Microsoft is the king of software complexity and Windows becomes more complicated with each new version.
Features get added. The UI gets "improved". Privacy disappears. Security gets tightened. Windows
10 is this respect is a disaster and I do not recommend upgrade to it from Windows 7 unless you are
using your PC purely for entertainment.
Typically in enterprise environment you get Windows laptop with the "'standard" for a given enterprise
version of Windows (typically one version down from the current). Now you need to adapt it to
the needs of system administration. Which is challenging, especially if you administer mostly Unix/Linux
servers.
Windows 7 is also not without problems and in comparison with XP SP3 was the fist OS when Microsoft
went (slightly) downhill and while all features were provided without significantly increasing power
consumption or decreasing performance it essentially accomplished little over Windows XP. As for the
ease of recognizing, recognizing and working with new devices was a definite step back. It was far more
capricious. Propensity to self-destruct with age in this version of Windows is less pronounced
then in case of Windows XP
Windows 10 marks at important stage in Microsoft OS development -- Microsoft lost control of the
complexity and was essentially buried under avalanche of created complex subsystems and wrong architectural
decisions. The removal off start menu was probably the greatest blunder. This is the first in a long line of Microsoft operating systems which can be called one step
forward -- two steps back. Problems with subsystems due to patches are systemic. Looking at
system messages log gives impression that in Microsoft left hand no longer knows what right hand is
doing and no amount of testing now can help.
As touch is unimportant for a laptop and mostly useless for desktop, I will also say that a
decent Windows 7 laptop still holds it own against newer version of Windows (both 8.1 -- the most
common in enterprise environment as of 2017, and Windows 10).
Also with Windows 10 Microsoft became really intrusive in privacy space. In customer version
starting from Windows 8 the
default is to login to your Hotmail account.
One interesting feature of Windows that makes it more Unix like is Powershell which is modelled on
Korn shell.
This page contains the recommendations for the enhancement "default" Windows
installation with some additional, mostly command line, utilities. Sometimes your
corporate policy is restrictive and you need to jump through the hoops to get those listed below. In
some case may be installing Virtual Machine with Linux might be the path of less resistance.
Anyway here is the recommended list:
Get the best keyboard and mouse and set of supporting drivers/applictions you can: Capral
tunnel syndrome is a real threat for sysadmins, especially if you are over forty.
The first and the most important thing is to install
RandyRants SharpKeys -- the utility
that provides GUI for remapping of keys. And then remap CapsLock to Ctrl in Windows registry (yes
this is built-in feature of Windows). This is a well known blunder in the design of
IBM keyboard that, thanks God, is easily correctable. See Microsoft Windows Keyboard remapping
ATTENTION: When remapping CapLock to Ctrl you need to put
CapLock into From panel and Left Ctrl into Right
panel.
Get Microsoft keyboard for your docking station and install
Intellitype
8.2. Usually corporation allow Microsoft Ergonomic keyboard 4000 to be ordered as the replacement
of standard keybopord. with Intellitype you get a half dosen of programmanble keys. Intellitype
8.2. is superior then later ("merged") versions of Intellitype Pro and IntelliPoint
(mouse driver).
If this is a reinstallation you need to save your previous macros.
You also need to create folders for each program you need to control via GUI (add program
menu).
After recreation of folders you need to reassign each macro to the key manually (for each
program for which you created them)
If you use Logitech mouse like G600 install Logitech drivers. They are compatible with
Intellitype.
Install ArsClip. This is a wonderful free clipboard manager. In windows 7 it is better to
install it outside Program_files tree.
If this is a reinstallation you need to be careful and save your previous macros. It should
pick them up if you copy them into default folder.
If it does not pick up you macros delete everything except .exe file in the ArsClip folder
and try again.
You can launch it by adding an entry to register or via link from start folder on desktop.
In the latter case you need a batch file that first cd to location of ArcClip folder and only
then invokes the exe file.
Get good terminal emulator and file transfer program. Terminal emulator should be able to
use different backgrounds for different sessions to help to avoid "performing operation of the
wrong server" blunder (see Sysadmin Horror
Stories). Macro capabilities are a plus as they allow you to automate routine tasks.
Install WinSCP. An excellent
scp/sftp client with Orthodox file manager like interface. Please pay for the license if you can.
Install Putty (WinSCP can be used for launching Putty sessions,
which is very convenient)
Teraterm has good macro language
which can simply such tasks as logging to multiple servers.
MobaTerm (free version of Mobaterm has the limit
of 4 macros)
Install Cygwin. It provide Unix
command line tools. 32 bit version recommended: Teraterm does not work correctly with 64-bit versions.
Please note that In Windows 10 you can install Ubuntu of OpenSuse as well, but they have
some
limitations as for access to partitions (only C partition is visible by default).
Install OFM managersare really superior file manager
for advanced users then Windows Explorer. Two leading OFM are Windows 7 compatible:
Install FAR. Has capability
to create soft links. Useful to store data on data partiton
Install Total Commander
Has capability to store ini files in different directory (data partition)
Install better editors. For example:
NOTEPAD++ --
great free replacement for notepad. Another option is to install Notetab.
Komodo Edit
-- good for editing shell and Perl scripts. If you use Python there are multiple good
IDEs.
Create C:\Utils directory and install
archivers including
info-zip in it (Note zip and unzip
are also available in Cygwin)
Correct PATH env variable to include C:\Utils directory and Perl.
You can use
pathed.exe to do that
Some other possibilities
Install tools for working with ISO
Windows 10 can work with ISO archives out of the box
Windows 7 support burning ISO images out of the box
Microsoft Virtual CD-ROM Control Panel This is a self-extracting Zip archive. Download the
file and execute it. Click Unzip and select any appropriate folder to extract the contents.
Before using this tool, read the readme.txt file and follow its instructions for
installation and use.
alternative is
Virtual Clone
Drive
That latter utility lets you mount not only .ISO, but also .CCD, .DVD, .IMG, .UDF
and .BIN files. Download the utility and select the necessary associations. Now you should
be able to mount any ISO image by just double-clicking on the file. You can also
right-click on the cd-rom drive to mount or unmount an image.
You can also install
ISO Recorder Power Toy -- the tool that was popular with Windows XP. The tool that can create ISO images
from CD/DVD disks as well as burn CD/DVD ISO images to media. The tool was written by
Alex Feinman
...copy the CLIP.EXE file from a Windows Server 2003 into your system's path (best if placed
in %systemroot%\system32 folder). You can also get the file from
HERE (14kb)
For Windows XP and Windows 7 only:
PasswdFinder Magical
Jelly Bean Similar to previous but extract passwords stored by Windows. Running it is a useul
exersize. Should be done without netwroking and program should be deinstalled immediately after run.
Just in case. This is an interesting exercise to see what can be stolen from your computer ;-)
For windows XP only: Tweak look and feel using built-in ClearType text tuning utility by typing
cttune in the Start Menu search field and opening the search result.
A number of international papers
report today on the Israeli hacking company NSO which sells snooping software to various
regimes. The software is then used to hijack the phones of regime enemies, political
competition or obnoxious journalists. All of that was already well known but the story has
new legs as several hundreds of people who were spied on can now be named.
The phones appeared on a list of more than 50,000 numbers that are concentrated in
countries known to engage in surveillance of their citizens and also known to have been
clients of the Israeli firm, NSO Group, a worldwide leader in the growing and largely
unregulated private spyware industry, the investigation found.
The list does not identify who put the numbers on it, or why, and it is unknown how many
of the phones were targeted or surveilled. But forensic analysis of the 37 smartphones
shows that many display a tight correlation between time stamps associated with a number on
the list and the initiation of surveillance, in some cases as brief as a few seconds.
Forbidden Stories, a Paris-based journalism nonprofit, and Amnesty International, a
human rights group, had access to the list and shared it with the news organizations, which
did further research and analysis. Amnesty's Security Lab did the forensic analyses on the
smartphones.
The numbers on the list are unattributed, but reporters were able to identify more than
1,000 people spanning more than 50 countries through research and interviews on four
continents.
Who might have made such a list and who would give it to Amnesty and Forbidden
Stories?
NSO is one of the Israeli companies that is used to monetize the work of the Israel's
military intelligence unit 8200. 'Former' members of 8200 move to NSO to produce spy tools
which are then sold to foreign governments. The license price is $7 to 8 million per 50
phones to be snooped at. It is a shady but lucrative business for the company and for the
state of Israel.
NSO denies the allegations that its software is used for harmful proposes with
a lot of bullshittery :
The report by Forbidden Stories is full of wrong assumptions and uncorroborated theories
that raise serious doubts about the reliability and interests of the sources. It seems like
the "unidentified sources" have supplied information that has no factual basis and are far
from reality.
After checking their claims, we firmly deny the false allegations made in their report.
Their sources have supplied them with information which has no factual basis, as evident by
the lack of supporting documentation for many of their claims. In fact, these allegations
are so outrageous and far from reality, that NSO is considering a defamation lawsuit.
The reports make, for example, the claim that the Indian government under Prime Minister
Narendra Modi has used the NSO software to spy on the
leader of the opposition party Rahul Gandhi.
How could NSO deny that allegation? It can't.
Further down in the NSO's statement the company
contradicts itself on the issues:
How do you explain the
suspiciously-timed, and simultaneous, Five Eyes denunciation of China for alleged hacking of
Microsoft? Is it a way of deflecting too much wrath on Israel? Or, is b wrong and the China
story serves as real distraction.
thanks b.. it is an interesting development which seems to pit the usa against israel... i am
having a hard time appreciating this... maybe... interesting conundrum snowden paints himself
into... @ 1 prof... there are plenty of distractions to go around.. hard to know...
In our day-and-age, all "Spectacular Stories" serve as distractions, although some are
genuine scoops illuminating criminal behavior involving state actors. Ultimately, this scoop
provides much more leverage for Putin's ongoing insistence that an International Treaty
dealing with all things Cyber including Cyber-crime be convened ASAP.
"Who has an interest in shutting NSO down or to at least make its business more
difficult?
The competition I'd say. And the only real one in that field is the National Security Agency
of the United States."
There is at least one other possibility.
The leak could be from a highly sophisticated state actor that needs to "blind" US and
especially Israeli intelligence services temporarily.
That could very easily be China, Russia or even Iran. Some of their assets could be on the
list.
Exposing the service weakens, or possibly destroys, it until another workaround is
found.
China might do this to push customers towards some of their cellphones that are supposedly
immune to this.
Russia and Iran might need to blind Mossad, NSA and CIA or upcoming operations in Syria,
Iraq and possibly Afghanistan.
Weird to have the US burn an Israeli spy operation (I'd be surprised if they didn't build
back doors into their own software) in such a public manner.
The only reason I can think of for the US to shut NSO down is if they refused to share
information they had gathered with the NSA and so they were put out of business.
Snowden didn't have a problem with the NSA et al spying on foreign adversaries. He had a
problem when the NSA was spying illegally on US citizens.
The 'West' could be using it as a weapon to rein in Israel, which it sees as getting more
and more out of control. Netanyahu might be gone but the policies that he represents will not
just disappear.
The mass media didn't like Israel's destruction of the building in Gaza where the
Associated Press had its offices. How are the media supposed to publish reports from places
where they don't have anywhere to work?
Western governments are exasperated that Israel doesn't even pretend to have any respect
for international law and human rights. Nobody in power in the West cares about those things
either, and they really want to support Israel, but doing that is a lot harder when Israel
makes it so obvious that it is a colonial aggressor.
As the Guardian reported yesterday, "The Israeli minister of defence closely regulates
NSO, granting individual export licences before its surveillance technology can be sold to a
new country."
The attack on NSO looks like a message to the Israeli state.
I think you are very wrong in your assessment that this is about business and getting rid
of the competition. Information isn`t about money. It is about power.
The people at MoA might not have noticed it because of ideological bias but Netanyahu and
Biden (and before him Obama) were quite hostile towards each other. To a degree they were
almost waging a kind of undercover cold war against each other (culminating in United Nations
Security Council Resolution 2334).
In this context I don`t believe the "former" Israelis spies at NSO are just Isrealis. They
are a specific kind of Israelis. Namely extreme-right Israelis/Likud loyalists. Netanyahu
created his own private unit 8200 - outside of the Israeli state. The profit that NSO made
were just the "former" spies regular payment.
The USA - with the consent and probably active assistance of the new Israeli government -
took Netanyahus private intelligence service down.
The US has found out that the NSO spyware can be used BY the "other regimes" against US
leaders. Or at least against US assets.
The Israelis would sell their wares to anyone with a buck (or shekel, as the buck is
getting rather uncertain as a money).
IE. Saudi buys a section of numbers and then decides to track and eliminate "opposants".
BUT if there are CIA personnel implanted with a good cover story, then OOOPS, "another one
bites the dust".
What laws exist in your nation to prevent illegal snooping?
How about profiling by the digital companies? Nations need to pass laws making it a
CRIMINAL offense to conduct snooping or hacking without a warrant. What happened to Apple's
claims about its devices' superior security and privacy?
Let's see what sanctions or criminal ACTIONS are taken against NSO, its executives and
other companies. Is any of the information captured by NSO shared with Israel &/or Five
Eyes? Are their financial accounts frozen? Let's see how they're treated compared to
Huawei.
Are Dark web sites linked to the REvil ransomware gang operating? Shutdown all illegal
snooping and cyber crimes entities.
A rule or law isn't just and fair if it doesn't applies to everyone, and they can't be
applied at the whims of powerful. Laws and rules applied unequally have no credibility and
legitimacy.
"Injustice anywhere is a threat to justice everywhere."
– Martin Luther King Jr.
"A rule or law isn't just and fair if it doesn't applies to everyone, and they can't be
applied at the whims of powerful. Laws and rules applied unequally have no credibility and
legitimacy."
Max, are you sure you have got your feet on this planet earth? If there is one factor that
is common to his era, is that "Justice" is no longer blindfolded, but is looking out for the
best interests of "friends".
Can you name a few countries where your ideal is the norm?
*****
PS. Don't bother, as I won't reply, I'm off to bed to dream of a perfect world. Much easier,
and I can do it lying down.
Another possible scenario is that the NSO has been poaching people and/or techniques from US
intel agencies for use in its for-profit schemes.
That is one thing which is guaranteed to get a negative reaction - regardless of who is doing
it and which party is in power.
We do know that NSO has been very active on the exploit buying dark webs since their
inception...
The above article also notes that NSO was acquired by Francisco Partners in 2010...
Thus maybe all this is purely a capability play: The US is falling behind and so wants to
bring in house, more capability. One way is to squeeze an existing successful player so that
they have to cooperate/sell out...
All I can be sure of, is that none of the present foofaraw has anything to do with the
truth.
"In fact, these allegations are so outrageous and far from reality, that NSO is
considering a defamation lawsuit."
Ya..Right. That's not remotely gonna happen!
The NSO 'Group" would have to provide a substantial amount of their very sensitive
'operational' & 'proprietary' internal documents - which would most certainly be
requested in discovery - to any of the possible defendants should NSO be stupid/arrogant
enough to actually file a formal suit of "defamation" in a any US court.
Talk about a "defamation" legal case that would get shut down faster than Mueller's show
indictment of 13 'Russian' agents and their related businesses that were reportedly part of
the now infamous "Guccifer 2.0" "Hack"
When these "Russian" hackers simply countered by producing a surprise Washington based
legal team that publically agreed to call Mueller's bluff and have the all of the 'indicted'
defendants actually appear in court, they immediately "requested" - via the discovery process
- all relevant documents that the Mueller team purportedly had that confirmed that their was
any actual or attempted (hacking) criminality.
VIA POLITICO:
The 13 people charged in the high-profile indictment in February are considered unlikely to
ever appear in a U.S. court. The three businesses accused of facilitating the alleged
Russian troll farm operation -- the Internet Research Agency, Concord Management, and
Concord Catering -- were also expected to simply ignore the American criminal proceedings.
Last month, however, a pair of Washington-area lawyers suddenly surfaced in the case,
notifying the court that they represent Concord Management. POLITICO reported at the time
that the move appeared to be a bid to force Mueller's team to turn over relevant evidence
to the Russian firm and perhaps even to bait prosecutors into an embarrassing dismissal in
order to avoid disclosing sensitive information.
The NSO Group is never going to even considering this "defamation" route, but their
threatening legal bluster is pure... Hutzpa!
In a world in which this can be done, the worst of governments will do it, and in the worst
ways.
The US and other governments have promoted this. Their own intelligence services use it.
They actively oppose efforts to block it, as happened with private encryption ideas.
We can't both make it possible and prevent the bad guys from doing it.
We have deliberately made it possible, and opposed serious efforts to protect private life
against it. Now we are surprised?
@ Stonebird (#17), you missed the pun in those words. Maybe you're sleeping while reading.
The Financial Empire and its lackeys want a "rules-based international order" and
China-Russia... want a "rule of international laws". Both are meaningless and worthless as
they're applied unequally. I am awake and in sync with REALITY. Just playing with these two
ideas. We have the law of the jungle. However, Orcs (individuals without conscience –
dark souls) are worse than animals in greed, deceits and killing.
"The Black Speech of Mordor need to be heard in every corner of the world!"
Interesting story but I agree that the hype is overblown because nothing much will change
even if this NSO outfit has a harder time flogging its spyware to all and sundry.
The NSA, CIA, MI5/6, Mossad and the 5 Lies spies will continue spying on friend and foe
alike and tech companies like Amazon, Facebook and Google will likewise continue their
unethical surveillance practices and will keep passing on private citizen's data to
government spy agencies. So it goes.
