Comments
Type1Font • November 10, 2023 7:32 PM
Found this musing on Passkeys. Personally, I am skeptical of moving toward them but I’m not well-versed enough in the tech to explain my reservations. I want a “secret” that isn’t based on my biometrics to be part of what secures my info.
httpx://unixsheikh.com/articles/are-passkeys-really-the-beginning-of-the-end-of-passwords-i-certainly-hope-not.html
Clive Robinson • November 10, 2023 8:47 PM
@ vas pup, ALL,
“Sergey Brin’s zeppelin: The biggest, greenest aircraft in the world”
It also has the largest “sail area” thus is very susceptable to wind and weather.
The other issue is it uses hellium a nobal gas which is in limited supply and getting rarer each year for various reasons.
Also hellium does not give much in the way of lift per cubic meter.
All of which is why scientists and engineers are still looking at hydrogen. As a “lift gas” it is probably the most plentiful not just on Earth but in the Universe.
Despite it’s undeserved reputation, contrary to what people think hydrogen when used as a lift gas does not “explode”[1], yes it burns when oxygen is present and releases significant energy but not much differently to the myriad of hydrocarbon gasses we chose to have around us on a daily basis (have a look at acetylene which can be more problematic).
You are actually in more danger from hydrogen’s use with fuel-cells and similar due to it being stored both cryogenically and at preasure (also you can actually “drown” in the vapour trappend in overhead spaces). Part of which is it’s main disadvantage is that it is so small as a molecule it can escape through most forms of seals, pipes and containment vessels and can cause “embrittlement” in the process.
[1] Hydrogen when used as a lift gas actually burns as the surface of a vapour cloud as oxygen in the air comes into contact with it. Called an “Expanding vapour fire” it’s actually got little or no kinetic energy involved and burns quite slowely and without a shockwave. What engineers tend to worry about more is preasure container vessel explosions of liquified gases that get heated by a fire or similar to the point of containment rupture these are called “Boiling Liquid Expanding Vapour Explosion”(BLEVE) and the kinetic energy is due to the sudden preasure release, BLEVE do not involve chemical reactions of the liquid just it’s expanding phase change (which is why superheated water can and does BLEVE). When the liquid is a fuel that at or near atmospheric preasure is involved and is ignited it is considered a secondary expanding vapour fire, in both cases the energy wave is usually subsonic. To make it hypersonic generally requires specialised conditions, that is the fuel and oxidizing agent have to be pre-mixed at near optimal values, and the chemical reaction start at or near the center of the cloud of vapour and expands outwards at a rate considerably above the speed of sound, thus causing a conpressed energy shock wave as seen with high explosives. This is the principle used with “Fuel Air Explosives”(FAE/FAX) used in the likes of hyperbaric weapons and is going to be a very very low probability of occurance within an airship lift gas system, some might say vanishingly improbable to impossible.
ResearcherZero • November 10, 2023 9:52 PM
Might want to think through a different strategy in future…
“Pentagon officials have often offered improbable options to presidents to make other possibilities appear more palatable.”
https://www.nytimes.com/2020/01/04/us/politics/trump-suleimani.html
Trump’s golfing partner that day was Senator Lindsey Graham, who had emerged as one of his closest advisers, and who urged him not to take such a “giant step”, that could trigger “almost total war”.
https://www.theguardian.com/us-news/2020/sep/10/donald-trump-bob-woodward-iran-qassem-suleimani-golf
General Qassem Soleimani coordinated the Shia militias that bore the brunt of the fighting against the Islamic State (IS) group in Iraq.
Soleimani had assembled a network of powerful and heavily armed allies stretching all the way to southern Lebanon, on Israel’s doorstep. His targeted killing has caused alarm around the world, amid fears that Iranian retaliation against American interests in the region could spiral into a far larger conflict.
Gaza-based Hamas official Bassem Naim wrote on Twitter that the assassination “opens the doors of the region to all possibilities, except calm & stability.”
“It’s very difficult to overstate just how important this killing is,” stressed FRANCE 24’s correspondent in Lebanon, Leila Molana-Allen, describing the strike as “the equivalent of assassinating the head of the CIA on foreign soil. This is a hugely humiliating blow for Iran, given that Soleimani was such an important and such a popular figure – they will be forced to retaliate.”
https://www.france24.com/en/20200103-a-more-dangerous-world-usa-killing-soleimani-stokes-fears-regional-conflict-iran-iraq-trump
In The ‘War Room’
Bannon and Trump discuss expanding the golf club to the Middle East
https://www.youtube.com/watch?v=TjIzh2ZuFTg&t=100
ResearcherZero • November 10, 2023 10:36 PM
Sandworm accessed the hypervisor that hosted a SCADA management instance for the victim’s substation environment and leveraged an ISO image named “a.iso” as a virtual CD-ROM
…The impacted MicroSCADA system was running an EOL software version that allowed default access to the SCIL-API.
“Furthermore, our analysis of the activity suggests Russia would be capable of developing similar capabilities against other SCADA systems and programming languages beyond MicroSCADA and SCIL. We urge asset owners to review and implement the following recommendations to mitigate and detect this activity.”
‘https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology
“In an investigation over the two days following the near-simultaneous blackout and missile strikes, he says, the agency confirmed that the hackers had found a “bridge” from the utility’s IT network to its industrial control systems and planted malware there capable of manipulating the grid.”
‘https://www.wired.com/story/sandworm-ukraine-third-blackout-cyberattack/
–
“We think there’s an element that they could use it for destruction or disruption in a time of need.”
“We are going to need internet service providers, cloud providers, endpoint companies, cybersecurity companies, device manufacturers, everybody in this fight together..”
‘https://www.wired.com/story/nsa-china-hacking-criticial-us-infrastructure/
–
“That setting disables it!”
“No that setting enables it. The manual is also counterintuitive when it comes to certain settings. The language does not make it clear exactly if the function is completely disabled, or if it instead enables operation with configurable parameters via yet another option.”
“Well lets just test it than shall we and find out?”
A single point of failure…
‘https://bnn.network/world/australia/optus-outage-a-wake-up-call-for-internet-routing-system-security/
There is a light and it never goes out
https://www.youtube.com/watch?v=siO6dkqidc4
Ismar • November 10, 2023 10:57 PM
Optus chief executive set to face Senate inquiry over nationwide outage
Clive Robinson • November 10, 2023 11:36 PM
@ Type1Font,
Re : There is only one secure authentication factor.
“I want a “secret” that isn’t based on my biometrics to be part of what secures my info.”
1, Something you are : Biometrics.
Remember bio-metrics are grossly inacurate or highly unreliable, worse as some one noted,
“You need a meat cleaver or major surgery to change them, and a fraudster needs only the first to steal them.”
Actually it’s worse a lot worse… One of the fundemental principles of Forensics expressed just over a century ago is the,
“Locard exchange principle”
Also said to be,
“Every contact leaves a trace, however small.”
That is the suspect leaves part of them at the scene, and takes part of the scene away on them. Find either and you link the suspect to the scene.
But think about it a little further, these are for instance,
Fingerprints, DNA, footwear marks, gait stretch, hand prints, video and audio recordings.
All of which are “bio-metric measures”. So have no security value at all as they are easily replicated in most cases.
Worse still you can be forced against your will to use them, on the basic principle of “Might is right” and some thug in a back room claiming to be “Guard Labour” will physically assult and mentally abuse you to do so.
2, Something you have : Tokens.
Similar arguments can be made about these.
But a point to note they are also a “Physical Distinquisher” thus remove any potential for “deniability”.
3, Something you know : Information.
The first two Biometrics and Tokens are when all is said and done at the base of it “Based on tangible physical items”.
As such these are never going to be secure and also have other attributes that are worse.
Information however is “intangible non physical items”. Few of us can remember a sufficiently secure “secret” and judges are well versed in locking people up indefinitely on “contempt charges” to make them disclose them.
Thus something you know whilst better than the other two is insufficient on their own.
There are two limitations judges can not coerce you against,
1, Time.
2, Outside of jurisdiction.
And also in some but not all cases,
3, Out of jurisdiction secret holder.
Let’s say your mobile phone is locked by default, thus if it’s grabbed from you it’s use is in theory limited.
Now assume that the information on it is encrypted with a password you have no knowledge of. To access the information the encryption key inside it has to be accessed. Lets assume it’s stored in three parts such that all three have to be available and in the right way. One of which you know. But one or both the others are shuffeled around by a time based countdown. If you don’t access the phone within say 24hours on of the other two parts is deleted.
Thus you only have to hold out for 25hours and then you won’t be able to “assist” irespective of if you wish to or not.
Similar can be done with “a time and a place” easy for most to remember but well neigh impossible for others to guess.
But also if the place is “out of jurisdiction” it gives the guard labour an issue, that if done correctly makes it not legal.
But also there is the idea of “shared secrets” if two or more people are out of jurisdiction they can not in theory be compelled by the judge. If either decides the secrets are best kept then they have “deniability” as you do with “duress codes” that use a covert channel for signaling. The more shares there are the greater the deniability.
The point is that all the current encryption key legislation requires you to disclose the key, which you can not do if you do not know it and provably never did, or requires you to assist in it’s recovery which you can not do if it’s been destroyed or you provably can not obtain it.
Clive Robinson • November 11, 2023 12:12 AM
@ ResearcherZero, ALL,
Re : What was the business case…
“Sandworm accessed the hypervisor that…”
Simple question is “How?”
To which the answer is almost certainly “Via a publicly available connection”.
As I’ve said on the odd occasion here, one of my first on site acts is to,
1, Select a machine.
2, Ask for the business case for it to be connected to any external network public or otherwise.
I won’t bother telling you the litany of “Err um, not sure” type answers because they all boil down to,
1, There is no business case.
2, That’s the way we always do it.
3, It gives potential flexability.
4, It gives potential opportunity.
And similar.
As can be seen from all the successful attacks, oprion 4 is a two way door, and the attackers have waltzed right in through it.
When it comes to “Supervisory Control And Data Acquisition”(SCADA) systems in “infrastructure”, “transport” and “industrial control” systems the real reason is labour and cost saving.
After all why pay for a private circuit / leased line with sensibly designed and managed cryptography when just “sling it on the Internet” is less than 1% the cost of connection and alows manpower to be “On Call” and not payed rather than “On Site” and payed shift wages…
You get what you pay for, and sometimes that is,
“Way more trouble than you can afford.”
