do get used as legal qualifiers. Such that 18/21 were considered ages at which you could enter into certain types of legal agreement.

If you look at US classify procedures for personnel they are actually “contracts”.

Now you have to ask the important question

“Should it be the mind or body age that should be used to asses legal competency?”

If it’s the mind then some non neuro typical people will not reach the average 21years olds,”emotional intelligence” untill they are in their physical thirties, if not much older.

In the case of this airman, this was very probably not considered…

And I can guess from experience what probably happened…

I rember when I was told to “sign the UK’s “Official Secret Act”(OSA) chit, I pointed out it required me to have read the act. As I pointed out I had not read it, had they got a copy for me to read… I was told,

“Just shut up and sign it, we don’t have time…”

So “as ordered” I shut up and signed.

Basically I’ve found that almost every one who signs it has been told the same if they query it, and never read either of the OSA’s or DORA, before or after signing…

And quite a few have breached DORA by signing a false name in a hotel register when on a “have it away night”. Me I alwaysed used a fountain pen with a realy dodgy nib and ink that dried so slowely it blotched badly, so nobody could read what I had written in cursive so curly it could have been “modern art by a drunk three legged spider”. As I once pointed out to a very senior officer who later wrote a book, DORA required me to give my real name, but it did not require me to write it in legible writing 😉

As I noted just a couple of days ago there are such things as “Permission by Omission”…

It might not be in the spirit or intent of the law, but if it’s not prohibited by the letter of the law, then it’s “not legaly prohibited” and the “not of prohibited” is “alowed”.

[1] One employer made the mistake of putting the comment in Email about a waged (paid by time worked) not salaried (paid a fixed ammount regardless of hours worked over a certain contractual number) employee who had declined to work extra hours without being paid for it (used to be called “work to rule”). For some strange reason that shocked the employer, the offending Email ended up as a print out with all the headers[2] in a court case and the employer lost a “constructive dismissal” case and had to pay compensation plus costs as well as enjoy having their name in print atached to extracts from the case, all most embarrassing.

[2] Something many do not realise when they say “headers are meta-data” is they are also,

1, Evidence
2, Meta-evidence
3, Meta-Meta-evidence

Thus subject to “elctronic discovery” which can drag in more of the same, thus like pulling a loose thread on a knited jumper the whole can unravel and leave deceiving people naked to the public gaze, with no place to hide.

ResearcherZero April 19, 2023 2:09 AM

@Clive Robinson

The emotional intelligence of some people in quite senior positions is not always too flash. There were a few odd things that would happen, that would make you wonder if you were not working in the school playground on occasion. Some approaches were a little cavalier, especially if they had doubts about something. Trundle out the front door right past security with reports in hand, sans authorisation.

“Jaguar Tooth,” is an example of a much broader trend of sophisticated adversaries targeting networking infrastructure to advance espionage objectives or pre-position for future destructive activity. While infrastructure of all types has been observed under attack, attackers have been particularly successful in compromising infrastructure with out-of-date software.

APT28 accesses poorly maintained Cisco routers and deploys malware on unpatched devices using CVE-2017-6742.

All Cisco admins should upgrade their routers to the latest firmware to mitigate these attacks.

Cisco also recommends switching from SNMP to NETCONF/RESTCONF on public routers for remote management, as it offers more robust security and functionality.

If SNMP is required, admins should configure allow and deny lists to restrict who can access the SNMP interface on publicly exposed routers, and the community string should be changed to a sufficiently strong, random string.

CISA also recommends disabling SNMP v2 or Telnet on Cisco routers, as these protocols could allow credentials to be stolen from unencrypted traffic.

Finally, if a device is suspected of having been compromised, CISA recommends using Cisco’s advice for verifying the integrity of the IOS image, revoking all keys associated with the device and to not reuse old keys, and to replace images with those directly from Cisco.


ResearcherZero April 19, 2023 3:34 AM

“The LATENTIMAGE exploit could also involve the iPhone’s Find My feature, as fmfd exited and re-loaded during exploitation, though we were unable to determine if it was the initial vector. In contrast to FINDMYPWN and PWNYOURHOME, the LATENTIMAGE exploit launches the Pegasus spyware via springboard, indicating a different exploit chain.”

