Asian Windows Bootleggers Now WannaCry....,

NYTimes |  China, India and Russia were among the countries most affected by the ransomware attack, according to the Moscow-based computer security firm Kaspersky Lab. The three countries are also big sources of pirated software. A study last year by BSA, a trade association of software vendors, found that in China, the share of unlicensed software reached 70 percent in 2015. Russia, with a rate of 64 percent, and India, with 58 percent, were close behind.

Zhu Huanjie, who is studying network engineering in the city of Hangzhou, blamed a number of ills for the spread of the attack, like the lack of security on school networks. But he said piracy was also a factor. Many users, he said, did not update their software to get the latest safety features because of a fear that their copies would be damaged or locked, while universities offered only older, pirated versions.

“Most of the schools are now all using pirate software, including operation system and professional software,” he said, adding: “In China, the Windows that most people are using is still pirated. This is just the way it is.”

On Monday, some Chinese institutions were still moving to clean out computer systems jammed by the attack, which initially struck on Friday and spread across the world. Prestigious research institutions like Tsinghua University were affected, as were major companies like China Telecom and Hainan Airlines.

China’s securities regulator said it had taken down its network to try to ensure it would not be affected, and the country’s banking regulator warned lenders to be cautious when dealing with the malicious software, which locked users out of their computers and demanded payment to allow them back in.

Police stations and local security offices reported problems on social media, while students at universities reported being locked out of final thesis papers. Electronic payment systems at gas stations run by the state oil giant PetroChina were cut off for much of the weekend. Over all, according to the official state television broadcaster, about 40,000 institutions were hit. Separately, the Chinese security company Qihoo 360 reported that computers at more than 29,000 organizations had been infected.

If those behind the ransomware attack profited from the hacking, they may have figured out how to do something that has been beyond Microsoft: making money from Windows in China. Microsoft and other Western companies have complained for years that a large majority of the computers running their software are using pirated versions.

Microsoft Whines About an "Urgent Collective Need" to Fix Its Stinking Isht...,

Microsoft |  This attack demonstrates the degree to which cybersecurity has become a shared responsibility between tech companies and customers. The fact that so many computers remained vulnerable two months after the release of a patch illustrates this aspect. As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems. Otherwise they’re literally fighting the problems of the present with tools from the past. This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone, and it’s something every top executive should support.

At the same time, we have a clear understanding of the complexity and diversity of today’s IT infrastructure, and how updates can be a formidable practical challenge for many customers. Today, we use robust testing and analytics to enable rapid updates into IT infrastructure, and we are dedicated to developing further steps to help ensure security updates are applied immediately to all IT environments.

Finally, this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.

The governments of the world should treat this attack as a wake-up call. They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world. We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits. This is one reason we called in February for a new “Digital Geneva Convention” to govern these issues, including a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them. And it’s why we’ve pledged our support for defending every customer everywhere in the face of cyberattacks, regardless of their nationality. This weekend, whether it’s in London, New York, Moscow, Delhi, Sao Paulo, or Beijing, we’re putting this principle into action and working with customers around the world.

Ransomware "Attack" a Self-Licking Ice Cream Cone

washingtonsblog |  What should we make of the global ransomware attacks which happened today?

We’ve documented that the intelligence services intentionally create digital vulnerabilities, then intentionally leave them open … leaving us exposed and insecure.

Washington’s Blog asked the highest level NSA whistleblower ever* – Bill Binney – what he thinks of the attacks.

Binney told us:

This is what I called short sighted finite thinking on the part of the Intelligence Community managers.
This is also what I called (for some years now) a swindle of the tax payers. First, they find or create weaknesses then they don’t fix these weaknesses so we are all vulnerable to attack.
Then, when attacks occur, they say they need more money for cyber security — a total swindle!!! [Indeed.]
This is only the second swindle of the public. The first was terror efforts by saying we need to collect everything to stop terror — another lie. They said that because to collect everything takes lots and lots of money.
Then, when the terror attack occurs, they say they need more money, people and data to stop terror. Another swindle from the start. [The war on terror is a “self-licking ice cream cone”, because it creates many more terrorists than it stops.]
And, finally, the latest swindle “THE RUSSIANS DID IT.” This is an effort to start a new cold war which means another bigger swindle of US tax payers.

For cyber security, I would suggest the president order NSA, CIA and any others to fix the cyber problems they know about; then, maybe we will start to have some cyber security.