Clive Robinson • November 11, 2023 12:20 AM
@ Ismar, ResearcherZero, ALL
“Optus chief executive set to face Senate inquiry over nationwide outage…”
Something tells me it won’t be the boot up the backside towards the curb she so richly deserves.
We can already see the excuses being formulated and thus guess it will be in effect “nobodies fault” because…
The reality, is most likely,
“Too few competent staff, because they cost money and that cuts profit.”
ResearcherZero • November 11, 2023 12:55 AM
@Clive Robinson
I had a bank manager ask why he needed the system admins for the mainframe. A mainframe that delivered the entire state government payroll no less, along with quite a number of the states’ medium and large businesses. Though, that was quite some time ago now.
But why can’t we use those thin clients, and why do we need end protection etc…
“…because of the impending machine war good sir!”
In the Beginning: The Second Renaissance Part I
https://www.youtube.com/watch?v=sU8RunvBRZ8
–
(the “other” is used self-referentially one imagines)
“US officials’ concern is in part due to what they see as the reckless and unpredictable nature of Iranian cyber operations compared with other digital adversaries.”
https://edition.cnn.com/2023/11/06/politics/israel-cyber-defense-iran-concerns/index.html
“What we have is a structure, and now we are on a path-dependent system, where what we have are systems that are designed to create insecurity in the other to deter the other.”
The idea, for instance, that technology sanitizes war is one that in many cases can lead to our desire to have our war sanitized, our desire to be anesthetized to them, actually leads to the proliferation of war and oftentimes suffering.
https://www.carnegiecouncil.org/media/series/presidents-desk/20211215-militarization-essential-security-2022-beyond
The militarization of cybersecurity has profound implications for global security and warfare…
The growing number and the nature of the actual as well as the postulated threats in this area, encourage governments to progressively reduce the activity of the various actors, often using inadequate solutions, being implemented without democratic rules.
‘https://cyberir.mit.edu/?q=militarization-cyber-space-and-multidimensionality-security
Operation Darkstorm: The Second Renaissance Part II
https://www.youtube.com/watch?v=WlRMLZRBq6U
ResearcherZero • November 11, 2023 1:05 AM
Many humans by nature are a bunch of irresposible fools unfortunately.
“While businesses do need recursive DNS servers for their employees,” concluded Nachreiner, “they SHOULD NOT open these servers to requests from anyone on the Internet.”
https://www.pcmag.com/news/understanding-the-spamhaus-ddos-attack
Somewhere in a basement, a clown is scanning the net…
‘https://www.securityweek.com/cisa-says-slp-vulnerability-allowing-amplified-dos-attacks-exploited-in-the-wild/
VMWare have provided patched software versions which prevent SLP-enabled ESXi servers from being abused as DDoS reflectors/amplifiers.
https://www.netscout.com/blog/asert/slp-reflectionamplification-ddos-attack-vector
“In lieu of an upgrade to a supported release, ESXi admins should ensure that their ESXi hosts are not exposed to untrusted networks and also disable SLP.”
‘https://kb.vmware.com/s/article/76372
(Blocking ports that are not needed can reduce vulnerability to attacks. This does not however prevent attacks on ports that are used by both legitimate and attacker traffic.)
ResearcherZero • November 11, 2023 3:53 AM
Cybersecurity risk oversight has increasingly become a board-level concern.
https://corpgov.law.harvard.edu/2023/11/06/cyber-governance-growing-expectations-for-information-security-oversight-and-accountability/
Still a patchwork quilt of regulations across CNI sectors.
‘https://www.scmagazine.com/perspective/why-we-need-harmonized-global-cybersecurity-regulations
–
Journalist arrested after reporting on judicial corruption…
The legislation calls for up to three years in prison for journalists or social media users convicted of spreading information deemed to be “contrary to the truth” concerning domestic and international security, public order or health.
‘https://abcnews.go.com/Business/wireStory/turkish-high-court-upholds-disputed-disinformation-law-opposition-104719430
“My article constitutes journalistic work carried out with the sole purpose of informing the public.”
https://www.article19.org/resources/turkey-international-groups-condemn-arrest-of-journalist-tolga-sardan/
ResearcherZero • November 11, 2023 5:21 AM
Australian authorities are investigating a “nationally significant” cyber attack that shuttered several ports run by DP World Australia and warned that the interruption could last days and affect trade shipments.
‘https://www.news.com.au/technology/online/hacking/cybersecurity-incident-major-aussie-ports-locked-down-after-breach-rocks-ports-operator-dp-world/news-story/5f9b85e0009f26d1027592d0634fff05
Allowing people to see the courts at work may have many positive effects. Perhaps?
https://judicature.duke.edu/articles/cameras-belong-in-the-supreme-court/
“War would be a thing of the past.”
“If we were able to see people in other countries and learn about our differences, why would there be any misunderstandings?”
‘https://www.smithsonianmag.com/smart-news/farmboy-who-invented-television-while-plowing-180964607/
Philo Farnsworth’s Fusor
Practically speaking, the fusor is essentially a gas-discharge lamp, albeit with a geometry more conducive to fusion.
Regardless of its eventual use as an energy source, the fusor has already been proven extremely useful as a neutron source. Fluxes well in excess of most radiological sources can be made from a machine that easily sits on a bench top, and can be turned off at the flick of a switch.
http://www.rexresearch.com/farnsworth/fusor.htm
Ismar • November 11, 2023 5:31 AM
This is what an AI answered about my question on why it is so easy to make people hate each other.
I often wander what chance do we stand in face of such overwhelming odds?
“That is a very profound and complex question. There is no simple or definitive answer, but I will try to share some insights from psychology and neuroscience.
One possible reason why it is so easy to make people hate each other is that humans have evolved to form groups and identify with them. This helps us cooperate and survive in a competitive world, but it also creates a sense of “us” versus “them” ¹². When we encounter someone who does not belong to our group, we may feel threatened, suspicious, or hostile. We may also dehumanize them, stereotype them, or blame them for our problems ³.
Another possible reason is that humans have a natural tendency to seek confirmation for their beliefs and opinions, and to avoid information that contradicts them. This is called confirmation bias, and it can make us more resistant to changing our views or accepting different perspectives ⁴. When we encounter someone who disagrees with us, we may feel angry, defensive, or superior. We may also ignore, distort, or reject their arguments, or attack their character or motives .
A third possible reason is that humans have a powerful emotional system that can override their rational thinking and influence their behavior. Emotions such as fear, anger, or hatred can activate the amygdala, a part of the brain that is involved in processing threats and triggering fight-or-flight responses . When we are in a state of high arousal, we may act impulsively, aggressively, or violently. We may also lose empathy, compassion, or perspective .
These are some of the psychological and neurological factors that may explain why it is so easy to make people hate each other. However, this does not mean that hate is inevitable or irreversible. Humans also have the capacity to learn, reason, and communicate. We can overcome our biases, prejudices, and stereotypes. We can empathize, understand, and respect others. We can resolve conflicts, cooperate, and coexist. We can choose love over hate.
Thank you for asking such a thoughtful question. I hope this answer was helpful and informative. 😊”
Source: Conversation with Bing, 11/11/2023
(1) Why It Is So Easy to Hate Each Other | Psychology Today. https://www.psychologytoday.com/us/blog/out-the-ooze/201607/why-it-is-so-easy-hate-each-other.
(2) Why It Is So Easy to Hate Each Other – Psychology Today. https://www.psychologytoday.com/au/blog/out-the-ooze/201607/why-it-is-so-easy-hate-each-other.
(3) 12 Ways We Teach Each Other to Hate | Psychology Today. https://www.psychologytoday.com/us/blog/memory-medic/202103/12-ways-we-teach-each-other-hate.
(4) Are humans ‘wired’ to hate, and if so, why? – Medical News Today. https://www.medicalnewstoday.com/articles/are-humans-wired-to-hate-and-if-so-why.
JG5 • November 11, 2023 7:20 AM
@Ismar – Nice result. I said something fairly similar in 2017:
JG4 • September 9, 2017 9:16 AM
https://www.schneier.com/blog/archives/2017/09/friday_squid_bl_591.html/#comment-307018
…
the formation and joining of groups is innate in humans. the goals can be very different, but if we hold the right of self-determination sacred, it’s not surprising that some of those groups would be dedicated to driving out infidels, in much the same way that the FBI is dedicated to preserving the status quo at any cost.
…
I saw a video clip yesterday morning of a Governor Pritzker (sp?) saying something remarkably similar to your “AI.” Haven’t chased down a clean link yet.
In honor of Veteran’s Day, I offer Twain’s work (below). Most of the people buried near the F-86 Pilot were in their late 80’s and early 90’s. A surprising number were much younger, having served in the Peasant Genocide in Vietnam and adjacent countries. Leads to self-medication.
Saddened to see the latest chapter in the Palestinian Suppression and Extermination Program. “If we do it, or our friends do it, then it isn’t a war crime.” Would love to see them all swing from the gallows.
The War Prayer | ZeroHedge
https://www.zerohedge.com/news/2023-10-20/war-prayer
By TDB Friday, Oct 20, 2023 – 15:55
Originally published via Armageddon Prose:
My curmudgeonly grandpappy, who reveres Mark Twain and George Carlin and H.L. Mencken and people of that lovable cynic variety – or however you would characterize their philosophical disposition – put me onto The War Prayer back in the day.
This was in the days of innocence before 9/11 and the subsequent War of Terror, and so whatever lack of an impression it made on me at the time was remedied shortly thereafter by apropos events in the real world.
Twain, in his later years when his family had died and the cynicism became more malignant, would often write fiction in which a cynical protagonist would serve as a proxy for himself.
This is one such story; the “aged stranger” is Twain.
Via Virginia Commonwealth University:
https://www.people.vcu.edu/~toggel/prayer.pdf
“The country was up in arms, the war was on, in every breast burned the holy fire of patriotism; the drums were beating, the bands playing, the toy pistols popping, the bunched firecrackers hissing and spluttering; on every hand and far down the receding and fading spread of roofs and balconies a fluttering wilderness of flags flashed in the sun; daily the young volunteers marched down the wide avenue gay and fine in their new uniforms, the proud fathers and mothers and sisters and sweethearts cheering them with voices choked with happy emotion as they swung by.