NSO may have figured out a way to correct the notification issue, such as by fingerprinting Lockdown Mode.

“Processing these images caused crashes in the MessagesBlastDoorService process. These crashes give us glimpses of what the exploit was doing at various stages, and suggest that the exploit may have circumvented pointer authentication codes (PAC) in some cases by repurposing PAC-valid pointers already present in memory, such as signed pointers to callback functions present in constant structs.”

“… a particular memory copy gadget caused a segfault in the crash we observed. this gadget could be chained together to copy chunks of memory of arbitrary size, with the caveat that a single zero word is copied to the end of the destination.”

The Russian network for running its disinformation campaign is known as Fabrika. The analysis said Fabrika was succeeding even though Western sanctions against Russia and Russia’s own censorship of social media platforms inside the country had added difficulties.

“If I were the U.S. government, I would be taking this seriously but calmly,” said Ciaran Martin, former head of the United Kingdom’s cyberdefense agency. “I would be talking to the major platforms and saying, ‘Let’s have a look at this together to see what credence to give these claims.’”

Clive Robinson April 19, 2023 5:00 AM

@ ResearcherZero, ALL,

Re : CISCO IOS Operating System.

The first thing to note is all the interface attacks detailed happened to *nix OS boxes oh back before the end of the 1980’s if memory serves.

So say a third of a century ago… And so have been “known” longer than most people in ICTsec have been working in ICTsec… Makes you wonder what sort of “Functional / Regression Testing”[1] they were using. But importantly demonstrating a Corporate version of “We’re not learning from known history”…

As for “Simple Network Managment Protocol”(SNMP) this should have been dumped years ago. The clue it’s not “secure” is in the first word of the name. Put simply it was “designed for testability and use in a resource constrained environment” so security was not in the fundemental design but a later add on. Effectively a “Victorian Artisan”. “Design Pattern”, “Bolt it on over the cracks” disguised as an incremental design process.

Look at it this way a forged and rolled steal plate when welded up into a well designed structure will make quite a reliable and long service life “preasure vessel” however if you later drill holes that were not originally designed for, you will weaken the vessel and change it’s mechanical vibration and similar charecteristics, potentially creating “metal fatigue”[2] and dangerous short term failure. So every “bolt on” should be tested against the original design before anyone picks up a tool. As many will know this tends not to happen in the software industry and is one of the reasons for “technical debt” that can not be feasibly resolved.

[1] I remember a time when testing methodology was a hot almost flamewar issue. Put simply “Functional Testing” is supposed to be independent of the system development. That is it’s a form of “Black Box” testing.

With the contentious bit being where the tests were derived from,

1, The product Spec.
2, The development Functional Spec.
3, Non Spec or Known failures.

With “purists” saying something along the lines of only “1”… As otherwise the specification was deficient… (passing the buck 101).

I was of the view that all three and anything “stuck in the kitchin sink” should be used. However that gave rise to huge test sets that were not easy to automate and incurred significant time which managment are never happy about even in safety critical design… Hence the purists views might have had other unstated views behind there “one is the true way” type statments.

Regression testing loosely can be seen as employing a “feed back” style system that is usually “close to the metal” of development. That is as you develop code you develop tests for it, so the testing is not “black box” and frequently “local to change” or module rather than system functional. Each development step you run all the old tests, especially those that failed before and any new development derived tests. In practice it’s split down and the tests are run in the order developers think are most likely to fail first. So a “sliding window” methodology to allegadly speed the testing up (which is debatable thus a subject of long pro/con discussion).

[2] We know this chain of events happens and can become a real disaster. Not just with Victorian boilers exploding and gravely injuring and killing people. But the all important attendent loss of valuable propert which led to the first industrial safety legislation and thus the Phoenix like birth of engineering from artisanal ashes. But also in more modern times with the likes of the “Alexander L. Kielland” penta-leg platform losing a leg and “turning turtle”,

I have cause to remember it because the first platform I went on was DF97 that was a “sister platform” of the Alexander L. Kielland, to fit a “strain warning system” to raise an alarm should tensions in the moring lines change out of accepted ranges. Because of this one of the off shore engineers on DF97 explained in quite some detail why the leg had come off and why early warning signs had been missed.