The bottom line is that our intelligence services should start concentrating on actually defending us, rather than focusing their resources on offensive mischief.

Who is to Blame for Compromising Computers with Obsolete Operating Systems?

theduran |  A widespread computer virus attack known as ‘WannaCry’ has been compromising computers with obsolete operating systems across the world. This should be the opening sentence of just about every article on this subject, but unfortunately it is not.

The virus does not attack modern computer operating systems, it is designed to attack the Windows XP operating system that is so old, it was likely used in offices in the World Trade Center prior to September 11 2001, when the buildings collapsed. Windows XP was first released on 25 August, 2001.

Furthermore, early vulnerabilities in modern Windows systems were almost instantly patched up by Microsoft as per the fact that such operating systems are constantly updated.

The obsolete XP system is simply out of the loop.

A child born on the release date of Windows XP is now on the verge of his or her 17th birthday. Feeling old yet?

The fact of the matter is that governments and businesses around the world should not only feel old, they should feel humiliated and disgraced.

With the amount of money governments tax individuals and private entities, it is beyond belief that government organisations ranging from some computers in the Russian Interior Ministry to virtually all computers in Britain’s National Health Service, should be using an operating system so obsolete that its manufacturer, Microsoft, no longer supports it and hasn’t done for some time.

Military-Backed Criminal Superhacking Looks Like....,

arstechnica |  A highly virulent new strain of self-replicating ransomware shut down computers all over the world, in part by appropriating a National Security Agency exploit that was publicly released last month by the mysterious group calling itself Shadow Brokers.

The malware, known as Wanna, Wannacry, or Wcry, has infected at least 75,000 computers, according to antivirus provider Avast. AV provider Kaspersky Lab said organizations in at least 74 countries have been affected, with Russia being disproportionately affected, followed by Ukraine, India, and Taiwan. Infections are also spreading through the United States. The malware is notable for its multi-lingual ransom demands, which support more than two-dozen languages.

Wcry is reportedly causing disruptions at banks, hospitals, telecommunications services, train stations, and other mission-critical organizations in multiple countries, including the UK, Spain, Germany, and Turkey. FedEx, the UK government's National Health Service, and Spanish telecom Telefonica have all been hit. The Spanish CERT has called it a "massive ransomware attack" that is encrypting all the files of entire networks and spreading laterally through organizations.

The virally spreading worm was ultimately stopped when a researcher who uses the Twitter handle MalwareTech and works for security firm Kryptos Logic took control of a domain name that was hard-coded into the self-replicating exploit. The domain registration, which occurred around 6 AM California time, was a major stroke of good luck, because it was possible only because the attackers had failed to obtain the address first.

The address appeared to serve as a sort of kill switch the attackers could use to terminate the campaign. MalwareTech's registration had the effect of ending the attacks that had started earlier Friday morning in other parts of the world. As a result, the number of infection detections plateaued dramatically in the hours following the registration. It had no effect on WCry infections that were initiated through earlier campaigns.

Shadow Brokers Hit NSA a Devastating Lick

Don't forget I told you cats about the NSA creep-tip two years ago, and gave you a concrete specific recommendation for shoring up your end-point game to protect at least a little something...,

FP |  Weaver believes that when the Shadow Brokers published a broad list of the tools in their possession in January, hoping to auction them off, the NSA moved quickly.

The NSA “did clearly, quietly tell Microsoft,” Weaver said, allowing the company to repair the holes before script kiddies and criminal hackers started figuring out the specifics of the exploits.

Microsoft published a massive patch exactly a month before the Shadow Brokers unleashed its trove.

Neither Microsoft nor the NSA immediately responded to a request for comment.

Before Microsoft revealed it had patched most of the holes, the Shadow Brokers’ release reignited the debate about when government agencies should be required to disclose vulnerabilities it finds in such major products as devices and browsers.

The White House’s Vulnerabilities Equities Process, which determines whether those flaws should be shared with the company in order to be repaired, or taken advantage of by intelligence agencies, was reinvigorated in 2014. The process involves several major agencies, which consider the likelihood that other nation states or criminal actors would come across the same flaws.

It’s unclear, however, which agencies are involved in the process and how those decisions are made. The agencies are not required to disclose vulnerabilities purchased or researched through government sponsorship. If the NSA told Microsoft about the tools, it was because the agency knew or suspected the vulnerabilities had been compromised.