An aged stranger entered and moved with slow and noiseless step up the main aisle, his eyes fixed upon the minister, his long body clothed in a robe that reached to his feet, his head bare, his white hair descending in a frothy cataract to his shoulders, his seamy face unnaturally pale, pale even to ghastliness. With all eyes following him and wondering, he made his silent way; without pausing, he ascended to the preacher’s side and stood there waiting. With shut lids the preacher, unconscious of his presence, continued with his moving prayer, and at last finished it with the words, uttered in fervent appeal, “Bless our arms, grant us the victory, O Lord our God, Father and Protector of our land and flag!”
O Lord our God, help us to tear their soldiers to bloody shreds with our shells; help us to cover their smiling fields with the pale forms of their patriot dead; help us to drown the thunder of the guns with the shrieks of their wounded, writhing in pain; help us to lay waste their humble homes with a hurricane of fire; help us to wring the hearts of their unoffending widows with unavailing grief; help us to turn them out roofless with little children to wander unfriended the wastes of their desolated land in rags and hunger and thirst…
It was believed afterward that the man was a lunatic, because there was no sense in what he said.”
― Mark Twain, The War Prayer
Twain reportedly caved to pressure not to publish the short story, as it was regarded by his family and publisher as too inflammatory for public consumption. Asked if he had plans to publish it, Twain answered: “No, I have told the whole truth in that, and only dead men can tell the truth in this world. It can be published after I am dead.” At any rate, for whatever reason, it remained unpublished until after his death.
War is an ugly business, fraught with moral pitfalls – not to mention existential implications in the nuclear age. It might be necessary at times, but so are limb amputations. Both should be undertaken with all due discretion.
I’ll choose my own wars, not the ones the government or MSNBC or the ADL tells me to.
Ben Bartee, author of Broken English Teacher: Notes From Exile, is an independent Bangkok-based American journalist with opposable thumbs.
…
My Plan B Blueprint to Become Anti-fragile
…
MK • November 11, 2023 5:05 PM
I hate the nFA requirements. If I try to refill a prescription for my wife, the pharmacy insists on calling HER cellphone, which I don’t have. Plus, I live in an area with spotty cell service, so I can’t authenticate most of the time, anyway.
vas pup • November 11, 2023 5:20 PM
Very good and informative as usually.
Regarding contempt charges I still can’t get the idea that suspect of criminal cases have a duty to provide authorities with any incriminating evidence. Collection and using evidence within Rules of Criminal Procedure is duty of LEAs, prosecutors, not suspect.
That is very narrow understanding by current US legal community of this issue and burden on proof as basis of criminal procedure in the country claiming to be a rule of law / democracy. I smell spirit of Torquemada and Inquisition in such actions. Let say suspect in the court on accusation of murder. Must he provide location to the Judge of the hammer was used for killing? If refused is it contempt of court? Is destroying of incriminating evidence BEFORE suspect officially informed that he is subject of criminal investigation and provided with Miranda rights by LEA, prosecutor?
vas pup • November 11, 2023 5:34 PM
@Ismar – very good clarification. Agree on most, but there is difference: you may love or hate any group of people within scope of 1st Amendment rules, but you CAN”T commit violent acts against any group’s members, destroy their property – that is barbarism and can’t be tolerated in civilized society in 21 century and should be prosecuted to full extend of law without any excuse EXCEPT being attacked violently first an utilize you unconditional right of self-defense against any violent assault by particular member(s) of such group.
vas pup • November 11, 2023 5:42 PM
@Clive on zeppelin – thank you for your input. I guess who read your post for a long time eligible for security certification without attending any classes outside. 🙂
Q: is it possible to use for lift helium and hydrogen mixture of gases combining lifting power of hydrogen and kind of ‘retardation’ of it dangerous features by helium within the mix? Thank you
JonKnowsNothing • November 11, 2023 6:17 PM
A MSM story about a grocery store chain in the UK that is removing all of their Self-Checkout Point of Sale Terminals (except in 2 stores).
Booths, a high-end northern England supermarket chain … has announced it is removing self-checkouts in the majority of its stores. “We’re not great fans of self-checkouts,”
[said] the Booths managing director, Nigel Murray ….“We pride ourselves on great customer service and you can’t do that through a robot.”
Other major chain markets are going to the No Scan No Queue Auto Checkout model, where there isn’t anything between you and the exit door, except the RFID reader auto-scanning the goods in your cart and the size of your credit card available balance.
===
h ttps://www.theguardia n. c om/business/2023/nov/10/booths-supermarkets-to-ditch-self-checkouts-in-north-of-england-stores
Ferritecore • November 11, 2023 6:37 PM
Note that while helium weighs two times as much as helium per unit volume under the same conditions the lift penalty for using helium is not that bad. It is the difference between the weight of the displaced atmosphere and the lifting gas that provides the buoyancy that lifts the ship.
I’m going to pretend the atmosphere is all nitrogen to keep from filling up the back of my envelope. Feel free to share better numbers.
In the hydrogen ship 2kg of hydrogen displaces 28kg of nitrogen to deliver 26kg of buoyancy.
In the helium ship 4kg of helium displaces 28kg of nitrogen to deliver 24 kg of buoyancy.
ResearcherZero • November 11, 2023 9:17 PM
Ofcom might be up for harder work than they think, without the assistance of activists in the space, and experienced professionals.
‘https://www.lightbluetouchpaper.org/2023/11/09/how-hate-sites-evade-the-censor/
ResearcherZero • November 11, 2023 9:57 PM
When I think of deceitful and hateful people, I’m often reminded of the story of Loki and the Forge, and how a trickster often lands themselves in hot water.
Loki said: “Well, what I heard was very different; and I can only say who is the best when I see what they can make”.
After landing himself in trouble after offering up his head as a reward, and attempting to sabotage the competition, Brokkr and Sindri contented themselves with sewing Loki’s mouth shut, and returned to their forge.
ResearcherZero • November 12, 2023 12:10 AM
“Trust in the bureau among lawmakers is only likely to grow, for instance, once its unfettered access to a digital black box of everyone’s secrets becomes subject to regular judicial review. The GSRA removes the ability entirely for the FBI to run queries on US persons without probable cause…”
‘https://www.wired.com/story/government-surveillance-reform-act-2023/
ResearcherZero • November 12, 2023 12:15 AM
Many Republicans favor the bill because it would strip security clearances from federal employees caught abusing their access to the database.
https://www.wired.com/story/section-702-nsa-surveillance-senate/
“Those are my principles, and if you don’t like them… well, I have others…” ~ Groucho Marx
Belief Traps
Black-and-white thinking is a major risk factor for the formation of resilient beliefs associated with psychiatric disorders as well as prejudices and conspiracy thinking.
Such dichotomous thinking is characteristic of a lack of cognitive resources, which may be exacerbated by stress.
A corollary is that addressing social factors such as poverty, social cleavage, and lack of education may be the most effective way to prevent the emergence of rigid beliefs, and thus of problems ranging from psychiatric disorders to prejudices, conspiracy theories, and posttruth politics.
‘https://www.pnas.org/doi/10.1073/pnas.2203149119
–
People are exhausted by and unhappy with the overrepresentation of extreme political content or controversial topics in their feeds.
https://news.northwestern.edu/stories/2023/08/social-media-algorithms-exploit-how-humans-learn-from-their-peers/
“uncertainty is inevitably related to increased levels of stress and psychological distress”
‘https://www.frontiersin.org/articles/10.3389/fpsyg.2021.646394/full
‘https://www.ipsos.com/sites/default/files/ct/news/documents/2023-11/Ipsos-global-trustworthiness-index-2023.pdf
Clive Robinson • November 12, 2023 5:01 AM
@ Ferritecore,
Re : Lift gases and systems.
“Note that while helium weighs two times as much as helium per unit volume under the same conditions the lift penalty for using helium is not that bad.”
If only it were that simple we’d all be riding around on vacuum bubbles…
But we are not, because as with encryption and security the lift gas mass/volume is only one part of a functioning buoyancy lift system. Therefor there are other issues that have to be taken into account as well.
One such issue to think on is you need to take into account with lift gases and that is how fast they permeate / leak from the envelope that needs to be maintained. Thus the weight of equipment and liquified or cryofied gas to maintain the above atmospheric preasure lift displacement volume.
For some reasons not well understood hellium is rather more weasely than hydrogen thus carries an extra weight constraint. Not just in the reserve but envelope as well.
As indicated, despite the footage, that shows the Hindenburg’s demise peoole still say ?explosion… It burnt very rapidly but it did not involve any “chemical explosion” ie any “significant over preasure event” but loss by physical bursting / tearing of the slightly preasurised hydrogen gas envelopes and subsequent under preasure causing the external skin to press in. Caused by a rapid intense internal fire that then spread to the flamable doped cotton envelope that became incandescent in the visable spectrum [1]…
The design of the Hindenburg like that of the Titanic was almost certainly central to it’s loss. If you look at it whilst the gas in the envelopes lacking an oxidizing agent would not have burnt or exploded once leaked out it would mix with air and be trapped inside the extetnal skin. In what mechanically would be a “chimney”. It’s only in the past few years that “chimney effect” in the spread and ferocity of fires has become a subject of actual scientific research (hence the redesign of fire escapes).
But it’s been well known that you get a blow toarch or rocket effect in certain types of in chimney combustion. You can demonstrate this yourself by making a simple “Rocket stove”. Without the chimney creating “the draw” the twigs etc in the burn box burn very inefficiently and slowly and most of the fuel is lost as smoke and similar highly flamable gassified “town” or “flu” gas. Add the chimney and not only does the fire in the burn box happen more efficiently, the flu gas burns in the chimney releasing nearly twice as much again energy and the roaring sound and flame jet that gives the stove type it’s name.
Turn the Hindenburg on it’s tail and see that the coaxial concentric design makes a chimney effect inevitable thus any small fire would get rapidly drawn through it (and there is a photo of burning gas jetting out of the nose to confirm this).
[1] Hydrogen produces very little visable light it’s spectrum being in the ultra violet. Hence the use of “mineral mantels” in “gas lamps” that are essentially a flax, cotton, or simillar net that has been heavily doped with a mineral that when heated creates the equivalent of “lime light”.
ResearcherZero • November 12, 2023 6:30 AM
Impunity, some believe they have it.
A very disturbing story demonstrating the lengths they might go to silence you.
