Friday Squid Blogging: Peruvian Squid-Fishing Regulation Drives Chinese Fleets Away

A Peruvian oversight law has the opposite effect:

Peru in 2020 began requiring any foreign fishing boat entering its ports to use a vessel monitoring system allowing its activities to be tracked in real time 24 hours a day. The equipment, which tracks a vessel’s geographic position and fishing activity through a proprietary satellite communication system, sought to provide authorities with visibility into several hundred Chinese squid vessels that every year amass off the west coast of South America.


Instead of increasing oversight, the new Peruvian regulations appear to have driven Chinese ships away from the country’s ports—and kept crews made up of impoverished Filipinos and Indonesians at sea for longer periods, exposing them to abuse, according to new research published by Peruvian fishing consultancy Artisonal.

Two things to note here. One is that the Peruvian law was easy to hack, which China promptly did. The second is that no nation-state has the proper regulatory footprint to manage the world’s oceans. These are global issues, and need global solutions. Of course, our current society is terrible at global solutions—to anything.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Posted on May 19, 2023 at 5:06 PM68 Comments


Ismar May 19, 2023 5:27 PM

It looks like the Peruvians might have been better off planting the tracking devices on the ships covertly

wallace May 19, 2023 6:28 PM

Interesting article about better steganography using AI.
Includes link to paper with proof on arxiv
“Perfectly Secure Steganography Using Minimum Entropy Coupling”

Jon May 19, 2023 6:40 PM

Actually, I’d say the law did do what it was supposed to do – drive illegal activity somewhere else.

But like unionization, it only works if everyone gets in on the deal, and enacts (and enforces) similar legislation until it becomes unprofitable to keep disobeying the law(s). J.

Alan Kaminsky May 20, 2023 10:22 AM


On the contrary, I’d say the Chinese vessels are still fishing illegally, without installing monitoring devices, exactly as they were doing before. They just don’t bring their catch into Peruvian ports any more.

Joe D May 20, 2023 12:21 PM

Google has enabled passkeys to secure access to your accounts, in addition to the traditional password-based option.

It essentially ties your access to your accounts to a physical device – phone, computer, etc.

Personally, I’m not switching yet (if ever) because I keep thinking of weird edge cases like losing the phone and thus losing access to my stuff. Not that I have a lot of stuff with Google, but still…

Anyone else have thoughts on that?

vas pup May 20, 2023 4:26 PM

Israel high-tech and Korea industry groups sign accord on cybersecurity cooperation

“The Israeli High-Tech Association this week signed an agreement with a Korean cybersecurity industry group aimed at fostering ties and encouraging business cooperation between cybersecurity and information security companies in both countries.

The Korean delegation consisted of representatives from Korean cybersecurity companies, including LG Electronics, Coontec, Secui, Darktracer and eNsecure. During their visit, they met with Israeli cybersecurity firms, including Claroty, Integrity, Waterfall Security Solutions, Embedded Solutions 3000 and Cyber 2.0.

Under the agreement, the industry associations will facilitate cooperation through mutual visits, seminars and business meetings between companies in both countries in light of the growing global threat of cyberattacks.”

AL May 20, 2023 5:38 PM

@Joe D
I like “testimonial” password, or in other words, intangible passwords for now. I haven’t decided that this push towards hardware based passwords is being done for my benefit. I feel in fuller control with an intangible password.

tor May 20, 2023 6:04 PM

seeing that a modem connected to any isp can be used to man-in-the-middle you. This is because the modems have designed to allow such a thing, all they need is a court order (scratch that). Tor would offer no protection. This leaves people vulnerable to attack etc…

- May 20, 2023 7:58 PM


“seeing that a modem connected to any isp can be used to man-in-the-middle you.”

All ISP’s no matter what they say will store information about any visable metadata originating from your connection. This becomes ‘Third Party Business Records’ that they own and have control and copyright over, not you. As such many agencies can gain access to them without any form of oversight legaly required or otherwise.

All TOR network Gates/Guards are known by their IP Address, which is part of the visable metadata from your connection. That is your connection to the TOR network Gate/Guard makes you an identified ‘TOR User’ and so probably ‘Puts you on a list’.

Also your TOR traffic will have other visable metadata such as exactly when packets were sent and received, the number of packets and quite a lot more that will identify the stream of traffic and it’s probable contents.

The same is true for just about any VPN you might consider using, as an intermediate step to TOR. So will not hide your TOR usage.

Winter May 21, 2023 6:24 AM


That is your connection to the TOR network Gate/Guard makes you an identified ‘TOR User’ and so probably ‘Puts you on a list’.

So the consideration is what is worse, using Tor using things, not using Tor and doing the same things, or stop doing these things.

I think that hose drawing up the lists prefer the latter two choices over you using Tor. But YMMV.


re: lawful interception

No one can help you here.

no commenr May 21, 2023 7:04 PM

Re: the Imitation Game

What happens if you dump a ChatGPT output into one of those text gender analyzer apps ?

ResearcherZero May 21, 2023 7:42 PM

Election Interference

There will always be culture wars and abuses of power.

Everyone targeted by foreign interference was warned individually in advance. They were repeatedly warned. Those warnings have gone largely ignored for decades.

People were lost gathering that intelligence… and then it was largely ignored, or not taken seriously. Ignoring those warnings is an invitation for foreign medling!

“its fullest import may yet lie ahead: as a rationalization for abuses of power by Trump-legacy administrations of the future.”

Missed the point: Durham himself acknowledges election interference.

Durham’s report is yet another invitation.

March 1981

Warning on Siberia to Germany pipeline

“…when Russian policy became more aggressive, we should have listened more to our partners,”

“They don’t see all the work and all the effort that goes into countering certain threats.”

“They are just seeing a little piece of the pie, and then on their own, I’d say somewhat arrogantly, decided that they have the prerogative to inflict this damage for whatever cause they may have.”

“Russian officials have angrily denied any plans to attack Ukraine and dismissed Western concerns about the buildup near the country.”

