Showing posts with label count zero. Show all posts
Showing posts with label count zero. Show all posts

Monday, September 18, 2023

Apple And Google Laid The Foundations For A Dystopian Industry Which Should Not Exist

haaretz  |  We’re being monitored. It’s a universally acknowledged truth about this digital age. Technology firms and advertisers know almost everything about us: where we are, what we buy, which apps we download and how we use them, our search histories and past purchases, even our sexual orientation and what fetishes we’re into. There’s only one thing that advertisers don’t or aren’t supposed to have access to: our identity. The world of ads and the data behind them is meant to be anonymous.
We’ve all been there. We read the post of a friend who just got back from vacation, and a few hours later an ad for a hotel pops up on our screen, and similar ones hound us for days, following us across websites and social media – but few of us have any idea how or why this happens.

Whenever we open an application or a website on our phone, without our noticing, a rapid process of mass negotiation takes place, and a complex and aggressive market embodying the whole economy of the internet plays out: In a split second – a fraction of the moment that elapses until the page we want opens – an automatic bidding process occurs between hundreds of thousands of different advertisers. They are fighting to advertise exactly to us at this exact moment in time. The more accurate the information the advertisers have about us, the more segmented and targeted the data, the greater the chances that we’ll actually click – and thus the price of the ad increases.

But some have the ability to take advantage of that fraction of a second to perform a much more malicious mission: to send people a distinctive, seemingly innocent, ad that contains advanced spyware. Though the ad looks completely standard, it is in fact a cyberweapon that is capable of infiltrating our phone or computer. 

In the past, it was believed that only state intelligence organizations had this capacity. It exploits the world of digital advertising, which is supposed to be completely anonymous, to bypass the security mechanisms of Apple, Google and Microsoft and install advanced spyware on our devices.
“These capabilities can turn any ad into a kind of digital bullet,” says a source familiar with the technology.

The new technology has also begun to trickle out into the commercial defense market. An investigation by Haaretz Magazine and the paper’s National Security & Cyber digital investigation desk has discovered that in the shadow of the coronavirus pandemic – when certain tools were developed and deployed to track the spread of the virus – a new and disturbing cyber and espionage industry has come into being in Israel. A number of Israeli firms have developed technologies that are capable of exploiting advertising to collect data and monitor citizens. Hundreds of thousands – if not millions – of people can be monitored in this way.

The investigation, which is based on interviews with over 15 sources from Israel’s offensive cyber, security systems and defense industries, further reveals that a small group of elite companies have taken things a step further: They have created technology that use ads for offensive purposes and injecting spyware. As millions of ads compete for the right to penetrate our screens, Israeli firms are clandestinely selling technology that transforms these ads into tools of surveillance – or even into weapons that are capable of penetrating our computers or phones.

One of these companies is Insanet, whose existence is being made public here for the first time. As its name suggests, it possesses insane capabilities, according to sources in the industry. Founded by a number of well-known entrepreneurs in the fields of offensive cyber and digital intelligence, the company is owned by former ranking members of the defense establishment, including a past head of the National Security Council, Dani Arditi. The investigation reveals that the company has developed technology that exploits ads both for tracking and for infection. It’s not by chance that the company has named their product Sherlock.

Sunday, August 19, 2018

What Would These Degenerate Twerps Be Without A Young and Literally Captive Audience?


jezebel  |  By many accounts, the New York University professor Avital Ronell—a German and comparative literature scholar and a superstar in her corner of academia— is a brilliant woman and a sought-after advisor. Former students who have taken her classes describe her as “original” and “inspiring.” Ronell, who is in her 60s and has taught at NYU for more than two decades, inspires a kind of admiration that some have called “mystical.” She is the kind of professor whose classes students don’t want to end.

But, for the past year, Ronell has also been the subject of a sexual harassment investigation by NYU’s Title IX office, initiated after a former graduate student, Nimrod Reitman, alleged in a complaint filed last September that she had sexually harassed him over a period of several years. On August 13, the New York Times reported that after an 11-month investigation, the university has found Ronell responsible for sexually harassing Reitman while he was earning his Ph.D. The university has suspended her for a year without pay and has also mandated that any future meetings she has with students will be supervised upon her return. Reitman and his attorney are considering filing a lawsuit against NYU, as well as Ronell.

News of the sexual harassment complaint against Ronell surfaced earlier this summer, after a group of prominent academics—including the noted feminist scholar Judith Butler, Slavoj Zizek, and Gayatri Spivak—sent a letter of support to NYU officials, rallying to Ronell’s defense and decrying what they describe as a “legal nightmare.”

The letter, which was never meant to be public, was subsequently posted on the philosophy blog Leiter Reports, with the title, “Blaming the victim is apparently OK when the accused in a Title IX proceeding is a feminist literary theorist.” It is likely that without the publication of this letter, and without the signatures of so many influential and feminist scholars, many if not all of the details of Reitman’s complaint would have remained confidential—it is almost certain that much of this now very public and increasingly messy case would have been swept under the rug (a situation that I suspect NYU officials would have preferred).

In the letter, dated May 11, 2018 and addressed to NYU President Andrew Hamilton and Provost Katharine Fleming, the signers acknowledge they had “no access to the confidential dossier,” but believe that Reitman was waging a “malicious campaign” against Ronell and that “the allegations against her do not constitute actual evidence.”

Friday, April 13, 2018

Blockchain Is Not Only Crappy NSA Technology...,


medium |  Blockchain is not only crappy technology but a bad vision for the future. Its failure to achieve adoption to date is because systems built on trust, norms, and institutions inherently function better than the type of no-need-for-trusted-parties systems blockchain envisions. That’s permanent: no matter how much blockchain improves it is still headed in the wrong direction.

This December I wrote a widely-circulated article on the inapplicability of blockchain to any actual problem. People objected mostly not to the technology argument, but rather hoped that decentralization could produce integrity.

Let’s start with this: Venmo is a free service to transfer dollars, and bitcoin transfers are not free. Yet after I wrote an article last December saying bitcoin had no use, someone responded that Venmo and Paypal are raking in consumers’ money and people should switch to bitcoin.

