Source: www.schneier.com – Author: Bruce Schneier
Comments
Anonymous •
“Philadelphia sheriff caught posting over 30 fake news stories generated by ChatGPT to her website”
httpx: fortune.com/2024/02/06/philadelphia-sheriff-fake-news-chatgpt-30-articles-removed/
for the lulz •
Raspberry Pi Pico cracks BitLocker in under a minute
Windows encryption feature defeated by $10 and a YouTube tutorial
https://www.theregister.com/2024/02/07/breaking_bitlocker_pi_pico/
“A Lenovo laptop was used in the video, posted by user stacksmashing, although other hardware will also be vulnerable. The technique also relies on having a Trusted Platform Module (TPM) separate from the CPU. In many cases, the two will be combined, in which case the technique shown cannot be used.
However, if you get your hands on a similarly vulnerable device secured with BitLocker, gaining access to the encrypted storage appears embarrassingly simple. The crux of it is sniffing out the key to the device as it is passed from TPM to CPU. The key is helpfully not encrypted.
This particular laptop had connections that could be put to use alongside a custom connector to access the signals between chips. Stir in an analyzer running on the Raspberry Pi Pico and for less than $10 in components, you can get hold of the master key for the laptop hardware.”
ResearcherZero •
A visual demonstration for politicians of why rain has become heavier.
As air warms, it can “hold” more water vapor than air at cooler temperatures.
‘https://www.scientificamerican.com/article/what-are-atmospheric-rivers-and-how-are-they-changing/
Clive Robinson •
@ for the lulz, ALL,
Re : failure to protect root of trust.
“The crux of it is sniffing out the key to the device as it is passed from TPM to CPU. The key is helpfully not encrypted.”
This is possible so often it is realy embarrassing to talk about because it appears,
“Nobody in the ICT industry learns from history!..”
This sort of thing was happening with passwords over first serial lines in the 1950/60’s and later 1980/90’s over LAN’s and WAN’s and especially the Internet.
But IoT and embedded systems like network appliances has brought it back again with hard coded passwords and the like.
I could go on at considerable length as I have done in the past.
But I know people are going to turn a blind eye, make excuses and do nothing from the lessons…
Because “cost and convenience” always “trump security” even if you draconianly sack people who do it, they won’t stop. In fact they counter argue “your paranoid”…
I’ve just had this nonsense from a friend who should know better, because I refuse to load shit loads of apps that I know to be not just insecure but actively spying on my phone, i’m in the wrong because it inconveniences him and others who want to send puerile cartoons and the like…
Pointing out why the EncroChat and similar phones caused thousands of defendants and why secure message apps are now pulling in politicians and others by the boat load into judicial issues/proceadings is apparently “being paranoid” and gets the “You’ve got nothing to worry about” nonsense. Even pointing out why their mother got her pension stolen because of the apps installed, apparently just more of my paranoia…
JonKnowsNothing •
All
re: HAIL subliminal bias
One of the common tasks that HAIL developers work on is to reduced known bias’ in the LLM and training sets. They haven’t been all that successful because much of the bias is hidden or goes unrecognized until the output starts laying HAIL sized goose eggs.(1)
The problem is you don’t know there’s a problem until something twigs you to that.
An important SCOTUS case this week had many MSM articles show an image of the official court photo of the 9 justices in their robes. They are seated or standing in specific protocol order according to rank on the court.
I noticed that in this particular image an interesting but not unknown aspect of how they are posed:
- The Men sit with feet apart
- The Women sit with feet together
Can you imagine some AI image identification system deciding that
- If feet apart == male person
There would be a lot of male criminals learning to sit with feet together…
===
1) to lay an egg: (idiomatic) To produce a failure or flop; to do something which is unsuccessful.
Clive Robinson •
@ JonKnowsNothing,
Re : Societal Identity flags.
“Can you imagine some AI image identification system deciding that”
Life is full of “gender flags”.
For instance think of how you fasten your clothes. With left over right or right over left. We are “told” by some this comes from the fact of “right handed dressers”. That is servants who did up buckles, buttons and bows for others facing the person with their dominant hand on the person being dressed non dominenent side. Personally I’m doubtful, for a whole variety of reasons, but we still have this prefrence after so long the real reason is probably long forgorton.
Then there are indicators of “handedness” in the way you part your hair and the way you sit if on your own or in company. Think of the high leg broad cross where you raise the ankle of one leg onto the knee of the support leg. Then use the raised knee as a work surface or something to bang your dominant fist on.
It actually goes further with the angle you sit towards your non dominant side leg. If you are sitting and need it as a work surface you tend to place it in front of you with your dominant side out.
Now consider the lean in position where both feet are flat on the floor and your thighs parallel to it. You place your non dominant are wrist side up and your dominant hand palm side down, the non dominant side leg straight or slightly outwards such that most of the non dominant fore arm rests along it for strength and support. The dominant leg outwards so that the middle of the dominant hand forearm uses just behind the knee as a pivit point.