“Incoming National Security Advisor Michael Flynn called Russian Ambassador Sergey Kislyak and asked Russia not to escalate the situation in response to the sanctions. The following day, Putin announced that Russia would not take retaliatory measures in response to the sanctions at that time. Hours later, President-Elect Trump tweeted, “Great move on delay (by V. Putin).” The next day, on December 31, 2016, Kislyak called Flynn and told him the request had been received at the highest levels and Russia had chosen not to retaliate as a result of Flynn’s request.”

That proposal, which would have benefited Putin significantly, came from a Russian spy who tried to get former President Donald Trump to endorse his plan.

Over the course of many months from 2016 to 2018, Kilimnik sought to use Manafort’s position in Trump’s orbit to influence U.S. policy and push what Kilimnik described in emails as a Russia-endorsed plan to end the conflict in Ukraine, seemingly to Putin’s advantage. During a key August 2016 meeting at which Manafort gave campaign polling data to Kilimnik (who then allegedly passed it on to Russia), the two men discussed that possible “peace plan.”

“President Trump reacted negatively to the Special Counsel’s appointment. He told advisors that it was the end of his presidency, sought to have Attorney General Jefferson (Jeff) Sessions unrecuse from the Russia investigation and to have the Special Counsel removed, and engaged in efforts to curtail the Special Counsel’s investigation and prevent the disclosure of evidence to it, including through public and private contacts with potential witnesses.”


ResearcherZero May 21, 2023 7:50 PM

“the C.I.A.’s counterintelligence mission center had looked at dozens of cases in the last several years involving foreign informants who had been killed, arrested or most likely compromised. Although brief, the cable laid out the specific number of agents executed by rival intelligence agencies”


Sometimes foreign agents would show up outside a funeral to admire their handiwork. Yet those lives are ignored, along with the intelligence that was supplied for the benefit of those who then ignored it.

Those deaths are not a “hoax”, and should not be ignored. They were real people with very real families.

ResearcherZero May 21, 2023 10:02 PM

“Previously unpublished videos and chat logs reviewed by The Washington Post, as well as interviews with several of Teixeira’s close friends, suggest that he was readying for what he imagined would be a violent struggle against a legion of perceived adversaries — including Blacks, political liberals, Jews, gay and transgender people.”

On a regional basis it’s the southern swath of the country — in cities and rural areas alike — where the rate of deadly gun violence is most acute.




The New York Post then goes on to push antisemitism and conspiraciesin an article about antisemitism, conspiracies and gun violence


A Letter To The New York Post

ResearcherZero May 21, 2023 10:06 PM

One day…

“Trump and Fox have flipped the model, constructing a reality that would not be accepted as scripted drama. In flipping it, they protect it from the more serious kind of examination… One day there will be a reckoning of his actual impact and a sober disentangling of fact from fiction.”

“I don’t understand anything about American sport,” he told me breezily, “but I know the coloreds like it.”

I told him that in America we no longer used the word “coloreds,” that it was considered insulting.

He looked at me the way Queen Victoria might have looked at a footman who had told her she was using the wrong fork to eat her pheasant.

All the corruption exposed in England – hacking, political payoffs, dirty cops, hush-money settlements – is also happening here

“[Rupert Murdoch] is responsible for Fox News. Fox News has played, by far, the largest single part in the polarization of American politics, in the amplification of political hatred. I would challenge anyone … to nominate which individual alive today has done more to undermine American democracy than Rupert Murdoch.” — former Australian Prime Minister Malcolm Turnbull

ResearcherZero May 21, 2023 10:48 PM


Rupert Murdoch could be forced to appear before royal commission

More than 500,000 Australians signed the online petition.

…the Murdoch media has no intention of reforming its news outlets. To accept fault and to commit to change would be to admit something is wrong with the organisation.

“the governor-general has now “amended the Letters Patent to extend the Royal Commission into the Robodebt Scheme” so it has until July 7 to present the report, a slip potentially created by lengthy procedural fairness requirements surrounding potential adverse findings that could result in public servants being sacked, demoted or having their medals stripped.”

there has been a systematic erosion of the principle of ‘frank and fearless advice’

Sandbagging by the Australian Public Service to limit the damage to its senior and middle ranks from the looming findings of the Royal Commission into the Robodebt Scheme has started in earnest, with the commonwealth discounting the evidence of a special administrative probe by expert Andrew Podger

ResearcherZero May 21, 2023 11:22 PM

It is important to recognise that Australia plays an important role and can secure Julian’s release.

…If there is political will, a solution will be found, it is up to the principles to find that solution.

A press freedom survey conducted by the MEAA in 2022 showed more than 92 per cent of media worker respondents feared that threats, intimidation and harassment of journalists was on the rise.

“Australia is now at 39th position on the world press freedom index and that’s down from the high of 19 just about four years ago,” Mr Greste told Sky News.

“Slipping 20 places over the past four or five years is, frankly, catastrophic (and) we’ve got to do something to improve the state of press freedom in this country.”

Mr Greste said a combination of “draconian” national security laws and highly concentrated media ownership created a difficult situation for journalists in Australia.

More than 80 per cent supported stronger legal protections and four in five supported the introduction of an Australian whistleblower protection authority.

In 2011, Wikileaks, with Julian Assange as its editor, received a Walkley Award in Australia for its outstanding contribution to journalism.

…whether or not the State Department regards Julian Assange as a journalist who is — who would be covered by the ideas embodied in World Press Freedom Day?

JonKnowsNothing May 22, 2023 12:43 AM

@ResearcherZero, All

re: Australia plays an important role and can secure Julian’s release

The only people who think AU can do anything about JA situation are those hoping for a miracle.

AU doesn’t have enough money to pay his ransom and what they might have had, they traded for the promise of NukeSubs (AUKUS) that they will never see delivered.

The USA and UK tweeked AU very well and played on their Down Under Complex. They got AU to dump the French Subs that were on schedule for delivery, slicing AU off the EU. Then they got AU to agree to UK-US Subs that do not exist and likely won’t ever exist, dumping sizable funds into UK pockets. Plus they got AU to expand the USA Mil foothold in AU, many more times the previous size there.