Clive Robinson April 19, 2023 5:24 AM

@ ResearcherZero, ALL,

Re : Alleged Fabrika successes.

“The Russian network for running its disinformation campaign is known as Fabrika. The analysis said Fabrika was succeeding even though Western sanctions against Russia and Russia’s own censorship of social media platforms inside the country had added difficulties.”

Russias disinformation campaign is in effect a,

“Delay a response to our first strike so it can consolidate.”

Tactic, which is basically “throw anything and everything at our targets allies” to create not just “analysis confusion” but also create as much public noise as possible so it becomes a “political distraction” thus causing “response delay”.

For those that want to know more about how it works, the Australian “Perun’s” analysis from open information is both informative and well presented with moments of humour (and the occasional “Aussie vernacular” such as “Marketing W4nk” that might trip an over sensitive NSFW filter),

“Russian Hybrid Warfare : Methods, Propaganda, cyberwarfare, & Ukraine.”

ResearcherZero April 19, 2023 5:40 AM

@Clive Robinson

Perun’s video is a pretty good look at how it all works.

covertly funding and directing candidates for local office within the United States

“four U.S. citizens and three Russian nationals with working on behalf of the Russian government and in conjunction with the Russian Federal Security Service (FSB) to conduct a multi-year foreign malign influence campaign in the United States.”

ResearcherZero April 19, 2023 7:06 AM

“These devices can contain troves of information that can be used by bad actors in targeting and carrying out attacks.”

“used configurations had not been wiped… and worse, the data on the devices could be used to identify the prior owners along with the details of their network configurations” VPN, credentials, hashed root administrator passwords, router-to-router authentication keys and information about how the router connected to specific applications used by the previous owner, credentials for connecting to the networks of other organizations—like trusted partners, collaborators, or other third parties…

They are S&M nightclubs, and the workers come already dressed.

“The overseas police stations you mentioned simply do not exist.”

China says the overseas outposts are not police stations but service centers that help Chinese nationals with tasks such as renewing their driver’s licenses.

Clive Robinson April 19, 2023 8:46 AM

@ ResearcherZero,

Re : Not illegal Secret Police Outposts

I would expect nothing less from an authoritarian state, with such a tight surveillence on people –who are not even their citizens but ethnically similar– that to anyone not versed in modern surveillance and interrogation techniques would think they were mind readers who can see their most private moments.

So the,

“They are S&M nightclubs, and the workers come already dressed.”

But as movies show, such faux leather skin wearing numpties should have “dead piggy eyes” to match their “piggy trough maners” but total lack of porcine inteligence or social behaviours.

What the Chinese Government actually says is irrelevant, more than one nation say that these buildings and those who work in them do not have diplomatic status.

Thus are subject to those nations legal systems and tests.

From what I’ve read, these places pass “the duck test” for authoritarian police state guard labour.

If the siruation were reversed we know that China would have no hesitancy to execute such people as spys / infiltrators / terrorists / agents of a hostile power, as they have already done on several occassions.

Whilst the US is not that authoritarian yet, perhaps the people involved with these centers should be “disapeared” into “Special Administative Measures”(SAM) of the like already being inflicted on others.

That way it might “send a message” as the Chinese State frequently trys to do.

It would after all forefill the desires of the overly religious GOP members who so believe in the word of their self created deity thay espouse “Eye for an Eye” and “hang’m high” for whistleblowers.

&ers April 19, 2023 4:20 PM


Seems you have missed my post.

And UK is a target now.


lurker April 19, 2023 6:34 PM

@ResearcherZero, Clive Robinson

In China the PSB or Public Security Bureau is the neighbourhood Police Station. It is both less and more “Secret Police” than the FBI. I have dealt with the PSB frequently for such trivial matters as helping a small town hotel keeper fill in the forms properly to register a foreigner staying at his place. I have had my papers photographed numerous times in backwoods places for what I am confident was no more than trophy bragging rights for the photographer.

It seems odd that they should mistake NYC for Frank Sinatra’s “Chicago”.

lurker April 19, 2023 6:38 PM

re used gear market

Been there, done that, oh maybe 35 years ago or more. As @Clive is always singing, “When will they ever learn?”

