Categories
Intelwars

New US Executive Order on Cybersecurity

President Biden signed an executive order to improve government cybersecurity, setting new security standards for software sold to the federal government.

For the first time, the United States will require all software purchased by the federal government to meet, within six months, a series of new cybersecurity standards. Although the companies would have to “self-certify,” violators would be removed from federal procurement lists, which could kill their chances of selling their products on the commercial market.

I’m a big fan of these sorts of measures. The US government is a big enough market that vendors will try to comply with procurement regulations, and the improvements will benefit all customers of the software.

More news articles.

Share
Categories
Intelwars

TARPLEY.net 2021-05-12 23:56:51

United Front Against Austerity|Tax Wall Street Party American System Network|May 12, 2021 Colonial pipeline starts pumping again, but adequate gasoline is several days away; Biden orders shift to preventive defense; reckoning with Russian gangsters cannot be postponed; Trump boasted that boy wonder Kushner had pacified Middle East, but reality looks far different; Is current Israeli-Palestinian […]

Share
Categories
Intelwars

Book Sale: Beyond Fear

I have 80 copies of my 2000 book Beyond Fear available at the very cheap price of $5 plus shipping. Note that there is a 20% chance that your book will have a “BT Counterpane” sticker on the front cover.

Order your signed copy here.

Share
Categories
Intelwars

TARPLEY.net 2021-05-11 23:54:56

United Front Against Austerity|Tax Wall Street Party American System Network|May 11, 2021 Broadcast and social media environments are becoming increasingly intolerant of controversy. Is the adherence to a strict party line on public health, climate change, race, and gender becoming a liability? How do we prevent a “free speech” backlash against the Democratic politicians who […]

Share
Categories
artificial intelligence Automation Intelwars machine learning Risk Assessment

AI Security Risk Assessment Tool

Microsoft researchers just released an open-source automation tool for security testing AI systems: “Counterfit.” Details on their blog.

Share
Categories
Intelwars

FBI blames east coast pipeline shutdown using ransomware on Russian underworld gang Darkside! White House must move forcefully to resolve this major attack.

United Front Against Austerity|Tax Wall Street Party American System Network|May 10, 2021 If Netanyahu’s career is finally approaching its end, he appears determined to make his exit amid more chaotic and futile fighting with the Palestinians. Republican Party gaslights itself by hiding polls showing Trump’s weakness; patriots welcome House GOP’s conflict with Liz Cheney as […]

Share
Categories
Cybercrime Intelwars ransomware Russia

Ransomware Shuts Down US Pipeline

This is a major story: a probably Russian cybercrime group called DarkSide shut down the Colonial Pipeline in a ransomware attack. The pipeline supplies much of the East Coast. This is the new and improved ransomware attack: the hackers stole nearly 100 gig of data, and are threatening to publish it. The White House has declared a state of emergency and has created a task force to deal with the problem, but it’s unclear what they can do. This is bad; our supply chains are so tightly coupled that this kind of thing can have disproportionate effects.

Share
Categories
Cryptography foia history of cryptography Intelwars NSA

Newly Unclassified NSA Document on Cryptography in the 1970s

This is a newly unclassified NSA history of its reaction to academic cryptography in the 1970s: “New Comes Out of the Closet: The Debate over Public Cryptography in the Inman Era,” Cryptographic Quarterly, Spring 1996, author still classified.

Share
Categories
Intelwars

TARPLEY.net 2021-05-08 23:40:42

Rogue state China holds world hostage to 21 tons of rocket debris! US should assert leadership in protecting allies from space junk; in another sign of aggressive intent, Xi is attempting to set up naval bases at key points across the globe; April job creation numbers underline need to pass Biden’s $2.2 trillion jobs and […]

Share
Categories
Global News Health Intelwars Politics Society

Tucker: How many Americans have died after taking COVID vaccines? – Watch @04:10 (MUST-WATCH VIDEO)

Watch the latest video at foxnews.com Source H/t reader kevin a. * * * PayPal: Donate in USD PayPal: Donate in EUR PayPal: Donate in GBP