All in all, if AU wants those Imaginary AUKUS NukeSubs, they will be serving AS up on the BarB.

Whale eyes May 22, 2023 1:41 AM

@- May 20, 2023 7:58 PM,

It’s “Tor” not “TOR.”

It’s usually always the sign of someone who is clueless/newb about the Tor project.

SpaceLifeForm May 22, 2023 1:50 AM

Reflections on Ten Years Past The Snowden Revelations

(Our host here contributed to this)


JonKnowsNothing May 22, 2023 9:07 AM


A MSM report on the state of Super Computer Rankings, has an interesting subtext. This is a periodic listing of the abilities of Publicly Known Super Computers. Governments submit the stats for ranking. The Non-Public Super Computers are generally far more powerful than the ones listed. Often the ones listed (USA) are provided to Universities and Research Programs.

In the subtext, China did not submit any details of their super computers.

  • Chinese have several exascale-class systems capable of going toe-to-toe with the US’s number-one ranked Frontier system. China just isn’t talking about them.
  • US Department of Energy’s Frontier supercomputer was the first exaflop system to grace the Top500
  • known since 2021 that China’s Sunway Oceanlite and Tianhe-3 systems had exceeded the exaflop barrier in the Linpack benchmark
  • Oceanlite and Tianhe-3 systems aren’t using chips from Intel, AMD, or Nvidia. … based on homegrown chip architectures.

The rhetorical question:

  • The question becomes: What does submitting two or more Chinese exascale systems to the [ranking list] achieve, other than to piss off the US Commerce Department and risk even stiffer sanctions …?


HAIL Warning Active

h ttp s://www.theregister.c om/2023/05/22/us_china_top500_may_2023/

(url fractured)

JonKnowsNothing May 22, 2023 9:22 AM


re: AI Generated Literature for Sale

HAIL Warning Active

A MSM article indicates a writer has produced and sold 97 short novels all generated by ChatGPT and the Claude AI for the writing portion and Midjourney to create the images for each book.

Each book is made of ~5,000 words, contains ~140 images and take roughly ~8 hours to finish.

The author sold 574 copies and made $2,000 for the 97 works, over a 9 month period.

The literary value might be called Vanity Press.(1)


1) It should be noted that some great works were initially printed via Vanity Press.

ht tps://www.theregister.c om/2023/05/22/ai_in_brief

(url fractured)

Winter May 22, 2023 9:43 AM


The author sold 574 copies and made $2,000 for the 97 works, over a 9 month period.

The only question that is relevant is whether the buyers liked the books/stories?

- May 22, 2023 10:26 AM

@Whale Eyes: May 22, 2023 1:41 AM

‘It’s “Tor” not “TOR.”’

Ah the sign of an outsider wanting to appear an insider and failing to do even a little research, thus ‘outing themselves’ rather publically.

Just so you know in future ‘Tor’ is a name that ‘The Tor Project’ tend to use as the name of their ‘software project’ as part of their logo. But a quick look on their pages shows they use ‘TOR’ as well,

ht tps://,out%20onto%20the%20public%20Internet.

Others use the difference between ‘Tor’ and ‘TOR’ when talking not about the project, but about the model and principles that the project is built on.

Those principles which you should know long predate the work done by the US Gov sponsored people at the Naval Research Lab in the mid 1990’s (Oh and they did not call it ‘Tor’ either). In fact the idea goes back at least as far as before a postal service.

Thus as far as ‘Tor’ and ‘TOR’ is concerned a distinction was made oh more than a decade ago, some years before Jake Appelbaum was made a public target in the US on a ‘Kill the messenger to kill the message’ principle, or as others say for other political reasons. It’s been pointed out by some that he was got at because of his work supporting Wikileaks and Juilan Assange as well as his work on the Ed Snowden Trove of documents.

So remember, for those that care to starch their hair underware,

Use ‘Tor’ for when you talk about The Tor Projects software which is a specific implementation.

However use ‘TOR’ for when you talk about the implementation independent underlying model and principles on which ‘Tor’ is built (and the significant,failings of that model and principles).

The use of capitals catches out a lot of people do you know when to use ‘Internet’ or ‘internet’?

Does it matter? To most not realy these days, that is most normal people go with the context of what is written, because that is where the information is communicated. But there are always a few who think they gain some kind of superiority in their own little way by raising some gramatical etc issue, which is why there is a common term for them.

So one just for you ‘Polish polish’ enjoy.

ResearcherZero May 22, 2023 3:06 PM


That is why I have long supported nuking Australia.

Keep data in the EU, WTF asks Facebook?

Schrems, the Austrian privacy campaigner, said Meta’s plans to rely on the new deal for transfers going forward was unlikely to be a permanent fix.

The Irish watchdog, which is the lead EU regulator for many of the world’s top technology companies because of the location of their European headquarters in Ireland, has said the suspension order could create a precedent for other firms.

The Irish regulator has fined Meta more than any other tech firm and has 10 other inquiries open into the social media group’s platforms.

Somewhere in New Oceania

ResearcherZero May 22, 2023 3:16 PM

Australia needs nuclear submarines if it is to become Stalinist Russia…

Mr National Security (Peter Dutton), architect of new surveillance laws and expert on political correctness, invokes his favourite author George Orwell over virtue signalling and wokeism.


“deliberate misinformation doesn’t make a counter argument. It diminishes democracy.”


As Dominic O’Sullivan, a professor of political science at Charles Sturt University, told CheckMate: “It makes recommendations but they’re not binding.”

This point was echoed by Professor Boast, who said the tribunal “can only issue non-binding reports”, and that while it might occasionally critique government policy or legislation, it was “up to parliament and the government of the day whether they wish to accept the tribunal’s views or not”.

It’s a fundamental aspect of the rule of law in Australia that the judiciary ensures the Constitution is respected, which the amendment follows.