ResearcherZero April 19, 2023 7:59 PM



Boats disguised as fishing trawlers and research vessels are gathering information about infrastructure in Nordic waters.

The investigation focused on one Russian naval ship, the Admiral Vladimirsky, which has previously been designated a “vessel of interest” by Western intelligence.
Russia officially claims that it is an Expeditionary Oceanographic Ship used for marine research, however intelligence sources told DR it is in fact a spy vessel.

The severing of an underwater data cable off the Norwegian coast last year, which authorities said could have been caused by human activity, is also believed to be possibly connected to the Russian programme. The underwater data cable serves the world’s largest commercial ground station for satellite communications.

Norway expelled 15 Russian diplomats on suspicion of spying. …most of the 15 diplomats were working either as spy handlers or intercepting telephone and data traffic. …they were employed either by Russia’s civilian spy agency, the FSB (Federal Security Service) or by the GRU, which runs military intelligence.

ResearcherZero April 20, 2023 12:11 AM

Radio waves with wavelengths longer than about 15m are blocked by Earth’s ionoshere.

Because the universe is constantly expanding, the 21cm signal generated by hydrogen in the early universe has been shifted to much longer wavelengths. As a result, hydrogen from the cosmic “dark ages” will appear to us with wavelengths greater than 10m.

The lunar far side is permanently shielded from the radio signals generated by humans on Earth. During the lunar night, it is also protected from the Sun. These characteristics make it probably the most “radio-quiet” location in the whole solar system as no other planet or moon has a side that permanently faces away from the Earth. It is therefore ideally suited for radio astronomy.

Would you like to purchase used solar glasses, cardboard with a hole in it, and this extra piece of paper?

Too late – everyone packed up and left already.

Winter April 20, 2023 3:15 AM

In another discussion I came across a paper of interest, as the title will make clear:

Dying for the Economy: Disposable People and Economies of Death in the Global North

This essay explores the idea of dying for the economy that has been a proposition supported by President Trump and the Republican Party in discussions about how to reopen the economy in light of the COVID-19 pandemic and massive lockdowns. While to most of us this seems like crazy talk, I argue that the loss of some peoples’ lives in order to sustain a buoyant economy is a rationale acceptable to many in the corporate sector as well as their pro-business political partners. I first explore theoretical discussions about biopolitics, necropolitics, and the long historical relationship between capitalism and death. I then point to an emerging literature on “economies of death” and apply that to the opioid epidemic in the United States as an illustrative case of a “necroeconomy”. I reflect upon parallels between the opioid epidemic and the COVID-19 pandemic, turning to current debate in the United States about reopening the economy versus the associated public health risks of further lives being lost. The rhetoric of these debates reflects widespread economic values that prioritize some lives over others, making explicit who is ultimately “killable” in the quest to return to a flourishing and efficient economy.

ResearcherZero April 20, 2023 3:54 AM

Corals, like many other species, contain light-sensitive proteins called cryptochromes, and have recently reported that in the stony coral, Dipsastraea speciosa, a period of darkness between sunset and moonrise appears key for triggering spawning some days later.

L-Cry can respond to both strong light akin to sunlight and dim light equivalent to moonlight — light over five orders of magnitude of intensity — but with very different consequences. L-Cry is, in effect, “a natural light interpreter.”

Clive Robinson April 20, 2023 4:26 AM

@ Bruce, usual suspects, interested others,

Russia and UK waters area subsea service attacks.

There have been concerns about the vulnerability of subsea services in and around UK waters for quite some time now, I’ve pointed out just how vulnerable these services are over the years on this blog, even to just accidents with ships anchors and how it’s been indicated that both China and North Korea have submarine cable cutting ability. With the UK and US and potential other Five-Eye countries like Australia having the capabilities not just to cut but tap into subsea data cables.

As a concequrnce I’ve more frequebtly also mentioned the flip side of this. That is surveillance and how these data cables not just carry the bulk of the Global Internet traffic, but also form “choke points” that make traffic analysis to unmask the likes of Tor and similar mix net traffic “visable” thus “tracable” in near “real time”. Well the flip side of those choke points is vunerability to sabotage.

