- Page 3

  • #ukraine would you drive under that blown-up bridge

    taking a risk

    will something go down or not

    they have already destroyed three bridges going into Donetsk

  • #ukraine and I have to thank Putin

    Ukraine has to thank weird Putin for its stupid bullish behavior because otherwise it would never have the Financial support it has received, never have a commercial trade agreement with the EU, never have all those experts coming over from all kinds of international aid organisations to help them rebuild their failed state into a modern state

    Ukraine has to thank stupid Putin for being so bullish that he has really forged a new Ukranian identity, lost nearly all of his support (even in the Eastern provinces) and helped public opinion to look only west and to ask for membership of the EU and if possible NATO

    Ukraine has to thank cowardly Putin for not having the guts to invade Ukraine and only sending amateurish militants and some older military material making it possible for the Ukranian army to be on a level playing field because of the lack of investment in its training and material the last decennium

    Ukraine has to thank the shortsightedly Putin for waking all of its border countries that are not Under its control to remember that they have to invest in military and espionage and have to work together to pressure NATO and the other states to show more solidarity and readiness and to help each other exchanging information for example

    NATO has to thank the childlish Putin for the stupid remarks, speeches and reactions nobody in the west except extremists understood to come from such an important man and for his fantastic provocations with nuclear airplanes and submarines across the Channel and near the USA, NATO couldn't have wished for more publicity for the reason of its existence. Those who believed that NATO was not necessary anymore because Russia was Partner and the Continent was a continent of cooperation and peace couldn't have proven wrong in a more convincing way

    USA has to thank little Putin for giving it once again the status of the country of the free and the keeper of the peace if nobody else can do it while everybody was talking about China, brics and how close the US was to default and how Europe was the new superpower. But it is proven again that a superpower without an army and without the will to intervene and with a diplomacy that is alwasy too complacent has no stature, no influence and doesn't impress much. So as so often in history, Europe turns to the US for leadership. Maybe we will have a matured union with its own president, diplomacy and army in 10 or 50 years from now, but for the moment we can only turn to the USA.

    Our banks and industry are drinking champagne again on you because never has so much money came back to their western enterprises and banks out from Russia (and other BRICS countries) and even if the sanctions will have some economic repercussions they have forced us to look for more stable and reliable markets

    the Nuclear and franking industry is having a party for you because never before in their recent history has anybody made so clearly the case that as a country you need to have a certain independence from external energysources.

    The proponents of an Atlantic Free Trade agreement have never thought that they would have so many strategic reasons now to create a commercial branch of their political and military Relationship.

    The intelligence agencies are just thinking every morning that they are dreaming if they are reading about your newest comments and actions because every time you think you made a Wise move, they see their powers and resources increase tenfold (and the critics diminish by the hundreds)

    so thank yoiu Putin for you have forged a real patriotic unified Ukraine supported by a big part of the international community in a region where the military and intelligence investments will go up enormously and which will increase the presence of NATO at your borders even more while getting closer with the USA and setting up new agreements

    but fuck you Putin

    because we could have a real peace without all those military investments that are in fact worthless and should have been invested in economic and social development

    you have changed Europe and especially Eastern-Europe in a permanent possible conflict zone while you shouldn't have but you could and it was your choice

    and for that you will always be paying because we will never forget, never

    so thank you, but fuck you

    you have lost and it is up to your country to deicde if they want to go down with you

    because this isn't 1938 again

    history repeats itself but never exactly the same way

  • #ukraine and than Putin blinked and lost his bluff (for now)