Intelligence officials see the latest Shadow Brokers release as part of a larger erosion of capabilities that has been going on since 2013, when former NSA contractor Edward Snowden gave journalists internal NSA documents. Snowden’s leak kicked off a chain of damaging exposures that, while sparking an important worldwide debate about privacy, severely damaged U.S. intelligence capabilities, the former intelligence official argued.

One former TAO employee who spoke with Foreign Policy believes the release is “a bit dated,” because hacking tools to access more current Windows projects and other browsers weren’t included.

“It is a significant leak. … It gets harder to develop tools as defenses improve,” the former TAO employee said. “But it’s still entirely possible. There are many bugs to be found.”

But the intelligence community’s ability to keep those bugs secret for any amount of time continues to be questioned. In this latest leak, detailed NSA notes and work product were included in addition to technical details about the hacking tools — likely indicating deep-level access to TAO troves. “This should be on an NSA computer only,” Weaver told Foreign Policy.

The details the Shadow Brokers revealed are “scary,” the former cyberintelligence employee said, details that must be from internal emails, chat logs, or insider knowledge.

Only a handful of countries could have pilfered such sensitive material from the NSA remotely, the former TAO employee wrote, Russia and Israel the mostly likely among them.

“If it was an inside job like an operator [typically military] walking out with a thumb drive, then who knows,” the former TAO source wrote.

In recent years, the intelligence community has largely failed to detect insider threats and stem leaks from contractors. Thousands of private companies and their employees make up a massive percentage of the intelligence community’s workforce. As of a decade ago, about 70 percent of the intelligence community’s budget was spent on contracts, according to the Congressional Research Service.

Wikileaks Vault 7 Marble Framework

wikileaks | Today, March 31st 2017, WikiLeaks releases Vault 7 "Marble" -- 676 source code files for the CIA's secret anti-forensic Marble Framework. Marble is used to hamper forensic investigators and anti-virus companies from attributing viruses, trojans and hacking attacks to the CIA.

Marble does this by hiding ("obfuscating") text fragments used in CIA malware from visual inspection. This is the digital equivallent of a specalized CIA tool to place covers over the english language text on U.S. produced weapons systems before giving them to insurgents secretly backed by the CIA.

Marble forms part of the CIA's anti-forensics approach and the CIA's Core Library of malware code. It is "[D]esigned to allow for flexible and easy-to-use obfuscation" as "string obfuscation algorithms (especially those that are unique) are often used to link malware to a specific developer or development shop."

The Marble source code also includes a deobfuscator to reverse CIA text obfuscation. Combined with the revealed obfuscation techniques, a pattern or signature emerges which can assist forensic investigators attribute previous hacking attacks and viruses to the CIA. Marble was in use at the CIA during 2016. It reached 1.0 in 2015.

The source code shows that Marble has test examples not just in English but also in Chinese, Russian, Korean, Arabic and Farsi. This would permit a forensic attribution double game, for example by pretending that the spoken language of the malware creator was not American English, but Chinese, but then showing attempts to conceal the use of Chinese, drawing forensic investigators even more strongly to the wrong conclusion, --- but there are other possibilities, such as hiding fake error messages.

The Marble Framework is used for obfuscation only and does not contain any vulnerabilties or exploits by itself.

Intelligence Agencies DID Spy on Trump

washingtonsblog |  Washington’s Blog asked the highest-level NSA whistleblower in history – Bill Binney – whether he thought Trump had been bugged.

Binney is the NSA executive who created the agency’s mass surveillance program for digital information, who served as the senior technical director within the agency, who managed six thousand NSA employees.

He was a 36-year NSA veteran widely regarded as a “legend” within the agency and the NSA’s best-ever analyst and code-breaker.

Binney also mapped out the Soviet command-and-control structure before anyone else knew how, and so predicted Soviet invasions before they happened (“in the 1970s, he decrypted the Soviet Union’s command system, which provided the US and its allies with real-time surveillance of all Soviet troop movements and Russian atomic weapons”).

Binney told Washington’s Blog:

NSA has all the data through the Upstream programs (Fairview/Stormbrew/Blarney)  [background] and backed up by second and some third party country collection.