For a dissident Snowden is a lightweight. His beef wasn't, as b points out, with the NSA
itself, he just didn't like them spying on Americans within the USA. He had no problem spying
on people in other countries as long as the proper 'rules' were followed. That, almost by
definition, makes him a limited hangout.
The AI report notes that this software was abandoned in 2018 for cloud implementations to
help hide responsibility;
Having Amazon AWS dump services naming NSO probably has no effect at all, as NSO will just
use other names;
" However, Orcs (individuals without conscience – dark souls) are worse than animals
in greed, deceits and killing."
Non-human animals operate on a genetically programmed autopilot and are not responsible
for their actions.
Humans are partially engineered by genetics but unlike the "lower" animals they have the
power to choose which actions they will take and they are therefore responsible for their
choices.
A bear or a mountain lion will attack a human when it is injured or when protecting its
young, but one can't blame these animals for exercising their survival instincts.
Human beings are the only mammal, indeed the only animal, that is capable of evil, i.e.
deliberately choosing to harm or kill other humans for profit or personal gain.
On this subject, I suggest barflies read the excellent post on the previous MoA Week in
Review thread by:
Posted by: Debsisdead | Jul 19 2021 1:36 utc | 71
My reply @167 and Uncle T's further comment.
The book on this criminal conduct is called 'Murdoch's Pirates.' The detestable Amazon
have it at 'unavailable' however it is available at Australian bookseller Booktopia.
How do you explain the suspiciously-timed, and simultaneous, Five Eyes denunciation of
China for alleged hacking of Microsoft? Is it a way of deflecting too much wrath on Israel?
Or, is b wrong and the China story serves as real distraction.
Posted by: Prof | Jul 19 2021 18:09 utc | 1
If the US navy were to purchase leaky boats would it not be absurd for it to then blame
Russia or China for the influx of water?
If the US government, and US industry, purchase software full of holes is it not equally
absurd for them to blame a foreign entity for any resulting leaks?
In answering these questions it is worthwhile to remember that US government entities
support the insertion of backdoors in US commercial software. Such backdoors can be
identified and exploited by 3rd parties.
If this somewhat limp-wristed takedown of NSO did not have the support of apartheid Israel's
intelligence services, the graun would not be pushing the story.
It is that simple, the guardian is run by rabid zionists such as Jonathon Freedland deputy
editor, who retains editorial control from the second seat rather than #1 simply because the
zionist board wanted to stroke the fishwrap's woke credentials by having a female editor.
Foreign news and england news all have many zionist journos.
Now even the sports desk features stories by a bloke called Jacob Steinberg 'n sport is not
generally an interest of jews.
Also if NSO a corporation born to advance particular media interests were in fact a tool of
apartheid israel's intelligence establishment, it is unlikely that it would have tried to
sue the graun back in 2019.
None of that precludes Mossad plants working at NSO, in fact the move against it would
suggest that zionist intelligence has wrung the organisation dry.
This 'takedown' suggests to me that these services will continue, but not for everyone as
before. ME governments will never again gain full access, no matter how friendly they may
claim to be. All future contracts with whatever entity follows will only proceed if permitted
by FukUSi.
div> Since the software is licensed by the number of phones it's installed
on, NSO must have a means of determining the device ID/phone number of each phone (You wouldn't
trust some shady third-world regime to be honest, would you?
Since the software is licensed by the number of phones it's installed on, NSO must have a
means of determining the device ID/phone number of each phone (You wouldn't trust some shady
third-world regime to be honest, would you?
The Israeli connection just read an account on AC by Rod Dreher and so far, writers
are downplaying the connection to Israel. If it was a Chinese or Russian company we would be
blaming Putin.
We blame Putin for every criminal in Russia but I don't see anyone blaming Israel for a
product they they authorized for export. Wow.
It does take two to tango, so I do understand talking about the clients who bought the
product but if they have the export version of the spyware the it's obvious that Israel has
the super-duper lethal version but that's okay. No biggie. But Iran having any weapons to
defend their own country is a scandal.
US taxpayers subsidize the Israeli military industry. The zionists then developed tools which
they use against palestinians and their adversaries. The same technologies are later sold at
a profit to various United states security agencies. A wonderful self licking ice cream cone
of christian zionism, so much winning... Paying up the wazoo for our own eslavement. Last I
checked, the chosen one's were never held accountable for their role prior to 911 operations.
The Amerikastani Con-serve-ative manages to write a whole article about this without
mentioning the name of the "country" that created and exported this software.
This same Amerikastani Con-serve-ative pretends to champion free speech but doesn't permit
the slightest criticism of this same "nation", the racist fascist apartheid zionist settler
colony in Occupied Palestine. In fact the very mention of the word "zionist" will get your
comment removed.
I'm of the school of thought that Snowden is still an active CIA asset used to assist in
discrediting government agencies, such as the NSA, to allow private corporations to take
their place in data collection and dissemination. Alphabet, and it's AI/quantum computers
should not be ignored in this particular scenario
Human beings with conscience are INNER directed. Those without strong conscience (Orcs)
are OUTER directed and thereby easily captured, corrupted and controlled. Human beings with
great conscience (soul/spirit), strong mind and healthy body are PARAGONS.
Orcs were once elves. They got programmed by the dark forces of Saruman & Sauron
(Sin). Sauron's EYE is for intimidation. Seeing it sends fear into the hearts of people and
sucks away their courage. "When did we let evil become stronger than us?" Communicate
reality, truth and expose power freely!
There is still light to defeat the darkness. May your light light others
🕯🕯🕯
Ultimately, this scoop provides much more leverage for Putin's ongoing insistence that an
International Treaty dealing with all things Cyber including Cyber-crime be convened ASAP.
Israel and the UK will never sign such a protocol. The USA? only if it is worthless.
Mar man #4
The leak could be from a highly sophisticated state actor that needs to "blind" US and
especially Israeli intelligence services temporarily.
That could very easily be China, Russia or even Iran. Some of their assets could be on
the list.
"Snowden's opinion on this is kind of strange". Snowden's task, almost a decade ago now,
was to facilitate the passage of CISPA. Greenwald was the PR guy. Remember Obama saying we
need to have a conversation about privacy versus security? Well, Snowden and Greewald helped
him to have the conversation on his terms. And the media giants will be forever grateful.
Greenwald even got his own website. So no, nothing strange about what Snowden said. It was in
his script. Was, is and always will be an asset.
In a broader context:
"In a corporatist system of government, where there is no separation between corporate power
and state power, corporate censorship is state censorship. The actual government as it
actually exists is censoring the speech not just of its own people, but people around the
world. If US law had placed as much emphasis on the separation of corporation and state as it
had on the separation of church and state, the country would be unrecognizably different from
what we see today."
"It's A Private Company So It's Not Censorship"
Sanctions? Sanctions, did anybody mention sanctions for those carrying out Cyber attacks?
(Particularly ones that target "Freedom of speech" and Journalists.)
Apple is also zionist controlled, so not surprising that NSO had all internal details to
hack their iPhones, via tribal leakers or approved connections. So is Amazon, so their cloud
service for NSO continues under other cover.
Those in danger should not use Apple or Amazon-based or other zionist-controlled products
or services. A catalog of those might help.
I don't buy it. It doesn't sound plausible to me as presented.
One possibility is that it is a camouflaged operation to take down non-attributably spy
software that has fallen into the wrong hands, and thereby contrary to US interests. For
example, the new Myanmar government is sure to be using the software to observe the
US-sponsored miscreants from the Aung San Su Kyi regime who are bombing schools, hospitals
and government offices, and to seek out wanted criminals in hiding. The NSO take-down could
be an operation to take those licences out of operation. In that scenario those NSO customers
who are not anti-US might get support to continue operations as usual. As another example it
could also be used as a warning to the Saudis not to get too close to the Russians and
Chinese or ditch the US dollar, and not to accommodate to Iran.
Or maybe NSO just had the wrong political connections in the USA.
Whatever it may seem on the surface, that is what it surely is not.
div> I certainly can't compete on tech savvy as I have none, but doesn't
this perhaps line up with the summit decision between Putin and Biden to cooperate in terms of
policing cybercrime? Maybe that's too obvious, but I don't see that Snowden is contradicting
his own positions in that case. And of course, b, you are correct that the main culprit on
these matters is the US. Throwing the spotlight elsewhere however, doesn't mean it can't circle
around. Spotlights have a way of doing that.
I certainly can't compete on tech savvy as I have none, but doesn't this perhaps line up with
the summit decision between Putin and Biden to cooperate in terms of policing cybercrime?
Maybe that's too obvious, but I don't see that Snowden is contradicting his own positions in
that case. And of course, b, you are correct that the main culprit on these matters is the
US. Throwing the spotlight elsewhere however, doesn't mean it can't circle around. Spotlights
have a way of doing that.
The interesting backdrop to all this is that Israel has a *huge* presence in all things
associated with cybersecurity and have for years. The IDF's Talpiot plan no doubt enviously
eyed the NSA tapping into everyone's internet/cellphone traffic and wanted a piece of the
action. The financial intelligence alone would make it hugely valuable, not to mention
blackmail opportunities and the means to exercise political control.
I wonder if the Intel's Haifa design bureau was behind the infamous "management engine"
installed on *every* Intel chip since 2008 (to, of course, "make administration easier")?
The discover of this "feature" precipitated a huge scandal not too many years back if you
recall...
This "feature" gave anyone who could access it the ability to snoop or change the code
running on the main CPU... anyone want to guess whether the Mossad knows how to get to
it?
@Simplicius | Jul 20 2021 15:15 utc | 57
"I wonder if the Intel's Haifa design bureau was behind the infamous "management engine"
installed on *every* Intel chip since 2008 (to, of course, "make administration easier")?"
I remember 30 years ago there was controversy over the NSA requiring hardware backdoors in
all phones. At the time, it was called the "Clipper chip". Reportedly, the program failed and
was never adopted. Apparently, as this article exposed, that is false and something like it
is installed in all phones and possibly computers manufactured for sale in the western
world.
Supposedly, the real story behind Huawei sanctions and kidnapping of their executive, is
Huawei phones have no NSA backdoor since the Chinese flatly refuse to cooperate with NSA.
Turns out the Microsoft hacking accusation against China wasn't a distraction against the
NSO scandal, but a capitalist reaction against the CPC's growing containment of their own big
tech capitalists:
For people who don't know: this Kara Swisher is clearly an USG asset (or behaves exactly
like one). Every column she writes is an unashamed apology to all the USG policies on big
tech and on all decisions of American big tech.
@ vk (#59), Your conclusion about Kara Swisher is good one. However, cast the net wider to
understand the NETWORK that she represents and find additional media
Orcs. Most likely she is an asset of the Global Financial Syndicate, acting as a
gatekeeper/porter/lobbyist in the technology arena. Her mentor Walter Mossberg was an asset
too? It is easy to identify Orcs!
Work Experience: WSJ, The Washington Post, New York Times, ... Who did she sell Recode to?
Who are financiers of Vox Media?
Education: Georgetown, Columbia University (many assets come from here)
While the theory from m at #13 about it being a personal tiff between Biden and Netanyahu has
some appeal I tend to believe it is more complex than that.
While Dems could accumulate some grudges against Netanyahu, they can be pretty thick
skinned on that. On the other hand, if Netanyahu used his budget to dig the dirt against his
opponents like Bennet, with NSO as the took, the grudge against NSO could be very strong on
the side of the current government of Israel. Internal strife between Likudniks is intense.
And the mantle of the ruler of Israel comes with perks, like the ability to plant stories in
WP and NYT.
The Government said the reform was needed as the existing acts, with the last update in
1989, are no longer enough to fight the "discernible and very real threat posed by state
threats".
The Home Office said it does "not consider that there is necessarily a distinction in
severity between espionage and the most serious unauthorised disclosures, in the same way
that there was in 1989".
[More at the link.]
If it was Russia or Iran that was selling such spyware, would FUKUS react with measures
against the press or with sanctions and efforts to protect the press?
On the other hand, if Netanyahu used his budget to dig the dirt against his opponents like
Bennet, with NSO as the took, the grudge against NSO could be very strong on the side of the
current government of Israel. Internal strife between Likudniks is intense. And the mantle of
the ruler of Israel comes with perks, like the ability to plant stories in WP and NYT.
Posted by: Piotr Berman | Jul 20 2021 19:05 utc | 64
@64 Piotr Berman
This goes much deeper than just personal animosity.
For several years now there had been some kind of cultural war waging in Israel with the
populist leader - Netanyahu - on the one side and and most of the Israeli establishment - the
Mossad, the generals and the High Court - against him. The generals eventually acted by
founding their own party (with the former TV presenter Lapid at it`s head) and deposed
Netanyahu.
This cultural war in Israel is not only very similar to the cultural war in the USA. The
two countries are so intervened with one another that both conflicts have kind of merged.
"This cultural war in Israel is not only very similar to the cultural war in the USA.
The two countries are so intervened with one another that both conflicts have kind of
merged."
Posted by: m | Jul 21 2021 9:41 utc | 67
Yes, not unrelated to the purge Biden seems to be planning here. Bibi made a big mistake
getting so cozy with Trump. I would wager Trump is going to be in the crosshairs too. And
that is likely to be divisive, in both places.
A smartphone is a spying device from which one also can make phone calls. After Prism is
should be clear to anybody that goverments intercepts your email messages and record your phone
calls just because they can.
"..reporters identified more than 1,000 people spanning more than 50 countries. They included
several Arab royal family members, at least 65 business executives, 85 human rights activists,
189 journalists and more than 600 politicians and government officials – including several
heads of state and prime ministers." -- and all those idiots use plain vanilla Anroid or IOS.
Nice. They probably have no money to buy a basic phone for $14 or so. That does not save from
wiretapping but at least saves from such malware.
Southfront reports that an Israeli company's spyware was used in attempted and successful
hacks of 37 smartphones belonging to journalists, government officials and human rights
activists around the world, according to an investigation by 17 media organizations, published
on July 18th.
https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html#goog_621104237 12 Retailers
Where Plastic Bags May Disappear Soon NOW PLAYING MLB All-Star Game: Best Home Run Props To
Target UP NEXT Boeing Finds Flaws in 787 Dreamliners, Cuts Delivery Target Big Tech, Earnings,
Meme Stock Momentum – On TheStreet Monday Target, Walgreens close early due to thefts in
California stores Rose McGowan supports Britney Spears' over conservatorship Rose McGowan is
"brutally angry" about Britney Spears' conservatorship How To Check if You're Actually Getting
a Good Deal on Prime Day
One of the organizations, The Washington Post, said the Pegasus spyware licensed by
Israel-based NSO Group also was used to target phones belonging to two women close to Jamal
Khashoggi, a Post columnist murdered at a Saudi consulate in Turkey in 2018.
One of them was his fiancee, and she and the other woman were targeted both before and after
his death.
The Guardian, another of the media outlets, said the investigation suggested "widespread and
continuing abuse" of NSO's hacking software , described as malware that infects smartphones to
enable the extraction of messages, photos and emails; record calls; and secretly activate
microphones.
The investigation highlights widespread and continuing abuse of NSO's hacking spyware called
'Pegasus' which the company confirms is only intended for use against terrorist groups, drug
and human traffickers, and criminals.
Pegasus is a very advanced malware that infects iOS and Android devices to allow operators
of the spyware to copy messages, photos, calls and other data, including secretly activate
microphones and cameras.
Based on the investigation, the leak contains a list of 50,000 phone numbers that have been
identified as those of people of interest by clients of NSO since 2016.
The list includes many close family members of one country's ruler, suggesting he might have
instructed the country's intelligence agencies to explore the possibility of tracking and
spying on their own relatives.
anti-bolshevik 8 hours ago (Edited)
Two articles from Motherboard Vice:
Is Israel EXEMPT from the ' rules-based order ' that Biden / Blinken / Yellen constantly
affirm?
Any incoming Sanctions? Any Treasury asset-seziures?
Motherboard uncovered more evidence that NSO Group ran hacking infrastructure in
the United States.
A former NSO employee provided Motherboard with the IP address of a server setup to
infect phones with NSO's Pegasus hacking tool. Motherboard granted the source anonymity
to protect them from retaliation from the company.
The licensor of software is not the user of the software. An Israeli company developed
it and may have used it.
In weapons terms, an Israeli company was the arms developer.
However, there are the licensees and users of the software. The factions and individuals
who actually used this weapon of war and political coercion.
In weapons terms, there are others, like the US and other country intelligence
communities who will be the ones who pulled the trigger.
The "trigger pullers include the Bolshevik Democrat party and the Biden campaign, which
used it to control citizens through intelligence gathering (remember Judge Roberts?) and
extract political donations from corporations and rich individuals. Don't forget the
Globalist GOP RINOs and Tech monopolists, who have used this weapon to control and subvert
anyone that they need to subjugate.
Bye bye Apple, Xiomi and Google Android. You just lost your market of brainwashed sheep
for new mobile phones. Even the unwashed Joe Six-Packs of this world now know they are
being manipulated with the phones that are so expensive.
MASTER OF UNIVERSE 11 hours ago
I've spent many years studying Experimental Psychology & Personality Theory and can
honestly state that malware can't determine appropriate behavioural signals intelligence
enough to act responsibly, or judiciously.
Algos are dependent upon Behavioural Science & human analytics. They are crude tools
that employ hit & miss techniques that hardly ever work accurately.
Israeli intelligence tries to look state of the art, but they are just as dimwitted as
the CIA.
WorkingClassMan 10 hours ago
They might be dimwitted and hamfisted but like an elephant with a lobotomy they can
still do a lot of damage flailing around. Worst part about it is them not caring about the
consequences.