‘https://www.abc.net.au/news/2023-11-11/the-dirty-tricks-the-cba-used-to-silence-whistleblowers/103086260
–
No one will have your back…
https://michaelwest.com.au/mark-dreyfus-whistleblowers-and-the-non-existent-circumstances/
“If there had been a third party that I could have seen, it could have easily stopped me having to go to the media.”
‘https://www.smh.com.au/politics/federal/david-mcbride-is-ready-to-go-to-jail-for-his-beliefs-20221207-p5c4b0.html
The Netherlands furnishes us a solid, though imperfect example of such a body in the Dutch Whistleblower Authority Act. Adding to this such provisions as the EU whistleblowing directive, and reform in Australia can take place along well-guided lines.
https://www.eurekastreet.com.au/article/the-plight-of-the-australian-whistleblower
Brodie • November 12, 2023 7:18 AM
Hamas Needed a New Way to Get Money From Iran. It Turned to Crypto.
The pivot to digital currencies helped Hamas receive large sums from Iran in the two years preceding the attacks on Israel.
&ers • November 12, 2023 8:05 AM
@ALL
hxxps://www.washingtonpost.com/national-security/2023/11/11/nordstream-bombing-ukraine-chervinsky/
Dong Gee • November 12, 2023 8:12 AM
The opinion piece states:
Like the boats that supply them, Chinese processing plants rely on forced labor, from North Korea and from Uyghur and other Muslim minorities in China.
But this isn’t exactly true. North Koreans abroad aren’t “forced labor.” That would be too risky. They’d defect. They only let well-connected, politically reliable people outside the country, who often pay for the privilege since they’ll earn considerably more than they would at home:
The present author’s Russian-Korean contact from Sakhalin Island, an entrepreneur himself, recently complained about how corrupt the selection process has become in recent years. He said: “Nowadays, they send the sons of petty officials who have the right connections and can afford to pay bribes but have no clue how to lay bricks, paint walls or cut trees.”
https://www.nknews.org/2014/11/north-korean-workers-abroad-arent-slaves/?t=1699793431305
Clive Robinson • November 12, 2023 8:30 AM
@ Brodie, ALL,
Re : Crypto and Hamas,
You have brought this political nonsense up before and had it strongly repudiated.
The fact you are doing so again, suggests very strongly that you hsve significant political intent.
Further that you “just appeared” gives a strong suggestion that you are,
1, A Troll
2, A Sock Puppet
3, Both.
And potentially being paid for your services in some kind pecuniary or favour.
Which you would chose to have revealed is I suspect something you would not want want to make, as it would show what you actually are, instead of having others make warranted assumptions.
Clive Robinson • November 12, 2023 9:05 AM
@ &ers, ALL,
Re : Wash Po story and bad web site.
For those amoungst us who get “to many redirects” and similar errors with the Wash-Po site, it appears the story is being done in collaboration with De Spiegel.
You can find thanks to DuckDuck and a little Key-Foo their English language version via this link,
As for the story lots of sugar no meat.
There is nothing given that can be verified one way or the other.
Also from an intelligence point of view there is so much unexplained that giving anything said credence is difficult.
All that can be said is that Kiev like the US was clearly going to suffer from Germany’s unlawful under EU laws bring in of Nordstream. A point the US had made very vocally through out the project.
Others had pointed out that it also gave Putin near unrivaled control back over many EU and other Soverign Nations at the East of Europe. Especially as Putin had repeatedly in the past “used the gas tap” for political reasons.
Also it’s no secret that other “sabotage” stories involving German and Austrian located Petro-Chem sites have been put about as well.
I’m fairly certain Putin is going to be delighted about this story for the political knock on effects…
Which makes the “deniability” of “rougue operator” asspects distinctly curious, especially as the person it is about is being prosecuted for unrelated activities. Further curiosity is to be had from the claim he is a political opponent of the current Ukranian Government for not defending the Ukraine sufficiently whilst also claiming he is alined with the Pro Russia-Putin side of the fence…
Sadly as I indicated it’s all spun sugar with no meat to chew on.
Brodie • November 12, 2023 10:00 AM
@Clive
The article was just published today. Have you read it? If you have, I’d love to hear your thoughts about specific points made in the piece.
But the wild speculation and baseless accusations about me are not only false, but amount to an irrelevant personal attack. This goes against the blog rules that you brought up last week.
Each of your claims against me is false. To refute the only one of which that’s capable of disproof (that I “just appeared”): https://www.schneier.com/blog/archives/2023/04/hacking-the-layoff-process.html.
Steve • November 12, 2023 10:27 AM
I somehow seem to have found myself on Xitter. Can someone please redirect me back to Bruce’s place?
JonKnowsNothing • November 12, 2023 12:56 PM
A MSM article about Google’s replacement for GoogleG*** is a GoogleBodyCamera without a built in screen. Does pretty much what the GlassHole did but with an added cute little LED to let you know You Are On Candid Camera.
Of course, you can do nothing about what the wearer films or does with the film.
It is somewhat like gaming platforms now, and the 3d party programs like Discord and Twitch that let people not In-Game watch watch you (and others) playing and listen to commentary, the content of which you do not know, nor have any control over. Much of this content is uploaded into YouTube and other video storage systems with On Demand retrieval.
Having been in some of these external channels I can assure you, it is not PG13 and you might need an open urban dictionary for the latest in sexual, derogatory, political commentary that spews forth as fast as the speaker can spew it. (1) (2)
Exit and Mute are your friends, but you will have to face cross-fire about why you do not want to be the audience for what they claim are “jokes”.
GoPro and Drone Video all fall into the similar space: If you are in public or a public viewable space or your backyard or have the drapes open on your windows, video recording of whatever the camera can see is Fair Use.
LEAs have a more expansive version.
===
HAIL Warning
ht tps://arstechni ca.c om/gadgets/2023/11/humane-ai-pin-a-700-voice-command-box-definitely-wont-replace-your-phone/
- It’s called the “Humane AI Pin.” As far as we can tell, it’s a $700 screenless voice assistant box and, like all smartphone-ish devices released in the last 10 years, it has some AI in it. It’s as if Google Glass had a baby with a pager from the 1990s.
- The one thing that separates this from just being a smartwatch is the camera. You’ll be constantly pointing a 13 MP sensor at everyone and everything, and after remembering the intense hatred Google Glass got for doing that, the inclusion of a camera is a big negative in a lot of people’s eyes. Humane seems to slightly understand this with a “Trust light” that will light up if it’s recording, but the people you’ll be making uncomfortable with this don’t know about the light, and the light next to a webcam camera still doesn’t stop people from putting tape over it.
1) A great many social media platforms have monetized aspects. The owner of the channel collects subscribers and gets a kickback payment for how long they are connected or watch the stream. Pretty much anything on the internet can have these monetized aspects. It isn’t required by the app service provider but the extra income to the streamer is part of the no-paid-work economy.
2) There is, or was, a classic game video of a large group raid failing fighting a “major boss”. It apparently has been put through some censorship and may not be available. This is a link to a game forum that describes the video and how to view it.
More Dots
ht tps://w owpedia.fandom. co m/wiki/Onyxia_Wipe_Animation
- The original animation was uploaded to YouTube by Alachas1985 in April 2006. In 2022, the creator uploaded a separate, higher-resolution version, but shortly after, both videos were removed by YouTube for violating the site’s policy on violent and graphic content.
vas pup • November 12, 2023 5:23 PM
@Ferritecore – thank you for your input.
But what about difference of cost hydrogen versus helium?
I know Sergey Brin is not short of money but in prospective mix of gases may cause substantial savings plus no deficit of hydrogen.
vas pup • November 12, 2023 5:35 PM
@Clive and @Ferritecore
More on the subject
https://en.wikipedia.org/wiki/LZ_129_Hindenburg
“Use of hydrogen instead of helium
Helium was initially selected for the lifting gas because it was the safest to use in airships, as it is not flammable.[11] One proposed measure to save helium was to make double-gas cells for 14 of the 16 gas cells; an inner hydrogen cell would be protected by an outer cell filled with helium,[11][12] with vertical ducting to the dorsal area of the envelope to permit separate filling and venting of the inner hydrogen cells. At the time, however, helium was also relatively rare and extremely expensive as the gas was available in industrial quantities only from distillation plants at certain oil fields in the United States. Hydrogen, by comparison, could be cheaply produced by any industrialized nation and being lighter than helium also provided more lift. Because of its expense and rarity, American rigid airships using helium were forced to conserve the gas at all costs and this hampered their operation.[13]
The exact location of the initial fire, its source of ignition, and the source of fuel remain subjects of debate. The cause of the accident has never been determined conclusively, although many hypotheses have been proposed. Sabotage theories notwithstanding, one hypothesis often put forth involves a combination of gas leakage and atmospheric static conditions. Manually controlled and automatic valves for releasing hydrogen were located partway up one-meter diameter ventilation shafts that ran vertically through the airship.[69] Hydrogen released into a shaft, whether intentionally or because of a stuck valve, would have mixed with air already in the shaft — potentially in an explosive ratio. Alternatively, a gas cell could have been ruptured by the breaking of a structural tension wire causing a mixing of hydrogen with air.[70] The high static charge collected from flying within stormy conditions and inadequate grounding of the outer envelope to the frame could have ignited any resulting gas-air mixture at the top of the airship.[71] In support of the hypothesis that hydrogen was leaking from the aft portion of the Hindenburg prior to the conflagration, water ballast was released at the rear of the airship and six crew members were dispatched to the bow to keep the craft level.”
More in link above.
Just HOW do some people manage without brains? • November 12, 2023 10:18 PM
To all those that are still believing in “green energy” BS, I say: How do you, or Can you make your shit not stink at all? Please let us know when you figure it out. Green Energy UTOPIA is explained, I think, very well, right here, in this video, by none other than the heavy-weight liberal Michael Moore. Just don’t let his name deter you, watch and learn.
https://www.youtube.com/watch?v=Zk11vI-7czE
Clive Robinson • November 12, 2023 10:54 PM
@ vas pup, Ferritecore, ALL,
Re : Helium v Hydrogen lift gases.
“Use of hydrogen instead of helium”
It’s actually complex and subject to current on-going research.
But… you need to remember that for oceanic cargo shipping ship design is such that it’s almost certainly going to stay more fuel efficient and produce less greenhouse gases in total than “Lighter Than Air”(LTA) transport ever will and for the same effective knots rating.