Whilst this had been a slowly increasing risk for decades, of late things have been more suddenly escalating. You may remember the outcry about Russian “War Games” at sea over a point in the seas south of Eira (Southern Ireland) where many transalantic cables use a (un)fortunate geological feature that is kind of like a valley –starting in the Bristol Channel– leading down gently from the European Continetal shelf and one of the reasons why Eire has such a very high number of “cloud” systems located there. I’ve also mentioned Bude in the South West of England where for historical reasons and geography many Trans-Continental cables come ashore which with a major satellite station congregate a vast amount of world and especially European international traffic (oh and where it’s been long “suspected” GCHQ sticks it’s “camels nose” into things).

Well it’s not just data cables that go subsea it’s energy services as well. I think most are aware of just how vulnerable petro-chem “Pipe Lines” are now due to the way both “Nord Stream” sub sea services from Russia were “mysteriously” sabotaged last year. And importantly how “difficult” it has been to investigate, which is why “suspects” are still being sort. With importantly the subject of “Ghost Ships” arising.

But also consider all those off shore “Oil Rigs” and how their petro-chem products get a shore these days since the likes of “Brent Spar” went bobbing off one Xmas, and “the front fell off” and the like, disasters with oil tankers.

But it’s not just petro-chem for many years there has been a very high power electrical cable between France and England, put in place after original plans for “D-Day” back in WWII showed it would be viable. It’s intended use was to help “load ballance” peak demand in both countries (in part because of different time zones thus energy demands for cooking and heating water). Well over the years such “power link” cables have gone up not just in number but in efficiency and thus distance, with one now going from North Australia to Singapore,


A distance of 5000kM which is going to be extraordinarily difficult to “guard” thus protect from sabotage by “state sponsored” submarines or “ghost ships” or even more clued up and technically sophisticated terrorists from “pleasure craft”.

But also there are rapidly increasing numbers of “wind farms” sprouting up like weeds in the lawn. It’s been estimated that on shore wind farms in the UK could with appropriate design provide the equivalent of half of Europes current energy demands. Then there is the slowley comming of age “wave power” systems that will not just generate energy but help reduce coastal erosion especially around very vulnerable land “reclaim” schemes.

But what are “Ghost Ships”, well quite a few people are aware that all civil aircraft beyond a certain size are required to have ADSB transponders that give their position and other information. With also the hobby that has arisen of “tracking them” including untill recently a “twitter account” reporting where “Hell on Rusk’s” private jet is. Some aircraft have their transponders turned off and these were known as “Ghosts” because of the way they appeared in radar based,air traffic control systems (think “Ghost in the system” expression). The most news worthy “ghost” was the MH370 flight to China that disappeared. A side effect of which is that it showed how little Radar coverage there realy is in most parts of the world and that it stops a very short distance “off shore”.

Well there is a similar requirment for ships to have transponders and keep them turned on. But many especially “Ex-Communist States” like China and Russia that run large illegal fishing fleets do turn them off very regularly. Hence such vessels are known as “Ghost Ships”. But… unlike aircraft shipping radar has much greater coverage and ships of even quite small yacht size are visable and easily trackable from space and surveillance aircraft using synthetic aperture radar that can “see wakes” and similar surface water disturbances from even a rowing boat or foot print in the sand if the “Defence Journals” are to be believed. It’s one of the reasons I’ve pointed out that all “surface vessles” especially those like the US Carrier Groups are extreamly vulnerable to “hyper sonic stand off missiles” and “drone mines” carrying nuclear devices.

But it’s important to note that whilst called Ghost ships they are not at all invisable and are tracked. So where they came from, when they turned their transponders off, and where they turned them on again, and which ports they went to or other ships they met up with is known. Something Drugs smugglers who lost close to half a billion USD of drugs at sea off of Italy recebtly are probably now realising,


But this knowledge is not going to stop state sponsored “Ghost Ships” doing “sub sea sabotage” and Russian “Ghost Ships” are proliferating and appearing in areas where sub sea services are effectively unguarded and undefended, or worse currently not defendable at all (though technology to change this is in nascent development).