    AFter several days of intense combat with real rockets and tanks from both sides and hundreds of soldiers and militiamembers death and wounded (the Ukranian army lost over 200 soliders already) the Ukranian army is quickly reconquering lost territory (while now the Russians are asking for an  urgent truce while it didn't interest them when their proxy armies seem to be winning)

    this map shows that the rebel territories have been cut off from the sea and are steadily being cut off from the Russian borders their life-saving link

    this is not a guerilla group like we like to see it as a group of rebels with macine guns, no they have bazooka's and rocketpropellers in the hundreds (decommissioned but still functioning stuff), tanks from across the Russian borders and hundreds of other military vehicles and guns and rocketlaunchers (not hundred of each, but quite impressive)

    this map is totally different from a few months ago when Ukraine was really on the brink of losing all its eastern provinces who were falling like rotten fruit in the hands of a coalition of local crime, proxy instigators and warlors and russian activists

    if you compare this map with the map of a few months ago, you would really think that they have come from far and that it is now neraly impossible without a clear invasion from Russia to accomplish that goal

    there are still three difficulties ahead

    First is to conquer the remaning strongholds like Donetsk (with 1 million inhabitants and a few thousands militiamembers) without too much bloodshed and destruction so that Russia can't use this as a reason to intervene (while at the other hand you have to advance militarily to have a military impact)

    Secondly is that you have to cut the region from the Russian borders so their lifelines are cut and you have to cut the region in two so neither can retreat to the other to defend one last stronghold. The symbolic power of this can be too great for the prorussian propaganda machine.

    Thirdly you will need a paramiliary antiterrorist force to hunt for pockets of armed resistance that are still wandering around in the region. That force and the intelligence arm will need all the investment and material that is available to intervene quickly and efficiently and with the least collatoral damage.

    and after this than there is still the question of Crimea

    Putin had the intention several times to invade Ukraine but never seemed to be able to pull the trigger and send in his own troops, so he send special undercover forces, money and tanks (but not enough) so he betrayed the hundreds who died in Ukraine for Novarussia and this can come to haunt him later on.

    And if everything is over in Eastern Ukraine there will be one big question lingering without really spoken out loud : was it all Worth it for Russia and was there not a better way and how do we go on after this in this interconnected world

    you go nowhere, you are not trusted anymore, you are a hooligan and a thief on the international scene

    you are what the US was untill Obama

  • the US will now also use safer debitcards for shopping

    By the end of 2015, 70 percent of U.S. credit cards and 41 percent of U.S. debit cards will have security chips — called EMV for Europay, MasterCard MA +0.71%, Visa V +0.78% — according to the Aité Group.

     

    While Europe, Canada and Mexico have had chipped cards for years — usually with a chip and a PIN (personal identification number), the U.S. card issuers have studiously avoided the more secure, but more expensive, cards. To some extent American issuers didn’t need the card-based security. Unlike Europe, the American card industry had grown up with cheap telecommunications, so merchants could check cards in real-time as they accepted a card in payment. American technology vendors also developed very sophisticated, if sometimes alarmist, tools to detect fraudulent card use.
    http://www.forbes.com/sites/tomgroenfeldt/2014/06/23/more-secure-credit-cards-with-chips-coming-to-the-u-s/

    as the fraud rate has increased so much and with some big breaches and the loss of confidence they creditcard companies and the shops have in fact no other choice if they want to keep some consumertrust

  • the massive securitybreaches at US shops Point of Sale boxes have immediate impact on consumers

    People are changing their attitudes afterwards

    "U.S. consumers are beginning to see the impact of the recent spate of credit card data breaches at retail stores -- and they are doing something about it.

     

    That's the conclusion of two separate studies of consumer attitudes and behavior published this week. The first study, National Consumer League's Data Insecurity Report, indicates that consumers are increasingly blaming retailers for the compromise of their credit card data and are responding by changing the stores they patronize.

     

    The second study, Security Matters: Americans on EMV Chip Cards, indicates that nearly two thirds of Americans are more likely to pay in cash after hearing about security breaches at large retailers.
    http://www.darkreading.com/retail-breaches-change-customer-behavior-attitudes-studies-say/d/d-id/1279144

    well both reasons are enough business and marketingwize to inspire management to make some big investments in security and keep it secure

    nobody wants consumers to change shops because they feel insecure at your place and nobody wants people to pay so much in cash because it costs a lot to handle cash and it increases the risk for violent crime at the cashiers.