Plus the FBI and CIA plus others, as of the last month of the Obama administration, have direct access to all the NSA collection (metadata and content on phones,email and banking/credit cards etc.) with no attempt at oversight by anybody [background]. This is all done under Executive Order 12333 [the order which allows unlimited spying no matter what intelligence officials claim] ….
FBI would only ask for a warrant if they wanted to be able to take it into court at some point given they have something meaningful as evidence. This is clearly true given the fact the President Trump’s phone conversations with other country leaders were leaked to the mainstream media.

In other words, Binney is saying that Trumps phones were bugged by the NSA without a warrant – remember, top NSA whistleblowers have previously explained that the NSA is spying on virtually all of the digital communications of Americans. – and the NSA shared the raw data with the CIA, FBI and other agencies.

If the FBI obtained a warrant to tap Trump’s phone, it was a “parallel construction” to “launder” improperly-gained evidence through acceptable channels.

China's Deep Learning Edge

theatlantic |  China’s rapid rise up the ranks of AI research has people taking notice. In October, the Obama White House released a “strategic plan” for AI research, which noted that the U.S. no longer leads the world in journal articles on “deep learning,” a particularly hot subset of AI research right now. The country that had overtaken the U.S.? China, of course.

It’s not just academic research. Chinese tech companies are betting on AI, too. Baidu (a Chinese search-engine company often likened to Google), Didi (often likened to Uber), and Tencent (maker of the mega-popular messaging app WeChat) have all set up their own AI research labs. With millions of customers, these companies have access to the huge amount of data that training AI to detect patterns requires.

Like the Microsofts and Googles of the world, Chinese tech companies see enormous potential in AI. It could undergird a whole set of transformative technologies in the coming decades, from facial recognition to autonomous cars.“I have a hard time thinking of an industry we cannot transform with AI,” says Andrew Ng, chief scientist at Baidu. Ng previously cofounded Coursera and Google Brain, the company’s deep learning project. Now he directs Baidu’s AI research out of Sunnyvale, California, right in Silicon Valley.

breaching the corporate media barrier - by any means necessary...,

unz |  Once we recognize that weakening the media is a primary strategic goal, an obvious corollary is that other anti-establishment groups facing the same challenges become natural, if perhaps temporary, allies.

Such unexpected tactical alliances may drawn from across a wide range of different political and ideological perspectives—Left, Right, or otherwise—and despite the component groups having longer-term goals that are orthogonal or even conflicting. So long as all such elements in the coalition recognize that the hostile media is their most immediate adversary, they can cooperate on their common effort, while actually gaining additional credibility and attention by the very fact that they sharply disagree on so many other matters.

The media is enormously powerful and exercises control over a vast expanse of intellectual territory. But such ubiquitous influence also ensures that its local adversaries are therefore numerous and widespread, all being bitterly opposed to the hostile media they face on their own particular issues. By analogy, a large and powerful empire is frequently brought down by a broad alliance of many disparate rebellious factions, each having unrelated goals, which together overwhelm the imperial defenses by attacking simultaneously at multiple different locations.

A crucial aspect enabling such a rebel alliance is the typically narrow focus of each particular constituent member. Most groups or individuals opposing establishment positions tend to be ideologically zealous about one particular issue or perhaps a small handful, while being much less interested in others. Given the total suppression of their views at the hands of the mainstream media, any venue in which their unorthodox perspectives are provided reasonably fair and equal treatment rather than ridiculed and denigrated tends to inspire considerable enthusiasm and loyalty on their part. 

So although they may have quite conventional views on most other matters, causing them to regard contrary views with the same skepticism or unease as might anyone else, they will usually be willing to suppress their criticism at such wider heterodoxy so long as other members of their alliance are willing to return that favor on their own topics of primary interest.

first network hacking tool I ever saw came out of the U.S. Navy...,

NYTimes |  Imagine receiving a phone call from your aging mother seeking your help because she has forgotten her banking password.

Except it’s not your mother. The voice on the other end of the phone call just sounds deceptively like her.

It is actually a computer-synthesized voice, a tour-de-force of artificial intelligence technology that has been crafted to make it possible for someone to masquerade via the telephone.

Such a situation is still science fiction — but just barely. It is also the future of crime.

The software components necessary to make such masking technology widely accessible are advancing rapidly. Recently, for example, DeepMind, the Alphabet subsidiary known for a program that has bested some of the top human players in the board game Go, announced that it had designed a program that “mimics any human voice and which sounds more natural than the best existing text-to-speech systems, reducing the gap with human performance by over 50 percent.”