Indigenous voice to parliament will not confer special rights


The executives of the big media companies maintain close ties to political leaders, which fuels doubts about the editorial independence of the outlets they own.

This oligarchic model prioritises business interests to the detriment of public-interest journalism.

Can you use the following terms – wokeism, political correctness and virtue signalling in a sentence? Perhaps with a little more grace. 😉

ResearcherZero May 22, 2023 3:53 PM

Fishermen lost in Indian Ocean


modem phonemes May 22, 2023 6:39 PM

Re: Something you know, something you have, something you thought you were

“Unlike password authentication, which requires a direct match between what is inputted and what’s stored in a database, fingerprint authentication determines a match using a reference threshold. As a result, a successful fingerprint brute-force attack requires only that an inputted image provides an acceptable approximation of an image in the fingerprint database. BrutePrint manipulates the false acceptance rate (FAR) to increase the threshold so less approximate images are accepted.”

Clive Robinson May 22, 2023 7:58 PM

@ modem phonemes, ALL,

Re : Finger Print readers don’t store image of print.

“… fingerprint authentication determines a match using a reference threshold. As a result, a successful fingerprint brute-force attack requires only that an inputted image provides an acceptable approximation of an image in the fingerprint database.”

The last bit of “image in the fingerprint database” is not exactly true in most cases…

The images are too complex to have been stored so for many years only certain features and their scalable loci were stored.

Faking fingerprints to beat fingerprint readers has been known about and demonstrated for four decades since the 1980’s (I’ve mentioned this before on this blog[1]). More recently it’s been shown that even a distorted photograph of a fingerprint would work with some readers.

Oh and many “police evidence” fingerprints if seen by a Jury would probably cause them to acquit the defendent, because they look nothing like the prints of the defendant. Yet judges nod them through their courts and defense barristers for some reason don’t challenge them, so the jury never gets to see them…

[1] I knew how to make false fingerprints using the red wax from Edam Cheese, Latex Rubber Solution Glue and WD40 as “mold release” oh around 1970. Later I ended up working as a design engineer in a company that developed some of the first fingerprint readers. I demonstrated making faux-fingerprints and using them to bypass the reader… My boss was not happy and very shortly there after I was looking for a new job… The lesson : in business there is the right sort of smart and the wrong sort of smart and you never know which is which untill it’s too late.

ResearcherZero May 23, 2023 3:57 AM

@modem phonemes

They are old phones. iOS encrypts the data, and Android does not.

Hence the importance of encrypting data moving over the bus. A security system is only as strong as it’s weakest link.

Lev Parnas and his business partner were arrested in 2019, accused by the U.S. government of funneling a Russian oligarch’s money into American political campaigns.

DeSantis gave back the contribution after Parnas ran into legal trouble.

DeSantis frequently – in more than 20 texts – appealed to fellow Floridian Parnas for introductions, advice and other fundraising help during his hotly contested campaign for governor. The texts also reveal that Parnas served as an intermediary between DeSantis and former New York City Mayor Rudolph Giuliani, who at the time was the personal attorney of then-President Trump.

Election data Manafort handed to Russian Intelligence officer was of critical importance, determining 98 percent of the campaign’s resource allocations

“identified voter bases in blue-collar, democratic-leaning states which Trump could swing,” including in “Michigan, Wisconsin, Pennsylvania, and Minnesota.”

“sufficient to predicate the full counterintelligence investigation because it provided the FBI an articulable factual basis that, if true, reasonably indicated activity constituting either a federal crime or a threat to national security may have occurred or may be occurring.”

An open invitation…

“Russia, if you’re listening, I hope you’re able to find the 30,000 emails that are missing,” Trump said at 10:30 a.m. on July 27, one day after the Australian cable was sent to the State Department.

It was midafternoon in Russia when Trump made his statement, and that same day, […] Russian hackers “attempted after-hours to spearphish for the first time email accounts at a domain hosted by a third party provider and used by Clinton’s personal office.”

“My people came to me, [Director of National Intelligence] Dan Coats came to me and some others, they said they think it’s Russia. I have President Putin, he just said it’s not Russia. I will say this: I don’t see any reason why it would be,” Trump said.

“The Russians surely arranged the Lavrov visit to capitalize on all of this and to send a message to the Ukrainians that they’re basically on their own now and need to cut the best deal they can since the U.S. backstop is largely inoperative.”

I was used by Trump and his personal lawyer Rudy Giuliani in ways that helped pave the way for Putin to invade Ukraine, my native land.

“I watched Donald Trump give a campaign speech praising Russian President Vladimir Putin and calling the U.S. intelligence community “lowlifes.” Meanwhile, the people of Ukraine are dying by the tens of thousands.”

ResearcherZero May 23, 2023 4:37 AM

Tweets with images supposedly depicting an explosion near the Pentagon building in Arlington, Virginia, were amplified by many verified Twitter accounts, including a Russian state media one with millions of followers and a verified account impersonating the Bloomberg news agency.


ResearcherZero May 23, 2023 8:51 AM

Don’t count your chickens before they hatch.

‘aware of his subpoena obligations’


Trump and his allies may have used Corcoran’s services to further a crime.

The fact that prosecutors invoked the exception in a sealed motion to compel the testimony of the lawyer, M. Evan Corcoran, suggests that they believe Mr. Trump or his allies might have used Mr. Corcoran’s services in that way.

ResearcherZero May 23, 2023 9:58 AM

“It turns out reef manta rays are even more vulnerable than we thought—but scientists say we’re now in a better position to save them.”

“designate that area as a critical habitat”

Mantas and devil rays are both mobula rays, a genus that includes nine species, nearly all of which are listed as endangered by the International Union for the Conservation of Nature. That’s partly because these rays have slow reproductive cycles and typically produce just one pup per pregnancy.

In 2008, researchers discovered that there are actually two distinct species, the reef manta ray Mobula alfredi

… and the giant oceanic manta ray Mobula birostris

Geographic Range Mobula birostris

On December 31, 2015, Peru took a major step toward helping giant manta rays when it passed a resolution that not only bans manta fishing but also requires that fishermen immediately release any mantas caught accidentally as “bycatch” back into the ocean.