Share
Categories
Environment Global News Intelwars Politics

China emitted more greenhouse gases in 2019 than all of the world’s other developed nations put together

China emitted more greenhouse gases in 2019 than all of the world's other developed nations put together https://t.co/Xi9TfEa7t4 — Infinite Unknown (@SecretNews) May 7, 2021 * * * PayPal: Donate in USD PayPal: Donate in EUR PayPal: Donate in GBP

Share
Categories
Economy Global News Intelwars Politics

China’s African take-over: Beijing has built infrastructure, lent billions and located its first overseas military base there – now top US general warns they want to built an Atlantic naval base

FYI… China's African take-over: Beijing has built infrastructure, lent billions and located its first overseas military base there – now top US general warns they want to built an Atlantic naval basehttps://t.co/4Zoy90HzdX — Infinite Unknown (@SecretNews) May 7, 2021 * * * PayPal: Donate in USD PayPal: Donate in EUR PayPal: Donate in GBP

Share
Categories
Intelwars Squid

Friday Squid Blogging: COVID Relief Funds

A town in Japan built a giant squid statue with its COVID relief grant.

One local told the Chunichi Shimbun newspaper that while the statue may be effective in the long run, the money could have been used for “urgent support,” such as for medical staff and long-term care facilities.

But a spokesperson for the town told Fuji News Network that the statue would be a tourist attraction and part of a long term strategy to help promote Noto’s famous flying squid.

I am impressed by the town’s sense of priorities.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Share
Categories
Children Cybersecurity generations Intelwars privacy Security Education

Teaching Cybersecurity to Children

A new draft of an Australian educational curriculum proposes teaching children as young as five cybersecurity:

The proposed curriculum aims to teach five-year-old children — an age at which Australian kids first attend school — not to share information such as date of birth or full names with strangers, and that they should consult parents or guardians before entering personal information online.

Six-and-seven-year-olds will be taught how to use usernames and passwords, and the pitfalls of clicking on pop-up links to competitions.

By the time kids are in third and fourth grade, they’ll be taught how to identify the personal data that may be stored by online services, and how that can reveal their location or identity. Teachers will also discuss “the use of nicknames and why these are important when playing online games.”

By late primary school, kids will be taught to be respectful online, including “responding respectfully to other people’s opinions even if they are different from personal opinions.”

I have mixed feeling about this. Norms around these things are changing so fast, and it’s not likely that we in the older generation will get to dictate what the younger generation does. But these sorts of online privacy conversations are worth having around the same time children learn about privacy in other contexts.

Share
Categories
Cryptanalysis history of computing history of cryptography Intelwars Video

The Story of Colossus

Nice video of a talk by Chris Shore on the history of Colossus.

Share
Categories
Intelwars

The Babylon Bee Fact-Checks 10 Controversial Statements From President Biden

The Babylon Bee Fact-Checks 10 Controversial Statements From President Bidenhttps://t.co/19PwwnVuTr — Infinite Unknown (@SecretNews) May 5, 2021 * * * PayPal: Donate in USD PayPal: Donate in EUR PayPal: Donate in GBP

Share
Categories
academic papers Hardware Intelwars patching vulnerabilities

New Spectre-Like Attacks

There’s new research that demonstrates security vulnerabilities in all of the AMD and Intel chips with micro-op caches, including the ones that were specifically engineered to be resistant to the Spectre/Meltdown attacks of three years ago.

Details:

The new line of attacks exploits the micro-op cache: an on-chip structure that speeds up computing by storing simple commands and allowing the processor to fetch them quickly and early in the speculative execution process, as the team explains in a writeup from the University of Virginia. Even though the processor quickly realizes its mistake and does a U-turn to go down the right path, attackers can get at the private data while the processor is still heading in the wrong direction.

It seems really difficult to exploit these vulnerabilities. We’ll need some more analysis before we understand what we have to patch and how.

More news.