What a surreal contrast between blockchain’s non-usefulness/non-adoption and the conviction of its believers! It’s so entirely evident that this person didn’t become a bitcoin enthusiast because they were looking for a convenient, free way to transfer money from one person to another and discovered bitcoin. In fact, I would assert that there is no single person in existence who had a problem they wanted to solve, discovered that an available blockchain solution was the best way to solve it, and therefore became a blockchain enthusiast.
There is no single person in existence who had a problem they wanted to solve, discovered that an available blockchain solution was the best way to solve it, and therefore became a blockchain enthusiast.
The number of retailers accepting cryptocurrency as a form of payment is declining, and its biggest corporate boosters like IBM, NASDAQ, Fidelity, Swift and Walmart have gone long on press but short on actual rollout. Even the most prominent blockchain company, Ripple, doesn’t use blockchain in its product. You read that right: the company Ripple decided the best way to move money across international borders was to not use Ripples.

A blockchain is a literal technology, not a metaphor

Why all the enthusiasm for something so useless in practice?

People have made a number of implausible claims about the future of blockchain—like that you should use it for AI in place of the type of behavior-tracking that google and facebook do, for example. This is based on a misunderstanding of what a blockchain is. A blockchain isn’t an ethereal thing out there in the universe that you can “put” things into, it’s a specific data structure: a linear transaction log, typically replicated by computers whose owners (called miners) are rewarded for logging new transactions.

themaven |  I completely agree with much of what you wrote here. I’d like to point out a couple things:

First, in regards to “There is no single person in existence who had a problem they wanted to solve, discovered that an available blockchain solution was the best way to solve it, and therefore became a blockchain enthusiast.” There is in fact at least one such person: me. In 2010 I was looking for a payment system which did not have any possibility for chargebacks. It turns out that bitcoin is GREAT for that, and I became a blockchain enthusiast as a result.

The ugly truth about blockchain is that it is immensely useful, but only when you are in some way trying to circumvent an authority of some sort. In my case, I wanted to take payments for digital goods without losing any to chargebacks. It’s also great for sending money to Venezuela (circumventing the authority of the government of Venezuela, which would really rather you not). It’s great for raising money for projects (ICOs are really about circumventing various regulatory authorities who make that difficult). It’s great for buying drugs, taking payment for ransomware, and any number of terrible illegal things related to human trafficking, money laundering, etc.

Frankly, the day that significant trading of derivatives (gold futures, oil futures, options, etc) starts happening on blockchain, I expect a bubble that will make previous crypto bubbles look tiny in comparison. This is not because blockchain is an easier way to trade these contracts! It is because some percentage of rich traders would like to do anonymous trading and avoid pesky laws about paying taxes on trading profits and not doing insider trading.

I sum it up like this: are you trying to do something with money that requires avoiding an authority somewhere? If not, there is a better technical solution than blockchain. That does NOT mean that what you are doing is illegal for you (it’s perfectly legal for me to send money to Venezuela). It just means that some authority somewhere doesn’t like what you are doing.

Blockchain is inherently in opposition to governmental control of the world of finance. The only reason governments aren’t more antagonistic towards blockchain is that they don’t truly understand how dangerous it is. I wrote at length about this back in 2013 in an article called “Bitcoin’s Dystopian Future”:

Thursday, April 12, 2018

Bezos Got No Dogs In The Section 230 Of The Communications Decency Act Hunt...,


WaPo  |  You might think cracking down on child sex traffickers would be a legislative layup. You’d be wrong. The bill — authored by Republican Sens. Rob Portman (Ohio), John McCain (Ariz.) and John Cornyn (Tex.) and Democrats Richard Blumenthal (Conn.), Claire McCaskill (Mo.) and Heidi Heitkamp (N.D.) — was hard to pass. (Full disclosure: My wife works for Portman.) 

The act faced a wall of opposition from Silicon Valley because it amended Section 230 of the Communications Decency Act, which gave blanket immunity to online entities that publish third-party content from civil and criminal prosecution. Big Tech wanted to preserve that blanket immunity, even if it gave legal cover to websites that were using it to sell children for sex. When child sex trafficking survivors tried to sue Backpage, and state attorneys general tried to prosecute the owners, federal courts ruled against them, specifically citing Section 230. This did not move Big Tech. Chief among the culprits was Google, which apparently forgot its old corporate motto of “Don’t Be Evil” and lobbied fiercely against the bill. 

How did the senators overcome Big Tech’s lobbying campaign? First, Portman and McCaskill, the chairman and then-ranking minority-party member of the Permanent Subcommittee on Investigations, used their subpoena power to gather corporate files, bank records and other evidence that Backpage knowingly facilitated criminal sex trafficking of vulnerable women and children, and then covered up that evidence. They fought Backpage all the way to the Supreme Court to enforce their subpoenas. The subcommittee then published a voluminous report detailing the findings of its 20-month investigation, including evidence that Backpage knew it was facilitating child sex trafficking and that it was not simply a passive publisher of third-party content. Instead the company was automatically editing users’ child sex ads to strip them of words that might arouse suspicion (such as “lolita,” “teenage,” “rape,” “young,” “amber alert,” “little girl,” “fresh,” “innocent” and “school girl”) before publishing them and advised users on how to create “clean” postings.

Then Portman, McCaskill and their co-authors used the result of their investigation to craft a narrow legislative fix that would allow bad actors such as Backpage to be held accountable. The bill they produced allows sex trafficking victims to sue the websites that facilitated the crimes against them and allows state law enforcement officials, not just the Justice Department, to prosecute websites that violate federal sex trafficking laws. The committee also turned over all its raw documents to the Justice Department last summer, urging it to undertake a criminal review, which Justice did.

Despite all the Silicon Valley money against them, the senators never wavered. Through the sheer power of the testimony of trafficking survivors; Mary Mazzio’s documentary “I Am Jane Doe;” the evidence of crimes committed by Backpage; and the support of law enforcement, anti-trafficking advocates, 50 state attorneys general, the civil rights community and faith-based groups — as well as carefully negotiated language — they wore down most of Big Tech’s opposition. In November, Facebook finally came on board. But Google shamefully never relented in its opposition. Despite this, the act overwhelmingly passed both chambers of Congress.