Strangely this pattern has a habbit of going through to the way people want to fold their sunglasses or specs…
Even the foot you lead off with when climbing stairs apparently has several biases built in.
Some of these biases become “built in” such as in bone and muscle structure the work hand generally being more developed and stronger, and the coresponding shoulder lifted higher. Unless you are a crafts man where the non dominant arm tends to have more muscle but the dominant shoulder is still lifted. Thus you can tell in times past what type of work is done. As well as observing the hands where the dominant hand is less scared or caloused.
Certain proffessions use these “tells” as a form of secret identifier that is if you are trying to hide your handedness.
But it also even in living memory terms has quite a bit of real evil attached.
My father had a ruined left hand courtisy of his teachers and their superstitions. His teachers used to quite litterly smash down on his left hand with an ebony rod every time he tried to use his left hand… Why well because,
1, Being left handed is “sinister” from the French for left but having a whole different meaning in English.
2, The left hand was the dirty hand you used for cleaning your backside etc.
Hence we have “cack handed” for left handed people.
Like always “I’m annoying” 😉 in this respect, people who see me using tools to work with often think I’m right handed or ambidextrous. The actual reason is some tools are designed handed and some are not. My father taught me to use many “handed tools” when I was very young such as hand drills and it was only later that files and chisels and similar less handed tools came into it when I was around six or seven.
Fun fact, do you know why door hinges are on the side they are? Well it goes back to the use of stabbing weapons such as daggers and swords. When you are inside your dominant hand is on the opening side and your shoving shoulder behind the door thus giving you a small but often important advantage.
But beware, of “forensics” and handedness by the way people do their shoe laces up. I can and do do it both ways to ease the wear on not just the laces but the holes they go through.
So how do you think this “lack of handness with laces etc because I think” going to work out with an AI?
Maybe it will conclude as they have in Yorkshire,
“There’s now’t as queer as folks”.
JonKnowsNothing •
@All
re: ROBODead meets ROBOSex
A MSM report on a curious aspect of UK Teacher Pensions for surviving spouses. (1,2)
If the teacher retired after Jan 1 2007, then after death the surviving spouses are entitled to pension payments for life, regardless of their domestic circumstances.
If the teacher retired before 2007, then after death, the surviving spouses must attest annually to their Relationship Status.
- 28 days to declare whether they remain single
The Teachers’ Pensions, which administers the scheme for the Department for Education (DfE), does a number of computer cross matching to see if someone is having some nookie on the side. If they find a matching reference the pension is stopped.
The problem is the criteria for matching, which is used to stop payments. Clearly if you are “officially unofficially declared dead” you can be de-listed.
- matched to the death register based on shared first name and date of birth
The DfE insisted:
the system does not allow names to be decoupled once a potential match between a beneficiary and a death register entry has been identified, even if it has been disproved.
Methinks UK and AU are using the same POSTOFFICE method of validation.
===
1)
HAIL Warning
ht tps ://www.t heguardian.com/money/2024/feb/10/humiliating-pension-process-upsets-partners-of-retired-uk-teachers-who-have-died
- ‘Humiliating’ pension process upsets partners of retired UK teachers who have died
- Annual letter from Teachers’ Pensions, which administers scheme for DfE, asks about new relationships
2)
HAIL Warning
ht tps:/ /www.t heguardian.com/australia-news/2023/dec/22/you-are-deceased-services-australia-bungle-results-in-woman-losing-bank-accounts-and-pension-twice
- You are deceased’: Services Australia bungle results in woman losing bank accounts and pension
- A 74-year-old carer was mistakenly declared dead by Centrelink two times in a case advocates describe as illustrating the ‘devastating consequences of automation’
&ers •
@ALL
hxxps://www.newsweek.com/starlink-russia-ukraine-dubai-spacex-elon-musk-rumors-pentagon-1868461
JonKnowsNothing •
@All
re: UlezGate meets License Plate Cloning
UlezGate: The Transport for London (TfL) sent fines to EU Citizens for legal operation in London Ulez zones claiming the tagged vehicles were illegally in the zone and issued large fines accordingly. TfL illegally obtained the license information for EU visitors by bribing insiders with access to EU license plate information in Belgium and Italy.
Continuing this trend is the practice of “bad guys” obtaining an illegal copy of a legally registered vehicle plate and using the illegal plate all the while collecting fines and violations. It’s the theme in many a James Bond movie where he flips the license plate on his very identifiable sports car to throw off the chasing bad guys. The problem is well known to LEAs and insurance companies. (1)
It appears that while it is known to TfL-Ulez, they refuse to accept proofs that the car on their AI Identification Image is not the same car. TfL can seize the good car and sell it at auction to pay for the fines and tickets even when provided with proof they have the wrong car.