  • #ukraine what is the legal status of the Russian tanks in Ukraine ?

    well this is a russian tank in an Ukranian city occupied by militias that are prorussian but not russian and Russia says that it is not responsable for them or linked to them

    but

    this tank has crossed the Ukr_russian border - which isn't fully Under control of the Ukr government and which the Russian government hasn't closed neither to prevent more bloodshed (calming down as it is called)

    it has clearly a Russian flag

    it is on Ukranian territory against the will of the Ukr government

    so ..... there are some questions here

    * if a tank like a ship goes Under a flag of a country it is supposed to represent that country (especially if that country doesn't deny that its tanks are on the other side of the border) and so it is responsable for these tanks (and internationally it has done a real military incursion into the country)

    * if that tank was not stolen (were they prosecuted), not sold (by who to who) or given than how did these people get a Russian tank

    it is said that they are given to the rebels but that doesn't make youi as a country less responsable for inciting war and civil war and so on

  • first military dronefight in #Ukraine - more to come (robots next ?)

    this is the tweet

    the Ukr army and the militias have been shooting down each other drones before - some just above the Ukraine border and the Ukraine border patrol will get a new sophisticated drone to help them Watch the border

    but from shooting down drones and using them for surveillance and espionage

    the next step to actually use them as military attack instruments during a war

    will change the whole discussion about military and espionage drones in Europe (and NATO) totally

    there is no confirmation by video or pics yet but it is probable

  • CSC placed accidently all info about 900.000 Danes online

    before you panick

    the data was only available during one hour and was downloaded by 4 marketing firms who have received an ultimatum to return the data (take a copy ?)

    the marketingfirms found the data so quickly because it was a leak of the antispam/marketing site Robinsonlist that was put only by accident by CSC

    but the biggest problem is that one of the data that was leaked was the social security number, banking détails and telephone contacts (not sure why all that data has to go into an antispamlist - privacy-architecture)

    at the same time the social securitynumber (like our Rijksregisternumber in Belgium) is said to be not sufficiently adrandom for the digital age

    it also shows that with big data one mistaken click on the server can have enormous conséquences (instead of putting the data about 100 persons online you are placing the data of hundreds of thousands or millions online)

    and about that latest fact you should panick

    http://rt.com/news/170312-danish-id-numbers-leak/

  • the israeli nuclear incident tweet shows how important security at twitter should be

    just don't take twitter as an unique but as one that you should check

    http://rt.com/news/170336-idf-hacked-nuclear-confusion/

  • is openleaks an FBI operation ?

    "Today the OpenLeaks web-site contains information about their non-functioning email system and a ‘stream of consciousness’ diatribe, from Domscheit-Berg, about why leaking is difficult.  He makes it clear that his organisation is steering clear of actual leaking but will provide information to others about how to go about it.  A reasonable conclusion, from reading the information on the web-site, as provided by Domscheit-Berg’s fairly ordinary intellect, is that OpenLeaks has no such information to provide.

     

    If OpenLeaks is being maintained as an F.B.I. ‘honey-pot’, Domschiet-Berg’s operational activity of attracting contact from potential leaders of leaking organisations, is the next best  thing to receiving information from actual leakers.  This would also solve the problem of maintaining Domscheit-Berg’s shaky cover story and the cover of OpenLeaks.  The F.B.I. would  be able to receive information they could use to identify the next generation of potential Julian Assange’s, information with great potential valuable to more than one sector of the U.S. Government.

     

    Based upon Domscheit-Berg’s performance to date, as recently confirmed by his public comments in the above panel-interview video, there is no doubt that he is the LAST person who anyone should contact should they wish to commence leaking activities.  No doubt if he receives any information about persons interested in whistle-blowing activities, he would be happy to oblige the F.B.I. by providing it to them, particularly if he could enhance his public-image whilst by doing so.  One would hope that any hapless, well-meaning person would steer well clear of Domscheit-Berg and OpenLeaks.
    http://darkhorsenet.wordpress.com

    The problem is that Domscheit-Berg has been cooperating in the Manning trial and that you can only do that if you don't want to get convicted anyway you can only cooperate with the FBI.

    the second thing is that the site is still not working which makes it a perfect honeypot because you receive information but you don't publish i