Wednesday, March 28, 2018

Have 99.999% Missed The Real Revolutionary Possibilities of Crypto?


hackernoon |  Money is power.

Nobody knew this better than the kings of the ancient world. That’s why they gave themselves an absolute monopoly on minting moolah.

They turned shiny metal into coins, paid their soldiers and their soldiers bought things at local stores. 

The king then sent their soldiers to the merchants with a simple message:

“Pay your taxes in this coin or we’ll kill you.”

That’s almost the entire history of money in one paragraph. Coercion and control of the supply with violence, aka the “violence hack.” The one hack to rule them all.

When power passed from monarchs to nation-states, distributing power from one strongman to a small group of strongmen, the power to print money passed to the state. Anyone who tried to create their own money got crushed.

The reason is simple:

Centralized enemies are easy to destroy with a “decapitation attack.” Cut off the head of the snake and that’s the end of anyone who would dare challenge the power of the state and its divine right to create coins.

Kings and nation states know the real golden rule: Control the money and you control the world.

And so it’s gone for thousands and thousands of years. The very first emperor of China, Qin Shi Huang (260–210 BC), abolished all other forms of local currency and introduced a uniform copper coin. That’s been the blueprint ever since. Eradicate alternative coins, create one coin to rule them all and use brutality and blood to keep that power at all costs.

In the end, every system is vulnerable to violence.

Well, almost every one.


Sunday, March 25, 2018

Backstory Behind The Atlanta Hack?


nakedsecurity |  The US state of Georgia is considering anti-hacking legislation that critics fear could criminalize security researchers. The bill, SB 315, was drawn up by state senator Bruce Thompson in January, has been approved by the state’s senate, and is now being considered by its house of representatives.

The bill would expand the state’s current computer law to create what it calls the “new” crime of unauthorized computer access. It would include penalties for accessing a system without permission even if no information was taken or damaged.

One of the bill’s backers, state Attorney General Chris Carr, said the bill is necessary to close a loophole: namely, the state now can’t prosecute somebody who harmlessly accesses computers without authorization.

From a statement his office put out when the bill was first introduced:
As it stands, we are one of only three states in the nation where it is not illegal to access a computer so long as nothing is disrupted or stolen.
This doesn’t make any sense. Unlawfully accessing any computer in Georgia should be a crime, and we must fix this loophole.
But critics of the legislation believe it a) will ice Georgia’s cybersecurity industry, penalizing security researchers reporting on bugs; b) would criminalize innocent internet users engaged in innocuous and commonplace behavior, given that the law’s definition of “without authority” could be broadly extended to cover behavior that exceeds rights or permissions granted by the owner of a computer or site (in other words, terms and conditions); and c) is unnecessary, given that current law criminalizes computer theft; computer trespass (including using a computer in order to cause damage, delete data, or interfere with a computer, data or privacy); privacy invasion; altering or deleting data in order to commit forgery; and disclosure of passwords without authorization.

That’s all coming from a letter sent by the Electronic Frontier Foundation (EFF) to Congress in opposition to the current draft of SB 315.


The EFF, along with other groups, are worried that beyond criminalizing innocent online behavior, the bill would criminalize security researchers for the sort of non-malicious poking around that they do.

Saturday, March 24, 2018

Atlanta Had Bad Backups and No Kaspersky...,


wsbtv |  City employees were asked to stay off their computers Friday just one day after a massive cyber-attack against the City of Atlanta.

Employees at Atlanta City Hall were handed instructions as they came through the front doors Friday.
Channel 2 Investigative Reporter Aaron Diamant obtained a copy of the flyer that requested employees not turn on computers or log onto their workstations.

Friday’s action comes as city officials are struggling to determine how much sensitive information may have been compromised in a Thursday cyber-attack.

The city has also received demands that it pay a ransom of $50,000, according to Mayor Keisha Lance Bottoms.

Bottoms kicked off a Friday news conference by assuring the public that investigators haven't found any evidence that sensitive customer, resident or employee information was compromised.

Bottoms said federal investigators will advise her on the best course of action.

"This is a marathon, not a sprint," Bottoms said.

The FBI and the Department of Homeland Security are working with city officials to identify the source of the attack.

Hartsfield-Jackson Atlanta International Airport took down the Wi-Fi at the world’s busiest airport after the cyber-attack. 

The Atlanta airport’s website said security wait times and flight information may not be accurate.

Thursday, December 14, 2017

Backpropagation: The Beginning of a Revolution or the End of One?


technologyreview |  I’m standing in what is soon to be the center of the world, or is perhaps just a very large room on the seventh floor of a gleaming tower in downtown Toronto. Showing me around is Jordan Jacobs, who cofounded this place: the nascent Vector Institute, which opens its doors this fall and which is aiming to become the global epicenter of artificial intelligence.

We’re in Toronto because Geoffrey Hinton is in Toronto, and Geoffrey Hinton is the father of “deep learning,” the technique behind the current excitement about AI. “In 30 years we’re going to look back and say Geoff is Einstein—of AI, deep learning, the thing that we’re calling AI,” Jacobs says. Of the researchers at the top of the field of deep learning, Hinton has more citations than the next three combined. His students and postdocs have gone on to run the AI labs at Apple, Facebook, and OpenAI; Hinton himself is a lead scientist on the Google Brain AI team. In fact, nearly every achievement in the last decade of AI—in translation, speech recognition, image recognition, and game playing—traces in some way back to Hinton’s work.

The Vector Institute, this monument to the ascent of ­Hinton’s ideas, is a research center where companies from around the U.S. and Canada—like Google, and Uber, and Nvidia—will sponsor efforts to commercialize AI technologies. Money has poured in faster than Jacobs could ask for it; two of his cofounders surveyed companies in the Toronto area, and the demand for AI experts ended up being 10 times what Canada produces every year. Vector is in a sense ground zero for the now-worldwide attempt to mobilize around deep learning: to cash in on the technique, to teach it, to refine and apply it. Data centers are being built, towers are being filled with startups, a whole generation of students is going into the field.