NAV 10 hours ago remove link
It's amazing how the "dimwits" control the entire apparatus of the most powerful Empire
in the world and the entire world media.
2banana 12 hours ago (Edited)
It's not just some politicians and journalists.
It's everyone.
Your phone spys on you in every possible way.
Pegasus is a very advanced malware that infects iOS and Android devices to allow
operators of the spyware to copy messages, photos, calls and other data, including
secretly activate microphones and cameras.
gregga777 12 hours ago (Edited)
It's been widely for at least a decade that carrying a smart phone is really like wiring
oneself up for 24/7/365 audio and/or video surveillance. They only have themselves to blame
if they've been spied upon by the world's so-called secret intelligence agencies.
[Ed. The next time in a crowded public space, turn on Wi-Fi and count the number of
unlocked phones under the "Other Networks" menu.]
truth or go home 12 hours ago
If you have no phone, and no facebook, then you are likely immune from prosecution. My
neighbor the Fed agent told me 10 years ago that these two sources are 90% of every
investigation. That number has only gone up. They track you with it, they find out your
contacts with it. They find out your secrets with it. Just try to get either of those
things anonymously. You can't.
philipat 11 hours ago remove link
Land of the Free....
Ura Bonehead PREMIUM 7 hours ago
'truth or go home', 'having no Facebook' doesn't help you as FB secures the same
information via data-sharing arrangements with any number of apps you may download, that
came on your phone, or are embedded deep on your phone. Just a fact.
Steeley 4 hours ago
A friend that lives in Pahrump, NV reports that every time he crosses into California a
smart phone Covid Health Tracking App activates and he starts getting notifications. Can't
turn it off or find where it resides. When he crosses back into Nevada it stops.
E5 10 hours ago
"After checking their claims, we firmly deny the false allegations made in their
report,"
Really? So if 99 claims are true and one false? Never did they say there was truth to
the accusation that they hacked phones.
If you are going to commit a crime I suppose you want to "issue a statement" that you
didn't. I guess we have to ask them 2 more times: then it is a rule that you must tell all.
No minion can resist the same question three times.
zzmop 9 hours ago (Edited)
Keyword -'Israeli', Not Russian, Israeli, Not 'Russian hackers', Israeli hackers
eatapeach 9 hours ago
This is old news. Congresswoman Jane Harman was all for spying/eavesdropping until she
got busted selling her power to Israel, LOL.
consistentliving PREMIUM 7 hours ago
Not USA fake paper pushers but Mexican journalists deserve mention here
Revealed: murdered journalist's number selected by Mexican NSO client
Israel doesn't respect human rights!. Israel has been killing defenseless people in
Palestine for more than 50 years. The sad thing is that US support these genocidal sick
sycophats.
wizteknet 10 hours ago
Where's a list of infected software?
vova_3.2018 9 hours ago (Edited)
Where's a list of infected software?
If they take yr phone under control they'd have access to everything & then they can
use the info against you or anybody else in the info. https://www.youtube.com/watch?v=iuBuyv6kUKI
Israeli spy-wear "Candiru" works a little bet different than Pegasus but is also used to
hack & track journalists and activists. https://www.youtube.com/watch?v=nWEJS0f6P6k
The magic number of "6 million" will be the Get out of Jail Card once again.
And, these idiots keep preaching about the great risk China poses...
Steeley 4 hours ago
Embedded in the OS...
Kugelhagel 12 hours ago (Edited)
Is that article an attempt to get some sympathy for "politicians", "journalists" and
"activists"? Try again.
HippieHaulers 11 hours ago
Exactly. Don't forget Kashogi was CIA. And they're using another asset (Snowden) to roll
this out. This story stinks.
WhiteCulture 7 hours ago (Edited)
I installed Nice Systems onto 600 desk tops in 2003 at 3 separate call centers, a call
monitoring and a PC, mainframe CICS, or email, screen scrape capability. When the call
audio was recorded we also captured whatever was on the screen. No doubt the government has
been doing this on our phones and all personal computers for over a decade.
TheInformed 7 hours ago
Your example shows that people are dumb, it's not evidence of some grand 'government
backdoor' conspiracy. Don't conflate the two.
two hoots 10 hours ago (Edited)
Forget the petty herd/individual surveillance, this is a "super power" tool for
investment opportunities, negotiation advantage, strategic decisions, military/covert
decisions, etc. you can be sure that the most improved (undisclosed) versions are in use in
the usual suspect country. Likely spying on the spy's that bought the software from them.
These are those steps beyond Nietzsche's amoral supra-man.
Globalist Overlord 12 hours ago
Whitney Webb was writing about this in 2018.
Snowden: Israeli Spyware Used By Governments to Pursue Journalists Targeted for
Assassination
If Pegasus is used against Human Traffic-ers, then why didnt they get Jeffrey Epstein
earlier?
Occams_Razor_Trader 11 hours ago
Why 'get' people when you can 'use' these people ........................?
RasinResin 11 hours ago
I use to be in IT and worked in association with Radcom. Now you may ask who is that?
They are the Israeli company that is truly behind all monitoring and spying of your phones
in America
"Reuters' spokesman Dave Moran said, "Journalists must be allowed to report the news
in the public interest without fear of harassment or harm, wherever they are. We are
aware of the report and are looking into the matter."
I love the sanctimonious clutching of pearls, wringing of hands, and bleating from the
purveyors of CCP propaganda, woketardness, and globalism whenever the velvet hand that
feeds them punishes them with a throat punch instead.
donebydoug 11 hours ago
Journalists can't be spies, right? That would never happen.
Watt Supremacist 12 hours ago
Yes but do the people working for Reuters know all that?
nowhereman 11 hours ago
Just look at the signature on your paycheck.
Grumbleduke 11 hours ago
they're in the news business - of course they don't!
You know the adage "when your livelihood depends on not knowing" or something....
Enraged 10 hours ago
Listening in on calls is a distraction story by the propaganda media.
The real story is the blackmailing of politicians, judges, corporate executives, etc.
for many years by the intelligence agencies with tapes of them with underage girls and
boys. This was included in the Maxwell/Esptein story.
These people are compromised, which is the reason for the strange decisions they make,
as they support the globalist elite.
There is no reason to spy on journalists, as they are part of the intelligence agency
operations.
Max21c 10 hours ago (Edited)
There is no reason to spy on journalists, as they are part of the intelligence agency
operations.
True the press are either spies or puppets and vassals of Big Brother and the secret
police. They're all mostly agents of the Ministry of Truth. But sometimes they get the
weather report right.
Wayoutwilly 12 hours ago remove link
Bet they have sh!t on Roberts, Kavanaugh and Barrett too.
Brushy 11 hours ago
Wait a minute, you mean the tracking spy device that you carry around and put all of
your personal information on is actually tracking and spying on you?!!
Dis-obey 10 hours ago remove link
They have data on everyone but not enough eyes to look at everyone all the time. So when
you get flagged then they can open all the data on your device to investigate
u.
ay_arrow
Yog Soggoth 10 hours ago
Khashoggi was not a journalist. While interesting, this is not the story of the
year.
Lawn.Dart 10 hours ago
Almost every intellegence agent is a writer of some kind.
Max21c 10 hours ago
NOS is just one company out of many. They have the willing complicity of the security
services of other countries including the CIA, FBI, NSA, DOJ, in the USA and similar per
UK. Secret police use these special contractors to help them engage in crimes and criminal
activities and it does not matter whether the secret police use a foreign or domestic
secret police agency or contractor as they're all in on it together. It's just a criminal
underworld of secret police, secret police bureaus & agencies, and "intelligence"
agencies. They're all crooked. They're all crooks and criminals and thieves that rob and
persecute innocent civilians just like the Bolsheviks, Nazis, Gestapo, Waffen SS, Viet
Kong, Khmer Rouge, Red Guards, ISIS, Stasi, KGB, etc. It's all the same or similar secret
police, police state tactics, state security apparatus abuses of power, absolute power
& its abuses, and spy agencies and intelligence agencies... and those that go along
with it and collaborate. It's all just criminal enterprises and crime agencies.
So you can solve the 10,000 open murder investigations in Chicago with this. That's how
its being used right...
Bostwick9 10 hours ago
"We are deeply troubled to learn that two AP journalists, along with journalists from
many news organizations, are among those who may have been targeted by Pegasus spyware,"
said Director of AP Media Relations Lauren Easton.
OMG . Not journalists !!!!!!!!!!
Guess NSO is a "buy", then.
NAV 11 hours ago remove link
To believe that the Israelis will not use the information that they have is absurd.
Here's one example:
The American Anti-Defamation League under Abe Foxman long made it a practice for decades
to tail all Congressmen – liberal or conservative -- as was brought out in
allegations in the San Francisco trial of its head operative Roy Bullock on charges of
buying blackmail information from members of the San Francisco Police Department as
reported by the San Francisco Examiner. Bullock had collected information and provided it
to the ADL as a secretly-paid independent contractor for more than 32 years.
Can it be that there's a connection between data of this kind and the unbelievable
unification of almost every congressman behind every Israeli position?
Of course, the San Francisco Examiner no longer is in existence. But Israeli trolls
continue to gather like wasps upon meat to destroy any information that might reveal their
nefarious purposes.
In 1993 the FBI interviewed
40-year undercover ADL operative Roy Bullock , who had improperly obtained social
security numbers and drivers licenses from San Francisco Police Department officer Tom
Gerard. Gerard and Bullock infiltrated and obtained information on California
Pro-Palestinian and anti-Apartheid groups as paid agents of both the ADL and South
African intelligence services. The ADL paid tens of thousands in damages over the
incident and promised not to collect confidential information in the future.
SARC '
novictim 8 hours ago
What do you want to bet that Orange Hitler and associates along with MAGA Republicans,
their attorneys, friendly patriot reporters, etc, have had their phones widely hacked going
all the way back to 2016?
Because when you are a "progressive" in power, anyone who wants to unseat you is a
terrorist threat and you can do just about anything you want to them because you are saving
the world.
Sarrazin 8 hours ago
unseat you is a terrorist threat and you can do just about anything you want to them
because you are saving the world.
Funny, it's the same formula US foreign policy applies to all it's victims nations
around the world. Fighting terrorists in the name of saving the world.
LEEPERMAX 9 hours ago (Edited)
💥BOOM !!!
In 2020 alone, Facebook and Amazon spent more money on
lobbyists than did Raytheon, Northrup Grumman, Lockheed Martin, and Boeing -- major players
in the defense-industrial complex !!!
Let that sink in.
OldNewB 11 hours ago
"Journalists must be allowed to report the news in the public interest without fear of
harassment or harm, wherever they are."
This hasn't happened in ages. What the large majority of MSM operatives (so called
"journalists" ) convey to the public is propaganda and agenda driven misinformation and
disinformation.
SummerSausage PREMIUM 12 hours ago
Obama spying on Trump and Fox reporters - meh.
Same Obama intelligence services spying on WaPo & leftist reporters - FASCIST
Mute Button 11 hours ago
We're supposed to be outraged even though Trump & co. know they're being "spied"
on.
Its just a game of the uniparty.
Ivy Mike 8 hours ago
Yawn. Smart phones have swiss cheese security. Who knew.
If you have a secret that you really don't want people to know, don't put in on a device
that ever touches the internet. Don't talk about important stuff on a phone call. Any mob
boss from the 70's could tell you that.
MeLurkLongtime 5 hours ago
I would add if you have Alexa, don't converse on any sensitive topics in front of her,
either.
_0000_ 9 hours ago remove link
" Pegasus is a very advanced malware that infects iOS and Android devices to allow
operators of the spyware to copy messages, photos, calls and other data, including
secretly activate microphones and cameras."
This is a non-story. Lots of smoke, lots of brew-ha-ha.
Why is THIS a jaw dropping story now when the NSA/CIA have been doing this to ALL iOS
and Android devices years ago? RE: CALEA , signed into law in 1996 by Bill Clinton.
Just more misdirection... meant to distract from something else. What?
Rectify77 PREMIUM 10 hours ago
Isn't it odd that Iran, Russia and China are not on the map? Who are the Israelis
playing?
NAV 10 hours ago
Isn't is amazing that Russia is giving asylum to Edward Snowden who will be arrested and
inflicted with only God knows what if captured by the USA?
Market Pulse 13 hours ago
And we are surprised, why??? Everyone's phones are spied upon with all the data
collected. All part and parcel of the NWO and the "Information Age". How else are they
going to get all that information to control everything. And just think, once upon a time,
there were no cell phones and the people were fine. They also were happier and much more
free. Hint - ditch the phone!
dog breath 4 hours ago
Hello? This stuff has been going on for two decades. Bill Binney, former NSA, been
talking about this since after 911. Five eyes is a way over going around internal rules.
Every country does this. Russia, China, EU, USA, Australia, etc. are all spying on their
own citizens. This world is turning into a corrupt crap pile and I'm waiting for the Lord
to come.
Windows is zero security operating system, if we are taking about sophisticated attackers.
Walways was and always will be. If somebody with sensitive information use for storage of such
information Internet connected Windows desktop he is an idiot. Plain and simple. Use of private
segment with youw own firewall might hel a little bit. But generally to use Windows to store
sensitive information you need disconnected from internet computer; you need an air gap for
machines that store such information and use writable CD or read-only switch on SD card to
transmit it. And even this might not be enough.
Microsoft,
Google, Citizen Lab blow lid off zero-day bug-exploiting spyware sold to governments100+ dissidents, politicians, journos targeted by Israeli espionage toolkitIain Thomson in San
Francisco Fri 16 Jul 2021 // 00:57 UTC
ANALYSIS Software patches from Microsoft this week closed two vulnerabilities exploited by
spyware said to have been sold to governments by Israeli developer Candiru.
On Thursday, Citizen Lab released a
report fingering Candiru as the maker of the espionage toolkit, an outfit Microsoft
code-named Sourgum. It is understood the spyware, code-named DevilsTongue by Microsoft,
exploited at least a pair of zero-day holes in Windows to infect particular targets'
machines.
Redmond said at least 100 people – from politicians, human rights activists, and
journalists, to academics, embassy workers and political dissidents – have had their
systems infiltrated by Sourgum's code; about half are in Palestine, and the rest dotted around
Israel, Iran, Lebanon, Yemen, Spain, the United Kingdom, Turkey, Armenia, and Singapore.
Once it has comprehensively compromised a Windows PC, DevilsTongue can exfiltrate the
victim's files, obtain their login credentials for online and network accounts, snoop on chat
messages, and more. Candiru also touts spyware that can infect and monitor iPhones, Android
devices, and Macs, as well as Windows PCs, it is claimed. The products are said to be on sale
to government agencies and other organizations, which then use the espionage software against
their chosen targets.
"Candiru's apparent widespread presence, and the use of its surveillance technology against
global civil society, is a potent reminder that the mercenary spyware industry contains many
players and is prone to widespread abuse," Citizen Lab, part of the University of Toronto, said
in its report.
"This case demonstrates, yet again, that in the absence of any international safeguards or
strong government export controls, spyware vendors will sell to government clients who will
routinely abuse their services."
We're told that at least 764 domain names were found that were likely used in some way to
push Candiru's malware to victims: websites using these domains typically masqueraded as legit
sites belonging to Amnesty International and refugee organizations, the United Nations,
government websites, news outlets, and Black Lives Matter communities. The idea being, it
seems, to lure visitors to webpages that exploited browser, Microsoft Office, and Windows bugs
to not only infect PCs with DevilsTongue but also grant the spyware admin-level
access.
How's that patching going?
Microsoft was able to fix the operating system flaws exploited by Candiru's software in
this month's
Patch Tuesday after Citizen Lab obtained a hard drive from "a politically active victim in
Western Europe," it said. Redmond reverse-engineered the spyware to figure out the infection
process.
The Windows goliath saw that two privilege-escalation vulnerabilities, CVE-2021-31979
and CVE-2021-33771 ,
were being exploited, and patched them this week.
"The weapons disabled were being used in precision attacks targeting more than 100 victims
around the world including politicians, human rights activists, journalists, academics, embassy
workers and political dissidents,"
said Cristin Goodwin, GM at Microsoft's Digital Security Unit.
In Redmond's
technical rundown of the spyware, it said the DevilsTongue malware would gain a foothold on
a system by exploiting flaws in, for example, the user's browser when they visited a
booby-trapped site, and then use the aforementioned elevation-of-privilege holes to get into
the kernel and gain total control of the box.
The software nasty, once on a Windows PC, is capable of gathering all session cookies and
passwords from browsers, and can take control of social media accounts and third-party apps. It
sported several novel features designed to avoid detection, leading Microsoft to conclude that
the "developers are very professional, have extensive experience writing Windows malware, and
have a good understanding of operational security."
Chocolate Factory comes in, warns
it's not over
Google, meanwhile, this week detailed a
bunch of bugs it detected being exploited by malicious webpages and documents to gain code
execution on netizens' machines.
It would appear DevilsTongue exploited CVE-2021-21166 and CVE-2021-30551 in Chrome, and
CVE-2021-33742 in
Internet Explorer's MSHTML scripting engine – used by Microsoft Office, for instance
– and chained them with the above Windows bugs to install itself on the victim's PC and
gain admin-level access to data and applications. All a victim would need to do is surf to a
booby-trapped page in Chrome, or open a maliciously crafted document in Office.
Those flaws have been patched by now. "Based on our analysis, we assess that the Chrome and
Internet Explorer exploits ... were developed and sold by the same vendor providing
surveillance capabilities to customers around the world," Googlers Maddie Stone and Clement
Lecigne noted, adding: "Citizen Lab published a report tying the activity to spyware vendor
Candiru."