- using copies of his car’s registration plates and had driven in London’s ultra-low emission zone (Ulez) 12 times, resulting in him being sent a series of penalty fines
- grainy black and white images of “his” car being driven in the zone was wrong car
- the number plates looked different, and there were other small differences to the bodywork
From the TfL
Although the evidence which confirmed the vehicle wasn’t registered to him [it] was
submitted after the statutory deadline…
Same problem from different London councils
The legal car is a five-door Audi A3
the photo appeared to be a three-door Audi A1
the council concerned rejected his appeal.
It’s not a one-off incident
latest data from TfL shows that more than 12,762 Ulez charges were cancelled because of cars being cloned in 2022
the growth of camera enforcement – from speeding and parking to bus lanes and yellow
box junctions and from the congestion charge to low-emission zones (2)
The AI identifier is not doing well and HAIL is raining on 13,000 in the UK.
===
1)
HAIL Warning
htt ps:/ /w ww.thegua rdian.com/money/2024/feb/10/car-cloning-drivers-fines-scams-number-plates
- Car cloning: innocent UK motorists get fines as scams accelerate
2) RL tl;dr
In a number of US cities, before heavy automation, it was not uncommon for people to get tickets when they haven’t been in the city or in the city at the date and time stated on the ticket.
There was only one way a ticket got entered into the city system at that time:
- a police person or parking authority person entered the information
If people did not have proof it was not their vehicle or correct time, and did not go to court to challenge the ticket, the city earned extra $$$. The policing agency got a portion of those funds.
If someone did challenge the ticket, the designated police department officer would fail to show up and the violation would be canceled.
Since not many could challenge the tickets, the city earned far more money than the few cases it lost by no-show. The city never had to admit how the ticket got generated.
Clive Robinson •
@ ALL,
It is that time again when the luna calender[1] calls the passing of one year into the next and the beginning of the over two week Spring Festival so,
Welcome to the “Year of the Dragon”.
Dragon’s are the only mythical beast on the 12year Zodiac and they are considered to be very powerful creatures that are,
“Believed to have control of the seas and water”
Which might account for the mess the US West Coast is having with “sky rivers” from the pacific currently[2] as well as increasing tropical storms we are having from the Atlantic in Europe as well.
The Year of the Dragon is also considered an epoch of change, children born in the year are considered to gain power and strength and become great leaders and the like (this of course would have nothing to do with flattering the Emperor 😉
Anyway I wish all a better year than last, and hope it brings peace not further unrest and conflict.
[1] The lunar new year supposadly starts with the second new moon. However it varies across a time period based on where you are in the world. Technically on Greenwich East London on the Greenwich Meridian it happened yesterday a little before 11PM (22:59GMT). The Spring Festival continues untill the end of the first lunar quater and thus is about 15 or so days in duration and in Asia is a time of being with family etc. Thus a time where houses are packed full and also a time when a great many people travel at the same time. Which means packing them together in trains and planes and so it becomes a time for advantageous airborne pathogens to find new hosts…
[2] Sky or “Atmospheric rivers” are meteorological phenomenon where warm tropical air moves in a narrow stream towards the poles. Being saturated with water vapour when the air meets a cause to release the trapped humidity it falls as heavy to torential rain or snow. Sometimes they are benificial, sometimes not. It’s not unknown for two years rainfall to fall in a month, with land quickly saturating and the excessive run off causing significant soil erosion if not held in place by sufficient close rooted vegative cover,
https://www.usgs.gov/news/featured-story/rivers-sky-6-facts-you-should-know-about-atmospheric-rivers
Clive Robinson •
@ Winter, ALL,
Re : Atlantic article
“Not so long ago, many Americans—and especially most Republicans—would have considered anyone supporting such a view to be little more than a deranged and hateful anti-American fanatic.”
Hmm,
Kind of says it all in way more ways than many, and those “fiddlers on the hill” with their “Strong-man” nonsense more and more strongly support such nonsense as though it is the only way they are going to keep doing their grubby dirty work of fiddling.
They say that Nero stood on a hill and fiddled whilst the heart of their Empire burned to the ground.
Is history repeating in some two thousand year slow revolution of the “breaking wheel” in a rut of predictable path unless it’s jumped out of the grove.
Clive Robinson •
@ ALL,
Potential GPS and magnetometer anomalies
It appears that the Sun is having a bit of a strop and throwing more than just the toys out the pram currently and more likely in the next few days.
From a security aspect GPS abd radio systems will be effected thus keep an eye on SysTime etc as it’s going to have issues depending on your setup.
Likewise navigation systems and specially any microcontroller system with physical agency using GPS and magnetometers for location, velocity and direction, and in UAV’s worst of all ASL hight is going to be flaky.
So if you drive a car by GPS you might want to consider the old fashioned way of getting from A to B. And if you are yomping or goating into areas where mist, fog or other weather can reduce visibility you might want to keep your maps in hand and plot your course and check compass direction readings via solar position via clock (ie basic astronavigation).
Which brings in intercontinental flights at high altitudes especially near or across the poles. Radiation levels will be way higher than normal so if you are at risk or a frequent flyer changing your plans might be a consideration.