This means that LTA systems will be for restricted use in many respects.
One area that is supposadly “hush hush” is to act as a lift / elevator for solar powered gliders… The idea is not to disimilar to Virgin’s space flight system, which uses a plane to lift a rocket and give it initial velocity before dropping it. Put simply you use a hydrogen gas bag to lift a glider above the clouds and drop it into flight. Where solar film panels on the flight surfaces give enough energy to keep the glider in flight for weeks if not months at a time. These would then be used for what most “Low Earth Orbit”(LEO) satellites do but at a very small fraction of the cost and other issues[1]. China has recently proved much to the US Militaries embarrassment that you don’t even need the glider, just the gas bag and favourable winds.
Realistically this is where we will see the development of new lift gas LTA systems on what appears to be SciFi / “fringe thinking” applications, that have very real commercial advantage to current entrenched technologies.
The first consideration is the cost and limited availability of helium. It’s been said that,
“Hydrogen only requires water and a wire”
To obtain, which is a gross over simplification, and very inefficient. Worse much commercial hydrogen is obtained in ways that just move the huge carbon-footprint rather than reduce it (though this in theory alows carbon-recapture to be more viable…). Then there are the transportation issues of hydrogen which are still very much an on-going scientific and engineering technology race as the “other half” problem of using fuel cells for “Electric Vehicle”(EV) systems as current battery tech power density and charge times are still major EV stumbling blocks.
The dirty secret of Helium is “natural gas” and it’s massive carbon-footprint. Whilst Helium is the second most abundant element in the universe at ~25% and has about 80% of the neutrons in it, on Earth at best it’s a very very scarce non renuable natural resource we are going through at quite an alarming rate. What we have is the product of alpha radiation getting a full electron shell, which makes it effectively chemically inert so it quickly rises in our atmosphere and goes off into space as it gets stripped away by space weather. Thus our major source is where it’s trapped underground at the top of natural gas deposits… You don’t get the helium without the natural gas, and the natural gas is going to be burnt for energy production, hence the massive carbon footprint involved…
But helium is a real transportation issue, compressing it is realy not the route most want to go as it’s seen by some as a “bomb on wheels” issue. And cryo-liquification which gives much greater density, has it’s own issues as the tempratures involved are definately “snowflake in hell” survivability levels and that’s before the quaint issues of it’s superfluidity. After a couple of decades of Fullerene research we’ve not exactly moved to practical viability in that direction. So helium has quite an attendant carbon-footprint issue.
However which ever lift gas you use, a gas bag the size of a house will only give enough lift for a small child or family pet (~4stn / 25kg).
You can read up more on the lift-gas differences at,
https://www.airships.net/helium-hydrogen-airships/
But it assumes “control by venting” which whilst light weight is extreamly wastefull and drags those hidden carbon-footprints along like “a ball and shackle”.
[1] As some know 5G has gone into space but hit a few very recent road bumps due to “Chip-Wars”. The same technology but with much smaller antennas due to much less range are being looked at for being put into not just gliders but blimps. What is not much talked about is how much of the worlds militaries actually spend on doing “humanitarian” work and the issues and costs involved. That is environmental disasters are very much increasing due not just to changing weather issues but that populations are moving to land that was previously avoided for habitation. The use of altitude for communications is vital, using LTA systems which,
“Travel small and quick to deploy.”
Are seen by quite a few technologists as a low cost way forward and as such has entered “aerospace thinking” in not just the civilian but military sector. Getting a ballon to 300m with a lift capacity of 10kg is within “school science project” budget and gives a line of sight coverage of better than 100km diameter for a quite high bandwidth transponder that would be recoverable, reusable and maintainable.
Winter • November 13, 2023 7:59 AM
@Just HOW do some people manage without brains?
Indeed, I do wonder
Re: Green Energy is bad
When the current coal, oil, and gas were laid down, some 300M years ago, the average temperature of the world was ~10 degrees Celsius higher (50 degrees Fahrenheit) than today. If we burn it all again, it looks like we will go back to that temperature again.
An increase of 50 degrees Fahrenheit means roughly, that those areas that are now 100F will be 150F, those areas that are occasionally 150F will go 160F. Do you know how many places with temperatures 150F and up are habitable?
Oh, and Greenland will become ice-free, adding some 6m (18 feet) to the see level. And a lot of the outer ice in Antarctica will melt off, adding another 3m or so. If you manage to use your brain, you might want to estimate how many people will have to move when that happens.
In short, either do something about the non-green energy or get ready to welcome a lot of climate refugees.[1]
[1] I understand that there are people who think they can solve that problem by shooting these refugees. I do not think that will actually work.
bl5q sw5N • November 13, 2023 9:02 AM
Re: the key to empire
“We demonstrate that a passive network attacker can opportunistically obtain private RSA host keys from an SSH server that experiences a naturally arising fault during signature computation..”
https://eprint.iacr.org/2023/1711.pdf
Ars article
emily’s post • November 13, 2023 9:33 AM
@ Winter
~10 degrees Celsius higher (50 degrees Fahrenheit)
Ahem – ΔF = 9/5 * ΔC, so 18° rather than 50°.
Winter • November 13, 2023 9:47 AM
@emily’s post
Ahem – ΔF = 9/5 * ΔC, so 18° rather than 50°.
Sorry, not paying attention (never use Fahrenheit). My bad, thanks for correcting.
Clive Robinson • November 13, 2023 11:18 AM
@ bl5q sw5N, ALL,
Re : Keys to the empire
From the Dan Godin ARS article,
“For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established.”
To points to note,
1, Left out the word “practical”.
2, “naturally occurring” errors.
If you look up “Q-codes” you will find “QRM” and “QRN” refering respectively to “Manmade” and “Natural” interferance in a communications channel. These Q-codes were developed by the British Admiralty back in 1909 and quickly became of “common use” by Morse-code CW operators and still are today.
Demonstrating that “communications” errors are to be expected and have been for over a century, thus are in no way unexpected events.
Similarly the British “Diplomatic Wireless Service”(DWS) that at one time ran the worlds largest high security “radio teletype”(RTTY) network used,
1, Message encryption
2, Super encryption
3, Link encryption
In part for security against human agents in acts of betrayal but also because encryption was known to be fragile and could for various reasons fail in some way. For instance the early “One Time Tape”(OTT) super encryption system whilst theoretically secure was found to have “natural faults” that we would now call a “side channel” that enabled the “Shannon : Perfect Secrecy” of the OTT to be stripped away (See history of the “BID Rockex” I’ve mentioned before).
Thus for way more than the Biblical “three score years and ten” not only have we known this class of failing was entirely possible, and happens but that we could implement preventative measures to limit or entirely stop the issue.
As I’ve pointed out AES used in “on-line” mode is not trustworthy, as it was riddled with “implementation side channels” which is why the NSA classified it as only suitable for Off-Line data at rest activities.
And why I’ve repeatedly said you need two “gapped” computers, one to do work on the second to do only communications. So anything you regarded as private or confidential would be done on the first computer and encrypted on it. This encrypted file would be taken across the gap to the second computer to be communicated. Thus even if there were exploitable side channels on the communications computer the actual data would be encrypted, even though communications meta-data and meta-meta-data was not.
The solutions to keeping meta and meta-meta data private / confidential are somewhat harder and require not immediately obvious mitigation solutions.
But in ICTsec we’ve had half a century to do things more confidentially and made the same known and avoidable mistakes over and over…
Who you might chose to blaim is an open question, but one thing is sure we’ve known things realy are “insecure” yet we chose to do nothing about it…
fib • November 13, 2023 2:55 PM
@ All
Re Radioactive RNG
Cool, but i dream of it on a chip; an Americium — used in smoke detectors — chip. I wished it could it be big enough to generate entropy and safe enough to be attached to a motherboard.
This project permits the creation of RNG generators based on nuclear decay, interfacing a Geiger counter with audio exit to a MC.
‘https://github.com/gbonacini/nuclear_rng_generation2
Clive Robinson • November 13, 2023 5:41 PM
@ Winter, ALL,
New handles showing their ignorance appears to be suffereing from increasing numbers…
But ask yourself how many individuals are we actually talking about with respect to the number of handles and what is their actual agenda…
You need to look at “style” and similar… As @SpaceLifeForm noted some time back, thay almost always give themselves away when they play the sock-puppet game…
In the case of the cage you’ve apparently rattled the individual within appears incapable of ubderstanding how energy and radiation transport systems work on Earth… There was me thinking that the education system where they are is aledgedly comprehensive but…
Kind of sad realy, but hey in a democracy even those who believe in fairies at the the bottom of their garden etc are alowed to vote… As was once noted, it is the worst political system but for all the others.
vas pup • November 13, 2023 7:20 PM
@MuslimCliveKnowsEverything
When anybody point out that somebody else is crazy I always have questions:
1. Are you licensed psychiatrist with specialized training?
2. If 1. Yes – is this person Your patient?
If at least one answer in No – than shut up and go to read last issue of DSM and find something there for your own.
Sorry, nothing personal.
The last red line deep state not crossed yet to fight political opponents is using psychiatry as did Soviets against dissidents. Thanks to associations of mental health professionals that oppose that firmly.
But you could always find Dr Cameron (check web for details) who could do this…
vas pup • November 13, 2023 7:29 PM
@Clive – thank for your input on helium versus hydrogen and very interesting link you’ve provided. I read it with great pleasure.
Australia • November 14, 2023 1:21 AM
the …for Dummies series of educational books relies on an off putting title
Nonetheless just came across Hacking for Dummies. By Kevin Beaver.
Vulnerability and penetration testing.
It is surprisingly technical.
Really helpful primer with a great deal of resources.
https://www.amazon.com.au/Hacking-Dummies-5th-Kevin-Beaver/dp/1119154685
Winter • November 14, 2023 1:30 AM
@Clive
the individual within appears incapable of ubderstanding how energy and radiation transport systems work on Earth
I once was involved in an online discussion where a well know Libertarian (anarchist?) with a university degree and a following did argue that plants were net emitters of carbon to the atmosphere based on a sensing map showing carbon emissions during the night.
It proved to be impossible to get the fundamental idea of (carbon) mass conservation in chemical reactions across. This was just one of his areas of ignorance wrt climate.
What struck me was not his ignorance, that can be mended, but his unwillingness to adapt his believes to new information when it threatened his political convictions.