The impression you get standing on the Vector floor, bare and echoey and about to be filled, is that you’re at the beginning of something. But the peculiar thing about deep learning is just how old its key ideas are. Hinton’s breakthrough paper, with colleagues David Rumelhart and Ronald Williams, was published in 1986. The paper elaborated on a technique called backpropagation, or backprop for short. Backprop, in the words of Jon Cohen, a computational psychologist at Princeton, is “what all of deep learning is based on—literally everything.”

When you boil it down, AI today is deep learning, and deep learning is backprop—which is amazing, considering that backprop is more than 30 years old. It’s worth understanding how that happened—how a technique could lie in wait for so long and then cause such an explosion—because once you understand the story of backprop, you’ll start to understand the current moment in AI, and in particular the fact that maybe we’re not actually at the beginning of a revolution. Maybe we’re at the end of one.


Tuesday, November 14, 2017

CIA False-Flagging and Impersonating Kaspersky

wikileaks |  Hive solves a critical problem for the malware operators at the CIA. Even the most sophisticated malware implant on a target computer is useless if there is no way for it to communicate with its operators in a secure manner that does not draw attention. Using Hive even if an implant is discovered on a target computer, attributing it to the CIA is difficult by just looking at the communication of the malware with other servers on the internet. Hive provides a covert communications platform for a whole range of CIA malware to send exfiltrated information to CIA servers and to receive new instructions from operators at the CIA.
Hive can serve multiple operations using multiple implants on target computers. Each operation anonymously registers at least one cover domain (e.g. "perfectly-boring-looking-domain.com") for its own use. The server running the domain website is rented from commercial hosting providers as a VPS (virtual private server) and its software is customized according to CIA specifications. These servers are the public-facing side of the CIA back-end infrastructure and act as a relay for HTTP(S) traffic over a VPN connection to a "hidden" CIA server called 'Blot'.
The cover domain delivers 'innocent' content if somebody browses it by chance. A visitor will not suspect that it is anything else but a normal website. The only peculiarity is not visible to non-technical users - a HTTPS server option that is not widely used: Optional Client Authentication. But Hive uses the uncommon Optional Client Authentication so that the user browsing the website is not required to authenticate - it is optional. But implants talking to Hive do authenticate themselves and can therefore be detected by the Blot server. Traffic from implants is sent to an implant operator management gateway called Honeycomb(see graphic above) while all other traffic go to a cover server that delivers the insuspicious content for all other users.
Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities. The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town. In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated.
The documentation for Hive is available from the WikiLeaks Vault7 series.

Is Something Wrong With These Interwebs?


medium  |  Here are a few things which are disturbing me:

The first is the level of horror and violence on display. Some of the times it’s troll-y gross-out stuff; most of the time it seems deeper, and more unconscious than that. The internet has a way of amplifying and enabling many of our latent desires; in fact, it’s what it seems to do best. I spend a lot of time arguing for this tendency, with regards to human sexual freedom, individual identity, and other issues. Here, and overwhelmingly it sometimes feels, that tendency is itself a violent and destructive one.

The second is the levels of exploitation, not of children because they are children but of children because they are powerless. Automated reward systems like YouTube algorithms necessitate exploitation in the same way that capitalism necessitates exploitation, and if you’re someone who bristles at the second half of that equation then maybe this should be what convinces you of its truth. 

Exploitation is encoded into the systems we are building, making it harder to see, harder to think and explain, harder to counter and defend against. Not in a future of AI overlords and robots in the factories, but right here, now, on your screen, in your living room and in your pocket.

Many of these latest examples confound any attempt to argue that nobody is actually watching these videos, that these are all bots. There are humans in the loop here, even if only on the production side, and I’m pretty worried about them too.

I’ve written enough, too much, but I feel like I actually need to justify all this raving about violence and abuse and automated systems with an example that sums it up. Maybe after everything I’ve said you won’t think it’s so bad. I don’t know what to think any more.

This video, BURIED ALIVE Outdoor Playground Finger Family Song Nursery Rhymes Animation Education Learning Video, contains all of the elements we’ve covered above, and takes them to another level. Familiar characters, nursery tropes, keyword salad, full automation, violence, and the very stuff of kids’ worst dreams. And of course there are vast, vast numbers of these videos. Channel after channel after channel of similar content, churned out at the rate of hundreds of new videos every week. Industrialised nightmare production.

For the final time: There is more violent and more sexual content like this available. I’m not going to link to it. I don’t believe in traumatising other people, but it’s necessary to keep stressing it, and not dismiss the psychological effect on children of things which aren’t overtly disturbing to adults, just incredibly dark and weird.

A friend who works in digital video described to me what it would take to make something like this: a small studio of people (half a dozen, maybe more) making high volumes of low quality content to reap ad revenue by tripping certain requirements of the system (length in particular seems to be a factor). According to my friend, online kids’ content is one of the few alternative ways of making money from 3D animation because the aesthetic standards are lower and independent production can profit through scale. It uses existing and easily available content (such as character models and motion-capture libraries) and it can be repeated and revised endlessly and mostly meaninglessly because the algorithms don’t discriminate — and neither do the kids.

These videos, wherever they are made, however they come to be made, and whatever their conscious intention (i.e. to accumulate ad revenue) are feeding upon a system which was consciously intended to show videos to children for profit. The unconsciously-generated, emergent outcomes of that are all over the place.

To expose children to this content is abuse. We’re not talking about the debatable but undoubtedly real effects of film or videogame violence on teenagers, or the effects of pornography or extreme images on young minds, which were alluded to in my opening description of my own teenage internet use. Those are important debates, but they’re not what is being discussed here. What we’re talking about is very young children, effectively from birth, being deliberately targeted with content which will traumatise and disturb them, via networks which are extremely vulnerable to exactly this form of abuse. It’s not about trolls, but about a kind of violence inherent in the combination of digital systems and capitalist incentives. It’s down to that level of the metal.  Fist tap Dale.