  • this is what to expect from the cryptome.org Snowden documents release and why there is not necessarily a second NSAleaker

    http://cryptome.org/2014/07/vocativ-interview.htm

    It is clear that Cryptome who has always been publishing leaked and released information (some 70.000 the last 10 years) from military and intelligence sources 

    the Policy of Cryptome has always been to publish the documents or information without much fanfare (he calls it windowdressing) without context or big articles that take weeks to write and to include the technical documents as well (who is he to judge which information may be useful and which is not)

    You can buy the full set of 70.000 documents if you donate at least one dollar at his kickstarter project, on torrentside you will only find half of the documents

    Contrary to Europe the US is releasing much information about its past and present spy and military organisations and operations

    the argument between Greenwald and cryptome is that Greenwald is making on fortune on documents he never releases, takes too much time to write about and never have enough technical information to help the technical people to develop countermeasures

    cryptome seems also to think that the mediateam around Snowden (both in Russia which is important not to forget as also that the personal lawyer of Snowden is directly linked to the newKGB) have in fact set up an information-operation by splitting the access to the files and the files themselves into many different persons, groups and stacks of documents. Cryptome also thinks that the mediateam has been penetrated (and supposes that the NSA itself has been succesful into penetrating this team which explains the déclarations by the NSA this week that they know have the 'leak Under control' while before you could speak of a hardly hidden panick.

    there is nobody - except Snowden - who seems to know what has been leaked in the beginning to who (but as it are digital stacks there is a high probability that they have started to 'walk' around - or sélections of it (and cryptome hopes that some of that walking material will arrive in his postbox.

    if we look hard at the interview, there are a few remarks that retain our attention

    * he only like full documents that aren't redacted (if you look at the published documents they are hardly ever complete and sometimes even words and sentences are blackened)

    * he would not only publish the présentations but also the technical documentation that is available (which make me doubt that there is a second leaker because the first big leak of HIS collection of Snowden documents about TOR also gave the code that proofs it and shows how it works. It is possible that all the technical information was already with the Snowden documents but that they couldn't release it (somebody was enormously against it and the risks were too high). The rumouir about a second NSAleaker can be true but it can also just be another Information-operation, with such possible goals

    one is to make snowden look innocent and responsable as he never published or let publish that thechnical information (while if is comes out of his stack he stole it)

    two is to create a mediahype and some pannick that there more leakers like him in the NSA, that he isn't alone and that other leakers may be much more dangerous and that they should welcome him

    three is to diverse the attention from the fact that he may be manipulated (knowingly or not) by some Russian services who may or may not have access or copies to the documents

  • why it is so difficult and dangerous for Greenwald to publish his bombshell

    It was announced for now but there are new complications and objections

    this article shows why (about the database of all the people in the US that are being followed)

    "This is a database. So all the data is there. The question is, what have they pulled from the database. So you actually have to recreate the queries from the databases to see that which they've pulled. It's very labor intensive. It doesn't just spit out something that says, 'Romero, they followed him' ... you have to read the code, it involves a lot of technologists
    http://www.theatlantic.com/politics/archive/2014/07/anthony-romero-of-the-aclu-glenn-greenwald-will-reveal-spying-on-us-muslims/373862/

    first the article says that it is also about the arab community that is being followed in the US (as in any other western country to some extent)

    well, we are for the moment in a time of heightened alert and at the first steps of a (needed) war against the ISIL

    it is now very easy for the FBI-NSA-Administration to say that any story about the surveillance of that community could endanger a specific investigation, undercover agent or operation and could end up in making it easy or necessary (before probable arrest) for escape investigation or to do the terrorist attack immediately (instead of in an few weeks or months)

    secondly you can make a mistake

    thirdly some of the people may be spies and for the journalist to proof that his article will do no harm to national security and that he doesn't fall Under these laws and isn't a traitor or danger.