The irony, of course, is that this year the computer security industry, with $75 billion in annual revenue, has started to talk about how machine learning and pattern recognition techniques will improve the woeful state of computer security.

But there is a downside.

“The thing people don’t get is that cybercrime is becoming automated and it is scaling exponentially,” said Marc Goodman, a law enforcement agency adviser and the author of “Future Crimes.” He added, “This is not about Matthew Broderick hacking from his basement,” a reference to the 1983 movie “War Games.”

The alarm about malevolent use of advanced artificial intelligence technologies was sounded earlier this year by James R. Clapper, the director of National Intelligence. In his annual review of security, Mr. Clapper underscored the point that while A.I. systems would make some things easier, they would also expand the vulnerabilities of the online world.

the little-known company that enables worldwide mass surveillance

theintercept |  Endace says it manufactures technology that allows its clients to “monitor, intercept and capture 100% of traffic on networks.” The Auckland-based company’s motto is “power to see all” and its logo is an eye.

The company’s origins can be traced back to Waikato University in Hamilton, New Zealand. There, in 1994, a team of professors and researchers began developing network monitoring technology using university resources. A central aim of the project was to find ways to measure different kinds of data on the internet, which was at that time only just beginning to take off. Within a few years, the academics’ efforts proved successful; they had managed to invent pioneering network monitoring tools. By 2001, the group behind the research started commercializing the technology — and Endace was formed.

Today, Endace presents itself publicly as focused on providing technology that helps companies and governments keep their networks secure. But in the past decade, it has quietly entered into a burgeoning global spy industry that is worth in excess of an estimated $5 billion annually.

In 2007, Endace representatives promoted their technology at a huge surveillance technology trade show in Dubai that was attended by dozens of government agencies from across the world. Endace’s advertising brochures from the show, which described the company’s products and promoted the need for greater state surveillance, were published by WikiLeaks in 2013.

One Endace brochure explained how the company’s technology could help clients “monitor all network traffic inexpensively.” It noted that telecommunications networks carry many types of information: Skype calls, videos, emails, and instant message chats. “These networks provide rich intelligence for law enforcement,” the brochure stated, “IF they can be accessed securely and with high precision.”

DNC THOTing and Plotting Put Out on Front Street

guccifer2 |  Worldwide known cyber security company CrowdStrike announced that the Democratic National Committee (DNC) servers had been hacked by “sophisticated” hacker groups.

I’m very pleased the company appreciated my skills so highly))) But in fact, it was easy, very easy.

Guccifer may have been the first one who penetrated Hillary Clinton’s and other Democrats’ mail servers. But he certainly wasn’t the last. No wonder any other hacker could easily get access to the DNC’s servers.

Shame on CrowdStrike: Do you think I’ve been in the DNC’s networks for almost a year and saved only 2 documents? Do you really believe it?

Here are just a few docs from many thousands I extracted when hacking into DNC’s network.

They mentioned a leaked database on Donald Trump. Did they mean this one?

the minecraft generation

NYTimes |  Since its release seven years ago, Minecraft has become a global sensation, captivating a generation of children. There are over 100 million registered players, and it’s now the third-best-­selling video game in history, after Tetris and Wii Sports. In 2014, Microsoft bought Minecraft — and Mojang, the Swedish game studio behind it — for $2.5 billion.

There have been blockbuster games before, of course. But as Jordan’s experience suggests — and as parents peering over their children’s shoulders sense — Minecraft is a different sort of phenomenon.

For one thing, it doesn’t really feel like a game. It’s more like a destination, a technical tool, a cultural scene, or all three put together: a place where kids engineer complex machines, shoot videos of their escapades that they post on YouTube, make art and set up servers, online versions of the game where they can hang out with friends. It’s a world of trial and error and constant discovery, stuffed with byzantine secrets, obscure text commands and hidden recipes. And it runs completely counter to most modern computing trends. Where companies like Apple and Microsoft and Google want our computers to be easy to manipulate — designing point-and-click interfaces under the assumption that it’s best to conceal from the average user how the computer works — Minecraft encourages kids to get under the hood, break things, fix them and turn mooshrooms into random-­number generators. It invites them to tinker.