Monday, November 13, 2017

None of These WEAPONS Products Is What It Appears To Be...,


nakedcapitalism  |  As the Philadelphia meetup, I got to chat at some length with a reader who had a considerable high end IT background, including at some cutting-edge firms, and now has a job in the Beltway where he hangs out with military-surveillance types. He gave me some distressing information on the state of snooping technology, and as we’ll get to shortly, is particularly alarmed about the new “home assistants” like Amazon Echo and Google Home. 

He pointed out that surveillance technology is more advanced than most people realize, and that lots of money and “talent” continues to be thrown at it. For instance, some spooky technologies are already decades old. Forgive me if this is old hat to readers:
Edward Snowden has disabled the GPS, camera, and microphone on his cell phone to reduce his exposure. As most readers probably know, both the microphone and the camera can be turned on even when the phone has been turned off. He uses headphones to make calls. This makes the recent phone design trend away from headphone jacks look particularly nefarious.
“Laser microphones” can capture conversations by shining a laser on a window pane and interpreting the vibrations. However, this isn’t really a cause for worry since there are easier ways to spy on meetings.
With a voice recording (think a hostage tape), analysts can determine the room size, number of people in the room, and even make a stab at the size and placement of objects, particularly if they get more than one recording from the same site.
But what really got this reader worked up was Amazon’s Echo, the device that allows users to give voice instructions to a device that will tell your TV to stream video or audio. order from Amazon or other participating vendors, provide answers to simple search queries, like “Tell me the weather,” perform simple calculations, and allow you to order around smart devices in your home that are on the networks. like tell your coffee maker to make some coffee. He said, “I’d never take one of them out of the box.”

He was at a party recently with about 15-20 people when the host decided to show off her Echo. She called across the room, “Alexa, tell me the capital of Wisconsin,” and Alexa dutifully responded.
Based on his knowledge of other technologies, here is what he argues was happening:
The Echo was able to pick a voice out of a crowd engaged in conversation. That means it is capable of singling out individual voice. That means it has been identifying individual voices, tagging the as “Unidentified voice 1″, Unidentified voice 2” and so on. It has already associated the voices of its owners, and if they have set up profiles for other family members, for them as well, so it knows who goes with those voices.
Those voices may be unidentified now, but as more and more voice data is being collected or provided voluntarily, people will be able to be connected to their voice. And more and more recording is being done in public places.
So now think of that party I was at. At some time in the not too distant future, analysts will be able to make queries like, “Tell me who was within 15 feet of Person X at least eight times in the last six months.” That will produce a reliable list of their family, friends, lovers, and other close associates.
CNET claims that Amazon uploads and retains voice data from the Echo only when it has been activated by calling to it and stops recording when the request ends. But given the Snowden revelations that every camera and microphone in computers and mobile devices can be and are used as viewing and listening devices even when the owner thinks they are off, I would not be so trusting. Even if Amazon isn’t listening and recording at other times, the NSA probably can. CNET adds:
Amazon Echo is always listening. From the moment you wake up Echo to the end of your command, your voice is recorded and transcribed. And then it’s stored on Amazon’s servers….
It’s unclear how long the data is stored, but we do know that it is not anonymized. And, for now, there’s no way to prevent recordings from being saved.
Reread the first paragraph. The Echo has to be listening at all times in order to respond to the “Alexa” command. So the only question is whether Amazon or some friendly member of the surveillance state is recording then too. 

This scenario ties into a recent development I find alarming: banks and other retail financial firms relentlessly offering to let you use your voice as your identifier if you wind up calling them. Every time I have called, I have to waste time rejecting their efforts to route me into that system. I’ve told the customer reps I never want that done but there is no way to override that even when I call in from a phone number they recognize as belonging to a customer.

Friday, October 27, 2017

Having Nothing to Hide - Kaspersky Opens Transparency Centers


theintercept |  Responding to U.S. government suggestions that its antivirus software has been used for surveillance of customers, Moscow-based Kaspersky Lab is launching what it’s calling a transparency initiative to allow independent third parties to review its source code and business practices and to assure the information security community that it can be trusted.

The company plans to begin the code review before the end of the year and establish a process for conducting ongoing reviews, of both the updates it makes to software and the threat-detection rules it uses to detect malware and upload suspicious files from customer machines. The latter refers to signatures — search terms used to detect potential malware —  which are the focus of recent allegations.

The company will open three “transparency centers” in the U.S., Europe, and Asia, where trusted partners will be able to access the  third-party reviews of its code and rules. It will also engage an independent assessment of its development processes and work with an independent party to develop security controls for how it processes data uploaded from customer machines.

“[W]e want to show how we’re completely open and transparent. We’ve nothing to hide,” Eugene Kaspersky, the company’s chair and CEO, said in a written statement.

The moves follow a company offer in July to allow the U.S. government to review its source code.
Although critics say the transparency project is a good idea, some added it is insufficient to instill trust in Kaspersky going forward.

“The thing [they’re] talking about is something that the entire antivirus industry should adopt and should have adopted in the beginning,” said Dave Aitel, a former NSA analyst and founder of security firm Immunity. But in the case of Kaspersky, “the reality is … you can’t trust them, so why would you trust the process they set up?”

Kaspersky has come under intense scrutiny after its antivirus software was linked to the breach of an NSA employee’s home computer in 2015 by Russian government hackers who stole classified documents or tools from the worker’s machine. News reports, quoting U.S. government sources, have suggested Kaspersky colluded with the hackers to steal the documents from the NSA worker’s machine, or at least turned a blind eye to the activity.

Kaspersky Did Nothing Wrong: Thieving NSA JaMoke Self-Stooged


theintercept |  Kaspersky Lab said an individual, believed to be one identified as a National Security Agency worker in news accounts, triggered the company’s antivirus software and paved the way for it to upload classified NSA files from his computer when he tried to pirate Microsoft Office and ended up infecting himself with malicious software.