Also flights will have the same problems with GPS as will UAV’s and in addition HF radio is going to get crapped upon. Potentially with black outs at the poles and high background noise at most latitudes.
But there is an upside… For those at higher latitudes getting those extra doses of high energy particles heading your way, you should get sone good “Northern Lights” to see and photograph starting late on the 12th and going through to the 14th. So romantic but wrap up warm.
https://m.youtube.com/watch?v=pWfnozrR79c
Now for the longterm bad news, coronal ejections consist of a lot of matter moving at significant fractions of the speed of light some of it is very high energy and hits us over a short period of time thus really quite high in power.
Such high levels have to go somewhere which is either to be stored in chemical bonds or back into space, otherwise by the logic of radiation transport it ends up as the worst form of pollution “heat”.
This means the Earth’s ordinary weather systems are going to get a fairly large kick in the pants so some of the recent weather anomalies will continue and even get worse with potentially some new activities popping up.
So keep your eyes and ears open and stay alert and above all err on the side of caution and stay safe.
Hopefully this will go quietly and almost unnoticed by most, but there is the potential for some less than fun CME type events including loss of electrical and communications infrastructure on which most other infrastructure including supply chains are now overly reliant on.
Winter •
@Clive
“… would have considered anyone supporting such a view to be little more than a deranged and hateful anti-American fanatic.”
But he is just that, a deranged and hateful anti-American fanatic.
A man who tried to get the vice-president murdered.
MDK •
@Clive
re: Potential GPS and magnetometer anomalies.
Solarflare was X3.3 long duration event. Shortly after the flare Hawaii Big Island had a magnitude 6.x earthquake. Also, the Icelandic people are having heating challenges with a recent Volcano eruption and magma flow.
ResearcherZero •
@Clive, @winter, @ALL
The media headline for that story should of read “Man Lays Egg”.
At least he finally admitted he is absolutely terrified of Russia.
–
VexTrio collaborates with dozens of associates to spread malicious content through a sophisticated TDS.
‘https://blog.checkpoint.com/research/january-2024s-most-wanted-malware-major-vextrio-broker-operation-uncovered-and-lockbit3-tops-the-ransomware-threats/
“We have seen actors, like VexTrio, who appear to manage their own system, while others take advantage of established cloud-based TDS offerings.”
‘https://blogs.infoblox.com/cyber-threat-intelligence/cybercrime-central-vextrio-operates-massive-criminal-affiliate-program/
ResearcherZero •
@winter, @Clive, @MDK
Figures like Nero were also notorious cowards, hiding their fear with trumpet blasts. It’s sad and pathetic to see grown adults accepting such behaviour, nominating them to join the party, which increasingly has become a parade of fools. Horns, hats, streamers and all.
This anime scene comes to mind again – dreaming while awake
‘https://www.youtube.com/watch?v=2j3mtYRXV7c
- Malware used by cybercrime groups, YoroTrooper and other advanced Russian threats.
‘https://www.justice.gov/opa/pr/international-cybercrime-malware-service-dismantled-federal-authorities-key-malware-sales
“Regarding YoroTrooper’s toolset, the actor uses several commodity remote access trojans (RAT) and credential stealers. For RATs, we have seen the usage of AveMaria/Warzone RAT, LodaRAT, and a custom-built implant based on Python.”
‘https://blog.talosintelligence.com/yorotrooper-espionage-campaign-cis-turkey-europe/
“the formation of a negative attitude towards NATO”
The document sets out a 10-year strategy for bringing Moldova within Russia’s sphere of influence.
https://edition.cnn.com/2023/03/16/europe/russia-moldova-secret-document-intl-cmd/index.html
“a framework used to control the online information environment and manipulate public opinion, enhance psychological operations, and store and organize data for upstream communication of efforts.”
‘https://www.mandiant.com/resources/blog/cyber-operations-russian-vulkan
“The thing about these projects contracted by NTC Vulkan is that they all seem to support the broader strategic goals of information confrontation.”
https://www.theregister.com/2023/03/31/vulkan_files_russia/
Deliberate cooperation between Tomiris and Turla.
‘https://securelist.com/tomiris-called-they-want-their-turla-malware-back/109552/
ResearcherZero •
When you begin to believe that terrible things will somehow lead to a better outcome, at that point you have become irrational. If you continue to encourage others to engage in terrible behaviour — to advance your own agenda, then you have become completely delusional.
“This is for Trump,” announced one man in Florida as he punched a Latino gas station attendant in the head.
“I think my rhetoric brings people together,” Trump said last year. (Perhaps, in hospitals, courts and morgues.)
‘https://abcnews.go.com/Politics/blame-abc-news-finds-17-cases-invoking-trump/story?id=58912889
“When there’s a crash, I hope it’s going to be during this next 12 months because I don’t want to be Herbert Hoover.”
https://edition.cnn.com/2024/01/08/politics/trump-economy-crash/index.html
“What’s going on in the country that a single person thinks this guy would still be a good president when he’s said the things he’s said and done the things he’s done?” Kelly said in a recent interview. “It’s beyond my comprehension he has the support he has.”