    meanwhile activists are trying to put some pressure on Greenwald to publish it quickly because they say they are preparing the publication of all the Snowden files (but nobody knows how many collections there are and who owns the complete one - even if the NSA gives totally different numbers each time they are asked)

    the discussion about a second NSA leaker is for this reason prematurily because nobody has a total oversight of all the leaked stuff so nobody knows exactly what has been taken from the NSA

    you have to remember that this is a spygame in which nobody tells the full truth or always lies about everything and in which mindgames are played all the time by all the players involved (NSA, Snowden, Greenwald,.....)

    the only thing that is clear is that the control over the Snowden documents seems to be lost and the real interesting question is how that happened because if it happened there was a clear strategic reason for it - just as given a cache of documents to international newspapers had a clear strategy in mind.

    and about the new Greenwald article, the most interesting thing will be what is NOT in it and why (it could even not exist)

  • the code of the xkey NSA espionage tool that targets Tor and tails and ?????

    It is interesting to see the code - proof that these systems are targeted - to see how it works

    // START_DEFINITION
    /**
     * Fingerprint Tor authoritative directories enacting the directory protocol.
     */
    fingerprint('anonymizer/tor/node/authority') = $tor_authority
      and ($tor_directory or preappid(/anonymizer/tor/directory/));
    // END_DEFINITION
    
    // START_DEFINITION
    /*
    Global Variable for Tor foreign directory servers. Searching for potential Tor
    clients connecting to the Tor foreign directory servers on ports 80 and 443.
    */
    
    $tor_foreign_directory_ip = ip('193.23.244.244' or '194.109.206.212' or
    '86.59.21.38' or '213.115.239.118' or '212.112.245.170') and port ('80' or
    '443');
    // END_DEFINITION
    
    // START_DEFINITION
    /*
    this variable contains the 3 Tor directory servers hosted in FVEY countries.
    Please do not update this variable with non-FVEY IPs. These are held in a
    separate variable called $tor_foreign_directory_ip. Goal is to find potential
    Tor clients connecting to the Tor directory servers.
    */
    $tor_fvey_directory_ip = ip('128.31.0.39' or '216.224.124.114' or
    '208.83.223.34') and port ('80' or '443');
    // END_DEFINITION
    
    
    // START_DEFINITION
    requires grammar version 5
    /**
     * Identify clients accessing Tor bridge information.
     */
    fingerprint('anonymizer/tor/bridge/tls') =
    ssl_x509_subject('bridges.torproject.org') or
    ssl_dns_name('bridges.torproject.org');
    
    /**
     * Database Tor bridge information extracted from confirmation emails.
     */
    fingerprint('anonymizer/tor/bridge/email') =
    email_address('bridges@torproject.org')
      and email_body('https://bridges.torproject.org/' : c++
      extractors: {{
        bridges[] = /bridges([0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}):?([0-9]{2,4}?[^0-9])/;
      }}
      init: {{
        xks::undefine_name("anonymizer/tor/torbridges/emailconfirmation");
      }}
      main: {{
        static const std::string SCHEMA_OLD = "tor_bridges";
        static const std::string SCHEMA_NEW = "tor_routers";
        static const std::string FLAGS = "Bridge";
        if (bridges) {
          for (size_t i=0; i < bridges.size(); ++i) {
            std::string address = bridges[i][0] + ":" + bridges[i][1];
            DB[SCHEMA_OLD]["tor_bridge"] = address;
            DB.apply();
            DB[SCHEMA_NEW]["tor_ip"] = bridges[i][0];
            DB[SCHEMA_NEW]["tor_port_or"] = bridges[i][1];
            DB[SCHEMA_NEW]["tor_flags"] = FLAGS;
            DB.apply();
          }
          xks::fire_fingerprint("anonymizer/tor/directory/bridge");
        }
        return true;
      }});
    // END_DEFINITION
    
    
    // START_DEFINITION
    /*
    The fingerprint identifies sessions visiting the Tor Project website from
    non-fvey countries.
    */
    fingerprint('anonymizer/tor/torpoject_visit')=http_host('www.torproject.org')
    and not(xff_cc('US' OR 'GB' OR 'CA' OR 'AU' OR 'NZ'));
    // END_DEFINITION
    