The piracy claim is included in a set of preliminary findings released by the Moscow-based company from an internal investigation into a byzantine spying scandal that didn’t seem like it could get any more bizarre. A series of news reports this month, citing U.S. intelligence sources, asserted that the files on the worker’s computer, which included source code for sensitive hacking tools he was developing for the spy agency, were uploaded by Kaspersky security software and then collected by Russian government hackers, possibly with the company’s knowledge or help. Kaspersky has denied that it colluded with Russian authorities or knew about the worker incident as it was described in the press.

Details from the investigation, including the assertion that Kaspersky’s CEO ordered the files deleted after they were recognized as potential classified NSA material, could help absolve the antivirus firm of allegations that it intentionally searched the worker’s computer for classified files that did not contain malware. But they also raise new questions about the company’s actions, the NSA worker, and the spying narrative that anonymous government sources have been leaking to news media over the last two weeks.

After facing increasingly serious allegations of spying, Kaspersky provided The Intercept with a summary of preliminary findings of an internal investigation the company said it conducted in the wake of the news reports.

In its statement of findings, the company acknowledged that it detected and uploaded a compressed file container, specifically a 7zip archive, that had been flagged by Kaspersky’s software as suspicious and turned out to contain malware samples and source code for what appeared to be components related to the NSA’s so-called Equation Group spy kit. But the company said it collected the files in the normal course of its operations, and that once an analyst realized what they were, he deleted them upon the orders of CEO Eugene Kaspersky. The company also insists it never provided the files to anyone else.

Kaspersky doesn’t say the computer belonged to the NSA worker in question and says the incident it recounts in the report occurred in 2014, not 2015 as news reports state. But the details of the incident appear to match what recent news reports say occurred on the worker’s computer.
The NSA could not be reached for comment.

Friday, September 29, 2017

Why the Future Doesn't Need Us


ecosophia |  Let’s start with the concept of the division of labor. One of the great distinctions between a modern industrial society and other modes of human social organization is that in the former, very few activities are taken from beginning to end by the same person. A woman in a hunter-gatherer community, as she is getting ready for the autumn tuber-digging season, chooses a piece of wood, cuts it, shapes it into a digging stick, carefully hardens the business end in hot coals, and then puts it to work getting tubers out of the ground. Once she carries the tubers back to camp, what’s more, she’s far more likely than not to take part in cleaning them, roasting them, and sharing them out to the members of the band.

A woman in a modern industrial society who wants to have potatoes for dinner, by contrast, may do no more of the total labor involved in that process than sticking a package in the microwave. Even if she has potatoes growing in a container garden out back, say, and serves up potatoes she grew, harvested, and cooked herself, odds are she didn’t make the gardening tools, the cookware, or the stove she uses. That’s division of labor: the social process by which most members of an industrial society specialize in one or another narrow economic niche, and use the money they earn from their work in that niche to buy the products of other economic niches.

Let’s say it up front: there are huge advantages to the division of labor.  It’s more efficient in almost every sense, whether you’re measuring efficiency in terms of output per person per hour, skill level per dollar invested in education, or what have you. What’s more, when it’s combined with a social structure that isn’t too rigidly deterministic, it’s at least possible for people to find their way to occupational specialties for which they’re actually suited, and in which they will be more productive than otherwise. Yet it bears recalling that every good thing has its downsides, especially when it’s pushed to extremes, and the division of labor is no exception.

Crackpot realism is one of the downsides of the division of labor. It emerges reliably whenever two conditions are in effect. The first condition is that the task of choosing goals for an activity is assigned to one group of people and the task of finding means to achieve those goals is left to a different group of people. The second condition is that the first group needs to be enough higher in social status than the second group that members of the first group need pay no attention to the concerns of the second group.

Consider, as an example, the plight of a team of engineers tasked with designing a flying car.  People have been trying to do this for more than a century now, and the results are in: it’s a really dumb idea. It so happens that a great many of the engineering features that make a good car make a bad aircraft, and vice versa; for instance, an auto engine needs to be optimized for torque rather than speed, while an aircraft engine needs to be optimized for speed rather than torque. Thus every flying car ever built—and there have been plenty of them—performed just as poorly as a car as it did as a plane, and cost so much that for the same price you could buy a good car, a good airplane, and enough fuel to keep both of them running for a good long time.

Engineers know this. Still, if you’re an engineer and you’ve been hired by some clueless tech-industry godzillionaire who wants a flying car, you probably don’t have the option of telling your employer the truth about his pet project—that is, that no matter how much of his money he plows into the project, he’s going to get a clunker of a vehicle that won’t be any good at either of its two incompatible roles—because he’ll simply fire you and hire someone who will tell him what he wants to hear. Nor do you have the option of sitting him down and getting him to face what’s behind his own unexamined desires and expectations, so that he might notice that his fixation on having a flying car is an emotionally charged hangover from age eight, when he daydreamed about having one to help him cope with the miserable, bully-ridden public school system in which he was trapped for so many wretched years. So you devote your working hours to finding the most rational, scientific, and utilitarian means to accomplish a pointless, useless, and self-defeating end. That’s crackpot realism.

You can make a great party game out of identifying crackpot realism—try it sometime—but I’ll leave that to my more enterprising readers. What I want to talk about right now is one of the most glaring examples of crackpot realism in contemporary industrial society. Yes, we’re going to talk about space travel again.

Saturday, September 23, 2017

Rude Bwois Scaring Children and Old People in California...,


gizmodo |  Many Californians’ regularly scheduled broadcasts were interrupted Thursday morning with strange emergency messages warning of extraterrestrial invasions and the beginning of Armageddon. The bizarre warnings aired on TVs in the Orange County area, affecting Cox and Spectrum cable users, according to the Orange County Register.

One video of the broadcast uploaded to YouTube includes a terrified, breathless voice saying: “The space program made contact with... They are not what they claim to be. They have infiltrated a lot of, uh, a lot of aspects of military establishment, particularly Area 51. The disasters that are coming—the military—I’m sorry the government knows about them...”