Google also documented an unrelated remote-code execution flaw in Safari's Webkit engine for
good measure.
We're told the Chrome flaws were spotted being exploited to commandeer Windows computers in
Armenia. Marks would be lured to websites that analyzed their screen resolution, timezone,
supported languages, browser plugins, and available MIME types to decide whether or not to
compromise their browser.
"This information was collected by the attackers to decide whether or not an exploit should
be delivered to the target," said Google's Threat Analysis Group (TAG). "Using appropriate
configurations, we were able to recover two zero-day exploits."
Further probing revealed that Armenian Windows users were being targeted via the
aforementioned Internet Explorer flaw. This would be triggered by opening a Office document
that contained either a malicious ActiveX object or VBA macro. Microsoft fixed that issue last
month.
Make it rain
Candiru has been in operation since 2014 and reminds us of another Israeli surveillanceware
outfit: NSO Group .
It's a lucrative business, judging by a contract obtained by Citizen Lab.
The deal, valued at €16.85m ($20m), offers unlimited malware injection attempts but
only the ability to surveil ten devices in one country directly. An extra €1.5m ($1.8m)
gets access to another 15 devices, and for €5.5m ($6.5m) buyers can snoop on 25 handsets
in up to five countries.
There are also paid-for optional extras to access specific accounts. If you want a target's
Signal messages, that'll cost another €500,000 ($590,000). Candiru also offers access to a
victim's Twitter, Viber, and WeChat for around half that amount. Training for four admins and
eight operators is included in the price.
Citizen Lab said Candiru appears to have changed its name five times in the past seven
years, and maintains a very low profile. An ex-employee
suing the company for lost commission claimed that it had $30m in revenue in 2017, and
business is good thanks to the organization's export license.
"Israel's Ministry of Defense -- from whom Israeli-based companies like Candiru must receive
an export license before selling abroad -- has so far proven itself unwilling to subject
surveillance companies to the type of rigorous scrutiny that would be required to prevent
abuses of the sort we and other organizations have identified," Citizen Lab said.
"The export licensing process in that country is almost entirely opaque, lacking even the
most basic measures of public accountability or transparency."
One wonders how this spyware would fly in America. Facebook is suing the NSO Group ,
accusing it of unlawfully compromising users' phones to snoop on them via a security hole in
WhatsApp.
NSO's lawyers have used a variety of legal arguments, saying that it only licenses its
software to governments for criminal or anti-terrorist work and so has sovereign immunity, that
it has no presence in the US
market, and claiming Facebook itself tried to buy the
company's Pegasus snoopware but was turned down. At one stage NSO didn't even bother to
turn
up in court.
The case is ongoing. US Senator Ron Wyden (D-OR) has called for an
investigation into NSO products being touted to law enforcement. ®
@erelis #45
PC anti-ransomware software is nothing but virus scanner software repackaged.
I've repeatedly said: modern ransomware attacks involve a network intrusion first. They do not involve getting someone to click
on a bad attachment or what not.
If someone capable knew who and where you were - you are not stopping them unless you REALLY know what you're doing.
For example: do you use a wifi router? If so, you have ZERO security. WiFi routers are crackable trivially with proximity.
Most of them are built on open source software which is rarely updated. And most importantly: if you don't even know if/when they're
being targeted, how can you possibly be secure?
I agree with Norwegian and One Too Many, though I haven't gotten around to switching to Linux yet.
IMO, MS has been building stupid dangerous interrupts into Window O/S, presumably because it's more profitable than building
saner, safer systems. I'm Old School - I want my computer to do what I tell it to do, even when I'm stupid. These days, Windows
products are built to prioritize instructions from Big Momma in Seattle (MS) over my keystrokes & mouse-clicks. Of course, the
techniques they created to manage this become the tricks used by malevolent hackers to steal control of computers remotely.
Yes, Cryptocurrencies ("Dunning-Kruegerrands") make it easier for profit-oriented hackers to get paid. But the underlying problem
is baked into Operating Systems designed to give control to someone other than the user.
Ransomware attacks continue to disrupt many businesses. Earlier this month an attack through
Kaseya VSA , a remote managing software,
disabled several managed service provider and some 1,500 of their customers. Their data was encrypted and will only be restored if
they pay the demanded ransom.
Such attacks are increasing because they are easy to do and carry little risk. The basic platforms for specific attacks can simply
be
rented from underground providers :
"I think what most people think about when they think of a stereotypical hacker is somebody that's in-depth into coding," the
officer said. "It has changed now in that it used to be that you had to be very technically adept to be a hacker, but the way
the cyber market or cyber underground has evolved is a lot of those things have become services now."
The industry has diversified, he said.
"Those network attackers, instead of profiting themselves, are now renting out their services and their expertise to others
and that's where we see this amplification," the officer said. "It's others renting out the services now. It unlocks another class
of folks that can be opportunistic and take advantage of bad cyber hygiene."
Some of the rentable ransomware services, like REvil, are run by Russian speaking groups. But that does not mean that the people
who use it are from Russia or that the attacks take place from Russian grounds. The last big bust that hit the command and control
severs of the alleged 'Russian' Emotet cyber crime service
took place in the Ukrainian capital Kiev. While those criminals spoke Russian they neither were Russians nor was Russia involved
at all.
Despite that U.S. media blame all recent attacks on Russia and use them to incite the Biden administration to respond by attacking
the Russian nation.
Those headlines and pieces are misleading in that they set expectations which the Biden administration is for good reasons unwilling
or unable to deliver on.
Mr. Biden is under growing pressure to take some kind of visible action" perhaps a strike on the Russian servers or banks that
keep them running" after delivering several stark warnings to Moscow that he would respond to cyberattacks on the United States
with what he has called "in-kind" action against Russia.
The 'growing pressure' are Sanger's writeups all by themselves. The piece then quotes a number of anti-Russian hawks who suggest
some very unreasonable 'retaliation options':
Dmitri Alperovitch, a founder of the cybersecurity firm CrowdStrike, and now the founder of the Silverado Policy Accelerator think
tank, has argued that until Mr. Biden moves to cut significantly into Russia's oil revenue, he will not get Mr. Putin's attention.
...
In recent days, however, a growing number of experts have argued that the United States is now facing such a barrage of attacks
that it needs to strike back more forcefully, even if it cannot control the response.
"You don't want escalation to get out of control, but we can't be so afraid of that that we bind our own hands," Mr. Painter
said.
William Evanina, who recently left a top counterintelligence post in the U.S. government and now advises companies, said he
would advise Mr. Biden "to be bold."
...
If Moscow wanted to stop Russia's cybercriminals from hacking American targets, experts say, it would. That is why, some Russia
experts argue, the United States needs take aim at Russia's kleptocracy, either by leaking details of Mr. Putin's financials or
by freezing oligarchs' bank accounts.
"The only language that Putin understands is power, and his power is his money," said Garry Kasparov, the Russian chess grandmaster
and a Putin critic. "It's not about tanks; it's about banks. The U.S. should wipe out oligarchs' accounts, one by one, until the
message is delivered."
Sure, lets blow up the international banking system by manipulating accounts of private Russian people even though we do not even
know if the criminal cyberattacks are run by Russians or from Russia.
President Biden warned President Vladimir V. Putin of Russia on Friday that time was running out for him to rein in the ransomware
groups striking the United States, telegraphing that this could be Mr. Putin's final chance to take action on Russia's harboring
of cybercriminals before the United States moved to dismantle the threat.
In Mr. Biden's starkest warning yet, he conveyed in a phone call to Mr. Putin that the attacks would no longer be treated only
as criminal acts, but as national security threats" and thus may provoke a far more severe response, administration officials
said. It is a rationale that has echoes of the legal justification used by the United States and other nations when they cross
inside another country's borders to rout terrorist groups or drug cartels.
Sure, U.S. special forces will parachute into Moscow to nab some cybercriminals who may or may not be there.
The warning that Sanger implies Biden allegedly made was never given. Biden himself is quoted in the next paragraph (emph. add.):
"I made it very clear to him that the United States expects, when a ransomware operation is coming from his soil, even though
it's not sponsored by the state, we expect them to act if we give them enough information to act on who that is ," Mr. Biden told
reporters.
There is the crucial point. The U.S. does not know who made those attacks or where they were actually controlled from. It has
not given Russia any names or evidence that Russia could act on. The Kremlin readout of Biden's call with Putin explicitly
makes that point :
In the context of recent reports on a series of cyberattacks ostensibly made from Russian territory, Vladimir Putin noted that
despite Russia's willingness to curb criminal manifestations in the information space through a concerted effort, no inquiries
on these issues have been received from US agencies in the last month. At the same time, considering the scale and seriousness
of the challenges in this area, Russia and the US must maintain permanent, professional and non-politicised cooperation. This
must be conducted through specialised information exchange channels between the authorised government agencies, through bilateral
judicial mechanisms and while observing the provisions of international law.
The leaders emphasised the need for detailed and constructive cooperation in cybersecurity and for the continuation of such
contacts.
Russia has long suggested to set up deeper talks and a treaty about cybersecurity issues. In a short interlude with the media
President Biden
said that meetings about these will now take place:
Q: Sir, what are the consequences for Putin if he does not step up against cyberattacks?
THE PRESIDENT: Well, we set up a committee" joint committee. They're meeting on, I think, the 16th. And I believe we're going
to get some cooperation. Thank you.
Q: Mr. President, what do you expect President Putin (inaudible)" what do you expect him to do? What are those actions?
THE PRESIDENT: It's not appropriate for me to say what I expect him to do now. But we'll see.
Those responses seemsfar from the belligerence the NYT 's Sanger tries to convey.
The problem of crippling ransomware attacks will only increase and blaming Russia for them will not change that fact. The most
basic tool that enables such criminal cyberattacks is the exchange medium through which
ransom payments are made :
Let me paint a picture of a bleak future, that seems to be racing towards us much faster than the public may know about. It's
a future in which ransomware and mass data theft are so ubiquitous they've worked their way into our daily lives.
...
[W]hat is new is that the level of these attacks has gone parabolic in the last few years because of one simple fact. With the
addition of bitcoin to the problem it's insanely profitable, low-risk, and almost the perfect crime. It's also a very real economic
tool that nation states can use to disrupt each other's infrastructure.
The singular reason why these attacks are even possible is due entirely to rise of cryptocurrency. Consider the same situation
on top of the existing international banking system. Go to your local bank branch and try to wire transfer $200,000 to an anonymous
stranger in Russia and see how that works out. Modern ransomware could not exist without Bitcoin, it has poured gasoline on a
fire we may not be able to put out.
It is not only bitcoin but also a number of other cryptocurrencies which have no real justification to exist. But there are transition
points from real money to cryptocurrencies and back where the problem can be tackled:
Cryptocurrency exchanges are the channel by which all the illicit funds in this epidemic flow. And it is the one channel that
the US government has complete power to rein in and regulate. The free flow of money from US banks to cryptocurrency exchanges
is the root cause of this pandemic and needs to halt. Through sanctions, control of the SWIFT network, and our allies in NATO
the federal government has all the tools to put a stop to these illicit flows. Nothing of value would be lost by shutting off
the spigot of dark money and darknet trade. Cryptocurrencies are almost entirely used for illicit activity, gambling and investment
frauds, and on the whole have no upside for society at large while also having unbounded downside and massive negative externalities.
A shut down of cryptocurrencies would disable the safe payment media that criminal ransomware attackers currently use. All other
payment methods require some physical interaction or in person verification. Using those would increase the risk for cyberattackers
immensely.
The good news is that the Biden administration has caught on to this. Last week the Deputy National Security Advisor for Cyber
and Emerging Technology Anne Neuberger
remarked on it :
Neuberger described the Administration's ransomware strategy which includes several lines of effort: disruption of ransomware
infrastructure and actors by working closely with the private sector; international cooperation to hold countries who harbor ransom
actors accountable; expanding cryptocurrency analysis to find and pursue criminal transactions ; and the federal government's
review to build a cohesive and consistent approach towards ransom payments.
This is more than just a conversation that's taking place between the two leaders, President Biden and President Putin. This is
really about our own resilience, as a nation, in the face of these attacks, and strengthening that. That's what the cybersecurity
executive order was largely about.
It's about addressing the challenges posed by cryptocurrency, which provides fuel for these sorts of transactions.
A ransomware attacker may sit in Kyrgyzstan, use a Swiss proxy network to access rented servers in Canada from which a ransomware
cyberattack is launched by using tools that were developed in Estonia but are managed from Spain. There are ways and means to hide
such routes and to fake the involved nationalities. To then blame Russia or any other country for such attacks or to threaten a response
against nation state assets is warmongering nonsense.
The Kaseya VSA attack shut down 800 local
food shop of the Swedish chain Coop for over a week. Millions of people were affected by that in their daily life. With more and
more information technology involved in our daily lives we no longer have the ability to avoid ransomware attacks and their consequences.
What can be done is to disable the cryptocurrency payment channel that is used by attackers with little to no risk. While this
may not completely solve the problem of widespread ransomware attacks it will at least make it more manageable.
Posted by b on July 10, 2021 at 16:54 UTC |
Permalink
next page Â" Yet another argument that banning cryptocurrencies will somehow prevent ransomware.
I vehemently disagree.
I previously wrote that check kiting still exists: there is absolutely nothing preventing traditional money laundering services
from being used by ransomware gangs.
Furthermore, the cryptocurrency ban argument is only 1 step removed from the original "Never pay ransoms" tripe and 2 steps removed
from the subsequent "terrorist financing" tripe.
Let me be clear:
we are talking about business continuity interruption value in the tens to hundreds of millions of dollars.
As I wrote back in 2016 - it would only be a matter of time before attackers starting realizing just how much value they were
holding hostage.
If a business is doing $100M a year in revenue - a major ransomware attack takes at least 1 week to recover and usually longer.
And no, backups make zero difference to this figure.
Restoring large databases, complex systems and/or customer facing portals takes at least that long - and this excludes the
work needed to verify if persistence (i.e. leave behind back doors or what not) exists.
Then there's the work of understanding how the attack began, how it proliferated, etc etc.
$100M revenue vs. 2 weeks of BCI - the loss is $4M plus the security review/forensics analysis. The latter is going to cost
at least 6 digits and could easily go into the 7 digits, if done by a top tier professional firm.
Now compare this to a $100K ransom.
Now consider: would the lack of cryptocurrency really matter?
Yes, it would drive operating costs up by 25% to 35% on the money laundering (mule) side, but so what? Charge $150K instead.
This doesn't even take into account the "mitigation" firm angle: at least 1 outfit has already been caught doing almost nothing
but negotiating directly with the ransomware attacker for the decode.
The way to reduce ransomware attacks is to drive up the risk factor - not attempt (and fail) to drive down the profitability.
Cryptocurrency isn't the problem. The argument in favor of banning it (whatever immensely draconian measures that would entail)
is an argument in favor of inverted totalitarianism with government or private spy agencies and mitary/police forces doing the
enforcement.
It's also an argument in favor of SWIFT and similar systems in service to the financial and corporate elites. Many of whom
are in fact adding crypto to their portfolios and accepting payments.
Think of it this way. The only reason these hackers (using NSA tools) don't just ask for a cash drop of various currencies
of unmarked non-sequential bills a remote place is that the USA, UK and Five Eyes can police any ransom payments. Same with SWIFT.
The majority of them have no Russian ties.
ransomware - along with stuxnet - is the main reason i started reverse engineering. it's just as easy to install as any other
malware since most payloads get dropped due to PICNIC s.
i actually recall seeing one that was almost entirely javascript and operated from RAM. one click in a browser without script
protection and that's it.
apple and microsoft (and to a degree android) have succeeded in dumbing down the average user and no amount of "compliance
meetings" will fix that any time soon.
as for crypto, it appeals to the segment of the population with too much money and is worse than useless for those with
too little. it's just like the VC idiots who have reaped the benefits of QE (and ridiculous
overvaluations ) and use their ill-gotten gains to keep garbage like uber on life support.
they shit their pants at the thought of paying $0.00000001 in taxes but will flush $40,000 down the toilet on "NFTs" and
imaginary digital monopoly money. assholes.
@ c1ue 1 -- "And no, backups make zero difference to this figure."
I don't pretend to understand the intricacies of this, but why wouldn't it be possible to have two servers (or server banks)
set up with identical data, then if one of them is attacked (illegally encrypted and locked out), IT personnel could migrate access
to the data in the second server and wipe the first one? Seems simple enough.
i usually ignore other comments but the above is a bit annoying and i've seen this "argument" from many otherwise smart people
(e.g. greenwald).
Cryptocurrency isn't the problem. The argument in favor of banning it (whatever immensely draconian measures that would entail)
is an argument in favor of inverted totalitarianism
1. yes it is a problem. nothing is "the" problem unless you want to get down to the philosophical bones of capitalism
and such.
2. "banning" it might not be practical (we've had bans on child porn for quite a while and it still exists...and is usually
paid for with crypto). but banning the mining of it will de facto take it down a few pegs.
3. let's drop the "derp imma freedom fighter cuz i has dogecoin" crap. the people with the most ability to buy and manipulate
coin are the people with the least reason to tamper even slightly with the "system". but then some people (usually soulless white
yuppie guys) act like musk is a "genius" so i guess making him and other cointards out to be digital che guevaras wouldn't be
a huge leap.
4. we already live under "inverted totalitarianism". and it smells a bit of ayn rand's verbal feces to equate "i can't have
100% freedom all the time with my vapor money" with "derp here come the stalins!" maybe try to think about something immaterial
for 5 seconds a day.