A single ray in a tourist hotspot can generate up to one million dollars in its lifetime — but is worth only $500 dead.

highly developed long-term memory

high cognitive function

ResearcherZero May 23, 2023 10:15 AM

“With hard numbers in hand, some argue that science is at the beginning of a movement — one that will encourage systemic changes to improve the mental health of researchers over generations to come. Others argue that change is happening too slowly for young scientists who are already fleeing science — an effect that could have grim consequences for the future of research and society itself.”

Scientists have raised concerns for years about the impacts of all these pressures on mental health. But a series of studies in the past few years are now providing hard data. And the findings show that the situation is dire.

quantum compass tested on water for the first time


Tony The Tiger May 23, 2023 10:16 PM


‘It’s “Tor” not “TOR.”’

Just go to the official IRC for Tor and sometimes a few developers are present. Ask them if writing “TOR” usually means a newbie.

You sure trigger easy, don’t you? 😀 That didn’t require much effort.

ResearcherZero May 24, 2023 4:48 AM

Murdoch’s press such as Fox and NYP are not the only outlets that engage in dubious tactics. Other publications, such as the Epoch Times, The Spectator, and The Intercept, also engage in inauthentic behaviour. However Fox has a very wide reach, drives much of the outrage, and the resulting push-back.

In essence, illegitimate behaviors are the same problem whether domestic or foreign actors use them.

“Russia’s goal was to exacerbate the divisions that already exist in this country to destabilize our democracy.”

“influence operations often target wedge political issues that generate strong opinions—this logic results in harmful content being organically shared and integrated into a country’s political discourse”

Hybrid Interference as a Wedge Strategy: a Theory of External Interference in Liberal Democracy

Countering Information Influence Activities: The State of the Art


Critical voices are important, but much of the tripe being published cannot be described as carefully researched analysis. It is largely trash which does nothing to inform or educate it’s consumers/viewers. Rather it is dividing and endangering civil public discourse, while putting lives at risk.

Petre Peter May 24, 2023 3:22 PM

A Camera pointed straight at you all the time. What a divine madness. Utopia!

vas pup May 24, 2023 7:08 PM

Goats as an early warning system in Italy

“Be it an earthquake or a volcanic eruption, Italy’s goats can sense when a natural disaster is imminent. On Mount Etna, they flee before instruments register that anything is happening. Scientists want to use this ability as an early warning system.”

I guess animals feel very law frequency vibrations as harbinger of earthquake or volcanic eruption meaning animal sensors are more sensitive. Just opinion.

ResearcherZero May 24, 2023 10:03 PM

unknown zero-day vulnerability


fake Skype installers and malicious Word documents

Clive Robinson May 24, 2023 10:28 PM

@ vas pup, ALL,

Re : Animals as portends of doom.

“I guess animals feel very law frequency vibrations as harbinger of earthquake or volcanic eruption meaning animal sensors are more sensitive. Just opinion.”

It’s not just “goats” or “vibrations”…

I know when certain types of bad weather are highly probable, by the colour of light in the sky, changes in temprature, how the air tastes and smells, and several other indicaters like how my tinnitus is effected, and yes how long ago mended broken bones ache.

When I used to do a lot of sailing, fell walking, mountaineering and similar sports, people used to marval at how I could sense “bad weather coming on a sunny day”.

Even though I could tell them exactly why I “sensed it” they thought it was akin to “witch craft” or similar.

The important thing to remember is it’s not just one sense, nor even a combination of senses, but how a combination of senses progress in time.

Can these senses be physically measured by instruments mankind can make? yes, but are they meaningful individually? mostly no.

I actually see this “portend of doom” ability to be something rule extracting AI would be incredibly usefull at, but nobody in academia or similar has decided to look at it yet…

Which is a shame as something like half a million people a year die needlessly due to “natural events” that can not just be readily detected building up, but in most cases easily avoided once you are aware they are building up and have enough time to act on the knowledge both sensibly and calmly.

Remember, I’m known for saying,

“There is no such thing as an accident or ‘act of god’, all physical processes are predictable if you have sufficient information and time to act on it (with the appropriate knowledge and ability to apply it).”

Even “bolts from the blue” are measurably predictable, the problem is generally even though they are ‘fairly localised’, they are usually ‘insufficiently definitive’ untill too short a time period to act on the information. That is you as an individul can feel / detect the charge build up by a “greasy feeling” in the air, in around a quater to half square kM area over a period of a minute or so. But the charge usually only localises to a “break-down” point at most a few seconds prior to the initial pilot stroke (not all of which actually become full strokes of lightening).

Thus the trick is not just going to be “recognizing the signs and symptoms”, but “knowing and reacting in a timely manner” without too many false alarms etc.

ResearcherZero May 24, 2023 10:47 PM

@Clive Robinson

It is much easier to predict the weather when you spend a lot of time outdoors in the natural environment. You definitely pick up on indicators more readily.

In an urban environment I have to then start looking for indicators from the trees, plants and birds, as there are less natural indicators in urban environments. When spending more time ‘in the elements’, you do become more attuned to said ‘elements’.

Full public inquiry not needed, but some public inquiry could be conducted.

“Mr Johnston’s report was also critical of some of the media reports on the meddling claims, saying they were based on limited information and lacked context.”

And while Mr Trudeau’s government has faced accusations it failed to act on specific instances of interference, Mr Johnston said he found no example of the prime minister or others “knowingly ignoring intelligence, advice or recommendations on foreign interference”.

“No recommendation about a network of candidates was made as no network was known to exist,” the report said.

Even when MP’s and candidates are warned they complain.

A private warning is not placing “a shadow of doubt over everyone”.

That could be described as a gross exaggeration.

“You just cast a shadow of doubt over everyone,” the MP said.

The MP said CSIS warned him, in a face-to-face encounter, to “be careful” because the diplomat in question was “not trustworthy” and “might be seeking information.”