Share
Categories
Intelwars

TARPLEY.net 2021-05-04 23:32:19

United Front Against Austerity|Tax Wall Street Party American System Network|May 4, 2021 Is our fate written in the stars? Throughout history influential figures have been guided by mystical pursuits like astrology, hermeticism and freemasonry. Are these occult interests simply pastimes of the degenerate rich, or are they windows into deeper layers of reality that have […]

Share
Categories
cars Drones hacking Intelwars vulnerabilities Wi-Fi

Tesla Remotely Hacked from a Drone

This is an impressive hack:

Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc. and Benedikt Schmotzle of Comsecuris GmbH have found remote zero-click security vulnerabilities in an open-source software component (ConnMan) used in Tesla automobiles that allowed them to compromise parked cars and control their infotainment systems over WiFi. It would be possible for an attacker to unlock the doors and trunk, change seat positions, both steering and acceleration modes — in short, pretty much what a driver pressing various buttons on the console can do. This attack does not yield drive control of the car though.

That last sentence is important.

News article.

Share
Categories
Intelwars

To hell and back with Xi’s overseas workers!

United Front Against Austerity|Tax Wall Street Party American System Network|April 29, 2021 China’s much-vaunted Belt and Road imperialism across southeast Asia and Middle East is not humanistic, but relies on slave laborers kept as virtual prisoners, according to new report from China Labor Watch in New York; Biden’s program of investments meets the China challenge […]

Share
Categories
anonymity Bitcoin Crime Cryptocurrency Dark web de-anonymization FBI Identification Intelwars tracking

Identifying the Person Behind Bitcoin Fog

The person behind the Bitcoin Fog was identified and arrested. Bitcoin Fog was an anonymization service: for a fee, it mixed a bunch of people’s bitcoins up so that it was hard to figure out where any individual coins came from. It ran for ten years.

Identifying the person behind Bitcoin Fog serves as an illustrative example of how hard it is to be anonymous online in the face of a competent police investigation:

Most remarkable, however, is the IRS’s account of tracking down Sterlingov using the very same sort of blockchain analysis that his own service was meant to defeat. The complaint outlines how Sterlingov allegedly paid for the server hosting of Bitcoin Fog at one point in 2011 using the now-defunct digital currency Liberty Reserve. It goes on to show the blockchain evidence that identifies Sterlingov’s purchase of that Liberty Reserve currency with bitcoins: He first exchanged euros for the bitcoins on the early cryptocurrency exchange Mt. Gox, then moved those bitcoins through several subsequent addresses, and finally traded them on another currency exchange for the Liberty Reserve funds he’d use to set up Bitcoin Fog’s domain.

Based on tracing those financial transactions, the IRS says, it then identified Mt. Gox accounts that used Sterlingov’s home address and phone number, and even a Google account that included a Russian-language document on its Google Drive offering instructions for how to obscure Bitcoin payments. That document described exactly the steps Sterlingov allegedly took to buy the Liberty Reserve funds he’d used.

Share
Categories
Intelwars

TARPLEY.net 2021-05-01 23:23:57

Corrupt media still covering up for GOP‘s fake infrastructure offer, which represents just $189 billion or only 8% of Biden‘s $2.3 trillion planned investment; media sacrifice truth and national interest to their imbecilic cult of bipartisan cooperation with the criminals of January 6; Increased taxes on wealthy must include levies for solvency of Medicare, which […]

Share
Categories
Intelwars Squid

Friday Squid Blogging: On Squid Coloration

Nice excerpt from Martin Wallin’s book Squid.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Share
Categories
Apple Intelwars Malware operating systems patching vulnerabilities

Serious MacOS Vulnerability Patched

Apple just patched a MacOS vulnerability that bypassed malware checks.

The flaw is akin to a front entrance that’s barred and bolted effectively, but with a cat door at the bottom that you can easily toss a bomb through. Apple mistakenly assumed that applications will always have certain specific attributes. Owens discovered that if he made an application that was really just a script—code that tells another program what do rather than doing it itself—and didn’t include a standard application metadata file called “info.plist,” he could silently run the app on any Mac. The operating system wouldn’t even give its most basic prompt: “This is an application downloaded from the Internet. Are you sure you want to open it?”

More.

Share