In this way, Minecraft culture is a throwback to the heady early days of the digital age. In the late ’70s and ’80s, the arrival of personal computers like the Commodore 64 gave rise to the first generation of kids fluent in computation. They learned to program in Basic, to write software that they swapped excitedly with their peers. It was a playful renaissance that eerily parallels the embrace of Minecraft by today’s youth. As Ian Bogost, a game designer and professor of media studies at Georgia Tech, puts it, Minecraft may well be this generation’s personal computer.

At a time when even the president is urging kids to learn to code, Minecraft has become a stealth gateway to the fundamentals, and the pleasures, of computer science. Those kids of the ’70s and ’80s grew up to become the architects of our modern digital world, with all its allures and perils. What will the Minecraft generation become?

“Children,” the social critic Walter Benjamin wrote in 1924, “are particularly fond of haunting any site where things are being visibly worked on. They are irresistibly drawn by the detritus generated by building, gardening, housework, tailoring or carpentry.”

"Do you recall visiting prostitutes? Mr Cruz?"

predictably, anonymous gots no beef with Mr. Miracle...,

Guardian |  The ripple effects of Donald Trump’s presidential candidacy have led to a civil war in the Republican party. But they have also had the unexpected consequence of leading to a subterranean civil war within Anonymous, the mysterious hacking collective.

Most of the political operations targeted by Anonymous – including the Church of Scientology, Isis and the KKK – have instigated some level of internal dispute among people claiming to be part of Anonymous. But when the group announced their next target would be the Trump campaign, it set off the most heated debate yet within the movement – which has no leader and no specific set of aims.

Many disavowed the anti-Trump operation as being counter to Anonymous’s tradition of not taking sides in political contests. (A previous operation against Trump was similarly derailed, albeit on a smaller scale, when another hacker calling himself Black Mafia wrested control of the Twitter account.)

Others have even alleged the movement is being hijacked by either campaign operatives or activists trying to co-opt Anonymous for their own political ends. On 15 March, a video was released. 

“We are feeling deeply concerned about an operation that was launched in our name – the so-called Operation Trump,” says the video, which, in classic Anonymous style, is narrated by a disembodied computerised voice.

“We – Anonymous – are warning you about the lies and deceits pushed under our banner,” the voice continues.

UCOP doesn't have to listen to protest crap given our panoptic capacity to listen to ALL YOUR CRAP...,

utotherescue |  The San Francisco Chronicle has coverage of an issue that has been circulating on faculty email networks at UC Berkeley for a few days.  The piece, "Cal professors fear UC bosses will snoop on them," is behind a paywall. The first sentence reads, "UC Berkeley faculty members are buzzing over news that University of California President Janet Napolitano ordered the installation of computer hardware capable of monitoring all e-mails going in and out of the UC system."   UC's Chief Operating Officer says "that UC policy “forbids the university from using such data for nonsecurity purposes.”  UC Berkeley's Senate chair replies, "What has upset a lot of the faculty was that the surveillance was put in place without consulting the faculty. In fact, the people installing the system were under strict instructions not to reveal it was taking place."  On the blog's Facebook page, we've had some debate about how new this capability is, with some faculty from various universities saying they've always assumed their university email could be monitored at any time, and others saying this is a new level of intrusion.

Here are two communications from UC Berkeley faculty, one about how faculty there came to know about the program, and the other a timeline of events.

JOHN MCAFEE: The NSA's back door has given every US secret to our enemies

BI |  Deng Xiaoping, in 1979 - his second year as supreme leader of China - perceived a fundamental truth that has yet to be fully grasped by most Western leaders: Software, if properly weaponized, could be far more destructive than any nuclear arsenal.

Under Deng’s leadership, China began one of the most ambitious and sophisticated meta- software development programs ever undertaken.

And what is meta-software? It's the one science that the entire Western World has entirely overlooked. It is a high level set of principles for developing software that are imperative if a nation is to survive in a cyberwar.

For example, programmers must constantly be audited. Every line of code written by every programmer is audited by two senior programmers, and these auditors are rotated each month and the same two are never paired more than once. You will see very clearly, later in this article, why such a principle is vital to a society’s survival.

Another principal is that back doors into software can never, under any circumstances, be allowed. Under Deng Xiaoping, the penalty for back doors, and for violating any of the meta- software principles, was death.

I will give an example of what happens in the real world when back doors are put into software. On December 17th of last year, Juniper Networks - a major provider of secure network systems, who's customers include nearly every US government agency, announced that it had discovered two “unauthorized” back doors in its systems.