And if they are not warned, as it is not deemed necessary, they also complain…

Perhaps politicians have been influenced by the heightened state of paranoia and partisanship…

“heightened paranoia was particularly acute in states where adherence to mask mandates was low”

Individuals with a general paranoia tendency were more likely to respond to the global health threats in a suspicious and distrusting way.

ResearcherZero May 24, 2023 10:56 PM

Politicians need to stop passing the blame onto intelligence agencies and start taking more personal responsibility.


“Our public leaders have an obligation to set an informed example, to guide the citizens down the right path, to support government action designed to protect the citizens – not to thumb your nose at them. We expect our public officials to set an example and to uphold a higher standard.”

Institutions embody and safeguard certain values that are important to a society. Institutions guard these values against overt attacks and the forces of erosion.

Each person has responsibilities to the community and others as essential for a democratic society.

The Public

“…incivility can have devastating consequences in a free society by undermining the rule of law, free speech, and peaceful conflict resolution.”

“When people engage in incivility, they aren’t only disrespecting each other, but also disrespecting the institutions that uphold the rule of law.”

Here are some tips that perhaps politicians could also pay attention to…


Clive Robinson May 24, 2023 11:42 PM

@ ResearcherZero, ALL

Re : Volt Typhon / Living of the land

This is further proof that,

“ICTsec does not learn from it’s history”

Without going into the depths of it, all it is realy about is effectively command line “redirection or injection” rather than “read from file”.

I was doing this sort of thing on PDP11-70’s and similar runing Unix back in the 1980’s…

The fun trick was to “reprogram a users terminal keys”. In essence you got to send a user a stream of “escape codes” to their VT220 or similar terminal, that reprogramed a standard use key to send commands. So when the user pressed the key it was like the user had typed in the commands themselves. This used to be easy to do as Unix had a user to user chat mode that was developed before such programable terminals existed.

You could do similar by other methods, one of which I upset quite a few people with…

The issue was “virtual terminals” on AT&T Sys Vr4 running on 486 PC’s back in the 1990’s. The function keys at the top of the keyboard could be used to switch between eight virtual terminals (linux still gives this today). The issue was logging out and logging in.

When you logged out any virtual terminals you had been using went into a form of limbo. Their buffers were not cleared thus any command you had typed in but not pressed enter on remained “pending”. When a new user logged in the login process sent returns and clear screen commands to all the virtual terminals… So any commands User 1 had left “pending” got executed unser User 2’s UID…

What if User 2’s UID was “0” or “root”?

Well look up something called a “SuSh attack”, short for “Set user Shell” what it does is to copy a copy of the shell program like “/etc/sh” etc to a directory owned by User 1 with permissions that alow User 1 to run it, but importantly using User 2’s ID… So if user 1 is just an ordinary user with no privileges, and User 2 was root, User 1 had a command line executable they could use, but with all of roots priveledges. It was the original “Privilege Escalation Attack” and the trick I discovered with the virtual terminals that made it oh so easy to do, was technically a “Command Line Injection Attack”…

So yes what “Volt Typhoon” is doing is a quite serious “Command line Injection Attack” but it’s nothing new. So giving it a dumb name like “Living of the Land” is crass at best, and helps hide the fact that Micro$haft has yet again for maybe the twentieth time that I can think of been successfully attacked by a realy old “Unix hack” fixed on Unix three decades or so ago…

So my perennial question arises,

“When is the ICT industry going to learn from it’s living history?”

In Micro$haft’s case it seriously looks like the answer is “Never”.

ResearcherZero May 25, 2023 12:39 AM

@Clive Robinson

I used similar tricks at school on other students, ‘to teach them to back up their work’. That is the excuse that I’m using. At the time I imagine I was just being malicious and annoying. Consequently I was caught by the teacher and had to admit my mistake, and demonstrate what I did.

Fortunately that student had backed up their work and only lost a few lines.

“I was not paid by any party for any activity, I never sought any payment, none has ever been offered,” he said.

“I have never assisted any companies to win any contacts. If my advice is sought I provide it freely.”


Robert emailed himself an internal document from the council about upgrading lighting systems that cost the council about $10 million a year.

How he obtained the document is not clear, but what he did with it is now known thanks to the leaking of a cache of emails that reveal Robert as a backroom deal-maker for business figures in his inner circle. He also emailed a Taiwanese company, Formosa Energy, whose executives he had met weeks earlier on a taxpayer-funded visit to Taipei.

The leaked emails reveal Synergy 360 then contacted Formosa directly and proposed the Taiwanese firm pay Synergy 360 a sum of $57,000 to secure the Gold Coast contract. Included in the pitch was content from the internal council memo that Robert had earlier emailed to himself.

Money was being paid by Synergy 360 directly into a trust ultimately owned by Fed Qld LNP MP Stuart Robert – Australian Property Reserve

Robert deleted his interest from the register in 2018

However Stuart Robert remained a “beneficiary of the discretionary trust, as a potential beneficiary”

SpaceLifeForm May 25, 2023 12:40 AM

@ Clive, ALL

Rocket Science

From ‘

The first computer in space used 39 bit words, 26 bit data 13 bit instructions and ran at 7kHz – it was weird.


#Space #Computing #History #NASA

ResearcherZero May 25, 2023 1:28 AM

@Clive Robinson

“When is the ICT industry going to learn from it’s living history?”

Some time after young punks stop complaining on the internet about capitalism and democracy would be my guess.

SpaceLifeForm May 25, 2023 1:34 AM

Suez Canal catches another one

Xin Hai Tong 23

I doubt it is as stuck as the Even Given was.

ResearcherZero May 25, 2023 1:59 AM

“Defenders must evaluate matches to determine their significance, applying their knowledge of the system and baseline behavior. Additionally, if creating detection logic based on these commands, network defenders should account for variability in command string arguments, as items such as ports used may be differ across environments.”

It is a very difficult problem to contend with. They are exploiting the system against itself.

It is also a problem of resourcing.