    
    // START_DEFINITION
    /*
    These variables define terms and websites relating to the TAILs (The Amnesic
    Incognito Live System) software program, a comsec mechanism advocated by
    extremists on extremist forums.
    */
    
    $TAILS_terms=word('tails' or 'Amnesiac Incognito Live System') and word('linux'
    or ' USB ' or ' CD ' or 'secure desktop' or ' IRC ' or 'truecrypt' or ' tor ');
    $TAILS_websites=('tails.boum.org/') or ('linuxjournal.com/content/linux*');
    // END_DEFINITION
    
    // START_DEFINITION
    /*
    This fingerprint identifies users searching for the TAILs (The Amnesic
    Incognito Live System) software program, viewing documents relating to TAILs,
    or viewing websites that detail TAILs.
    */
    fingerprint('ct_mo/TAILS')=
    fingerprint('documents/comsec/tails_doc') or web_search($TAILS_terms) or
    url($TAILS_websites) or html_title($TAILS_websites);
    // END_DEFINITION
    
    
    // START_DEFINITION
    requires grammar version 5
    /**
     * Aggregate Tor hidden service addresses seen in raw traffic.
     */
    mapreduce::plugin('anonymizer/tor/plugin/onion') =
      immediate_keyword(/(?:([a-z]+)://){0,1}([a-z2-7]{16}).onion(?::(d+)){0,1}/c : c++
        includes: {{
          #include <boost/lexical_cast.hpp>
        }}
        proto: {{
          message onion_t {
            required string address = 1;
            optional string scheme = 2;
            optional string port = 3;
          }
        }}
        mapper<onion_t>: {{
          static const std::string prefix = "anonymizer/tor/hiddenservice/address/";
    
          onion_t onion;
          size_t matches = cur_args()->matches.size();
          for (size_t pos=0; pos < matches; ++pos) {
            const std::string &value = match(pos);
            if (value.size() == 16)
              onion.set_address(value);
            else if(!onion.has_scheme())
              onion.set_scheme(value);
            else
              onion.set_port(value);
          }
    
          if (!onion.has_address())
            return false;
    
          MAPPER.map(onion.address(), onion);
          xks::fire_fingerprint(prefix + onion.address());
          return true;
        }}
        reducer<onion_t>: {{
          for (values_t::const_iterator iter = VALUES.begin();
              iter != VALUES.end();
              ++iter) {
            DB["tor_onion_survey"]["onion_address"] = iter->address() + ".onion";
            if (iter->has_scheme())
              DB["tor_onion_survey"]["onion_scheme"] = iter->scheme();
            if (iter->has_port())
              DB["tor_onion_survey"]["onion_port"] = iter->port();
            DB["tor_onion_survey"]["onion_count"] = boost::lexical_cast<std::string>(TOTAL_VALUE_COUNT);
            DB.apply();
            DB.clear();
          }
          return true;
        }});
    
    /**
     * Placeholder fingerprint for Tor hidden service addresses.
     * Real fingerpritns will be fired by the plugins
     *   'anonymizer/tor/plugin/onion/*'
     */
    fingerprint('anonymizer/tor/hiddenservice/address') = nil;
    // END_DEFINITION
    
    
    // START_DEFINITION
    appid('anonymizer/mailer/mixminion', 3.0, viewer=$ascii_viewer) =
            http_host('mixminion') or
            ip('128.31.0.34');
    // END_DEFINITION

     

  • the most stupid details the emailleak at Goldman and how to prevent them

    this is the story

    " Goldman Sachs Group Inc on Wednesday said Google Inc has blocked access to an email containing confidential client data that a contractor sent to a stranger's Gmail account by mistake, an error that the bank said threatened a "needless and massive" breach of privacy.
    http://www.reuters.com/article/2014/07/03/google-goldman-leak-idUSL2N0PD2R620140703

    Google destroyed the email after a court case, which made everything public off course

    stupid fact one

    you never send confidential information over by email and if you do not by simple email but by dedicated encrypted isolated services

    as if Goldman Sachs doesn't have the money to implement this within an Exchange environment (stupid costs)

    stupid fact two

    the highly paid consultant was doing several things at the same time probably (trying to make an impression about how busy and important he was and did the following)