‘https://www.washingtonpost.com/nation/2023/11/20/trump-aides-cabinet-critics-election/
“Did the January 6th insurrectionists display patriotism as some of them claim they did?”
“No. Of course not,” DeSantis replied. “I mean, that was not a good day for the country.”
https://www.washingtonpost.com/politics/2024/01/05/trump-desantis-jan6-patriotism/
Clive Robinson •
@ Research Zero, Winter,
Re : Man lays Egg and wees the bed?
“At least he finally admitted he is absolutely terrified of Russia.”
And much else besides.
The pathology of the personality suggests many things that are neither desirable in a leader or in an adult human.
As for scared of you have to ask why he would be in effect “terrified of Russia” and the answer is not for what the state is or it’s ability to create war etc…
No it’s in his past, it’s something he’s done that is either craven, criminal or both. And he’s been recorded doing it in some way.
Something that he could not bluster through, that would destroy not just his political and business life but even his personal life.
In part it accounts for his pathological desire to find the same in others, and where it can not be found create it. Because at heart he believes that all people in his position have similar personal failings and that they can be controlled by such as he can be.
But what would a man apparently without shame, actually be that shameful of?
And at the end of the day that was what the Steel Dossier was all about. Trying to find a pressure point to apply leverage, and that obviously scared the man and I guess that it still hangs over him in his head. Which suggests that he believes there may be evidence of such shame that could or has been found.
So is he in the panty poisonors pocket? or just believes he is? And given his basic pathology what would scare him the most?
Just something for people to speculate on.
But the fact is we know one thing from it, he will in all probability fold like a wet cardboard box if push comes with even a breath of chill wind from the East.
Is that desirable in someone who believes he’s going to be leader of the free world? Especially in times of considerably rising tension on the world stage?
I suspect some will speculate what I think as to a short answer to that question. Even though what they think, may say more about them and their outlook on life, than it does about me.
Winy •
@Clive
Something that he could not bluster through, that would destroy not just his political and business life but even his personal life.
Let’s assume he is a narcissist. Then his biggest fear is falling of the pedestalhe build for himself. That he is shown to be a coward fool.[1]
If there was undeniable footage where he is seen, eg, cowering at the feet of someone begging for something. Or being made fun off big time.
[1] The person he knows he is. People that keep talking about how great they are 24/7 have something to hide.
Winter •
@Clive
Re: compromising material
PS:
Some old news about the Russian interference with Trump:
‘https://www.businessinsider.com/leaked-russia-docs-refer-to-compromising-material-on-trump-guardian-2021-7
Robin •
@Winy: “People that keep talking about how great they are 24/7 have something to hide.”
This is absolutely true. Trump is Exhibit #1, Johnson in the UK is Exhibit #2.
However, we are deep down the rabbit hole, because neither of these people attempt to hide behaviour that most people consider to be so outrageous and so shameful that it would be grist for blackmailers. To paraphrase @Clive above: “men apparently without shame”.
Are they truly without shame or have they cynically reckoned that they can terminally offend the majority, knowing that they can still win in systems that depend on narrow margins, by manipulating the hard of thinking? Johnson appears to have gambled and lost – although there are deranged voices calling on Sunak to bring him back; but Trump looks as if he has at least a sporting chance of coming back.
Robin •
Meanwhile, in France a massive cyberattack has resulted in the data of about 33 million residents being stolen, about 1 in 2 of the population.
Background: for any healthcare treatment in France, the state pays a fraction of the cost and most people also have health insurance to cover the rest. There are businesses that act as the intermediaries between the state administration services and the insurers and it’s these “middlemen” who have been attacked.
The official line is that the data itself is not very sensitive – name, marital status, date of birth, and social security number* – but could lead to phishing attacks, or be used in direct attacks on individuals if combined with other (unspecified) data stolen elsewhere. “Be careful”, says the official spokesperson.
The attack is not well described: it ” … was carried out by usurping the IDs and passwords of healthcare professionals.”
Article (in French):
h xx ps://www.lemonde.fr/pixels/article/2024/02/07/piratage-de-viamedis-et-almerys-les-donnees-de-plus-de-33-millions-de-personnes-concernees-selon-la-cnil_6215292_4408996.html
*which already look quite sensitive to me, but there were no contact details or health status data
Winter •
@Clive, Robin
Re: compromising material
There has been a lot of speculation about the type of material the Kremlin might have on Trump. Let’s do our own speculation. Just for fun.
The original rumors were about a movie with female workers peeing on a matras (see link above). Given their profesion, I assume the video would also show him unclothed.
Now, there have been several such stories, involving eg, Stormy Daniels, minors, and violent abuse. They made Zero impression on The Donald.
