VnutZ's Articles, Page 5 of 71
SAC Capital is currently in a world of hurt. The major investment firm is being indicted for insider trading with the government originally seeking ALL of its billions as punishment despite having already settled some of the issues to the tune of a $600 million fine. At first, most of us will think, “Let ’em burn.” However, the amount of money borrowed, invested and leveraged by hedge funds as large as SAC have deeper implications (hedge funds control an estimated $2.25 trillion). Part of the reason the government was gunning for all of the firm’s assets is that profits obtained from “dirty money” are themselves dirty and therefore seizable. And that extends beyond SAC into the markets that have also invested in and profited from SAC (which is most of Wall Street). The rest of Wall Street’s traders are concerned, however, because as SAC’s traders are indicted, they may also subject to scrutiny for basically bandwagoning when the illegal behavior should have been obvious. The investigation isn’t scaring away all the investors, there are many that plan to continue riding the gravy train of SAC’s run of success.
Sooooo, the violence in Syria continues. The world has watched since March 2011 as rebels fought with the government. More than 100,000 people have died in that span according to the United Nations. Egypt saw the beginning of Arab Spring and had mass, violent protests, though things became relatively sedate, until recently. Everything has exploded in the country once again with what appears to be a coup over the elected government.
Elon Musk, the wealthy innovator behind PayPal, SpaceX and Telsa motors, recently blogged about his next idea Hyperloop (detailed pdf). This one, however, he proposed as a thinking man’s journey as opposed to putting up the funding and infrastructure himself. Musk asks that for California’s massive investment in transportation, it should provide a massive improvement in critical areas:
- Lower cost
- More convenient
- Immune to weather
- Sustainably self-powering
- Resistant to Earthquakes
- Not disruptive to those along the route
One of the interesting presentations at the 2013 Blackhat conference in Las Vegas demonstrated the fun hackers can have with a femtocell. For those not familiar with them, femtocells are essentially miniature base stations that allow a mobile phone to affiliate (via 3G, LTE, etc) whereupon the connection is patched to the carrier via the Internet. This sort of technology is useful in low signal areas such as your house in order to have a full signal experience.
Tom Ritter of iSEC presented, I Can Hear You Now: Traffic Interception and Remote Mobile Phone Cloning with a Compromised CDMA Femtocell which demonstrated all the options available with a Verizon femtocell. The hackers first gained shell and root access to the device whereupon they were able to perform traffic captures of all the data passing through. It took awhile for them to identify the codec used for voice, but once determined, they were able to capture a call’s voice packets for decoding and replaying voice conversations. Text messages were easy to intercept and display live to the audience as was capturing the data sessions. (NOTE: The same talk was also given at DEFCON where the audience was much more apt to text “Penis” and other phallic ASCII art to be displayed on the projectors.) For their demonstration, they intercepted an SSL connection from the affiliated phone to a bank and logged the username/password combinations. All of this was “simple stuff” when you have root access to the packet streams. So the team went further and used their captured information to essentially allow them to clone a mobile phone such that they could receive calls, listen in on existing calls and for all intents and purposes … be that phone and use it’s account for free. According to Ritter, “this is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people.”
Food will be tight during the zombie apocalypse. A question arose at work today – would it be safe to eat Zombie meat if its cooked or irradiated?
So who believes there was an AQAP threat to the US embassies in Northern Africa and the Middle East?
Supposedly, the SIGINT system made famous by Edward Snowden is credited with capturing chatter between AQAP leadership. Particularly of interest, according to anonymous government sources, was a notification between Ayman al-Zawahiri and his subordinate leadership that everything was ready for an imminent attack. This prompted the US government to shut down nineteen embassies and issue a general travel advisory through the month of August. Meanwhile, despite the imminence of the attacks, nothing has happened except for some drone strikes against AQAP militants in Yemen.
GEN Alexander took the stage for BlackHat 2013’s keynote speech and gave the audience an hour long outline of the programs in question, the authorities involved and the success stories behind them. It’s interesting how accounts vary … the summary write-up on SlashDot for instance made it sound like the conference was largely against him (the forum’s comments are about the most off-the-mark guesswork of conspiracy I’ve read in awhile). While sentiment is hard to read, the NSA director received thunderous applause in support of his words more often than jeers (yes, BTW, I was there in the audience).