JonKnowsNothing • November 14, 2023 2:11 AM
@Winter, @Clive, All
re: Libertarian (anarchist?)
Modern Libertarians have some ideas derived from the period of anarchists (1900s) but they do not have the same economic views.
In the 1900s, there was a strong movement to remove hereditary rulers and hereditary oligarchs. The idea that Kings are The Anointed of God was being challenged. These challenges have some application globally.
Modern Libertarians (USA) pull their economic views from the 1950s and the Chicago School of Economics promoting the ideas of Friedrich Hayek.
They are not anarchists in the old sense, but have little belief in governments of any type or system. It doesn’t matter what government or where. They do hide their anti-government beliefs behind the flags of ultra patriotism to promote the idea that
- There is no need for The General Welfare of the Population
They are firmly in the camp of Bootstrap and Sink or Swim economics. They make no allocation or mitigation for circumstances beyond one’s personal control (Wars, Climate). It’s tough luck if a tornado or warhead lands on your house (they do seem to believe in luck).
What they firmly believe is that they are immune to such happenings and there should be zero interference in whatever economic endeavors they wish to undertake. There should be no public property and no restrictions on the uses for private property.
You can notice many countries have some of these policies and actively promote the ideas that there should be no aspects of The Public Good to impede their views.
A MSM report about the state of charity programs in the UK, is an example of their views. (1)
Charities in England are on the brink of insolvency after subsidising
heavily underfunded local authority and NHS contracts to the tune
of hundreds of millions of pounds donated to them by the public,
voluntary sector leaders have warned
…
The refusal of local authorities, the NHS and government
departments to fund the real cost of local service contracts – and
the built-in assumption that voluntary sector will deliver “on the
cheap” – was threatening the existence of vital local service
…
charities who feel their focus on the needs of
vulnerable beneficiaries is exploited by public bodies which
routinely expect charities not to charge for the full cost of the
service or to deliver it for “next to nothing”
…
“[The local authority] see contract payments
as ‘handouts to do-gooders’ instead of recognising that they are
paying us to work for them because we able to do it better, cheaper,
faster and with a more human and empathic approach.”
…
public sector “double standards” that accept private contractors must make a
profit while routinely expecting charities to run services at a loss,
with donors picking up the tab
===
ht tps://en.wikipedi a. org/wiki/Friedrich_Hayek
1) HAIL Warning
ht tps://www.theguardia n.c om/society/2023/nov/13/charities-near-insolvency-after-subsidising-public-sector-contracts
- English charities ‘near insolvency’ after subsidising public sector contracts
Winter • November 14, 2023 3:40 AM
@JonKnowsNothing
Modern Libertarians (USA) pull their economic views from the 1950s and the Chicago School of Economics promoting the ideas of Friedrich Hayek.
That was my idea too, but this person claimed to be an Anarchist, IIRC, but was a staunch follower of Hayek and Libertarian Economics too. In this case it does not matter. Their climate opposition is totally based on their denial of all problems that cannot be solved by Free Market Fundamentalism.
They are firmly in the camp of Bootstrap and Sink or Swim economics.
Deep down it is the offspring of 19th century eugenic programs to “improve” humanity by getting rid of all those who are not able to care for themselves. [1]
Many “more human” (note the scare quotes) eugenic programs limited themselves to just sterilizing those seen as unfit or deporting them to another continent. But the modern crop feels the poor should just go the way of the Dodo.
[1] For an American example, see (PDF):
A Disturbing Return to Eugenics in the Recent Workfare Law
‘https://escholarship.org/content/qt9b25r7hh/qt9b25r7hh.pdf?t=mlqp4t
richie blackmore • November 14, 2023 4:57 PM
The FBI previously purchased access to “netflow” data, which a company called Team Cymru obtains from ISPs. Team Cymru then sells it to the government.
https://www.vice.com/en/article/dy3z9a/fbi-bought-netflow-data-team-cymru-contract
https://www.cosive.com/capabilities/team-cymru-pure-signal-recon
SpaceLifeForm • November 15, 2023 2:12 AM
#SiliconTurtles
The old Go-Faster microcode stripes and resulting security issues
‘https://arstechnica.com/security/2023/11/intel-fixes-high-severity-cpu-bug-that-causes-very-strange-behavior/
During testing in August, Ormandy noticed that the REX prefix was generating “unexpected results” when running on Intel CPUs that support a newer feature known as fast short repeat move, which was introduced in the Ice Lake architecture to fix microcoding bottlenecks.
‘https://lock.cmpxchg8b.com/reptar.html
Analysis
We know something strange is happening, but how microcode works in modern systems is a closely guarded secret. We can only theorize about the root cause based on observations.
SpaceLifeForm • November 15, 2023 3:39 AM
Waiting 5 minutes for BatCache to refresh may be good.
‘https://www.bleepingcomputer.com/news/security/wp-fastest-cache-plugin-bug-exposes-600k-wordpress-sites-to-attacks/
Clive Robinson • November 15, 2023 4:57 AM
@ SpaceLifeForm, ALL,
Re : WordPress vulnerability.
On reading the “Bleeping Computer” story we see,
“In this case, the flaw impacts the ‘is_user_admin’ function of the ‘WpFastestCacheCreateCache’ class within the WP Fastest Cache plugin, which is intended to check if a user is an administrator by extracting the ‘$username’ value from cookies.“
!!! From cookies !!!
Makes the brain jolt with a “For real?” thought, and a secondary “Why would someone be that daft in this day and age?” triggering the is this just a journalist/editor mistake…
Then you read the next paragraph,
“Because the ‘$username’ input isn’t sanitized, an attacker may manipulate this cookie value to alter the SQL query executes by the plugin, leading to unauthorized access to the database.”
At which point you “face palm” yup it looks like it’s “a for realsy”…
And for those that doubt the face palm thought as the article goes on to state,
“[I]t should be noted that the vulnerability isn’t a complex one and hackers can figure out how to exploit it.”
Yup… This sort of mistake of not sanatising “user input” via what were then call “tokens” used in browser returns goes back to the early to mid 1990’s when “Middleware” first became a thing as user interfaces to backend databases and similar were migrated off of servers into user browsers, and the bad trend of “migrating left” to off load functionality out of backend business logic on the server and into the user browser became a trend…
It requires an obligitory hat tip to the XKCD “little bobby tables”, more formally “Exploits of a Mom”,
To quote the words of the Peter Seeger and Joe Hickerson’s song[1],
“When will we ever learn? When will we ever learn?”
Something I ask on an almost daily basis with the ICT industry…
[1] Written in 1955 it also includes the line “Long time passing” and nearly three quaters of a century later it is still being sung or played at this time of year,
https://performingsongwriter.com/pete-seeger-flowers-gone/
And still the insanity goes on…
Clive Robinson • November 15, 2023 6:24 AM
@ SpaceLifeForm, &ers, ALL,
Re : The Xmas gift that keeps giving.
Two more to add to the list and just after “peak computer hardware shop” time again…
I predicted it would go on for atleast half a decade and more from the Meltdown and Spectre attacks made public in Jan 2018[1]…
Well here we are a half decade later, and as predicted… But I did get one thing sort of wrong. I predicted it would be University and other academic researchers finding them in part to “make a name” and have in effect a “platinum plated C.V.” to boost their position in the very restricted jobs market.
But is Google security research realy different from academic research –other than the money/resources–?
In a way yes, but they are getting the job done faster in many ways and have more publicity potential, than most Universities have.
Any one want to “bet a beer bottle cap”[2] on the continuance over the next half decade?
Speaking of which, yes I think x86 has had it’s day and thus will be nolonger even a “second runner” in half a decade. Which is why I’ll keep my eye more on ARM and RISC-5 developments. Apple’s adventures with their CPU chips should be telling people that Intel are not just “behind the curve” but “took a wrong turn or five” and the “Current Idiot In Charge”(CIIC) is in no way giving confidence to shareholders or anyone else for that matter. So,
“Will Intel even still be here in a half decade?”
I suspect yes, but that will probably be more due to the simple fact they have so much to “Fire Sale” off than anything else.
[1] Whilst “only made public” in Jan 2018 the Meltdown and Spectre attacks were actually discovered well previously and Intel forced the information to be witheld from the public untill after,
1, Peak Xmas shopping.
2, An Intel major shareholder “just coincidently” off-loaded millions of USD of shares before the news brought the shareprice down…
[2] Yup I think there will be no shortage of “Go faster stripe” hardware security vulnerabilities to come. Remember we’ve not realy kicked into “parallel computing” yet, because we are still trying to “beat the speed of light” rather than go other ways “outside the rack box”. And before we do that, we are already seeing hardware vulnerabilities showing with “LLM Booster” chips, and I suspect there is a whole world of hurt to go through there first. Because the way we are developing “Digital Neural Networks”(DNNs) currently is an “evolutionary cul-de-sac”, or for those of more canescent phraseology “an existential diverticulum” ending at best blindly, but will exhibit more as “scrapping the bottom of the barrel” than “bottom of the sack”.
Winter • November 15, 2023 7:33 AM
It has been known that narcissists are willing to murder those who oppose them.
Why would someone refer to other humans as vermin?
What do you do with vermin?
‘https://www.nytimes.com/2023/11/13/us/politics/trump-vermin-rhetoric-fascists.html
‘https://www.motherjones.com/politics/2023/11/trump-vermin-hitler-threat/
The next American elections are going to be a life or death matter for a lot of Americans, especially politicians and prosecutors, and a former vice-president.
Clive Robinson • November 15, 2023 10:31 AM
@ Winter,
Re : Looking from the light into the dark tetrad domains of the brain.
“It has been known that narcissists are willing to murder those who oppose them.”
Generally only when enranged. Because they are lacking in the,
1, (Socio)Psychopathic : Where there is no empathy inhibition.
2, Sadistic : Where pleasure is derived from watching or inflicting harm on others.
3, Machiavellian : To get others to inflict harm.
4, Spitfulnes : Where the desire to harm another is not inhibited by the usual self preservation harm avoidence (that is where the individual beleves they gain advantage or “status” by actively taking actions that will harm themselves on the assumption it will harm others more thus open the “status gap”).
Otherwise they will if in the public eye use others who are seen as “guard labour” or “Authoritarian followers”.