Unsuprisingly with Russian behaviours of late that is causing sufficient concern that MSM Journalists have just started reporting on it,



Clive Robinson April 20, 2023 6:07 AM

@ Winter, ALL,

Re : Dying for others profit.

As you note various people like Jeff of Amazon think that people should work themselves to death so he can profit greatly.

In turn tiny fractions of such profit by legislation friendly to that aim.

And we know from “Trump and the meat packers” during C19 that a US President was quite happy to use draconian legislation to force people to “work to death” for the sake of the 1%ers profits.

But it’s also a vicious circle as well, in the quote you give for the paper we find,

“I then point to an emerging literature on “economies of death” and apply that to the opioid epidemic in the United States as an illustrative case of a “necroeconomy”.”

The main reason their is an opioid crisis in the US is US Health Care.

Specifically it is insuranced based.

US Drs get to see a lot of patients who have minor but debilitating physical injuries the cure for which to often full recovery is “rest and physiotherpy”.

But the Drs know that,

1, The patient can not rest as they will loose their income and suffer all that entails.
2, The health insurance the patient is on will not pay for a propper course of physiotherapy.
3, That the pain of the injury will force the patient to stop working.
4, The use of pain killers will enable the patient to keep working.
5, The patient working will agrivate the injury.
6, The worsening injury will require opiates in increasing doses.
7, The increased use of opiates will become an addiction then fatal in a relatively short time.

So you can see the Dr realy has no choice because of “Health Care insurance profits”. A certain “family” vastly profits on drugs that cost virtually nothing in other parts of the world. Various US Federal and State agencies profit from ensuring those opiate profits. The early deaths mean no pension or benifts need be paid out by Goverbment or Finance / insurance industries.

Thus the whole US “System” profits from “death by opiate poisoning” that Drs are forced into forcing on their patients.

I’ve mentioned bits of this in the past here but it’s been contentious. However now this issue is rising not just into but up into even the quite affluent US middle classes, people are starting to wake from that “American Dream”.

Unfortunately despite the warnings the current UK political incumberats are desperately trying to damage the UK NHS as an excuse to adopt these “lethal” US Healthcare systems for what is “personal profit”…

Winter April 20, 2023 6:29 AM


The main reason their is an opioid crisis in the US is US Health Care.

When you read the paper you will find that the US Health Care system made the Opioid crisis visible, but the same forces are active less visibly in many other places.

SpaceLifeForm April 20, 2023 3:09 PM

That’s a nice domain name you have there,
be a shame if something happened to it.



Petre Peter April 20, 2023 6:02 PM

And what are we preserving?
We are preserving their right to choose what they’re gonna’ preserve.

Clive Robinson April 20, 2023 10:40 PM

@ SpaceLifeForm,

On a personal note, I hope things in your life are resolving in a way that makes things less untoward and stressful.

And I look forward to a time that you are back at your previous measure.

Take care and may peace be a constant companion as you move forward.

Nick Levinson April 21, 2023 1:38 AM


A nation (or a subunit thereof) controlling a domain that’s not under that nation’s jurisdiction is legally unlikely, even with the new terms and even if those new terms are applied to all top-level domains. It would be in the interest of registrars and name holders to keep the domain and deny foreign assertions of name control; and there is a general principle of international law that no nation may interfere in the internal affairs of another nation and therefore that no nation can have worldwide jurisdiction just because that nation wishes it. There are exceptions, mainly in a breach of sovereignty (including by war) that is justified by law, but those are only exceptions. So, for example, I don’t think the People’s Republic of China will take over the top-level domain .tw of Taiwan or the second-level domain of The New York Times, other than redirecting within China’s borders, which is already lawful by the norms of international law.

SpaceLifeForm April 21, 2023 4:03 AM

@ Clive

Thank you for your kind thoughts.

It is getting better, slowly.

A apanner was tossed, as while my mum died 2 months ago, my brother died a month later. It was no fun finding him dead.

But, I am a plodding turtle, and continue to pay attention.

In fact, if I did not do my daily inofosec research, it would drive me crazy.

There is so much to do, but I can only do so much per day. Doing infosec research is my outlet to not ruminate on my own personal real life issues.

Let’s put it this way, I have done a bunch of writing on envelopes.

‘Return to sender, addressee deceased’

Anyway, I popped back over here for a reason, and now I have to find the tab.