    "Goldman said the contractor meant to email her report, which contained the client data, to a "gs.com" account, but instead sent it to a similarly named, unrelated "gmail.com" account"

    so instead of gs.com (goldman sachs) she was able to send it to gmail.com without looking

    which makes me Wonder - and how many other regulators how many other people Inside Goldman Sachs made this mistake and didn't report it or even saw it

    which makes me remember this one very practical trick in email or on the web  : if the webaddress or the emailaddress is very very important, you type it fully by hand and use no favourites or shortcuts - just to be sure

    it also shows that there is no seperation in this highly confidential environment between your personal email and the workmail. I explain. You can block on your firewall stmp traffic to other emailservers so no email leaves automatically your network to other mailservices. If people want to go on the external mailservices they can only go into their webbrowser and work with the webmail. If you are in a very highly confidential environment you can also split up your mailservers for internal use and external use. This means that if you want to send internal mail, you have to go on server x on which you can only send mails to internal people with the same domain (gs.com), if you need to send mail to the outside world, you have to go to another servers (ex goldmansachs.com)

    in this case the consultant would have known what to do. it was an internal mail so she or he had to go to the internal mail server and send the mail. Even if there was a mistake there would have been no mail sent and no damage done.

    is this costly, now not at all, you only have to get used to it, for the rest it uses the principle of isolation, isolate the internal processes from the external ones and make air-gaps between the two

    third stupid fact

    ""Emergency relief is necessary to avoid the risk of inflicting a needless and massive privacy violation upon Goldman Sachs' clients, and to avoid the risk of unnecessary reputational damage to Goldman Sachs," the bank said in court papers."

    well, the reputational damage is there because they are on wall street journal and even if the mail hasn't been read, Goldman Sachs really look like a bunch of amateurs

    especially to the crafters of phishing and target attacks developers

  • No more plasma tv's - get one fast when they dump their stock

    "Plasma screens were initially touted as the next-generation TV display technology in the early to mid 2000s to replace the thick, cathode-ray tube TVs.  They competed head-to-head with liquid crystal displays, but manufacturers had a hard time mass producing smaller screens at higher resolution and ultimately LCDs began to be adopted more widely in consumer electronics.

     

    Some analysts argued that plasma TVs had more advantages over LCDs including better viewing angles and faster response time.

     

    But LCD technology has improved significantly over time and plasma displays became less attractive.
    http://blogs.wsj.com/digits/2014/07/03/plasma-tvs-no-more/

    it is also said that they are much more energy consuming and more expensive to make (except if they want to liquidate the last stock that is)

    advanced organic light emitting diode (OLED) screens  are the most energy efficient for now

  • austria makes running Tor exit servers a criminal activity

    "Three years ago we wrote about how Austrian police had seized computers from someone running a Tor exit node. This kind of thing happens from time to time, but it appears that folks in Austria have taken it up a notch by... effectively now making it illegal to run a Tor exit node. According to the report, which was confirmed by the accused, the court found that running the node violated §12 of the Austrian penal code, which effectively says:

    Not only the immediate perpetrator commits a criminal action, but also anyone who appoints someone to carry it out, or anyone who otherwise contributes to the completion of said criminal action.

    In other words, it's a form of accomplice liability for criminality. It's pretty standard to name criminal accomplices liable for "aiding and abetting" the activities of others, but it's a massive and incredibly dangerous stretch to argue that merely running a Tor exit node makes you an accomplice that "contributes to the completion" of a crime. Under this sort of thinking, Volkswagen would be liable if someone drove a VW as the getaway car in a bank robbery. It's a very, very broad interpretation of accomplice liability, in a situation where it clearly does not make sense.
    https://www.techdirt.com/articles/20140701/18013327753/tor-nodes-declared-illegal-austria.shtml

    so this means that as a Tor Exit service you are responsable for everything your thousands of users do on the Tor Network (and most of the sites on Tor itself are criminal in one way or another if they go on TOR websites but as 90% they only go on the web itself).