The one thing that ever touched a nerve of The Donald was the small hands joke.
What if, the alledged video shows it was true? 😉
What would The Donald all do to suppress it if it did show it to be true?
Clive Robinson •
@ Winter, ResearcherZero, Robin, Winy,
Re : compromising material
“The one thing that ever touched a nerve of The Donald was the small hands joke.”
What is it about Republican Presidents the century and little hands… GWB had that “walk like a cowboy” thing…
In the UK we have a couple of expressions that are shorthand for an observation about phallic compensation by physical status symbol. With the observation being “Big car little ….” And you have,
“Big car syndrome”
As the euphemism for the physical short coming compensation.
So “smaller than a sub compact?” Less than a Smartie EV, perhaps less than an electric unicycle?
It would be embarrassing but I suspect not enough on it’s own. Thus maybe he has some other compensation going such as cross dressing or strapping / caging / binding. Then there is that “golden rain” stuff, maybe he was actually the recipient…
Personally I care not what kinks and swerves that might be involved providing people are not being hurt. Heck we know from history many leaders had them and whilst some were truly appalling others like an ancient Greek having a stable for “Pony Play” were just quirky hobbies in comparison. But then I don’t have any time for “Strong man posing” or “Macho posturing” or any other of that form of compensatory stupidity like having excessive numbers of children. But in certain cultures you find the dumb,
“A man is a man and stands alone at the head of his house”
It’s what some incorrectly call Caveman Culture, it’s actually just an excuse for self entitled effectively unlawful, antisocial, often criminal behaviour.
As the sinister side of,
“Individual Rights v Social Responsibility”
But it’s noticeable that Religion often features strongly for the “deities command” excuses for such unacceptable behaviour. Which brings us back to the “King Game” and the nonsense behind “The Estates of man” that some oh so desperately want to drag us back to. One sign of which is the glorification of the past, and the pretence it gave certainty and predictability to people which an honest appraisal of history indicates was either false or worse than slavery. A major warning sign of such people is their affected status and signs of supposed superiority. Often it’s clothing, that you can or can not wear due to your inherited cast status but there are many other signs that lower casts should grovel on their knees in the dirt before them.
The fact such people hold back mankind and its development and condemn all including themselves to a short brutish life full of pain and little else and will desperately fight to keep it that way, tells you most of what you need to know.
Worse though is that the cast system is a “closed stud breeding” system based around “Strong blood” and “not diluting the blood” notions. Well it gives rise to significant inbreeding and all sorts of genetic problems including whole varieties of madness, as the European Royal Houses and Aristocracy show. And in the case of the Spanish Hapsburgs that truly awful facial deformation and increasing lunacy infertility, and sterility thus cessation of the entire family line…
Do ordinary people want to feel subservient to such aberrations especially give that they are self inflicted by idiocy?
AL •
““What’s going on in the country that a single person thinks this guy would still be a good president when he’s said the things he’s said and done the things he’s done?” Kelly said in a recent interview”
I hate to be caption obvious here, but it is the two party system that relegates 3rd parties into being spoilers only that has a lot of people disillusioned. The elites have figured out how to work this 18th century “democracy”.
What would fix it? Ranked voting, instant runoff, any kind of runoff system. But right now, Trump can win with a plurality.
JonKnowsNothing •
@All
re: Unblockable Phone Numbers
There are no shortages of things in telephony and smartphones that go wrong or can be exploited but there appears to be a new by-pass exploit or new to me.
I heard about this some weeks ago and recently got several of these unblockable number calls.
In the USA, it is illegal not to show Caller ID and Phone Number. Nearly every device will show this, even old POTS handsets with minimal LCD will show the name and number, and if they have the “announcement” feature will audio the name w odd pronunciations of course.
In this case
- the caller is UNKNOWN
- the number is UNKNOWN
Yep, the phone number is not recognized as a phone number. (first hint)
If you do not answer, normally on a smartphone (iPhone), all you get is a Missed Recent Call notice. However, in this case the UNKNOWN caller sends a text msg which is accepted by the phone.
The text message is name UNKNOWN phone UNKNOWN and contains (in my case) what looks like Thai Font Characters, perhaps a word or too in English (eg YES or YEAH), and link to a phone or website; hard to tell which because it is mostly in Thai Font Characters. (second hint)
If you try to use the Block This Caller option on the phone, the phone does not recognize the phone number so the Block Number feature will not work. (third hint)
I contacted the service provider and they told me they cannot block it from their end. (Oh??). They said that anyone who has the smartphone number can sent a text msg and they cannot block that aspect either (Oh???). Their suggestion was to download their “official security app” and use that to block the UNKNOWN from the phone (Really??). They mentioned that their official security app would require access to almost all aspects of the phone (Hmmm??). (fourth hint)
SWAG
This is font-spoofing method that targets the CDR (call detail record) which tracks all calls across the telephony system. CDRs have origination, destination and call duration information. CDRs used to be a common source for the phone call list on bills but as more bills are e-bills and services is all-included, fewer CDRs are consumer printed.