5. crypto is the BLM of currency. it looks all freedomy and changey but will eventually be co-opted and absorbed into the blob.
or have goldman and the other parasitic "masters of the universe" suddenly embraced competition?
6. it's also the "free range beef" of currency. just as that dumb fuck yuppie marketing campaign ignores the vast amount of
land it takes to feed the cows, crypto lovers have yet to explain how something that already uses as much electricity as goddamn
EGYPT can be scaled out to cover everyday use by billions (or even millions) of people.
Cryptocurrencies are almost entirely used for illicit activity, gambling and investment frauds, and on the whole have no upside
for society at large while also having unbounded downside and massive negative externalities
Bah Humbug. Lots of normal people with some excess cash use crypto, trade crypto, and pay their taxes. Almost everything blamed
on crypro can be blamed on the USD as well.
It is another avenue that can be used for illicit activities. These exploits against these systems would go on without crypto
albeit at a lesser extent. Organizations will learn to harden their weak systems and move on with life.
I work with people who have mad some damm good clean money playing crypto. They talked me into dabbling with some spare cash
and I have done quite well. If I lose its on me and no one else. I do not need the Empires bureaucrats breathing hot air down
my neck on this one.
Klaus Schwab and his friends at the WEF are currently running Cyber Polygon which simulates a cyber pandemic (electricity grids
shutdown, banking systems, hospitals etc) due to cyber attacks which will disrupt and impact society worse than anything Covid
did.
Giving the welcoming remarks at Cyber Polygon for the second year in a row, Schwab spoke at length about the World Economic
Forum's (WEF) desire to tackle cybersecurity by bringing together a closer merger of corporations, small businesses, and governments.
Last year, Schwab warned, "We all know, but still pay insufficient attention to, the frightening scenario of a comprehensive
cyber attack, which would bring a complete halt to the power supply, transportation, hospital services, our society as a whole."
A ransomware attacker may sit in Tel Aviv.... I'm convinced that the Zionists are involved in this. As for the American's sabre-rattling,
that's just empty nonsense. The NATO gang has been deploying cyber attacks on Russian infrastructure for a long time, to no avail.
Let's make it safe for FedCoin and the Banksters by eliminating all non-sanctioned non-governmental cryptos, as well as cash.
Only programable, traceable, instantly confiscatable "money" issued by the Central Banks and Governments will be allowed.
Take it straight from the Bank for International Settlements General Manager AgustÃn Carstens in October 2020, telling you exactly
where the central bankers intend to go
OK, attack corporations for crypto or cash. What is next is that attacks could be extended to attacks on Nations and infrastructure.
ie. The Iranian transport system has just been hacked. (The supreme Leaders telephone number appeared on all the railway Bulletin
boards.).
Not forgetting all the other Styxnets etc.
This may be one thing on which the Biden/US and the Putin/Russians could agree to cooperate. Self protection is a valid motive.
Cryptocurrency exchanges are the channel by which all the illicit funds in this epidemic flow. And it is the one channel that
the US government has complete power to rein in and regulate. The free flow of money from US banks to cryptocurrency exchanges
is the root cause of this pandemic and needs to halt.
I'm sorry but this is absolute nonsense. Any American (or European or Japanese or anyone else) is required to submit to various
KYC protocols (Know Your Customer) in the same manner as setting up a bank account at a bank that participates in the SWIFT system.
A government ID (which can be faked, more on that in a bit) is required to set up an account on any of the exchanges that the
US government has the power to regulate in traditional ways (i.e., not by simply shutting down the internet or seizing domains
like they did to Iranian and Houthi media).
Money flowing from US banks to exchanges and back the other way is not the problem, sorry. In fact I'd be willing to
bet that the money easily recovered by the FBI from the Colonial ransomware attack must have been transferred in this manner,
hence the ease with which it was recouped.
As far as a fake identity, one would have to obtain or generate a fake government ID, a fake social security number (or the
equivalent in EU, Japan, Korea, etc.), establish a bank account with this fake identity and only then could they use the system
in the manner that Diehl presupposes. Is this a possibility for a very small number of racketeers and extortionists? Sure, but
it doesn't make crytocurrencies somehow unique for this type of criminal to operate.
if they can disable crypto, they can disable stuff that's a whole lot worse than crypto.
people do recognize at times than we can solve problems simply by not doing certain things.
Isn't the Western banking system heavily invested in global criminality, and didn't this state of affairs exist before the
arrival of crypto? why would the USG change now, since crypto creates the need for more policing and surveillance, whose manipulation
nurtures another excuse to blame the Rooskies?
Crytpos are new securities that invest in technologies that will run the new world. Some technologies are foundational and some
are fads. Buyer beware.
911 was a psychological warfare operation. Russia-gate is a psy-war operation. Pandemic 2020 the same. And so too is this latest
fear mongering BS about cyber-security. All of it in service to ever-increasing compliance and control for 1984 2.0.
What evidence is there that this even happened at all? Seems like the same as the poisoning events, just empty claims and refusal
to provide evidence neither to Russian authorities nor the public. A bunch of nonsense.
I feel the same way about cocaine use and the American dollar, lol. Years ago researchers reported that most US $100 bills had
cocaine residue on them.
Also, check out during the 2008 crash that the big drug cartels bailed out EU banks to the tune of approximately $900 million
US. Nothing to see here, move along now.
Wow! What a chasm between Biden's quite reasonable and measured comments, that even hint at increasing, not decreasing
cooperation between himself and Putin...and the literal mouthfoaming of the New York Slimes!
Appreciate this really informative article! Some years back I decided to buy one bitcoin for the price of 500 Euros. I found
a guy [don't recall how, maybe by want ads in local paper] who met me at a McDonalds and I gave him the cash in hand, while I
checked on my laptop to see the bitcoin deposited.
Somehow, I misplaced that silly password or wallet or whatever, and that bitcoin is gone in the coin fountain forever, lol!
Kind of stings a little to see these things going now for something like 50 k, lol!
I had never heard of these crypto-markets, where I guess you can just buy them online in some way. I suppose they didn't exist
back when I wanted to buy one?
... why wouldn't it be possible to have two servers (or server banks) set up with identical data, then if one of them is attacked
(illegally encrypted and locked out), IT personnel could migrate access to the data in the second server and wipe the first one?
Seems simple enough.
Posted by: norecovery | Jul 10 2021 18:12 utc | 4
Data replication is a standard tool for massive data bases, but they require high throughput communication channel. So what
you want is a system that can only receive and store, with no processing whatsoever -- without an authorized user physically present.
Otherwise the remote rider of the mother side can instruct the mirror to encrypt the content in the same way as the mother site.
That may be a simplification but you probably need an operating system for the mirror that lacks any of the garbage invented
and planted in operating system in the last 30 years. No way to run java etc. Totally against the current software "philosophy".
Sanger is one of the Time's veteran war whores as well as being a favored propagandist for the "intelligence" cosa nostra and
their frequent disinformation campaigns that originate at his ol' grey bag.
I just picked up the rights to the domain: "TheRussiansDidIt.com ..seeing that no matter who what or where any kind of real
or perceived cyber attack occurs.....within milliseconds, "propornot" rags like the Times screeches as loud as their typeset allows:
the Russians did it...with of course a mandatory inclusion that Vlad the Evil Impaler is the ultimate " mastermind" behind it
all.
The escalating warmongering by David Sanger is the real danger here followed by the lack of an international Cyber-Security
Treaty, which is something the Outlaw US Empire doesn't at all want because it would apply reigns to its unilateralism and continual
breaking of the UN Charter.
Putin and Russia have asked for such negotiations for over a decade with zilch response from NATO/Outlaw US Empire. Think of
all the attempts to provide a casus belli since Putin became president/PM that are completely devoid of any evidence, then add
all Sanger's crap to that list as it's no different. He's being paid by a faction that wants war with Russia regardless the cost,
but he doesn't give a damn about all that since he writes lies for a living while also living a lie.
All Bitcoin transactions are public, traceable, and permanently stored in the Bitcoin network. Since users usually have to reveal
their identity in order to receive services or goods, Bitcoin addresses cannot remain fully anonymous.
"The only language that Putin understands is power, and his power is his money," said Garry Kasparov, the Russian chess grandmaster
and a Putin critic. "It's not about tanks; it's about banks. The U.S. should wipe out oligarchs' accounts, one by one, until
the message is delivered."
For the sake of the argument, let's assume Kasparov's assessment of Russia is true (that's already a big "if").
Then, we have two possibilities:
1) the USA is not an oligarchy, and has a system that is superior to an oligarchy, i.e. a system that is worth spreading around
Russia and is capable of crushing the Russian system;
2) the USA is an oligarchy, but a better oligarchy than Russia's.
We can discard #1 outright, as it is notorious and self-evident fact that the USA is an oligarchy. Even
Bernie Sanders has just stated that , it's already common knowledge.
So, we have #2 left to analyze.
Taking #2 as the premise of the real world, and also going from the premise Garry Kasparov is not a complete idiot or crazy
(Plato's presupposition for a political debate to take place), then we can only conclude Mr. Kasparov is openly asking the help
of the American oligarchy to crush the Russian oligarchy. Putting in another way, he's asking oligarchy to defeat oligarchy.
The problem here is that using an oligarchy to crush another oligarchy would not result in the extinction of oligarchy, but,
on the contrary, in the strengthening of the oligarchy. In this concrete example, the Russian Federation would just be governed
by the American oligarchy, in the same system, but much harder to defeat than before.
Garry Kasparov, therefore, is a pro-oligarchy militant. A Russian far-rightist could even demagogically claim he's anti-Russia.
There's an idealist scenario where you could argue abstractly #1 could be held true: that the Russian Federation is a "kleptocracy",
i.e. an oligarchy where the State dominates the bourgeoisie. In that case, the USA would not be an oligarchy because the bourgeoisie
uses the politicians to their own end, and not the inverse. That is, it is an oligarchy only when the politicians dominate the
capitalists, but not the inverse - the inverse would be (liberal) democracy.
But that's a liberal fantasy. Either Putin is all-powerful or he isn't - he can't be both at the same time. If Putin dominates
the oligarchs, then the oligarchs are not oligarchs - they're mere shells of Putin's (and, therefore, the Russian State) power
and wealth. If Putin is dominated by the oligarchs, then, by liberal standards, Russia is not an oligarchy either, just a traditional
liberal democracy.
In all of these ransomware attacks the one factor that is NEVER discussed is that the vast majority of them occur
on Microsoft Windows. When will people learn to start using a real operating system.
Technologists and those who follow their lead (Venture Capitalists, angel investors, etc) are often wayyyy ahead of the
curve, and as such, become mega-rich from their financial bets on new technologies
OR:
They are the 21'st century snake-oil salesmen---endlessly touting some zoomy, spiffy technology whose 'greatness' the proles
are just too dumb to comprehend, lol! And in 99.999 percent, it all turns out to be VAPOR! But the sheeple's fleece that is collected
is very very real, and comes from your wallet, lol!
I should think the real villains involved in a lot of these ransomware attacks attributed to Russia are the SBU and their CIA
bosses in Kiev. (The SBU and the CIA share the same offices.) The Ukrainian security services, and the people they use or contract
work to, most likely also have the tools to attach faked Russian-language metadata to their hacking activities.
Add also the possibility that these Nazi crazies in Kiev are working with Israeli-affiliated agents or agencies with cyber-hacking
experience and knowledge in getting access to major networks and we have one Hell of a global problem indeed.
No doubt the SBU and the CIA are using crypto to finance their activities. Even Bellingcat uses crypto to pay for information
hacked from private mobile phone databases. Of course the sooner crypto currencies can be regulated properly, the better. But
banning them outright cannot be the solution; the activities crypto helps to drive will migrate to another source of funding.
Is it easy to cash out cryptocurrencies? One can't fool all the people all the time.
Currencies are constantly MONITORED
Reality is in details and deeds. Please list all the cash out steps for cryptocurrencies. Do you know the payment space? Usually
within the U$A and other regions, deposits and withdrawals worth $5,000-10,000 are monitored for tax evasion and money laundering.
Try to cash out $25,000 from your bank account. Majority (98+%) of money is fully monitored and traceable. What % of the US$ are
in the physical form? How much cash does a typical bank branch carry? Cryptocurrencies are not the problem as they are constantly
monitored. How does one buy a bitcoin or cash out a bitcoin?
Which intelligence agencies are driving this DECEPTION?
It is currently harder for those looking to cash out cryptocurrencies while not being watched by the eyes of tax collectors,
administrations and intelligence agencies. So which Orcs are DRIVING this ransomware attacks? It looks like some intelligence
agencies group is leading this ploy of attacks. Why? They want to protect the existing payment and financial system? Create FUD
about their competitive digital currencies? Launch attacks worldwide to DISRUPT operations as they're losing, cyber proxy wars?
Someone is using these ploys to carry out attacks and create a mist to hide their future malicious crimes.
Ransomware services can be easily STOPPED
Why are administrations letting rentable ransomware services, like REvil, operate? This is like letting mafia operate. Why
let web services companies rent them their services? If AWS suspends Parler, then web services can do the same thing to ransomware
services which are a criminal operation. Similarly, Bitcoin, and other cryptocurrencies can be asked to prevent these transactions.
Remember, all these cryptocurrency companies operate under a CORPORATE CHARTER. Who controls the corporate charter? Governments
have enough tools to prevent these crimes. Why aren't they pursuing it proactively and stopping it? Who BENEFITS?
Russia isn't making a strong stand. Why?
On the tenth day of the Cuban missile crisis, the U$A UN ambassador Stevenson dressed down Valerian Zorin, the Soviet ambassador,
in a UN Security Council meeting as Americans watched on television. Stevenson went for the jugular: "I want to say to you, Mr.
Zorin, that I do not have your talent for obfuscation, for distortion, for confusing language, and for doubletalk. And I must
confess to you that I am glad that I do not!" Stevenson went on to denounce the Soviets for lying, treating Zorin in a way that
the Soviet ambassador likened to an American prosecutor browbeating a defendant.
Why isn't Russia raising the issue of these false accusations and provocations regarding manifestations in the information
space at the UN? Where are Russia's ambassadors? Why be a wimpy?
Posted by Steve @ 9
Who observed:
'A ransomware attacker may sit in Tel Aviv.... I'm convinced that the Zionists are involved in this. As for the American's sabre-rattling,
that's just empty nonsense. The NATO gang has been deploying cyber attacks on Russian infrastructure for a long time, to no avail.'
I agree.
I recommend the book Murdochs Pirates, currently 'unavailable' at the detestable Amazon [wonder why?] but now available
at Australian online bookseller Booktopia. Here is a brief and sanitised review of the book from Amazon:
"The inside story of the skullduggery at the heart of one the Murdoch empire's subsidiaries, NDS.
What happens when one of the biggest media groups in the world sets up its own private security force? What happens when
part of this operation goes rogue?
News of the World is not the first Murdoch company to be accused of skullduggery. Murdoch's Pirates is about the dark deeds
of a secret division of News Corp, based in Jerusalem, operating in a combustible world of ambitious ex Scotland Yard men and
former French and Israeli secret service agents, who have one thing in common - they have all left their previous employment under
controversial circumstances.
Reading like a thriller, Murdoch's Pirates is set in the arcane world of hackers and pirates. There are mysterious deaths,
break-ins and wild chases. Some of the individuals involved may well be amongst the brightest minds on the planet, but sometimes
their rivalry can get out of hand and their impulsive behaviour can defy logic.
Neil Chenoweth recounts this clandestine war with his customary lucidity, drollery and brio."
My synopsis of the allegations in the book: The Murdoch empire created a clandestine beyond the law cyber unit, based in Jerusalem,
using , among others, skilled Israeli hackers, to hack and pirate the codes of rival satellite TV companies. The hacked codes
were then used to manufacture millions of 'cloned cards' which were distributed world wide. Children were selling these cards
in schools. This gave the holders of the 'cloned' cards free access to various satellite TV channels, but not Murdoch owned channels.
Why pay a subscription for satellite TV access when you can buy 'cloned' cards for a few dollars? Various rival TV channels then
went broke. This left Fox and Sky to pick up the customers. The Murdoch empire, allegedly, knocked out the competition.
So much for copyright law. Take note Kim Dot Com, awaiting extradition from NZ to the US for his, alleged, 'file sharing' antics.
The Murdoch empire, allegedly, is very litigious and, allegedly, has deep pockets.
These American accusations about Russian ransomware and cyberwarfare are part of the USA's broader Hybrid War against Russia.
Namely, America accuses Russia of what "Leader of the Free World" is massively guilty of so as to extract concessions from
Russia on other unconnected concerns.
This is an umpteenth example of how Goebbelsian psychological projection is fundamental to the American national character.
It's long overdue that Russia and other nations like China and Iran, who are the targets of US smear campaigns, give the Americans
a taste of their own medicine and demand that the United States cease and desist its cyberterrorism and attacks on other nations.
We can start with Edward Snowden's revelations of the American NSA spying on and hacking civilian institutions and leaders
of other nations.
Then move on to the joint American-Israeli creation of the Stuxnet Virus deployed against Iran and even North Korea.
Add on the Wikileaks Vault 7 leaks exposing how the American CIA and its UMBRAGE unit stage *false-flag* cyber attacks, which
the USA will blame on other nations.
And then demand that America terminate its 60,000-member strong covert (cyber) army called Signature Reduction.
After that, tell the USA that its Echelon "Five Eyes" global spy network must be completely and irrevocably be destroyed.
Or Else.
This list is by no means comprehensive but only a very abridged version of what should be called American cyberterrorism.