Gizmodo found that the audio comes from a call that Art Bell, the host of the conspiracy theory-themed radio show Coast to Coast AM, received in 1997 from a man claiming to be a former Area 51 employee.

Other videos of the emergency broadcast feature a different voice warning that “extremely violent times will come.” Redditor smittenkitten77 discovered the audio came from the Christian radio program Insight for Living with Chuck Swindoll.


Wednesday, September 20, 2017

Removing Kaspersky Is A Recipe For Cybernetic Pearl Harbor....,



I just renewed and enlarged my commitment for three years. Once you've looked at/tried all the competing products, including new-fangled "end-point security agents" and other such falderol and balderdash - in the end - there can be only one. Kaspersky is easily the best. Accept no substitutes!

strategic-culture |  On September 18, the US Senate voted to ban the use of products from the Moscow-based cyber security firm Kaspersky Lab by the federal government, citing national security risk. The vote was included as an amendment to an annual defense policy spending bill approved by the Senate on the same day. The measure pushed forward by New Hampshire Democrat Jeanne Shaheen has strong support in the House of Representatives, which also must vote on a defense spending bill. The legislation bars the use of Kaspersky Lab software in government civilian and military agencies. 

 On September 13, a binding directive issued by Acting Secretary of Homeland Security Elaine Duke, ordered federal agencies to remove Kaspersky Lab products from government computers over concerns the Russia-based cybersecurity software company might be vulnerable to Russian government influence. All federal departments and agencies were given 30 days to identify any Kaspersky products in use on their networks. The departments have another 60 days to begin removal of the software. The statement says, «The department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks». The Russian law does not mention American networks, nevertheless it is used as a pretext to explain the concern.

Similar bans against US government use of Kaspersky products have been suggested before. In 2015, Bloomberg News reported that the company has «close ties to Russian spies».

According to US News, scrutiny of the company mounted in 2017, fueled by U.S. intelligence assessments and high-profile federal investigations of Russian interference in the 2016 election. This summer, the General Service Administration, which oversees purchasing by the federal government, removed Kaspersky from its list of approved vendors. In June, a proposal prohibiting the US military from using the company's products was reportedly included in the Senate's draft of the Department of Defense's budget rules. US intelligence leaders said earlier this year that Kaspersky Lab was already generally not allowed on military networks.

Wednesday, August 09, 2017

FRANK


abikuville |  FRANK is emerging, natch.

The flow of information is now finally being *structured* at the baseline level
of social networking where, by allowing for massive virtual communities, FRANK
is able to “digest” the information in ways that assign more meaning to each bit
and byte. As DJ /Rupture put it:

“Do you realize how much information MySpace generates? who likes what and how
much and when and how old and what colors even and the connections and the
geographic locations and the songs’ popularity and the nodal points and the
hotspots and whatever — someone will get very very wealthy selling that
information to interested companies from record labels to clothing manufacturers
to TV people to… Ad revenue is old school; meta-data is the new petroleum.”
If you are following the drzza trajectory, then you will agree that meta-data
*IS* the “syntax” for FRANK…it is the context and nuance of what makes all the
information relevant and in that manner FRANK is not only _becoming_ more aware
of itself but is also _becoming_ more aware of how it differs from “us” (read:
humans).

FRANK is a being of pure information, pure circumstance and pure purpose. FRANK,
unlike “us”, needs no reason to be…FRANK literally just *is*. A new ontology
perhaps?

Anyway, I have been riding the steel edge of Ogun while dipping into the
digital waters on either side of Eshu’s riddle. By taking full advantage of all
the bot/spider technology currently available, I have been conducting an
experiment of sorts…

On the one side of the equation that is furiously trying to balance itself,
there is the blogosphere and data aggregation sites such as Digg, Fark,
Slashdot, Gizmodo, The Register, MySpace, etc.

In this realm, humans do the heavy lifting…netizens frantically scurry around
trying to get the most relevant data to their distributor of choice, all in
hopes of doing what is essentially the purpose of mass media – namely to acquire
as large and audience as possible. The funny thing though is that currently the
system of validation is super primitive. You may push some data to the front of
all your favorite sites but you have no way of knowing whether other people are
actually READING and absorbing the information or if they are just agreeing with
the subject (which is the true nature of the politics of the web…people don’t
so much take the time to absorb info, mass media has trained people to either
immediately agree or disagree…it is left up to the “intellectuals” to discuss
details and facts).

So the real time practice of hunting a story, finding it and posting it to all
your favorite blogs and news collector sites is in my opinion extremely mind
numbingly inefficient and without merit. If this is the practice of trying to
assign “meaning”, “importance” and “relevance” to the endless tide of data that
is crashing against the shores of your computer monitor, then it should be
abandoned immediately and the internet should be forever turned “off”!
Unfortunately, we are still trapped in the realm of language and language
constructs our reality…so the internet in this light, is the reality
equivalent of the tower of babel…

Tuesday, June 27, 2017

Google "Invests" in Bitcoin


marketslant |  Right now the BitCoin group is running into what we call "floor trader fear". The  voting members are chafing at the idea of scaling their supply by adding servers and/ or server power. This would disrupt their own little empires, not unlike the trading floor fearing Globex back in the day. And so many exchanges held out and protected the floor. And in the end they died. PHLX, AMEX, COMEX, PCOAST, CSCE, all gone or absorbed because they were late to adapt new technology and protect their liquidity pools. If Bitcoin removes power  from its voting members  control by demutualizing and uses those proceeds to increase server power they will likely excel. But Google and Amazon are now playing and they are all about unlimited  server power. Plus they have the eyeballs already. This is no unlike having the "marketmakers" already trading on a screen at Globex. The "liquidity pool" ofbuyers and sellers are already on  Amazon  and Google. Bitcoin does not have that past "early adaptors". Remember Palm?