SpaceLifeForm May 25, 2023 6:02 PM

AWS, again?



This time, SuperVPN has exposed a whopping 133 GB of data, including personal details of its unsuspecting users, such as IP addresses.

ResearcherZero May 25, 2023 11:56 PM

“The malware is designed to cause electric power disruption by interacting with IEC 60870-5-104 (IEC-104) devices, such as remote terminal units (RTUs), that are commonly leveraged in electric transmission and distribution operations in Europe, the Middle East, and Asia.”

…the discovery of new OT malware presents an immediate threat to affected organizations, since these discoveries are rare and because the malware principally takes advantage of insecure by design features of OT environments that are unlikely to be remedied any time soon.


“deployed a digital twin of the infrastructure of the energy facility and developed automated attack scenarios”


When the implant begins executing, it selects which application context it’s running within. After this activity starts, it will record the thread ID that it is running inside, then register a hook on the ioctl activity in that process.

ALIEN is not just a loader but also an executor — its multiple threads will keep reading commands coming from PREDATOR and executing them, providing the spyware with the means to bypass some of the Android framework security features.

ALIEN hooks the ioctl() function in, which is responsible for inter-process communication (IPC) in the Android framework. The ioctl hooks are structured to allow the implant to communicate with itself (on forked processes) and with other implant components.

The spyware takes the “__progname” of the process that is currently running and then uses it to decide what set of functions to call. The processes looked for are: zygote64, system_server, installd, audioserver (alien_voip) and a second version of audioserver (alien_recorder).

SELinux policy-applied zygote process prevents all kinds of access to sockets, except for Unix-type local ones. …by storing the recorded audio in a shared memory area using ALIEN, then saving it to disk and exfiltrating it with PREDATOR, this restriction can be bypassed.

This is a simplified view of the process — keep in mind that ALIEN is injected into the zygote address space to pivot into specialized privileged processes inside the Android permission model. Since zygote is the parent process of most of the Android processes, it can change to most UIDs and transition into other SELinux contexts that possess different privileges. Therefore, this makes zygote a great target to begin operations that require multiple sets of permissions.

The spyware can also add certificates to the current user-trusted certificate authorities.

ResearcherZero May 26, 2023 12:08 AM

Hacking of civil society victims in Armenia with NSO Group’s Pegasus spyware.

Circumstantial evidence suggests that the targeting is related to the military conflict in Nagorno-Karabakh (also referred to as the Republic of Artsakh in Armenia) between Armenia and Azerbaijan.

Substantial evidence exists, meanwhile, to suggest that Azerbaijan is a Pegasus customer, and the targets would have been of intense interest to Azerbaijan.

The Citizen Lab’s ongoing internet scanning and DNS cache probing has identified at least two suspected Pegasus operators in Azerbaijan that they call “BOZBASH” and “YANAR.” According to the Citizen Lab, The YANAR Pegasus operator appears to have exclusively domestic-focused targeting within Azerbaijan, while the BOZBASH operator has targets including a broad range of entities within Armenia.

The Citizen Lab previously found Pegasus one-click SMS infection infrastructure masquerading as Azerbaijani political websites. Amnesty Tech’s research has also identified Azerbaijan-linked domains that point to Azerbaijan as a likely Pegasus customer.

Cytrox’s Predator spyware has been implicated in abuses around the world and was a subject of the E.U. PEGA Committee inquiry. Meta also identified targets of Cytrox’s spyware in Armenia.

“Our analysis found individuals in Armenia targeted with NSO Group exploits including PWNYOURHOME, FINDMYPWN, FORCEDENTRY, and KISMET.”


Reporters, editors, or media company owners, human rights defenders, lawyers, opposition figures, and academics.

ResearcherZero May 26, 2023 3:22 AM

Pack suspended security clearances, rather than removing the executives in other ways, in order to “circumvent otherwise available procedural protections and legal restrictions on removal of executives.”

Firing someone over political affiliation is typically a violation of federal civil service law.

After the suspensions, Pack “then hired a private law firm to provide post-hoc justifications” for his actions.

That’s where the power paradox begins, which is that very sense of ourselves when feeling powerful leads to our demise, leads to the abuse of power.

Corruption erodes trust, weakens democracy, hampers economic development and further exacerbates inequality, poverty and social division.


The lack of laws and professional ethics that regulate corruption as a criminal offense may lead to an increase in abusive power and control.

Permanently Stopping Abuse of Power in the Executive Branch

Winter May 26, 2023 3:57 AM


Firing someone over political affiliation is typically a violation of federal civil service law.

A Trump appointed official being incompetent and abusive, even violating the law?

How did this person ever slip through the “best and brightest” vetting of that administration?

PaulBart May 26, 2023 9:05 AM

Russian hackers “attempted after-hours to spearphish for the first time email accounts at a domain hosted by a third party provider and used by Clinton’s personal office.”

+1 Trump At least he tried to get at those deleted emails, unlike the FBI(elite un-American front organization).

Clive Robinson May 26, 2023 11:34 PM

@ MarkH, SpaceLifeForm, ALL,

Re : The horses, the jockeys, or the course?

“According to press reports, it was refloated within 3 hours.”

When something happens in a horse race, there is often a “stewards enquiry” as to what happened and why.

Sometimes they realise that the course is the cause of the problem.

Sometimes they need several such incidents to make ot clear…

But we know in this “race for the prize money” the horses are getting bigger, and the jockeys are being pushed to make them run faster. So have things got beyond the safe limits of the course?

I’m comming to the conclusion the answer to that is “yes”. Which suggests three sensible solutions,

1, Go back to smaller horses.
2, Set the jockeys a slower pace.
3, Knock the curves out of the course.

You can bet the “course owners” will not do any of them. What they will do instead is,

“Not upgrade or maintain the course, exonerate the jockeys, and fine the horse owners.”

Because that minimizes costs and maximizes income in the short term.

MarkH May 27, 2023 4:42 AM

@Clive, SpaceLifeForm:

The Ever Given grounding made headlines because it was so extraordinary.