I am following some parties that really do crypto in dirty deeds and/or really *really* want to stay off the governments radar,
and I have to say none of them is using bitcoin as they know it is traceable with little work. So, no real hacker pirate would
ever ask for ransom in bitcoin.
So, seems these recent ransom ware "attacks" are orchestrated by parties:
1. not afraid to get traced by US government (cause.. they won't bother them?)
2. conveniently not worried by the facts these acts will serve as 100% reason to ban crypto currencies themselves
Hm, which organizations/groups of people/3 letter agencies match these two criteria...
The close reading of Biden alone was worth the price of admission to this post. The whole affair is reminiscent of the invasion
of Afghanistan when Taliban offered to send OBL upon receiving evidence, which was never provided (and probably didn't exist).
I'd rate the conclusions as reasonably well established. Worthy of sending to all my friends who hate Russia. Considering the
nature of the oligopolus that rules the world and that crypto is as useful to them as anyone in evading taxes and accountability,
I wouldn't expect any changes. However I'd like to hear about each case cracked open, which is hard to find in the NYTimes.
>>>If Moscow wanted to stop Russia's cybercriminals from hacking American targets, experts say, it would.<<<
Who are these experts, how would Putin do that, why is it easier for Putin to do this than any ... us?
The attacks are taking place on our IT networks. It is funny that these 'experts' are so insistent that Putin can control all
of the LANs in Russia but we can't. I want these experts to explain how this works.
I am not up on crypto or the innards of ransonware except it was released to the world in Vault 7 I believe. But there is a
pattern by US private and public so called cyber experts. When an attack or breach happens, the US knows exactly who did it and
even the language they speak. However, these super duper experts and their organizations are powerless to stop the (Russian!!)
hackers armed with the most detailed facts. With the private companies of course for a hefty price they can (maybe) protect you.
More than anything these events show how utter incompetent the US is in cyber protection and avoidance at both the government
and corporate levels.
My personal cyber security software installation on my PC for pennies a day offers ransomware protection and has for several
years.
The step does not work like this and has a problem:
1) Especially in the case of attacks that are blamed on Russia, one must see that the perpetrators are located in Ukraine and
neighboring countries and are paid and operated by their intelligence services.
The now occurring increase of the accusation against Russia must be seen simultaneously with the current NATO exercise in the
Black Sea. The warmongers are looking for a reason (or Russia's mistake) that will give them the position of the defender in the
eyes of the Western public and thus a legitimate right for military action. We are there 5 minutes before a war with NATO, which
is fiercely demanded by Ukraine, among others.
2) Interfering with SWIFT would be a declaration of war for Russia, as it is impossible to ensure that legitimate Russian transactions
are not affected.
3) The only solution, besides a real cooperation between the USA and Russia, is to close all non-supervisable "exchange offices"
and at the same time to monitor - as with cash - every transaction of these offices, i.e. the same as is already being done for
money laundering (but even there not consistently).
How little this works, however, when one or more of these states undermine governments themselves, can be seen in the financing
of terrorism. Those who shout "Stop thief" the loudest are those who finance their "friends", who are the "good" terrorists.
So: All wishful thinking, far from the reality of the hypocrisy of the services. The only protection is the companies' own.
If they are too stingy to invest in security, which reduces profits, they have to pay. If you leave your car with the engine running
and the key in the ignition and walk away, you are to blame if your car is stolen.
Translated with www.DeepL.com/Translator (free version)
I should remind barflies that Trump floated the idea of nuking Russia in response to a cyber attack. Do see my comment on the
rocket thread linking to Martyanov's blog.
Don't understand why so many people here are defending the private cyptocurrencies. They're not and never will be money. The
libertarian utopia where there are no banks and everybody will be paying directly with crypto is impossible, will never happen.
According to Klaus Schwab(World Economic Forum/Davos) the next big crisis the world will have to face is a Cyber pandemic. And
judging by the scale he is talking about they got some great crisis for us in store.
Klaus Schwab: "We all know, but still pay insufficient attention to, the frightening scenario of a comprehensive cyber attack,
which would bring a complete halt to the power supply, transportation, hospital services, our society as a whole.
The COVID-19 crisis would be seen in this respect as a small disturbance in comparison to a major cyber attack, he added."
Perimetr @ 10 =>Only programmable, traceable, instantly confiscatable "money" issued by the Central Banks and Governments will
be allowed. <= this is the last thing Americans want to see, the elimination of non traceable cash.. so the USA will do its best
to make it happen..
by: Stonebird @ 11 Crypto? The Banks won't let it go. <=neither will anyone governed by a nation that allows its private monopoly
powered corporations to spy on the population and to use the government itself as an agency which facilitates corporate private
exploitation against those the government governs.
Conflict seems to be developing between the governments and those the governments govern? Its about trust. Global humanity
no longer trust any one in government, for any reason or at any time. Everyone has learned the private corporate powers used by
corporations to exploit the governed, were given to the corporations by the governments; and everyone has seen the exploitation
government imposed on humanity will soon destroy it.
Tom_Q_Collins @ 12 identifies the following statement as absolute nonsense. "Cryptocurrency exchanges are the channel by which
all the illicit funds in this epidemic flow. And it is the one channel that the US government has complete power to rein in and
regulate. The free flow of money from US banks to cryptocurrency exchanges is the root cause of this pandemic and needs to halt.
I'm sorry but this is absolute nonsense. " <= I agree completely, Governments are the mother of illicit funds; the issue that
has the governments and their monopoly powered corporations so upset, is competition to their private party land.
<= Corporations want the corrupt governments, the corporations control, to
outlaw competition so the protected corporations can control everything?
Good luck..
<= Eight billion people sorted into 256 different government governed cages, have lost faith in the integrity of those who
run the governments.
<= I believe, something different, more human oriented is coming to the world. Cryptcurrency is interesting to watch because
it inverts the foundation into a root top.
by: circumspect @ 7 says: "I work with people who have mad some damm good
clean money playing crypto. They talked me into dabbling with some spare
cash and I have done quite well. If I lose its on me and no one else.
I do not need the Empires bureaucrats breathing hot air down my neck
on this one. <=exactly..
Down South @ 8 says
"˜Lack of cybersecurity has become a clear & immediate danger to our society': Klaus Schwab, Cyber Polygon 2021 <=bull shit.
posted by rjb1.5 @ 14 ..
"Isn't the Western banking system heavily invested in global criminality, and didn't this state of affairs exist before the arrival
of crypto? why would the USG change now, since crypto creates the need for more policing and surveillance, whose manipulation
nurtures another excuse to blame the Rooskies? <=exactly..
Abe @ 35 =>which organizations/groups of people/3 letter agencies match these two criteria...<= CIA comes to mind..
But it should also be noted that most Americans have never even seen a "benjamin" (a $100 dollar bill) before. Common
Iraqis or Colombians are much more likely than a regular American to have seen a US $100 bill. Isn't that weird?
It's Russian military doctrine and policy to launch all nuclear weapons in the case of cyber operations attack interfering with
Russian Nuclear Forces computer infrastructure -- message is launch straight away, should be a hoot and a bang. These people are
insane Sanger and co. The courts should jail them for life, for proffering advice that leads to the total destruction of Earths
biosphere. (incl, Humans)
b, your beef is not with crypto currency, but cryptography for one cannot ban crypto currency without crippling cryptography.
This was tried in the US. But the downside of weakening cryptography is that it weakens the entire financial system and put every
financial transaction at greater risk.
Why not simply ban insurance against cyber crime? At least then, companies would take security seriously enough for the current
environment.
Martin Armstrong just posted a piece about crypto where a BIS official talks about how it will be used to ultimately control
every transaction by them and their ilk. They will tell you what you can and cannot spend your money on.
Just like the internet it was let to run free but crypto, the internet, smartphones and Starlink will ultimately control
every person on the planet. Internet passports in in their hoped for plans as well. We do not like you we kick you off. You cannot
give money to those people becasue we do not like them.
While I am not fully convinced that a crypto crackdown will terminate ransomware attacks (but might help to reduce) just a
sidenote:
Some of the rentable ransomware services, like REvil , are run by Russian speaking groups.
Funny name, but immediately Guccifer2.0 and his "Russian breadcrumbs" jump in my mind. So these guys are "Russian speaking",
more exactly, writing, ok. But the pun "REvil" is definitely an English, more exactly American English pun. No Russian, German,
French, or Chinese speaker without a background in spoken/written American English would have that idea in the first place.
The administration already has information of over at least 90+% of (> $1,000) transactions and 99+% on big (> $50,000) transactions.
Digital currencies are good for international trade!
What % of your transactions are in cash? What % of your amount spent is in cash? Even if you pay your cellphone, broadband,
electricity,... bills in cash, they are reported. What information is collected by the credit scoring companies? If you're using
a smartphone they know your favorite places, work location, visited places... How to prevent the ABUSE of data?
Most individuals are sleeping. What % of people are awakened? What % have integrity? Interesting world.
Not only do I view cryptocurrency's rise as a relief-valve to placate the masses and "shoo" them away from precious metals (read:
sound money), but also along the same lines as a 401k. When the SHTF, you won't be able to hold it, so you won't own it. 1s and
0s are not physical and therefore entirely speculative (the stuff of vapor). You can only feel its breath on you when the game
is afoot. When the music stops, it is gone.
What is Russia and China doing? They are buying pms. When the greenback dies its inglorious death, cryptos will be abadoned
and forgotten faster than you can say "Sears."
@ GoverntheMente | Jul 11 2021 1:40 utc | 46 with the reminder of the potential for Intertube outage...thanks
I agree that loss of the Intertubes for a day would be tragic for the Plato's Cave Display worshipers but some of us remember
life without technology coming out your ass as nice....I was on-call for over 20 years...
What this social control effort does though is make the sale for money that is only soft and not hard much more difficult.
It will remind the proles that electricity does not come out of the ground and maybe it would be good to have coinage or paper
backed by thing(s) to give it intrinsic value.
Given the ignorance I am reading lets review a bit about money.
Hard Money is money that has intrinsic value. It could be represented by coinage, paper or a permissioned block chain cryptocurrency.
How that Hard Money establishes and maintains its relationship to the value of things is a separate subject but needs to be recognized
as an event and ongoing process. The relationship that Hard Money has to value is different than the relationship that Soft Money
has to value.
Soft Money is any form of money that has no intrinsic value but is currently given a faith based relationship to value of
things. In 1971, when Nixon took the US dollar, as Hard Money Reserve Currency, off the gold conversion standard it became Soft
Money, or more clearly, a measure of debt passed around to others of faith in its ongoing value. Cryptocurrenies are other examples
of Soft Money but the concept is not new. For decades there have been ongoing local "currency" programs all over the world (the
Hours program) but marketing has now used block chain technology to help birth sexy digital "currencies".
Lets digress at this point and discuss what money is for....used for medium of exchange and as a store of value if available
as such. In those roles there is the assumption of the established/maintained relationship to value over time.
What kids of things get this value relationship? Labor, raw materials, FOOD, property, finished goods and services, etc.
How is this value relationship established and maintained? That is where this get tricky. In the past that responsibility was
executed by the governments or religions of the day. Over the past few hundred years in the West that responsibility has been
held by what could be considered a religion, the God of Mammon religion. That said the bottom line is that the resource allocation
and risk management decisions that come with that authority are and have been decided by a historically elite cult of humans that
have brought humanity to this level of environment and human abuse. That control is being challenged by the China/Russia axis
and the totally sovereign PBOC.
The shit show continues until it doesn't and ransomeware is a sideshow
"" What can be done is to disable the cryptocurrency payment channel that is used by attackers with little to no risk. While this
may not completely solve the problem of widespread ransomware attacks it will at least make it more manageable."" The only effective
way to do the above is to stut down the entire internet. There are many other ways that Ransom can be made via the dark web which
do not involve crypto.
Crypto 'currencies' aren't currencies, they are the most stupid objects of speculation ever invented.
You don't have to ban them, just make shure they can't be traded in or exchanged for real money.
(If you want to know whether something is a currency or not, there's only one simple question you need to ask: can you use
it to pay your taxes? If the answer is 'no', it's not a currency.)
The blockchain is an accounting of all transactions. Every single Crypto/Bitcoin transaction is public. Not only to the merchant
and the customer, but to the world.
Let's assume you buy something with Crypto. Then I see the sender and can look in the database, where he has paid. So if the Cops/CIA/NSA
see that you bought drugs on Darknet, but they don't know who you are, then they just have to go through all the other payments
from the same sender until they find someone they know, let's say a Pizza service or something, and then seize the files there,
and there's your delivery address in there.
Some CIA shill: ..."the attacks would no longer be treated only as criminal acts, but as national security threats"...
Even thought these are clearly criminal acts.
Yeah, OK, and if my neighbor calls me names then I will treat that as a deadly threat against my life, and create accordingly.
Where does this "logic" take Sanger?
Can the USA react with force when some foreign company uses bribery to win a contract?
Can the USA kill people because they have copied something that is under a copyright?
Can the USA let loose the dogs of war when some overseas distributor dumps stuff below cost?
I mean, honestly, have the Americans really thought this through?
In all of these ransomware attacks the one factor that is NEVER discussed is that the vast majority of them occur on Microsoft
Windows. When will people learn to start using a real operating system.
While ransomware attacks are not just a function of the operating system (stupidity on the receiving end is also a factor), I
absolutely agree that people should start using a proper operating system like Linux. Personally, I use Linux Kubuntu
https://kubuntu.org/ which is very user friendly and with KDE it looks familiar
to Windows users. Underneath it is exactly the same operating system as the well known Ubuntu, it is just a different GUI desktop.
It is very easy to install a system like Kubuntu, in fact easier to install than Windows. But most people never install the
operating system they use, so they don't know. So the answer to your question is they will start to use a real operating system
when it is available pre-installed on machines they buy. Obviously, companies like M$ will do their part to prevent that happening
to any significant degree.
I've been following the ransomware actions throufgh
Ars Technica for a while now and for some time it has seemed to me to be obvious that if amerikan intelligence needs untraceable
cash, which may be doubtful since the cocaine/crack running occured at a particular time in the 80's where following Carter and
a dem congress' bill preventing tax revenue from being used to destabilise Nicaragua and reagan still having a dem congress determined
to hold that position, the CIA in particular decided coke dealing was seen as an obvious work around.
As far as I know there are few if any controls on what CIA, defense intelligence and NSA chooses to spend money on currently,
the Church committee after effects have long passed, but if they truly need black money gathered in a manner that is essentially
untraceable because the poachers are also the game keepers, then ransomware would be a much tidier and more profitable option
than dope dealing.
This is particularly the case when one considers that
Monero is the cryptocurrency of choice for many ransomware payouts.
While bitcoin leaves a visible trail of transactions on its underlying blockchain, the niche "privacy coin" monero was designed
to obscure the sender and receiver, as well as the amount exchanged.
As a result, it has become an increasingly sought-after tool for criminals such as ransomware gangs, posing new problems
for law enforcement.
The primary benefits for intelligence are 1) the seeming russian connection plays into the hands of the cold war resurrection
nonsense which forms the basis for amerikan intelligence's empire building and 2) the same intelligence agencies can select corporations
to be 'taxed' on the basis of which corporations haven't been cooperative with agency beat ups about Russian copyright 'theft'
or have whined about particular sanctions etc.
These ransomware attacks are major projects requiring all sorts of social hacking as well as digital hacking to obtain access.
I cannot imagine any band of arseholes better equipped & trained for
social hacking than the CIA or one better
placed for digital hacks than the NSA.
That said if these types can't access crypto currencies it is naive to imagine thay will just down tools & give the game away.
An alternative payment route will be adopted.
The whole point of cryptocurrencies is to combat authoritarianism. I know it's hard for an old mindset to realize what it means,
but more than half of today's population were raised with Internet. They no longer accept authoritarianism like those from
the 20th century.
I would like to say you are right (and I do hope you are), but it looks to me that the population raised with Internet are extremely
susceptible to accept authoritarianism of the 21st century variant, and it is frightening.
Crypto 'currencies' aren't currencies, they are the most stupid objects of speculation ever invented.
You don't have to ban them, just make shure they can't be traded in or exchanged for real money.
This sounds like the same idea that the west has with Russia: Sanction it so it cannot trade with you. Obviously, the result is
that it becomes more independent and starts trading with someone else. It might continue until the west starts to feel isolated.
Your idea could have the same effect on USD, even if it is a way to go before you get there. But eventually, you will.
I use whatever currency my government says is legal tender.
Cryptocurrencies are interestimg, but I would only start using them if I thought they had some sort of military willing to
fight for their worth. Otherwise, they could become worthless overnight.
Perhaps I would feel differently if I understood computer languages and secure banking systems better, but for the time being
it is much easier for me to lose all of my bitcoin than all of the legal tender I have stored in a bank.
Crypto does seem like a very profitable way to speculate on currency if you are in to that.
One of the unstated results of digitalisation at the expense of common sense, including backup. This is one of many reasons I
have consistently refused to digitalise my practice.
"One of the unstated results of digitalisation at the expense of common sense, including backup. This is one of many reasons I
have consistently refused to digitalise my practice."
Yes. It was always stupid to put everything on the internet. They did it like sheep because it was cheap and they thought it
help would help screw the public and their own employees. If you want to avoid being hacked, don't put anything worth hacking
on the internet. Job done. Not only that, when you improve internet herd immunity.
Yes. It was always stupid to put everything on the internet.
There is soon no difference between fiat currencies and crypto currencies in this regard. Over here, they used "covid" to fraudulently
eliminate physical cash. If it hasn't come to you yet, it will.