SpaceLifeForm April 21, 2023 4:07 AM

Re: Voiceprinting

Just the text ma’am, just the text.


Clive Robinson April 21, 2023 6:13 AM

@ SpaceLifeForm,

I’m glad to hear progress is forward.

But don’t leave the joy of odd things out of your life.

The man in this YouTube video,

Has a car of some distinction as you can see…

But what he’s not saying is where he is and the problems he has had in that area…

Across the water you can see a piece of coastland in the distance. What he’s indicated before when being interviewed by other “channels” is what you can nit see which is a rather secure Naval Base. That is used for ‘Oh so secret’ things to be brought in and taken away. He himself also used to work at White Sands, and his daughter is a US Marine with quite some technical and engineering “skills”.

Any way on more than one occasion he’s been reported to the authorities who come up to see what he’s doing. The civil authorities once they know, and now know him often stop for a friendly chat when they see him and a chance to take an unofficial “coffee break”.

Not so the naval police… who really should go on a “How not to give secrets away course”.

They basically have accused him of spying on an oh so secret ship. As he pointed out to them you can not see anything from where he’s located, but more inportantly they should not tell him that an oh so secret ship is tied up…

Anyway his car realy is something to be seen by the curious, even if they are not that interested in radio. He mentions things like why his yagi antennas are a certain length… Which is so he can drive down the road using them broad side on…

Not sure what it is he did in the past but he’s certainly learnt a lot of tricks you’ld expect only a certain type of engineer to know.

Clive Robinson April 21, 2023 6:36 AM

@ SpaceLifeForm, ALL,

Did you spot the incorrect advice in the top of the artical of,

“What do you do? Your safest option is to hang up and call your daughter back.”

Whilst that might be true of mobile phones it’s not true for POTS / Landline phones.

They are “circuit switched” and to alow you as the recipient of a call to transfer the call in your home to another phone on the same line. When you “hang up” it does not “clear down the circuit” thus those making the call still have control of your phone.

All they need do is play “dial tone” untill you start to dial… and as a bad side effect decode the DTMF for your “daughters mobile” in the process thus be able to call her to jam her mobile if they feel they need to, or to get further details to strengthen their scam. But when you stop dialing then play ring tone for a few moments then continue the scam as though you have dialed back, when in fact the original call is still in progress.

What you should do is dial another number that does not belong to you or people you know or do business with. Use say a mobile number such as those that appear on the sides of tradesmans vans or on their business cards etc…

If you get your daughters voice back then you know you are definately being scammed…

If it times out then you might need to use another number.

But, the best thing to do is be aware of such scams and similar. Thus ensure you and your daughter have a prearanged code question / response. Similar to “What was the name of your first pet?” but obviouly different and either fake or a lot more private.

JonKnowsNothing April 21, 2023 10:40 AM

@ SpaceLifeForm, @Clive, All

re: POTS When you “hang up” it does not “clear down the circuit”

This was a common form of scam, pre-cell phones.

People would call some “phone number of interest”, often fortune tellers or other groups that preyed on lonely people (1), that had a specific area code for Bill By Minute. The other end would do all sorts of delaying tactics, putting people on hold, going AFK, to increase the amount of billable time. If the target hung up, the scammers kept the line open, racking up more billable time.

An enhancement to the scam was that the other end was located outside the US, making enforcement and recovery of billed amounts impossible. The phone companies rarely canceled the billed minutes.

Even legitimate tech support used the Bill by Minute scam, leaving people on hold for long periods before transferring the call.

Like SLAMMING it was very difficult to prevent.


1 a)
Lonely people are still major targets for all types of scams. Some come from outside the person’s circle of known people, and some are inside jobs. All of them seek to remove the assets of the person and transfer them into their own names.

It is presented as “A good idea” or “Just as a backup” or “I need $$$$ to fix my (pick an item)”.

Now lonely people connect through Social Media, and are subject to a wider range of predatory manipulation.

1 b)
When POTS lines were common and there was an actual Operator on the other end, lonely people would call the Operator just for a few minutes of conversation and contact with another human. People got N-number of Operator calls per month, and Operators became a de facto social services interface.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.