They are used by LEAs and inter-service provider exchanges. They are still used in back end systems.
First, this exploit method allows the exploiter to “make a connection” to a phone. The CDR would record that as source and destination. The next part is the CDR accepts the spoofed info as “blank” or invalid.
The CDR is recording what is supposed to happen in the switch but in this case, the exploiter gets access to the switch while disabling the CDR record of it.
There are a lot of switches on the backbone and a lot of manufacturers. Which ones are susceptible to the exploit is TBD. However this exploit technique is the type that the 3Ls and similar would use discreetly. It seems that 3d party exploiters have it now.
vas pup •
Major provider of landline and wireless service in US – AT@T – did not provide reliable meaning informative service for caller id name in particular even they do know the owner of the incoming phone call.
There is ANI – automatic number identifier with is used by 800 and similar numbers so even *67 will not prevent identification because it is sending verifying ‘ping’ to caller. Many years ago Bruce objected that will all have such feature to protect victims of home abused hiding from their violent spouse. Sorry, I don’t buy this argument. Moreover, I still can’t get technical problem when voice mail on your cell phone is not stored on your phone as text message not on provider server and you need call them to listen to it.
I guess such app will be in demand if some shadow forces behind will prevent its development and implementation.
vas pup •
Cybersecurity unicorn Wiz eyes major expansion, public stock offering
https://www.timesofisrael.com/cybersecurity-unicorn-wiz-eyes-major-expansion-public-stock-offering/
“US-Israeli cloud security unicorn Wiz on Monday announced a hiring plan, as the startup embarks on a revenue growth path and eyes a public stock offering.
Wiz said it is planning to add another 400 employees over the coming year, and increase its headcount in Israel, the US, Europe, and Asia-Pacific. Headquartered in New York, the Israeli-founded software startup employs 900 people, out of which at least 150 currently work in Israel.
Considered one of the fastest-growing software startups, Wiz said it has reached $350 million in annual recurring revenue (ARR) in 2023 in less than four years and had set itself a goal to get to $1 billion.
For its growth plan, Wiz said it hired Dali Rajic as president and chief operating officer to help the startup prepare for an IPO. Rajic, an industry veteran last served as chief operating officer and president of Nasdaq-listed cyber security firm Zscaler.”
ResearcherZero •
@ALL
Physical fear is also common among people who pretend they are not cowards, and the fear of people finding out that they in fact are. The obsession with the control of public perception of one’s own public image, is often a more powerful force than reality itself.
Compromising material revealing the true nature of an individual might invoke similar fear.
Plus all that kompromat in their dosier… 😉
“specific informational triggers to create the emotions necessary to think, and act, in a desired way”…
The mere idea of it’s existence, and the resulting invocation of self doubt might suffice.
–
‘https://www.news.com.au/technology/online/internet/us-texit-war-threat-being-stoked-by-russia/news-story/f7b01575b7a75d9831a21af8f753c89b
The campaign led to sanctions by the EU last summer on two Russian IT companies, Structura National Technologies and Social Design Agency, over their involvement in it. According to US authorities, the two companies are believed to be responsible for a similar Russian disinformation campaign in Latin America.
https://www.theguardian.com/world/2024/jan/26/germany-unearths-pro-russia-disinformation-campaign-on-x
A leaked Kremlin memo told Russian media that it is “essential” to use more Carlson segments in their coverage. 😉
‘https://www.mediamatters.org/tucker-carlson/tucker-carlsons-upcoming-interview-putin-tracks-his-long-history-pro-kremlin
It disqualifies anyone who took an oath and then “engaged in insurrection or rebellion against the same, or given aid or comfort to the enemies thereof.”
‘https://hls.harvard.edu/today/does-the-14th-amendment-bar-donald-trump-from-running-for-president/
The briefs underscore the impression that this will be a case for the ages and one of the toughest in the court’s history.
https://www.latimes.com/opinion/story/2024-01-25/donald-trump-supreme-court-14th-amendment-section-3-amicus-briefs-harry-litman
ResearcherZero •
@Clive
It’s essentially what you were commenting on. Pressure points, and triggering them. The closer to home the better. They are very good at it. I’ve seen it in action. Impressive.
–
“After 400 computers and servers were shut down, we worked mostly on paper.”
‘https://www.bleepingcomputer.com/news/security/ransomware-attack-forces-21-romanian-hospitals-to-go-offline/
Cyberattacks on hospitals and health care organizations more than doubled in 2023, impacting over 39 million people in the first half of 2023.
‘https://www.wired.com/story/cybersecurity-marginalized-communities-problem/
“This evidence supports calls for more protection of medical care and civilians and highlights the need for further investigation of damage to protected civilian infrastructure.”
‘https://gh.bmj.com/content/9/2/e014768
–
A Florida man threatened election workers by asking at a polling place: “should I kill them one by one or should I blow the place up?”