This all about setting the stage for some huge false flag Cyber attacks , to be blamed on Russia or some other chump. The US,
Israel, the Brits and others from the West are working with WEF- PAC in order to continue their One World Order Agendas. Whether
its financial, infrastructure or sabotage - it's all being done by the same evil cabal.
I find it very troublesome that israel is leading
Israel Moves to Seize Bitcoin
to attack the resistant and any live support send to Gaza.
Counter Terror Financing today issued a
seizure order against 84 crypto
addresses believed to be controlled by Hamas.
The bankers dont need proof, just a honest economic terrorist:
I, Christopher Janczewski, a Special Agent with the Internal Revenue Service-Criminal
Investigations, declare under penalty of perjury, pursuant to 28 U.S.C. § 1746, that the foregoing
Verified Complaint for Forfeiture In Rem is based upon reports and information known to me
and/or furnished to me by other law enforcement representatives and that everything represented
herein is true and correct.
I call them "faith-based currencies". I retain faith in the US $$ mainly in that it will pay off my mortgage (legal tender).
I remember when we at least pretended to have real money here, about 50 years. Now it is all based on the notion the government
will make you take it.
Crypto-currencies look like a great racket. I read Cryptonomicon back in the day, and I can see the anti-authoritarian point
of it, but you still are trusting the purveyor, unless you have recourse when the "money" fails to perform.
I find it strange when people dismiss crypto currencies as a fad, a scam or pyramid scheme just because it is purely digital.
One should realize the US Federal Reserve notes are almost completely digital. The amount of physical coins and paper currency
is only a fraction of total money supply.
Look into M0, M1, M2 money supplies and the monetary base to verify this yourself.
Whenever you have your income direct deposited, pay with a credit card and pay bills online, that is all digital currency.
Why people that transact with digital US dollars all day, every day have such a problem with any other digital currency boggles
my mind.
You're right. I made a strong case in the past that BTC is a ponzi. But given all the falsehoods peddled by their backers,
cryptos really are more of a scam.
Ok, that brings into the question of currency definitions.
From a quick google search one finds this: "Currency is a medium of exchange for goods and services. In short, it's money,
in the form of paper or coins, usually issued by a government and generally accepted at its face value as a method of payment."
Now, currency issued by government is usually called "fiat" currency. It has no intrinsic value and only derives value as a
medium of exchange by law.
Why is that the only acceptable form? Are people not free to design, create and use their own private decentralized medium
of exchange?
If so, and this private currency becomes widespread and readily acceptable, is it not a legitimate medium of exchange.
The question really becomes whether people should have the freedom to use whatever medium of exchange to barter they choose
without any government interference.
The reason you have 'fiat' in the USD (I guess you are from the US) is because you know you can use them to pay tax. And if
you don't, you go to jail.
So all currencies are ultimately based on violence; the unquestioned state monopoly.
That's why I gave the question 'can you use it to pay your taxes' as a litmus test to whether something is a currency or not.
The text you quoted sounds much like something taught to children in school, to spare them an uncomfortable truth.
Could we imaging that there was a currency that was not controlled by a state? Yes, if the state doesn't have a monopoly on
violence. We call that 'civil war'. Historical example of that are abundant. The latest being ISIS issuing their own, I think.
Violence is a natural monopoly. We want it to be a state one; some states (not least the US) might not use it very wisely,
but all alternatives are worse.
Currency is not synonymous with money. They're completely different things. You don't even need currency to exchange products
(barter).
In capitalism, in order for something (anything, digital or not, being digital is immaterial to Economics in this case) to
be money, it has to have three functions at the same time: 1) means of payment, 2) unit of accountancy and 3) reserve of value.
Cryptocurrency serves only as #1, never serves as #2 (you only know you how much you really have and is paying by observing
its price in USDs in the stock exchange market) and doesn't really serve as #3 (just look at its volatility) even though many
insist that it does, but ok, its doable in favorable environment.
The thing is: even when crypto can do the function of #3, it cannot do the rest. When, e.g. Bitcoin goes to the roof (and you
can only know that in USD terms), some rich speculators hoard it and, because it is not fiat, circulation diminishes. That means
it sees a proportional lowering of its function as #1. That means that, even in a good day, cryptocurrency can never serve as
both reserve of value and as means of payment at the same time: hoarded Bitcoin is the same as hoarded gold.
But what astonishes me is the volatility: even the best crypto (Bitcoin) is as volatile as any other dubious financial asset
available in New York. It is a complete myth it is a safe/promising investment, on par with gold. It walks like a financial asset,
smells like a financial asset and looks like a financial asset, and some people simply choose to ignore the data and keep claiming
it is the future of financial security and stability.
After reading about the problems at Kaseya, at least in that case the problem is negligence in regards to software quality and
perhap even bad corporate security. A group of insiders well familiar with their security flaws might have pulled that off.
"But what astonishes me is the volatility: even the best crypto (Bitcoin) is as volatile as any other dubious financial asset
available in New York."
It's a lot worse than other assets, just look at the last few weeks. Last time we had this discussion some bar flies told us
BTC would never crash. Now the crash has clearly happened. BTC's still the best, though.
The reason it's so volatile is that it's nothing. Literally. Even the worst object of speculation in NY is backed by some kind
of real asset, how ever far back in the chain of instruments. Heck, even when the tulip bulb market crashed in Holland in 1637
you could still use the darned things to grow beautiful flowers. That's not just an asset, that's a real value!
Usually near the center of your 'modern' computer's motherboard (and presumably in your smartphone) there is a relatively large
square component called the 'CPU package', which is the thing that does the computing. It contains one or more 'CPU cores' on
a 'silicon wafer'. Unknown to most of us, it also contains a small 'MiniMe' 'management engine' core that runs half as fast, but
has the final say in everything that goes on in the rest of the package. It starts up its own operating system before any it allows
the big cores to start and load the user's operating system, and it talks to the Internet, although we don't know who it talks
to. It can listen to everything that happens inside the package, and report it back to someone. Maybe this has something to do
with cryptocurrencies. Just a wild guess.
Thanks for being one of the very few people who mention, or even know about the situation in Gaza.
**
Israel has also seized $180 million in tax revenues (per year) that it calculates are paid to families of "militants" killed
by themselves. ie. generally those that are left with no other resources. Then Israel will destroy their houses as well, leaving
kids and complete families to sleep in the streets.
That is pure monetary theft with brutality added.
Continue with the fact that it is estimated it will cost nearly half a billion to rebuild Gaza (and there are no longer any
supporters as this is the fourth time this has happened, about $486+millions). Again the rebuilding and it's access to finance
is controlled by Israel.
91% of Gazan children suffer from PTSD, from the latest killings.
****
However your second link seems to be about US civil forfeiture from a scam based in Turkey selling masks. They do use Bitcoin.
The link to ISIS is tenuous at best, but habitually "civil forfeiture" goes to pay for luxury item for US law-"makers".
****
Note that the ongoing genocide-ethnic cleaning, which is covered up by the MSM, has reached a stage where long lasting physical
effects due to starvation, deprivation, resulting in life-long sequels (rachitism etc) and despair, are war crimes. If
there is a war. Which is why a hidden genocide is conveniently based on accusing Hamas or any other group. Without Hamas as cover,
the real aggression would be plain to see.
The continuous accent on "arresting" children as young as seven, is terrorism of the weakest.
****
The seizure of 84 sites (?) is not just about bitcoin, but is a massive clampdown on any means of describing the conditions
in Gaza today, by eliminating news outlets (censorship) and actual access to Gaza...... and using "Bitcoin" as the excuse.
So Hamas has managed to get a few millions by using cryptos? They don't have much choice.
You're speaking to the choir. I'm been using Ubuntu on all my machines since Breezy, which was released in 2005. I tried other
distros, but always came back to Ubuntu due to packages. There are ALWAYS packages available for Ubuntu.
@norecovery #4
The problem with "mirrored" servers - i.e. fully parallel systems - is that you have to pass data back and forth.
The more you pass this data, the more visible the mirror is to anyone in the system.
The state of the art in ransomware attacks - the very first thing the attacker does is look for hardware backups, software backup
programs and cloud backups. And then poison them.
This isn't just talk: I had a customer, a mid-size accounting firm that did exactly that - 2 fully parallel systems which they
switched on/off every few days. The attacker took down the other system just as it was rotating out/offline, then took down the
online one.
Keep in mind - as much time as it takes to decrypt - so too is the attacker taking the time to encrypt. A ransomware attack doesn't
happen in minutes or even hours - it occurs over days, weeks and sometimes months.
@the pair #6
Let's examine your arguments one by one:
You said:
1. yes it is a problem. nothing is "the" problem unless you want to get down to the philosophical bones of capitalism and such.
no, it isn't the problem. Should we ban online bank accounts because they are used for money laundering (which they are)?
Should we ban credit cards because they're used for crime (which they are)?
This is a risible argument based on the idea that a magical ban on cryptocurrency would stop ransomware.
It. Would. Not.
You said:
2. "banning" it might not be practical (we've had bans on child porn for quite a while and it still exists...and is usually
paid for with crypto). but banning the mining of it will de facto take it down a few pegs.
No it wouldn't. Mining doesn't need to happen in the US. Unless you have a global China-style internet control bureaucracy
- you cannot stop mining.
You said:
3. let's drop the "derp imma freedom fighter cuz i has dogecoin" crap. the people with the most ability to buy and manipulate
coin are the people with the least reason to tamper even slightly with the "system". but then some people (usually soulless
white yuppie guys) act like musk is a "genius" so i guess making him and other cointards out to be digital che guevaras wouldn't
be a huge leap.
I have no idea what you're trying to say here. Dogecoin is a joke coin that has been used by Lone Skum to literally pump and
dump. But then again, this guy has done the same to actual companies, so what?
You said:
4. we already live under "inverted totalitarianism". and it smells a bit of ayn rand's verbal feces to equate "i can't have
100% freedom all the time with my vapor money" with "derp here come the stalins!" maybe try to think about something immaterial
for 5 seconds a day.
Again, no idea how this is relevant to cryptocurrency. You do understand that the 2nd most common criminal currency are gift
cards, right? We should ban those too?
You said:
5. crypto is the BLM of currency. it looks all freedomy and changey but will eventually be co-opted and absorbed into the blob.
or have goldman and the other parasitic "masters of the universe" suddenly embraced competition?
Cryptocurrency is not money. It is not value. It provides no real benefits. But then again, neither does art or 99.9% of philosophy
degrees.
So what?
You said:
6. it's also the "free range beef" of currency. just as that dumb fuck yuppie marketing campaign ignores the vast amount of
land it takes to feed the cows, crypto lovers have yet to explain how something that already uses as much electricity as goddamn
EGYPT can be scaled out to cover everyday use by billions (or even millions) of people.
I've noted the electricity consumption of bitcoin is a problem going back for many years.
But so what? Does anyone care about the carbon footprint of the NYSE? This is a stupid and irrelevant argument.
A more relevant argument would be: bitcoin and other mined currencies are actually far more fiat than fiat currencies. The
percentage of total value they give away to miners in order to get mining done is enormous compared to fiat currencies - but is
invisible because they're being given away from "stock" and not from supply. What happens when the stock ends, as is architected
in Bitcoin and really isn't so far away?
In any case, you have focused overmuch on the libertarian idiots pushing cryptocurrencies. Those are irrelevant.
The reality is that rich people are buying it. US and European and Japanese banks are CUSIP holding crypto for wealthy clients.
It ain't going away and any talk about doing so is deluded.
@Tom_Q_Collins #12
KYC and AML are starting to get implemented in 1st world exchanges, but this is irrelevant.
Criminals have had no problems turning drug/sanction proceeds into cash - why would cyber crime be different?
@gottlieb #17
Nope.
Cryptocurrencies have no real use except to hold value, evade currency controls and get paid for .
I have been watching the space for over a decade now, including hundreds of startups. Not a single for profit use case could
not be done trivially some other way.
There are a few use cases for institutions, but anyone who thinks crypto is going to democratize anything is seriously deluded.
@10 to 1 #27
Untrue. Only if a user connect a wallet with the real world in some way: buying a physical product, converting to fiat, etc is
the chain traceable.
However, the error is that the virtual wallets are literally unlimited.
The further down the chain the "bad" crypto is - the more uncertain who actually controls it and/or benefited from it.
A simple example: a ransomware attacker gets paid 5 bitcoin.
Those 5 bitcoin weren't created - they came from somewhere. Rarely, they are newly mined but usually there's a terrorist wallet,
a thief wallet, a legit owner etc in the chain already.
So who is the legit owner after the 5 bitcoin get split into 20 wallets and then proceed downstream from there?
There is nothing but software required to take the 5 bitcoin and process through 50,000 wallets in 20-long chains - yes, you can
trace all you desire but just how accurate do you think the results are?
Thus the "transparency" is a lie just like those radio and TV stations who are open to anyone looking at who pays for ads...if
they go in person and dig through the deliberately obfuscatory paper trail. And not always even then.
The software companies that say they can handle this: they lie. What they are actually doing is taking known datapoints from participatory
exchanges and using that to ascertain beneficial ownership and/or control - but this in turn makes all manner of assumptions which
will certainly not hold up well in court vs. a knowledgeable other side.
@One Too Many #30
Idiotic.
The main reason ransomware attacks occur on windows machines is because the majority of compute used by companies are on windows
machines.
If a modern Mac laptop or computer is encrypted - you are literally SOL. The OS, if security precautions are set up, is literally
tied to the physical CPU. It is only a matter of time before someone figures out how to hose that check routine - at which point
ransoming masses of Macs will be on the table.
Nor is Linux any better. Encryption performance in Linux is so much faster that it would actually be harder to stop, once in.
Ultimately the green field nature of IT today is such that the criminals go for the easy stuff first.
As Windows improves, that changes the equation which Linux and Mac users have been counting on.
@Jen #32
Possible but not likely.
The reality is that the Ukraine has been a haven for cyber criminals - independent of the present or past governments - for a
long time.
1 of the 4 guys behind the first dark web stolen credit card forum escaped to Ukraine; the Darth Vader political candidate - he
founded/funded that party.
@Max #33
Wrong.
Here's a very common cashout method:
1) exchange crypto for Apple gift cards on Paxful
2) Buy iPhone with gift card.
3) Sell iPhone for up to 40% off retail prices in most countries that have import taxes
@Abe #38
Do these people use cell phones? If so, then they're penny wise and pound foolish.
It doesn't matter what cryptocurrency you use, if you're accessing it via a cell phone or American ISP. With legal or illegal
access to the telco operator - they ain't hiding diddly.
(theverge.com)
3BeauHD on Thursday June 24,
2021 @09:30PM from the out-of-sight-out-of-mind dept. Microsoft is shoving Skype
out of sight in favor of Microsoft Teams , which gets a highlight spot in the new
center-aligned taskbar and deep integration into Windows. The Verge reports: Today's Windows
11 news is all about where Microsoft sees computing going over the next few years, but it's
just as much the story of how Skype has flourished and ebbed since its $8.5 billion
acquisition a decade ago. Five years ago, Skype was the big name in internet calling and
video, and Microsoft made it an "inbox app" for Windows 10 that was included at installation
and launched at startup by default. Now, after a pandemic year that has had more people using
their PCs for voice and video than ever before, Skype was nowhere to be seen in the Windows 11
presentation or materials.
The future vision that Microsoft had for Skype everywhere has turned into a reality --
but that reality made competitors Zoom and FaceTime into household names instead. Back in June,
when Microsoft made Teams available for personal accounts, the company still paid lip service
to Skype, saying, "For folks that just want a very purpose-built app, Skype is a great
solution, and we support it and encourage it." But now, if you want to use Skype, you're going
to have to go find it in the Microsoft Store like any other app. A company spokesperson tells
The Verge: "Skype is no longer an inbox app for new devices that run Windows 11. The Skype app
is available to download through the Microsoft Store for free."; Skype joins OneNote, Paint 3D,
and 3D Viewer as the apps that will no longer come with the OS.
The third step to data recovery: Windows File Recovery
Microsoft offers a good, basic file recovery utility called
Windows
File Recovery
(winfr.exe) for Windows 10 version 2004 and higher. It's available in the Microsoft Store.
This utility launches in an administrative command prompt session and runs at the command line. I tried the command to recover
download files, as shown in Figure 2. There is a learning curve involved in using this tool, but the
user
manual is available online
and very much worth reading and exploring for those willing to tackle file and folder recovery at the
command line. If you know what's missing and where it resided, you can use it to recover files quickly and easily using specific
filters (the more specific, the better, as I learned when recovering my old download files).
IDG
Figure 2: Windows File Recovery is a basic, bare-bones command-line recovery toolset. Even so, it's surprisingly capable. (Click
image to enlarge it.)
The winfr tool also supports what's called "extensive mode," which offers more comprehensive and far-reaching repair capabilities.
Regular mode is turned on by default; you must use the /extensive parameter to access extensive mode's capabilities. It's good at
handling non-NTFS file sytems (e.g., FAT and exFAT), and can find more files deleted longer ago. Extensive mode can also attempt
repairs after formatting a disk" which takes us into territory for the next topic, partition repairs" and it is better able to
cope with disk corruption than regular mode.
Those who prefer to undelete files using a graphical interface instead of working at the command line should try the free but good
Piriform tool
Recuva
.
The fourth step to data recovery: partition recovery
There are plenty of good third-party data recovery tools available for Windows 10. That said, those that can recover entire drives"
especially big ones" or that offer partition and formatting recovery are usually not available at low or no cost.
For example, upgrading from the free version of Recuva to the Professional version means gaining more advanced file recovery,
including partition recovery, recovery from damaged or reformatted disks, and more extensive recovery for long-deleted files and
folders. The same is true for
MiniTool
Partition Wizard
, which offers excellent partition handling and modest partition recovery in its free version, but adds
extensive file, folder, and partition recovery capabilities to its Pro version.