Bradley Manning, the lowly Army PFC responsible for America’s largest leak of classified documents has been acquitted of the most serious charge against him – aiding and abetting the enemy. He was still found guilty of countless other charges regarding the leaks which will likely leave him imprisoned for the remainder of his life. Elizabeth Goitein, of the Liberty and National Security Program commented, “The judge rejected the government’s argument that Manning, by virtue of his training as an intelligence officer, must have known that the information he disclosed was likely to reach al Qaeda. But she also ruled that Manning had reason to believe his disclosures could harm the U.S., even if that was not his goal.”
Everyone used to bitch and moan about AKO (Army Knowledge On-line) as a horrible email solution for the Army – with its outdated interface and horrendously small storage capacity. But there were always workarounds for exemptions on storage, the BETA program for a modern OWA UI and bypassing the whole thing with IMAP. Oh, if we could only have that old system back.
Then DISA found it in the best interest of the Army to roll-out Enterprise Email. It’s kind of like a self-imposed denial of service. Login is only possible with a CAC because DISA seems to believe its impossible for an adversary to cache your credentials and replay them. Whether you have a CAC or not, the system continually blasts you with pop-up windows to re-enter your PIN … sometimes as often as every ten minutes. Even if you enter the PIN, it will still time you out in the middle of your work causing it to be lost. Somehow, they’ve taken a working Microsoft product (OWA) and mutilated it so the page doesn’t render properly in anything but Internet Explorer. If it happens to die, the page will NEVER come back unless you close your whole browser down and re-open it – the rest of your tabs and work be damned. I used to be accessible to my subordinates and unit nearly at all times with my IMAP access from home and work machines. But then I had to have CAC readers installed at work just to access the page and as I mentioned before, it continually times me out or fails the PIN re-entry because my screen locked. Needless to say, the inconvenience of it all means I only check once a day every couple of days now.
It’s a good thing there’s nothing important for Congress to be doing, right? Democrat representatives from Maryland and Texas have proposed H.R. 2617 which is meant to establish a national park … on … the … moon. The best part describes how, well, let me just quote it directly:
The Secretary may accept donations from, and enter into cooperative agreements with, foreign governments and international bodies, organizations, or individuals to further the purpose of an interagency agreement entered into under paragraph (1) or to provide visitor services and administrative facilities within reasonable proximity to the Historical Park.
A recent article in TechCrunch discussed the technical interview’s death … as a good thing. “The whole purpose of an interview was to serve as a proxy for actual performance, because we didn’t have the tools and infrastructure to easily observe and measure the latter,” which the author asserts as moot in the modern age such that employers should just hire its applicants and fire them if they fail. He talks about the existing methods by which companies have tried to weed out the can’ts from the cans – brain teasers, puzzles, FizzBuzz code snippets and hitting whiteboards to write code on the fly – as poor indicators of talent.
The US Government seems to have itself in a pickle with its citizens. First, there was an alleged leak regarding blanket acquisitions of metadata from Verizon on all phone calls. Shortly afterwards, the President responded to the public summarized simply as, “Nobody is listening to your telephone calls.” Even the DNI responded with a statement as well covering the legality of the surveillance. Of course, there was an additional story about the government having taps into all the major Internet sites for a huge data-mining operation. Over the weekend, the story broke even more with revelations about the source of the leaks, a disgruntled defense contractor that fled to Hong Kong for political asylum. Naturally the EFF is pounding its we told you so drums over the whole situation.
Not everyone will be an astronaut when the grow up, jokes despair.com. Its pretty funny until your Mayor Bloomberg lays it flat on the students in New York City. In his weekly radio show, the mayor says, “The people who are going to have the biggest problem are college graduates who aren’t rocket scientists, if you will, not at the top of their class …. Compare a plumber to going to Harvard College — being a plumber, actually for the average person, probably would be a better deal.”
The 3D printing craze continues to evolve, especially as prices have dropped making them more affordable and accessible. With printer accessibility and the incepted seed of 3D guns, more people continue to develop open source CAD designs for improved performance. While the first models were AR-15 lowers (the regulated component) and reliant on existing metal parts for the remainder of the weapon, complete handguns have been produced entirely from the 3D printer. This newer development has led California Senator Leland Yee to propose the mandatory registration of 3D printers since they can be used to produce untraceable firearms. “Terrorists can make these guns and do some horrible things to an individual and then walk away scott-free, and that is something that is really dangerous.” In a limited Reason-Rupe telephone poll of only 1003 subjects, Americans indicated they were in support of banning the production of firearms with 3D printers.