From a few statistics I found, it seems that on average cargo ships run aground daily, if not oftener. Surely most accidental groundings are undramatic, and not very costly.

Cargo ships are lost at an average rate of more than two per month; reducing groundings may not merit top priority.

After the Ever Given debacle, the Suez Canal Authority launched a project to significantly widen (+40 m) and deepen (+ 2m) the single-lane section in which the 2021 grounding occurred. If work is on schedule, it should be completed this year.

Clive Robinson May 27, 2023 12:31 PM

@ MarkH, SpaceLifeForm,

“From a few statistics I found, it seems that on average cargo ships run aground daily, if not oftener. Surely most accidental groundings are undramatic, and not very costly.”

What statistics? General or specific to the cannal?

If general, mostly the point of grounding is away from a foreshore and below the tide line and is not ground owned or of profit potential to anyone.

Thus the cost would fall on the ship owner / operator who would have to pay for getting the vessel refloated, repaired as well as pay compensation to cargo owners and have to swallow the cost of lost business.

“Cargo ships are lost at an average rate of more than two per month; reducing groundings may not merit top priority.”

Again the costs fall on different people so would not figure in the cannal owner/operators interests, as long as any floundering does not cause them loss of throughput in ships, or maintenance of banks etc.

“After the Ever Given debacle, the Suez Canal Authority launched a project to significantly widen (+40 m) and deepen (+ 2m) the single-lane section…”

This is often called “Shuting the stable door, after…”

This cost fell on the cannal owner / operator, who immediatly bounced it sideways onto those with cargo on the Evergreen, and the Evergreen’s operators and owners… Even though by the general rules of “pilotage” the person responsible for the grounding thus costs were the “pilots” employed by the cannal owner operators[1]. However the Egyption Government see things diffetently[2] and their courts forcably took over the Ever Given under force of arms. Even now more than a couple of years later, the littigation involved has hardly got going, and is still in the “passing the buck” phase.

But as for the cannal, Egyptian Officials mindfull that ~12% of global trade goes through the cannal and the income it brings to Egypt were very keen to avoid reputational damage from the incident… So spun up what appears to be a load of twaddle by declaring Egyptian efforts heroic in the salvage operation, instead of the compleate mess history of the event shows. Also President Abdel Fattah al-Sisi swiftly pledged investment to avoid any repetition of the crisis, and in May of 2021 approved “a two-year project” to widen and deepen the southern part of the waterway where the ship ran aground. Which is likely the project you refere to with,

“[T]he Suez Canal Authority launched a project to significantly widen (+40 m) and deepen (+ 2m) the single-lane section in which the 2021 grounding occurred. If work is on schedule, it should be completed this year.”

It’s work that should have been done a couple of decades ago, and actually needs to be carried out along much of the cannal not just that stretch. Because ships are getting larger, faster than many facilities can carry out upgrades for them. Officially these newer larger ships are “a Green Solution” being supposadly more energy efficient per kg of cargo / nautical mile. The reality is the costs of shipping have been in decline for years due to competition and reduced primary routes. In essence your cargo in a 20ft Equivalent Container, gets put along with maybe 20 other peoples goods and the container gets moved locally from regional transportation hubs to international transportation hubs and onto a vessle of Ever Given’s size or now larger…

As for the upgrade project I’m unaware of it being likely to be finished any time soon… Thus look for “long grass kicking”, till the next major incident, wheels the President out for another round of spin up the camal / ass.

[1] See the “The Hague-Visby Rules” Article IV, Rule 2 states that:

“Neither the carrier nor the ship shall be responsible for loss or damage arising or resulting from:

Act, neglect, or default of the master, mariner, pilot, or the servants of the carrier in the navigation or in the management of the ship”

The “pilot” was as noted by international law, in charge of the vessel, superseding the authority of the, master/captain, mariner at the helm, mariners in charge of the engines or any other method required to maintain stearage.

Which is why the ships insurers refused to pay the ransom demanded, which in turn made the ships owners turn on those who had cargo on the ship, an ongoing process that may never finish, just time out.

[2] There is however a couple of problems…

2.1 since the 1980’s Egypt claim that their laws, that hold them and their servents free from the norms and conventions

2.2 So a “Suez Crew” insisted on by the Egyptian Government go on each vessel to “take charge”.

However it’s been known for years that those “Surz Crews” are not exactly competent at the best of times and are mostly “on the make” one way or another. Worse they don’t care who knows,

Thus combined this alowed the Egyptions to seize the vessel,


And an Egyption court to enable the equivalent of piracy and hold the vessel, it’s Indian Crew and cargo for ransom.

[3] Since the incident with the Nord Stream petro-chem pipelines that carried a very significant part of East Europes energy, “global trade” along with “supply chain attacks” had rissen rather rapidly up many Nations “National Security Concerns” lists. The general “profile” of the canal and the not very solid surroundings revealed in the 2015 uograde strongly suggests it would be quite vulnerable to attack (In fact the British Government last Century along with the French Goverment drew up plans to disable it such that it would not be taken out of their control see “Suez Crisis”). In the back of peoples minds will be the 50year agreement signed at the end of May 2018 between Egypt and Russia to develop industrial and other fascilities on the canal side,

Thus with current events, the probability of the cannal being attacked and closed for a significant period has in many minds gone up significantly. So is now of major concern to Western and Oriental Nations dependent on the cannal in many ways.

MarkH May 27, 2023 1:47 PM

el-Sisi’s administration began bypass (second parallel canal) expansion as soon as he took office, and completed the work the next year (2015).

The present project was announced in 2019, but expanded in scope after the 6-day blockage in 2021. In addition to widening and deepening the single-channel stretch where Ever Given stuck, the project will add 10 km of bypass.

The SCA has also established a rescue operations department, and is gathering a fleet of tugboats to avoid time lost waiting for foreign tugboats when a ship is blocking traffic.

About 10 weeks ago, SCA said the bypass expansion was almost half complete, and the widening/deepening of the southern single channel more than 80% complete.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.