For those of my readers who do not understand how back doors are created - they can only be created by the manufacturers of the software. There is, absolutely, no other way.

So, the company had to have a rogue employee in the software development department. This much is clear.

It will also be clear, if you continue reading, who placed the rogue employee within Juniper Networks and why.

the masonic militarized overseer militia got publicly depants'd last week...,

motherboard |  All that rich booty first (be sure to get your copy - narrative summary below)

Documents related to a US police association have been dumped online, as well as a database of personal information and member-only forum backup.

The affected organisation is the “Fraternal Order of Police” (FOP), which describes itself as “the world's largest organization of sworn law enforcement officers, with more than 325,000 members in more than 2,100 lodges.”

“We have learned today that our data system has been hacked by the Group known as Anonymous,” said a statement posted on Facebook by the FOP national president Chuck Canterbury on Thursday. The attack “appears to have originated outside of the United States,” the statement continued.

It’s unclear why Canterbury attributed the hack to Anonymous. There is nothing in the dump that suggests someone acting under the Anonymous umbrella was involved.

The dump itself includes hundreds of documents, many of which are so-called “agreements” between US cities and law enforcement associations or lodges of the FOP. These touch on everything from holiday pay to motorcycle cleaning, sick leave, and purchasing of department badges, and date back to 2006. A few text files containing snippets of emails are also in the dump. The files also include a database sourced from the “Grand Lodge,” the national part of the organization, and a backup of the group's forum.

russia perfected its kung fu while uhmurkah uselessly shot its wad in the desert...,

fp |  It comes at different times, and in different forms. But as they have charted the war in southeast Ukraine over the past year, drones flown by the Organization for Security and Co-operation in Europe have run into the same problem: Russian troops on the ground are jamming them into virtual blindness.

It’s just one part of a sophisticated Russian electronic warfare (EW) effort in Ukraine that has proved a sobering experience for the U.S. Army. Faced with how the newly modernized Russian army is operating in Ukraine and Syria — using equipment like the Krasukha-4, which jams radar and aircraft —American military officials are being forced to admit they’re scrambling to catch up.

Lt. Gen. Ben Hodges, commander of U.S. Army units in Europe, hasdescribed Russian EW capabilities in Ukraine as “eye-watering.” Ronald Pontius, deputy to Army Cyber Command’s chief, Lt. Gen. Edward Cardon, told a conference this month that “you can’t but come to the conclusion that we’re not making progress at the pace the threat demands.”

The electronic war was on display from the start of the Russian incursion into Crimea in the spring of 2014. Not long after Russian EW equipment began rolling into the region, Ukrainian troops began to find that their radios and phones were unusable for hours at a time. Meanwhile, the Organization for Security and Co-operation in Europe, an international conflict-monitoring group, has consistently reported that its drones watching the conflict in eastern Ukraine have been “subject to military-grade GPS jamming,” forcing monitors to scrub missions taking stock of the war below.

At the forefront of the push to get the U.S. Army up to speed is Col. Jeffrey Church, the Army’s chief of electronic warfare. But it won’t be easy. Dealing with falling budgets, a lack of EW equipment, and a force that is shrinking by tens of thousands of troops, Church says that he has managed to train only a few hundred soldiers — a fraction of the EW forces that are fielded by potential adversaries like Russia and China.

“They have companies, they have battalions, they have brigades that are dedicated to the electronic warfare mission,” Church said in an interview with Foreign Policy. Those units are deploying “with specific electronic warfare equipment, with specific electronic warfare chains of command,” he said.

Currently, 813 soldiers make up the Army’s EW mission, for which just over 1,000 positions have been authorized. And other Army units are guarding against Church’s attempts to peel away soldiers from their ranks to join his. The staffing squeeze is only expected to get worse as the overall Army contracts: At its peak during the wars in Iraq and Afghanistan, the Army had about 570,000 soldiers; it is on pace to be down to 450,000 by the end of 2017. That number could slide even further, to 420,000 over the next several years, if Washington deadlocks over a long-term budget deal in the coming months.

At the moment, U.S. Army battalions typically assign two soldiers to the EW mission, and they will “have to do 24-hour operations” in battle against sophisticated enemies, Church said. That includes planning and coordinating with other battalion units as well as ensuring that their own jammers and advanced communications tools are working. “There’s too much to do for those guys in a battalion,” Church said. “So how do you maintain in a high-intensity environment against a peer enemy?”