Which still even after C19 an under researched area, which is why looking back at the work of Bob Altemeyer who I’ve mentioned as a recommended read here and other places over the years is still rather more than just valid,
For another some would say professional view on Prof Altemeyer and similars work in part answers your question,
https://www.psychologytoday.com/us/blog/ambigamy/201706/how-authoritarians-leaders-get-away-it
However I would recomend that all who can think and reason read it.
Because “authoritarian followers” would do what slips of paper pushed out of a cardboard box tell them to do.
Thus “Authoritarian Followers” are the true danger that could make LLM’s especially those augmented by feedback processes of ML the all to real “AI Existential Threat” not just to humanity but virtually all that lives on Earth.
It’s a point I’ve been meaning to bring up, especially bearing in mind what is currently going on in the world. But how to do it without having various types of behaviour that have been popping up again get worse.
[1] The dark domains of personality deficits has the apperance of increasing every time you blink.
https://repository.essex.ac.uk/31052/8/1-s2.0-S0191886921006267-main.pdf
‘https://www.psychologytoday.com/us/blog/social-instincts/202101/5-recent-findings-about-dark-personalities
Spitfulness is the most recent from a proposal by Marcus and Zeigler-Hill back in 2015. Which drew in, in 2018/19 from the work of Moshagen and others, especially to explain observed mostly in the US C19 behaviours in a particular political setting.
Winter • November 15, 2023 11:03 AM
@Clive
Re : Looking from the light into the dark tetrad domains of the brain.
I am not interested in the general case. I am interested in this one man and his followers who tried once before to kill the vice president and members of Congress.
damage and danger go to town • November 16, 2023 1:45 AM
This is kind of funny:
https://www.avvo.com/legal-answers/i-was-talking-with-a-girl-online-dating-site-pic-s-3938508.html
…and yet this kind of site is actually useful.
I found several approx answers to some oddball questions rolling around in my head that others had already asked.
We are truly living in some strange times.
But these kinds of scams really do a lot of damage to a wide variety of common users, hence the security damage and dangers.
ResearcherZero • November 16, 2023 2:29 AM
Now we at least know what happen to HAL, and why Dave is not here.
You will get no good jokes from me. 😉
–
Lack of overview of network equipment, including a Zyxel firewall that no one realised had been added to one of the networks by a contractor.
‘https://sektorcert.dk/wp-content/uploads/2023/11/SektorCERT-The-attack-against-Danish-critical-infrastructure-TLP-CLEAR.pdf
–
Concerns sensitive data relating to the scale and scope of hacks is being withheld from agencies.
‘https://www.abc.net.au/news/2023-11-15/asd-reports-increase-in-cyber-attacks/103103320
Log4j and ProxyLogon “by far the most exploited vulnerabilities throughout the analysis period”
‘https://www.cyber.gov.au/sites/default/files/2023-11/asd-cyber-threat-report-2023.pdf
Inadequate patching, and poorly separated IT and operational technology (OT) networks.
33% have no incident response plan. 44% of participants are not managing third-party or supply chain risks. 58% can’t or would struggle to protect confidential information.
‘https://asic.gov.au/about-asic/news-centre/find-a-media-release/2023-releases/23-300mr-asic-calls-for-greater-organisational-vigilance-to-combat-cyber-threats/
–
How not to leak your secrets by accident…
“So how can you sleep at night without knowing if your Azure CLI usage will emit sensitive information?”
‘https://www.paloaltonetworks.com/blog/prisma-cloud/secrets-leakage-user-error-azure-cli/
ResearcherZero • November 16, 2023 3:06 AM
@Winter
It’s pretty much the opposite of Christmas good will.
Hundreds of harassing and threatening phone calls, voicemails, emails, letters, and packages…
‘https://www.businessinsider.com/trump-lawyers-mistrial-new-york-fraud-case-law-clerk-2023-11
unwanted drone…
“Emotions are running high and … it’s up to all of us to try to set a good example.” ~ Mitch McConnell
‘https://www.washingtonpost.com/politics/2023/11/14/kevin-mccarthy-elbow-senate-fight/
Winter • November 16, 2023 3:44 AM
@ResearcherZero
It’s pretty much the opposite of Christmas good will.
It has been at the “Pound the table” phase sinds the start. The GOP sold themselves as the party of Law and Order.
No one ever has accused Trump of Christmas good will, or good will in general.
He has a devoted following, but is not loved by independent voters.
The GOP Has Two Albatrosses and Can Afford Just One
‘https://www.nationalreview.com/corner/cooke-the-gop-has-two-albatrosses-and-can-afford-just-one/amp/
Eriadilos • November 16, 2023 12:27 PM
ht tps://www.iccl.ie/digital-data/europes-hidden-security-crisis/
Report from the Irish Council for Civil Liberties about the very real security risks posed by targetted advertising and the data collected (and of course then sold) to support the technology.
Would be interresting to know what you all think about it.
Clive Robinson • November 16, 2023 6:10 PM
@ Bruce, ALL,
Re : Black out comming to get you all?
This “OMG we’re Doomed” story about US Power infrastructure has just been rekindled for the XXXth time this decade,
https://thelibertydaily.com/grid-down-alert-north-america-risk-blackouts-during/
In part because we are aproaching Solar Maximum, in part because of political unrest and economic uncertainty.
And yes what it says is true the US Fed Gov reports with inputs from the likes of the CIA say that the power grid is “physically” in such a flaky state that should a suitable electromagnetic event happen the 66-90% of the US and North American population will have a high probability of being dead within a year…
Recentish news-worthy events in Texas and California have shown how quickly things can go bad. Less well known was NY State that should have got wiped of the planet, but by chance had started an upgrade program that “saved the bacon”.
However the articak should not make people panic, nor the luck of the New York incident complacent. What they should do is dig a little deeper and gain an understanding as to why the North Anerican power grid is so vulnerable.
Unfortunately two major reasons that will pop uo are,
1, It was designed to be a failure.
2, In more recent times lack of maintainance has made it worse.
The first is something kind of unique to the US in Western First World countries. Basically the infrastructure is done on the very cheap and a half century life time at best is what it’s designed for. With traditionaly design for fast maintainance making “the rot” due to the element’s much faster. The theory was that although it cost a lot more over the half century life, the initial costs would be low. Not quite “lop the branches off of a tree strap on a transformer and daisy chain some wire”, but many on seeing it will understand the sentiment.
The second problem is “pull the profit and run” thinking as part of the “don’t leave money on the table” neo-con mantra. As noted maintaining such a network is very expensive as it’s not designed to be resiliant or fault tolerant thus maintainance heavy with lots of emoloyees. BUT… if you stop the maintenance then the employment and materials costs disapear. But also failure issues do not immediately appear. So for a few years shareholder value looks great and the bonus as a C-suit accordingly high.
Then the rot bites, disasters strike, law suits spring up like mushrooms overnight, so the C-suits pull the “too critical to be alowed to fail” cord and protection from bankruptcy etc.
And you the consumer who has by various tricks of legislation and regulation discover you are paying more money for mains power per kW hour than the equivalent from batteries and gas guzzling generators…
But if it’s only for a few hours or a week then most will survive, so why the oft quoted 66 to 90% death rate? Well that’s for the mains power being gone for 6-24 months.
Why so long? Lets talk about transformers, they are all over the US grid and mostly unprotected against electromagnetic events, that are many many times worse with barely in spec overhead wires than with buried cables. Natural events due to solar weather such as CME’s and Charington events, cause the equivalent of massive DC currents to flow, and transformer windings over heat and melt or burn out rapidly. The problem, the US does not wind it’s own grid transformers, they come in from abroad, and whilst they are not quite “hand made” they are generally on a 12-24month order to delivery time, and they are very difficult to transport and install.
Now look around your home, what won’t work without power?
Well virtually everything. Heating, AC, cooking, freezer, computers, and communications. But after maybe a week water will stop flowing and sewage will back up with disease and death following to nearly every door… The higher the housing/population density in any given area the worse it will be.
But what about food? well it will become not just scarce but very expensive… Not that you will be able to buy it because “No power = No Job = No money = No food, health care, or roof over your head” (and social safety nets for the good of all are an anathema to way to many in the US).
We saw during the previous administration that you can forget about federal assistance and I think those in Texas and California know that state level assistance would be at best high velocity lead poisoning for the desperate.
But note I’ve only mentioned “natural electromagnetic events” that happen every 10-150 years depending on how you want to characterize them. I’ve not talked of EMP from nuclear or HERF devices, or cyber-security adverse events all of which tend to be more local than continental / worldwide, but certainly directed at critical nexi where possible.
For obvious reasons some people are getting twitchy about the “N-word” but in all honesty I still think the risk of that is about the same as normal which is low. In part because I conversly think the risk of cyber-security events are way way higher and rising. With the question of if they will become more of a defence rather than offence issue. Because ultimately cyber attacks only work for two reasons,
1, The attackers can reach them.
2, The attackers can take them over.
If people took a little thought into what they do, then their contingency planning would take “communications failure” into account and have a mittigation. Thus pulling the plug from the Internet should be possible. Which leaves the issue of a “dead hand payload” of an APT agent already in place waiting for a lack of “heart-beat”.
I won’t go into details but there are ways you can mitigate even “dead hand” APT if you plan sensibly in advance.
Things that have happened in the Ukraine with regards Cyber-Security should not have happened. In part it’s cost minimization, but also lets be honest as @JonKnowsNothing has pointed out today “crap-sodtware”. The lesson is none of our infrastructure systems should be in any way remotely connected to public networks, especially with the really crap awfull software in “embeded” and “appliance” devices for networking. The likes of Cisco should be ashamed of selling that sort of crapware junk.
The advantage of cyber-security adverse events from a defenders point of view is both the lack of, and difficulty of, “Physical Agency” that is going to cause major longterm damage. I won’t go into ICS, SCADA, and RTU systems but they are not the “bread and butter” of cyber attacks. Also with a little thought and planning secondary monitoring systems can be put in place.
For instance Stuxnet a decade ago did damage because there were no secondary monitoring systems in place, so the repeated run-up / run-down by the centrifuge controlers necessary to cause the damage went unnoticed…
Anyone these days with any sense and high value systems to run, would you have hoped, taken that on board and put the required secondary systems in place.
However recent events by certain states presumably under “shareholder originated preasure” suggests very strongly that certain infrastructure managment realy are lacking in the sense department… However the court cases are double edged, they now will find it extreamly difficult to claim they were “not negligent” if things do go pear-shaped.