    I have always said that the distribution of Tor Servers needs to be supported by an international organisation not located in a country with a strict surveillance law or tradition and where it can't be hit by Financial and other boycots like happened to Wikileaks

    it is possible to make the same assumption under Belgian law by the way (if one really wants to)

  • uber wins first legal fight in London, other hurdles to take

    "The decision by Transport for London, or TfL, to allow Uber to continue operating in the British capital is centered on the technology that powers the start-up’s service. Under London’s taxi rules, only licensed black taxis can use meters in their vehicles to charge customers based on distance and time. The city’s licensed taxi drivers had said that Uber’s technology, which uses a smartphone-like device to charge customers at the end of the journey based on the length of their trip, broke this regulation.

     

    Transport for London, however, disagrees. “Smartphones that transmit location information between vehicles and operators have no operational or physical connection with the vehicles,” the regulator said on Thursday in a statement. The phones are “not taximeters within the meaning of the legislation,” it said.

     

    To clarify whether or not Uber’s technology can be considered a meter, Transport for London said it was asking a British court to make a final ruling. That decision must now wait until legal cases brought by a London taxi union against six individual Uber drivers had been completed, the regulator added.
    http://bits.blogs.nytimes.com/2014/07/03/london-transport-regulator-says-uber-can-legally-operate/?rref=technology

    but in the end Uber will be as regulated as any other service because of insurance, taxes, quality, security-incidents to happen and lawsuites that may be expected

  • BAE tries to kill the story about the hedge fund that lost millions after hack

    It was a story that send shockwaves throughout the industry and probably did Financial controllers reach for their phones to check who was going to control if the hedge funds in their country or under their responsability had done enough to protect themselves against targeted attacks and had isolated and protected enough their most important information businesswise (the models on which you make your investment décisions that is)

    now BAE is trying to kill the story and making all communications with its employee who made the comment on camera impossible

    you can take them on their word that it is as the PR guys are now trying to tell the world or you can suppose that there is more to the story and that it really happened but that their client was so upset because they were probably identified (it is a small world) and were having problems keeping their big clients and creditors on board.

    "An executive at a division of cybersecurity firm BAE Systems "incorrectly presented" an alleged cyberhacking incident involving a hedge fund, a company spokesperson said Wednesday.

    The executive, Paul Henninger, global product director for BAE Systems Applied Intelligence, told CNBC in June that his firm had found and stopped a malicious cyber-intrusion into a hedge fund client. Henninger declined to identify the hedge fund.

    But on Wednesday, BAE Systems spokesperson Natasha Davies said that the attack Henninger had described as a real event involving a hedge fund had in fact been a "scenario" used by cyber experts inside BAE Systems. CNBC reported on the event on June 19. The original story noted that BAE Systems was the source and that CNBC could not independently verify that the attack had actually happened.
    http://www.cnbc.com/id/101807792#_gus

    the story about how the story came to light and what happened afterwards

    if we say that there was pannick in the Financial sector after this story, we are not exagerating, in some Financial places the certs put out warnings and went into amber status (high danger) and refused to comment about the reasons for doing so (but it may be something else)

    even as a scenario, it is a worst case scenario because it is so simple

    how much of the data that is important for the decision-making in which investments is on the personal computers or desktop machines and what is the influence on the market if that data falls in the hand of another trader who will now know exactly how you will react in the market

    there is no information more precious than knowing exactly what the other investors will do in the market at any given moment

    it is Worth billions because you could make billions in seconds and unless they have found a smoking gun they wouldn't be able to attack you for it because you could show them that you had only the same state of mind but just a bit earlier than them (so you took the profils from them)

    and as a reminder

    but in the story that was published afterwards some other sources were talking about a 2 year timeframe in which 20 of the top50 hedgefunds were the victims of targeted attacks without telling if they had lost some information or money or exposed themselves to any risk  so read this story http://www.cnbc.com/id/101778725

    and as they say you don't have to hack many of them to have a real influence on the market (cowboy capitalism)