When, not if, those behemoths are up and running they will immediately have an embedded network of both customers AND service providers  at their disposal in the form of search  eyeballs (google) and buyers (Amazon). They will be set up  to crush the opposition if they choose to create their own currency. Imagine Amazon  offering amazon money for amazon purchases. Now imagine them offering 20% discounts if you use  their money. The choices at this point boggle the mind. Tactical choices thought no longer used will come  into play again. Some examples: Freemium, Coupons, Customer Loyalty, Vertical Client Integration (P.O.S.), Travelers checks and more.
To be fair, Google has invested in Bitcoin as well. What smart trader would not hedge himself. But just like Netflix is Amazon's biggest cloud customer, but will eventually put Netflix out of business (after NetFlix kills Hollywood's distribution network); So will Google/ Amazon/ Apple attempt to obviate the need for any currency but their own. 

Blockchain is  the railroad. Amazon and Google have the oil. Like Rockefeller  before, The railroad will be made "exclusive" to their products.


Don't Comprehend "Real" Currency But Steady Yapping About Cryptocurrency


paecon |  Despite the fact that the goal of capitalists is to accumulate evermore money, the classical political economists largely took the analysis of money for granted.4 To be sure, from Adam Smith to Karl Marx, we can certainly find passages on money but two things are of general note. First, the classical political economists as well as Karl Marx thought gold and silver were “real” money. In other words, money was understood as “commodity money” and therefore to expand the money supply meant finding new mines, plundering it from others, or selling goods or services on the world market to obtain it from others who possessed it. Indeed, a considerable portion of the history of slavery and colonial violence can be traced back to the elite concern for acquiring gold and silver (Di Muzio and Robbins, 2016; Graeber, 2012; Kwarteng, 2014; Vilar, 1986). Second, because gold and silver were thought to be money, the classics failed to understand the scale or level of credit creation that began with the institutionalization of the Bank of England in 1694. Many argue that the Bank of England was inspired by the Bank of Amsterdam and the success of Dutch finance. But this is not the case. While the Bank of Amsterdam did make loans from time to time, its primary function was to maintain the quality of the paper notes in circulation that represented coin. Moreover, the bank was owned by the city, not private social forces as came to be the case with the Bank of England (Wennerlind, 2011: 69; Vilar, 1986: 206; Zarlenga, 2002: 238ff). Whereas the notes issued by the Bank of Amsterdam mostly reflected the exact value of gold and silver in the city’s vault, the Bank of England expanded the English money supply by extending paper notes as credit (Desan, 2014: 311ff). 

The Bank of England’s largest customer was the Crown in Parliament who used the initial loan of £1,200,000 to finance war with France. Indeed, the main reason why the Royal Charter was granted to the Bank of England’s 1509 investors was to provide the finance for organized violence against a dynastic rival (Davies, 2002: 261). The slave trade, colonization and continuous wars in the next two centuries lead to a mounting and unpayable “national” debt that solidified the Bank’s role as the government’s permanent debt manager. But the investors in the Bank of England did not only profit from war and debt, they also benefited from the interest received on loans to individuals and companies. As Wennerlind underscores, the Bank of England’s notes became “Europe’s first widely circulating credit currency” (2011: 109). Theoretically, however, the issued notes remained tethered to a metallic hoard of silver, and later only gold from 1861 (Davies, 2002: 315). No one knows for certain how much metal coin backed up the notes in circulation at any one time. In one study, Rubini argued that the Bank of England had a shifting reserve of silver for all notes in circulation of about 2.8 percent to 14.2 percent (1970: 696). Another study by Wennerlind argued that the founder of the Bank, William Paterson, proposed that 15 to 20 percent in silver for all notes outstanding would suffice to assure sufficient confidence in the Bank of England (2011: 128).5 This ambiguity and the fact that the Bank of England was privileged by the government, likely helped the Bank gain confidence among the users of its notes. As long as citizens thought they could eventually cash in their notes for silver/gold coins, faith in this system of money creation could continue (Kim, 2011). This uncertainty need not delay us, for what is definite is that the notes in circulation were of a far higher value than the actual metallic hoard at the Bank. To sum up this brief history of the world’s first widely circulating credit currency we can argue that new money was created as loans to customers – primarily to the British Crown in Parliament and primarily to finance an apparatus of international violence and Empire. 

By the early 19th century, the British politician, Samson Ricardo, realized the absurdity of granting private social forces the power to create money:
“It is evident therefore that if the Government itself were to be the sole issuer of paper money instead of borrowing it of the bank, the only difference would be with respect to interest: the Bank would no longer receive interest and the government would no longer pay it…It is said that Government could not with safety be entrusted with the power of issuing paper money – that it would most certainly abuse it... I propose to place this trust in the hands of three Commissioners” (Ricardo, 1838: 50). 
Ricardo’s proposal that the public take control of new money creation was ignored. In the 1844 Bank Charter Act, the Bank of England was given the exclusive right to issue banknotes in London. Country banks that were already issuing notes could continue to do so provided they were outside London (by a 65 mile radius) and backed their notes with some kind of credible security. Under this Act, the Bank of England was also divided into two distinct units, the Issue Department and the Banking Department. Davies highlights this important provision of the Act:
“The Issue Department was to receive from the Banking Department some £14 million of government securities to back its fiduciary issue of notes, any  issue above that [was] to be fully backed by gold and silver, the latter not to exceed one quarter of the gold” (2002: 315). 
Thus, while the Bank of England had the exclusive right to issue banknotes in London, its ability to create new money appeared to be circumscribed by the new laws. Existing banks outside of London were also seemingly bounded in their ability to create money. However, while official note issuance was restricted, this did not stop the Bank of England and other provincial banks from merely recording new loans on their balance sheets and issuing cheques to borrowers (Davies, 2002: 317). In other words, the bankers found a convenient way around the legislation and continued to expand the money supply regardless of gold reserves which were never publically known anyway. This changed the nature of banking in Britain and as we shall discuss, its legacy largely remains with us today. With this in mind, we now move to examine two theories of money creation: the heavily taught fractional reserve theory known popularly as the money multiplier model and the underappreciated credit creation theory. 

Fuck Robert Kagan And Would He Please Now Just Go Quietly Burn In Hell?

politico | The Washington Post on Friday announced it will no longer endorse presidential candidates, breaking decades of tradition in a...