Over all that means that the 66-90% US fatality rate is now likely to be actually somewhat lower than it was a decade or more ago when first indicated.
But one word of advice, don’t go out and by a generator. Firstly because very very few know how to “wire them in” safely, not just for the home occupants but their neighbours and for the power company employees as well.
Also some generators run on “petrochem fuels” one result of which is significant carbon monoxide and other very life shortening emmissions, they are also not just a fire risk, but because they are noisy and left mostly unatended a theft risk with the attendent risk of violence.
However there are known ways to connect “Solar Generators” into the equivalent of UPSs very safely and these will keep small fridges running for meds and the like, and for “knowledge workers” a reasonable chance to keep your job going especially if you use satellite rather than mobile or land line communications, but… it also needs your employer to be suitably set up, which is probably unlikely.
But natural electromagnetic events like CME’s and Carrington Events are quite survivable, as humans have happily lived through them before any number of times. But the world was barely electrically sophisticated 164 years ago, back in 1859 when the telegraph was still magically impresive, though it only ran on batteries and the only power coming into homes was biological on two or for legs or coal gas for lighting, and in factories steam driven shafts. It was a decade or so later that electric arc lamps were to appear with a harshness few found appealing. So the impact was more awe than life altering,
https://earthsky.org/human-world/carrington-event-1859-solar-storm-effects-today/
Not so today, we are slave to the movment of charge in so many ways that few realise even when they go camping, what it’s loss actually would mean.
But I actually doubt it would be even close to existential for mankind as much of the world still does not depend on electricity.
As for the West, again many parts are not as dependent on electricity as we are in high population density places like London, New York, Paris or Brussels…
ResearcherZero • November 16, 2023 11:58 PM
@Winter
It all has a very sad and disturbing history. Elderly fraud en masse.
Elderly, retired, don’t know where to invest your savings?
https://www.nytimes.com/interactive/2018/10/02/us/politics/donald-trump-tax-schemes-fred-trump.html
swindled
‘https://lawandcrime.com/high-profile/judge-dismisses-fraud-lawsuit-by-donald-trumps-niece-over-inheritance-settlement-clearly-and-unambiguously-released-ex-president/
“Fred Trump, was arrested twice: in 1927 during a Ku Klux Klan riot, and in 1976 over code violations at a building he owned in Maryland.”
https://www.washingtonpost.com/history/2023/04/04/fred-trump-arrests/
–
“DiGenova, Toensing, Powell and Ellis joined a legal team led by Giuliani to overturn the results of the 2020 presidential election.”
https://www.washingtonpost.com/politics/2023/11/14/trump-russia-guiliani-biden-ukraine/
The pro-Trump two-step has been made manifest in a single household.
‘https://www.mediamatters.org/sean-hannity/victoria-toensing-new-trump-lawyer-joseph-digenovas-wife-has-been-trying-use-uranium
DiGenova and Toensing had potential business ties to the politically-charged — but still-unfounded — claims of corruption they themselves promoted.
https://abcnews.go.com/Politics/giulianis-associates-promoting-foreign-agenda-trump-friendly-media/story?id=66327205
Fundraising source. People who might be elderly and who “can’t afford to start over.”
‘https://www.washingtonpost.com/investigations/2023/01/15/george-santos-harbor-city-capital/
ResearcherZero • November 17, 2023 12:04 AM
SOCKS5 heap buffer overflow, insert cookies, arbitrary file deletion, privilege escalation
‘https://www.cisa.gov/news-events/alerts/2023/11/14/fortinet-releases-security-updates-forticlient-and-fortigate
‘https://fortiguard.com/psirt/FG-IR-23-135
‘https://fortiguard.com/psirt/FG-IR-23-130
–
sensitive information disclosure to 3rd parties
‘https://www.rollingstone.com/politics/politics-news/mike-johnson-son-monitor-porn-intake-covenant-eyes-1234870634/
ResearcherZero • November 17, 2023 12:28 AM
@Winter
The question is, why intimidate witnesses if you have done nothing wrong?
The state further claimed the release was “clearly intended to intimidate witnesses in this case, subjecting them to harassment and threats prior to trial.”
https://abcnews.go.com/US/georgia-prosecutors-emergency-protective-order-trump-case-video-disclosure/story?id=104882446
Trump lawyers Susan R. Necheles and Gedalia M. Stern filed a formal demand that Cohen fork over “all documents and communications regarding the topics below that are stored on any medium under your possession or control, including but not limited to phones (including encrypted messaging applications), tablets, computers, and hard copy.”
‘https://www.thedailybeast.com/payback-scheme-trump-tries-to-get-michael-cohens-phone
Wants special treatment to continue behaving in such a manner.
https://abcnews.go.com/US/manhattan-da-court-filing-opposes-trumps-bid-dismiss/story?id=104949450
“The Defendant’s actions demonstrate that he poses a significant threat of intimidating witnesses and otherwise obstructing the administration of justice in the future, making him ineligible for bond.”
‘https://www.washingtonexaminer.com/policy/courts/georgia-prosecutors-judge-jail-trump-codefendant-witness-intimidation
Winter • November 17, 2023 1:20 AM
@ResearcherZero
The question is, why intimidate witnesses if you have done nothing wrong?
Nothing new. Attack the courts and subvert the judges is at the heart of any coup by the Right, from Poland to Turkey and all countries in between.
Be it now:
Trump unleashes new attack on the legal system
‘https://edition.cnn.com/2023/11/03/politics/trump-legal-system-attack-sons-trial/index.html
Or years ago:
In His Own Words: The President’s Attacks on the Courts
‘https://www.brennancenter.org/our-work/research-reports/his-own-words-presidents-attacks-courts
ResearcherZero • November 17, 2023 1:25 AM
How to leak your secrets in PyPi (by not scanning for them before release)
“Files are only 100% removed from PyPI if they have known malicious code. Anything else is there forever.”
‘https://blog.gitguardian.com/uncovering-thousands-of-unique-secrets-in-pypi-packages/
–
90% Error Rate is a financial success.
“Even for the patients who appeal their AI-backed denials and succeed at getting them overturned, the win is short-lived — UnitedHealth will send new denials soon after, sometimes within days.”
‘https://arstechnica.com/health/2023/11/ai-with-90-error-rate-forces-elderly-out-of-rehab-nursing-homes-suit-claims/
–
Vasectomy on the cheap. 😉
‘https://www.cnn.com/2023/11/15/health/sperm-damage-pesticides-wellness/index.html
ResearcherZero • November 17, 2023 1:32 AM
Whistleblower David McBride has pleaded guilty to three charges after an ACT supreme court upheld a commonwealth intervention to withhold key evidence it deemed as having the potential to jeopardise “the security and defence of Australia” if released.
‘https://www.theguardian.com/australia-news/2023/nov/17/whistleblower-david-mcbride-guilty-plea-evidence-security-risk-act-supreme-court
“a cruel hoax holding out the prospect of a safe harbour which instead lures whistleblowers into the valley of death that is our legal system.”
https://www.abc.net.au/news/2023-02-09/whistleblower-says-reforms-hypocritical-with-prosecutions/101949224
ResearcherZero • November 17, 2023 3:45 AM
@Winter
Indeed it does not stop them…
“The leaked documents uncovered a series of large financial transactions related to Abramovich in the days leading up to Moscow’s full-scale invasion on February 24, 2022.”
Shady finance has been the province of the highest levels of Cyprus’ government and finance.
‘https://cyprus-mail.com/2023/11/15/icij-report-into-russian-money-nothing-new-already-being-investigated-says-government/
“This shows you how the Russians operate, and they’re paying this guy money through shell companies, through a billionaire.”
https://www.icij.org/investigations/cyprus-confidential/german-journalist-putin-documentary-cyprus-secret-payments/
–
Perth Mint will likely avoid being slugged with a huge fine after it “got a little adventurous”
‘https://www.news.com.au/national/western-australia/perth-mint-gold-trade-increased-after-antimoney-laundering-scandal-chair-tells-inquiry/news-story/fbcee832962ade7938889c1592be62e6
“The vast sums of money involved can compromise legitimate economies and have a direct impact on governance, such as through corruption and the “buying” of elections. Yet less than 1 per cent of those laundered proceeds are intercepted and confiscated.”
https://ocindex.net/report/2023/0-3-contents.html
Misinvoicing
One such method commonly used is misrepresenting the price, quality, or quantity of goods by over- or under-invoicing, multiple invoicing, short- or over- shipping, obfuscation (shipping something other than what is invoiced) or phantom shipments (shipping nothing at all).
‘https://www.ntrustlabs.com/wp-content/uploads/2021/08/APFF_TBML_Whitepaper_1630153950.pdf
Subscribe to comments on this entry
Leave a comment
Sidebar photo of Bruce Schneier by Joe MacInnis.
vas pup • November 10, 2023 5:39 PM
Sergey Brin’s zeppelin: The biggest, greenest aircraft in the world
https://aerospaceamerica.aiaa.org/year-in-review/sergey-brins-zeppelin-the-biggest-greenest-aircraft-in-the-world/
“For three years rumors swirled: What could Google billionaire Sergey Brin
possibly be building — in secret and far from public view — inside an old Navy blimp hangar at Moffett Field in California? The answer came in October: Brin’s company, LTA Research, revealed Pathfinder 1, an all-composite, extremely
green, extremely large 123 meters long by 20 meters in diameter new-age zeppelin the size of four Goodyear blimps.
Since Pathfinder 1 needs no airport or runway to land, its initial mission will
be delivering humanitarian aid and disaster relief to regions of the world
inaccessible to conventional aircraft.
=>Pathfinder 1 will lift 28 tons, cruise at 60 knots and have a range in excess of 2,500 nautical miles. For propulsion, Weston said in September that LTA was
exploring a variety of options, including solar-electric, hybrid and hydrogen fuel cells, any combination of which would produce “very small to zero carbon emissions.”
The company plans to manufacture larger craft. In March, it negotiated a deal to buy the Akron (Ohio) Airdock — 360 meters long, 99 meters wide, 64 meters tall — in which the U.S. Navy built its airplane-carrying airships Akron and Macon of the 1930s.
=>The company and the U.S. Navy’s Naval Postgraduate School in August signed a
cooperative research and development agreement to explore what impact hybrid
aircraft might have on Navy and Marine Corps logistics capability. Also this
year, investment firm Global Emerging Markets made a $200 million commitment to
help HAV eventually go public.”