Harassment includes ‘swatting’ calls to falsely report emergencies. (One in six election workers have experienced threats because of their job)
‘https://eu.usatoday.com/story/news/politics/2024/02/03/threats-against-election-workers/72328609007/
The officials at the conference never blamed either political party for the problems they’re facing, and they frequently couched their comments with emphatic statements about their commitment to nonpartisanship.
https://www.politico.com/news/2024/01/16/election-officials-fears-2024-00135378
“The partiality of our consciences, our inability to care about all who have a proper claim upon our care, is not the result of a constraint upon our budgets, or more generally upon our institutions of politics and government. It is the result of a constraint upon our imaginations.”
“Ethical principles are most commonly ascribed to the operations of reason, but we need to remind ourselves of the role of the imagination in moral action. Without the imagination, we would act only against wrongs that we ourselves have endured. We would be prisoners of our experience—which is to say, the experience of people less lucky than ourselves would be incomprehensible to us.”
‘https://www.brookings.edu/articles/how-voters-personal-suffering-overtook-reason-and-brought-us-donald-trump/
ResearcherZero •
@Clive
Keywords dropped in an interview to trigger the target, keep the pressure on.
–
We don’t do ‘outcomes’ over here, so the snake continually eats it’s own tail. There is an old joke, if the police discover a murder during an investigation, they often drop it. 🙂
JonKnowsNothing •
@vas pup, All
re: I don’t buy it – either
It’s been a while so please ignore any inconsistencies…
Consider how telephony path works in modern equipment
Handset –> Router/Switch/Gateway …. gateway/switch/router <– handset
However, in modern systems, what is transmitted is not a single threaded link conversation Handset-handset, but a mix of many conversations sliced and diced and bundled up and transmitted at high speed through the bulk of equipment in the middle. On the far end the destination packets are sifted out and passed on to the receiving handset.
All along the pathway, the originator and receiver have to be known in order to get to the destination. Any errors in the packet will be kicked with a retry response.
Along the pathway various parts of a CDR are pulled by the owners of the middle equipment. This is for FTC network neutrality reports. They know which carriers are sending stuff into their systems and where the stuff is going. Any errors would be kicked with a retry response.
As the data is moving back and forth with ACK and NAK responses and various metrics as required in the USA for the performance of this equipment, the packets are inspected for segment validations. This is VOIP, Voice over IP, which dices up audio of the voice into a binary data packet. As the packets transit the system, the sender’s system gets data ACK and NAK as to how the connection is working. At any point the connection can be shifted to a different middle configuration by traffic analysis systems.
- you cannot get there from here, unless you know where here is, and know where there is.
If someone has found a way to exploit the entire chain of router/switch/gateway to remove the required source and destination information from the data packet and transit sequence, that would be new news indeed.
The arcane aspects of switches and gateways are so complex that even bonafide experts do not know all the interactions.
ResearcherZero •
@JonKnowsNothing
“But that is impossible Sonny! They’d need some type of additional physical cable…”
Like in the days of vaporous exhalation formerly believed to cause disease. It’s pretty surprising who isn’t paying attention to those kinds of details either, or the equipment.
ResearcherZero •
collection efficiencies of ∼70% at NAs as low as 0.5
“an important step toward on-chip integration of single-photon sources at room temperature. Excellent photon directionality is achieved with a hybrid metal–dielectric bullseye antenna, while back-excitation is permitted by placement of the emitter in a subwavelength hole positioned at its center. The unique design enables a direct back-excitation and very efficient front coupling of emission either to a low numerical aperture (NA) optics or directly to an optical fiber.”
‘https://pubs.acs.org/doi/10.1021/acs.nanolett.3c03672
–
‘https://medicalxpress.com/news/2024-02-older-adults-decision-scams.html
“Young adults, who see their lives stretching ahead of them, tend to prioritise future-oriented goals such as gaining knowledge. Older adults with shorter time horizons are motivated to prioritise present-focused goals such as emotional satisfaction and positivity.”
‘https://theconversation.com/the-trust-trap-why-older-australians-are-more-trusting-and-what-that-means-for-them-119092
AL •
@ResearcherZero
“It disqualifies anyone who took an oath …”
The one problem I see is, in addition to the amendment, there is also a law that covers the same thing. That would be this law.
https://www.law.cornell.edu/uscode/text/18/2383
Now there is a prosecution against Trump related to Jan 6th, but I’m hearing that there is no charge under 18 U.S. Code § 2383 – Rebellion or insurrection.
So, if we’re leaving a jury out of this, who has the standing to decide whether Trump is disqualified? Trump’s lawyers is using the lack of a prosecution under this statute as a reason why he shouldn’t be deemed ineligible to hold office.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Original Post URL: https://www.schneier.com/blog/archives/2024/02/friday-squid-blogging-a-penguin-named-squid.html
Category & Tags: Uncategorized,squid – Uncategorized,squid