Once partition recovery is effected, you can then tackle file and folder recovery from the newly restored partitions (if needed). In
cases where accidental reformatting or partitioning mistakes have been self-inflicted" I've done this to myself on at least two
occasions when I targeted the wrong drive" successfully restoring the old partitioning scheme usually brings all the old files and
folders back, too.
If you successfully recover data yourself: perform a disk health check
Something
had to cause the issues that led you down the recovery road. If you've managed to recover data through chkdsk,
Windows File Recovery, or another data recovery tool, it's a good idea to give the problem disk a thorough checkup.
Hard drive and SSD makers often offer such tools as downloads for the drives they sell, and there are plenty of free and for-a-fee
tools available for disk health checks. I'm partial to
CrystalDiskInfo
because
it provides a good overview of a disk's SMART data (self-monitoring, analysis and reporting technology, which includes error counts
that often signal impending disk failures).
Other tools such as
HD
Tune Pro
($35, occasionally available for free) and
Hard
Disk Sentinel
(free trial available, $20 for the standard version, $30 for the pro version) offer more detailed disk diagnosis
and surface/media scans to provide better information on disk health and condition. The former took 10 minutes to scan my 9-year-old
OCZ Vertex 3 SSD (nominal 120GB, actual 119GB) before giving it a clean bill of health despite advanced age and heavy usage, as
shown in Figure 3.
IDG
Figure 3: HD Tune Pro analyzes disk health and condition, including SMART data and a sector-by-sector media scan. The error scan
shows all sectors green here; any damaged sectors would show in red. (Click image to enlarge it.)
If a disk shows questionable health or more than 10% of its sectors are damaged, it's time to replace it. Make a backup while you
still can, order a new device, and you'll be able to restore the backup when the replacement arrives.
The fifth and final step to data recovery: call in the professionals
If steps 1 through 4 fail, you'll need to seek outside help. Here's Software Testing Help's list of the
top
dozen data recovery services
for those who must travel this road.
Hopefully, you'll never need to send a drive to a professional data recovery service. If you do, be prepared to pay handsomely for
their work. Charges of $300 and up are typical. (Bigger drives cost more, as you might expect.) And it can take weeks or months to
get through their service queue.
Some companies will let you send them a replacement drive on which to restore what they find. Others will insist on selling you such
a drive, sometimes at above-market prices. But sometimes, there is no alternative, and you'll pay what you must to get precious or
irreplaceable files and data back.
Be sure to work out as much of the cost picture as you can before sending a drive off for recovery. You don't want the bill, however
big it turns out to be, to come as a surprise.
In my 30-plus years of working with personal computers, I've never had to send a drive off for professional recovery. Even so, it's
good to know such services exist should I ever need them.
I learned the value of backups in 1989, when a 300MB SCSI drive attached to a Macintosh cratered and I lost a book manuscript as a
result. I've never been caught unprotected again, nor should you be. Happy computing!
I would not recommend deleting files in system folders, but rather use the APIs that are
designed for this purpose.
For example, EmpyRecycleBin.exe is a
command-line tool that uses the correct APIs. Even then, I would argue that files in the
recycle bin should be considered as user data, and should not be deleted without their
consent.
Bill
Marked as answer by
Bill_Stewart Wednesday, August 21, 2013 4:31 PM
Open command prompt by going to Start "" Search "CMD" "" Open as administrator
Run the following command "" rd /s /q %systemdrive%\$RECYCLE.BIN
This procedure clears out the $Recycle.bin directory from the system partition. You can do this for each hard disk partition in
your system like below.
#hard coded drive letters
$names = @{"C","D","E"}
#Loop through the drives
Foreach ($drive in $names)
{
#Get the path for the recycle bin, the ugly format is to keep the $
$dir = "$drive:" +'\$recycle.bin'
#remove the content
remove-item $dir -force -recurse
}
Nadella's remark about the 'next generation' of Windows came just a week after Microsoft
disclosed it was ending development on Windows 10X and some of its features will come to
Windows 10 in an update.
Microsoft announced Windows 10X - a lightweight version of the Windows 10 - in 2019 as an
operating system designed for use on dual-screen devices. However, the company changed its mind
in 2020, announcing a pivot to focus on single-screen devices.
In a blog post last month, John Cable, the head of Windows servicing and delivery, wrote
that "the technology of Windows 10X could be useful in more ways and serve more customers than
we originally imagined."
Cable said that the best bits of Windows 10X would be integrated into the main version of
Windows 10.
Microsoft launched Windows 10 in July 2015 with a one-year free offer for users of Windows
Vista and Windows 7. In March 2019, the company announced that its PC operating system was
running on 800 million machines.
For Microsoft, Windows 10 is the source of 14 per cent of its total revenue, and it has
received two updates each year since its launch in 2015. The latest Windows 10 update, which
was rolled out last month, came with only a few changes.
Windows is powerful, but it often arrives on your PC as a bloated, crapware-filled mess.
Here's how to remove the bloatware and clean it up, without making things worse with more
crapware-filled helper apps.
Microsoft has recently reported that
Windows 10 is now running on over 75 million computers around the world, which signals a
great jump start for the new operating system that will be part of our life for years to
come.
Previously, I have share with you a number of good reasons
to why you should upgrade to Windows 10 , which included new technologies under the hood,
the return the Start menu, Cortana, Action Center, Settings app, and many new features and
changes. However, with the good there is always the bad. Today we're going to go through
fourteen reasons you should consider to halt the upgrade until a later feature packed update
gets released.
Let's look at some of the reasons why you should stay on your current version of the
operating system.
While the software giant has managed to fix many of the issues that cause the upgrade
process to fail, many users have been reporting failures to upgrade to Windows
10 due to different number of reasons. Some people are finding compatibility issues with
hardware and software, and there are situations where the operating system can't complete the
upgrade process. One of the most common issues has been the problem activating Windows
10.
2. It's not a finished product
Microsoft is changing the way it builds Windows, with the release of Windows 10, the company
will no longer release major upgrades. Instead, Microsoft is now offering "Windows as a
Service." Technically, Windows will never be considered complete, which means that the
operating system will continue to be a work in progress. As a result, we are likely to see more
bugs and other issues in the regular basis. Additionally, because we're in the early days, you
will see some missing features and inconsistency.
In my personal experience, I've seen some issues including bugs in the Start menu where
parts of the menu will just randomly disappear. Some Live Tiles also won't change accent color
automatically, and the Start menu will suddenly lose its color scheme.
The file picker doesn't render its background color correctly and picking one or more files
won't highlight what you're selecting.
Sometimes hovering over an app in the taskbar will display an empty preview, even though the
app is running.
Windows apps will suddenly crash or freeze more often than in Windows 8.1.
If you perform a clean install your email accounts won't migrate automatically to the new
Mail app, you'll have to set all your emails manually.
However, the good thing about the new update model is that the company will be releasing new
patches, fixes, and features as soon as they are ready.
3. The user interface still a
work in progress
While the new operating system offers an updated user interface, it fails short to be a
complete design. For example, there is a big inconsistency around the context menus.
Right-clicking on the desktop, using Start menu, taskbar, Mail app, and Microsoft Edge, just to
name a few scenarios, you will be presented with a different context menu style.
Also, Windows apps also show user interface fragmentation, as they offer different flyout
menu styles. On the Maps app, the menu will appear the left side of the screen, Microsoft Edge
on the right, and other apps such as Weather, Movie & TV, News, and others feature a
settings page that takes the entire real estate of the app.
Not only the settings are inconsistent among apps, but you will also find different rail
styles while clicking the hamburger menu. Some apps will overlay the menu on top of the app and
others will simply push the app content to the right.
Although these are small issues that shouldn't slow down your productivity, together with
other inconsistencies, can affect the user experience.
4. The automatic update dilemma
In the new operating system, Microsoft is also introducing a new way to update. Moving
forward out-of-the-box users are required to install every update the company pushes out. On
the good side of things, automatic updates are a good thing because it ensures that all users
(technical and non-technical) are always running the most up to date version of Windows 10 with the latest
security patches.
However, on the bad side of things, pushing an update even after being fully tested can
cause a serious headache to the end user. For example, there could be issues with graphic
drivers, or a new patch wasn't fully tested on certain configurations. These and other
scenarios can happen anytime, and if you're not a technical user, chances are it will be very
frustrating trying to go back to the last known good configuration.
5. Two places to
configure your settings
Windows 10 includes the Settings app, which is the new unified place to change and configure
many aspects of the operating system. It's also an upgrade to the PC settings in Windows 8, and
a feature that will eventually replace the Control Panel.
While the Settings app brings an easy way to manage your settings in Windows 10, the feature
is not complete. You're still required to jump to Control Panel to configure certain options of
the operating system.
For example, you can change your desktop background through the Settings app, but you'll
need to use the Control Panel when you need to change your Theme settings.
You can change your mouse settings via the Settings app, but you need to jump to Control
Panel to change the mouse pointer.
You can configure your Wi-Fi connection in the Settings app, but you still need go to
Control Panel to manage your network adapter settings.
As you can see in its current stage, Windows 10 doesn't have a consistent experience to
configure different options.
6. No more Windows Media Center or DVD playback
Microsoft is trying to build an operating system that is ready for the future. This also
involves retiring features it believes are not necessary. This is the case of Windows Media
Center and DVD playback features as the company continues to push its Xbox One as the Windows
entertainment hub for the biggest screen in the house.
As such, if you upgrade to Windows 10, you'll soon find out that Windows Media Center and
the ability to play DVDs are no longer available.
However, the removal of Windows Media Center shouldn't come to a surprise. The company has
not updated the feature in years, but there still many fans out there that feel the pain of
seeing WMC go away.
The removal of DVD playback was a decision Microsoft made because we're consuming more
online content than ever before. Also, adding the codecs to play DVDs adds extra cost to
licensing. The company now offers Windows DVD
Player in the Store , but you probably don't want to spend $14.99 on something that you can
get for free when using other applications such as VLC.
7. Problems with built-in Windows
apps
In the new operating system, Microsoft seems to be adding everything as an app. Now, we have
the Calculator, Alarms & Clock, Calendar, Camera, Cortana , Mail, Maps, and other apps. However, if
you don't like these apps, you can't uninstall them.
Another example is if you're running Windows 10, but you are a PlayStation 4 user. The Xbox
app for Windows 10 is pretty much useless and it's another app you can't uninstall.
Also, some of the apps feel half way cooked with missing features. You will see this with
the OneNote app, which doesn't offer any options to configure spell checking. You can see what
words are wrong, but it won't suggest any alternatives.
The Mail app is headed in the right direction, but it lacks many features found in the Mail
app for Windows 8.1. For example, with the new Mail app, I'm unable to view at a glance how
many new emails I have to go through on all my accounts. Also, previous accounts you have setup
on the Windows 8.1 Mail won't configure automatically in the new app. Many newsletter emails
also won't render HTML correctly, there aren't notifications when sending or syncing emails,
and you can't change the default conversation view of emails.
Additionally, other apps such as People are very basic with limited functionality or the
user interface just feels incomplete.
8. Cortana is limited to some regions
Cortana is one of the biggest features you can find in Windows 10, it's a very useful tool,
you can quickly search online or files locally and on OneDrive. Additional, functionality
includes the ability to track flights, packages, and keep you inform on anything you like.
You can use voice commands to control the assistant and even compose and send an email to
any of your contact hands-free.
There is no doubt that it's a true digital personal assistant that will only get better with
time. However, Cortana is only available in China, France, Germany, Italy, Spain, United
Kingdom, and the United States. As such, for users outside of the supported regions, this could
be considered another reason not to upgrade.
Note: Because Cortana is personal to you and to a region its being released, it takes time
for Microsoft to make the assistant available on different countries, but be sure that the
company is proactively working to bring Cortana to more regions.
9. Shutdown and reboot
take a long time
Perhaps is not a big deal for many users, but it's to me. One of many things I liked from
Windows 8.1 was the ability to reboot or shutdown in just a few seconds. I have a fairly new
Intel Core i7 and 16GB of RAM machine, and I don't know what's going on with Windows 10, but
now it can take minutes to reboot or shutdown.
Obviously, it's a problem that Microsoft have to address.
10. Devices with limited
storage are still limited
Microsoft is building Windows 10 to be an operating system that runs everywhere; your phone,
tablet, laptop, desktop, and even IoT devices. This is a great accomplishment that also allows
developers to build apps once and target millions of devices without much effort. However, at
this point, there is one important missing feature, which is the ability for devices with
limited space to use an external storage to install new apps to free up space.
The software giant already added an entry on the Settings app to allow users to use an
external storage to install new apps, but the feature isn't yet ready. As such, if you're
planning to upgrade a device with limited storage, you should consider this current
limitation.
11. OneDrive selective sync problem
In Windows 8, the software maker began integrating OneDrive in the operating system, which
also included the concept of placeholders. It's a feature that allowed users to browse OneDrive
files locally on the computer, but without downloading the file entirely. The placeholder
included some metadata information and a thumbnail, then if you needed to open the file, you
simply double-click the file to download and open with the default application.
One of the biggest advantages was the ability to have hundreds of gigabytes of files at your
fingertips without using much of your local storage. However, this brought the issue where many
people didn't know which files were available offline. As a result, Microsoft introduced
selective sync, which allows users to select which files are available in Windows 10. However,
the new sync functionality isn't very effective for users with many gigabytes of documents in
OneDrive and limited local storage.
While selective sync solves the problem of which files are available to the end users, many
other users see this as a problem. Microsoft should have added the two options, or come up with
a different approach.
12. Microsoft Edge isn't ready to replace your default web browser
(yet)
Microsoft Edge
is the new default web browser for Windows 10, it the software that finally replaces Internet
Explorer, and takes on Google Chrome and Mozilla Firefox. However, the browser still in the
very early days.
You'll see that the user interface feels
incomplete , the current version doesn't include support for touch gestures. Extensions is
another feature the company has promised, but it will come on a later update. Also, many users
have reported that the browser crashes quite often. If you're not running Windows 10 on fairly
new hardware, you'll notice that the browser is very slow and even slower on sites with many
ads.
13. Continuum is not enough
Continuum is a new feature in Windows 10 that allows users on 2-in-1 devices to move from a
keyboard and mouse to a touch experience, while trying to keep the same level of
productivity.
While it's a great useful feature, it falls short on customization, many users will even
argue that the Tablet mode and touch gestures in Windows 10 are inferior to the Start screen in
Windows 8.
Also, the full screen Start menu is now on a vertical orientation and wastes valuable space
on the sides. You can't access the desktop unless you have a shortcut tile on Start to access
File Explorer.
If you're using virtual desktops, and you switch to Tablet mode, all your apps will then
arrange on a single group instead of different desktops. And the menu and apps buttons on the
Start screen can be a little confusing for some users.
14. Privacy concerns
Since the operating system launched on July 29th, there has been a lot controversy of what
information Microsoft collects to improve its services and functionality in Windows 10. If you
agree to install Window 10 on your computer, you will be giving Microsoft consent to collect,
by default, information about you, devices, application, search queries, application usage, and
even when you use voice input such as speech-to-text.
So, if you don't feel comfortable with the information the company collects, probably
Windows 10 isn't for you. However, keep in mind that Microsoft is very clear on what it
collects and Windows 10 provides some
ways to control your privacy .
Conclusion
As I previously wrote, there are a lot of good reasons to upgrade to Windows 10, but there
are also other reasons, such as the ones we looked at today. You may want to consider and hold
off the installation of the operating system until the next significant update or even
Redstone, which is a major update that should arrive in two parts in 2016.
Overall, Windows 10 works very well and seems stable to run on your primary device. However,
it feels that Microsoft may have rushed the operating system to get it out to the masses as
quick as possible.
In my opinion, the operating system can be considered a good upgrade for technical users
because there are great new features and tech savvy users can quickly think outside of the box
to resolve pretty much any problem. For regular users, it feels that Windows 10 needs to mature
a little bit more.
Have you encountered any issues in Windows 10? Will you recommend Windows 10 to your
parents or grandparents in its current stage? Let us know what you think in the comments
below.
If you get a notification that you have a "Microsoft account problem,"
you don't have a problem and you don't have to fix anything.
You
haven't been hacked and you don't have a virus.
Microsoft is
testing your patience.
(Update 09/2020: Try the tips in this article but they may not work. For
some people "" including on my own computers for the last few months ""
this notice still appears even after turning everything off. The only
suggestion I have left is to ignore it.)
How to stop the notifications
Click on Start / Settings (the gear in the left column).
Click on
System
.
Click on
Shared
Experiences
in the left column.
Turn off
Nearby
Sharing
and
Share
across devices
.
That should turn off the notifications. (Sometimes they keep popping up
even after those switches have been turned off. I can't explain that.)
Trust me "" you won't miss "shared experiences."
Background
The message reads: "
Microsoft
account problem
"" We need to fix your Microsoft account (most
likely your password changed). Select here to fix it in Shared
experiences settings."
If you see that message and you know you haven't changed any passwords
lately, you will worry that your Microsoft account has been hacked. Four
people called me on the same day last week about the scary message. They
had been putting in every password they could think of, trying to
resolve their "account problem." Nothing worked.
Out of curiosity, I have tried to fix the "problem" for several
different clients. I tested the credentials for their personal and work
accounts to make sure we had up to date passwords, then fed every
variation into the prompt at Shared Experiences, trying to satisfy it.
Nothing worked.
I'm pretty confident, then, that these two things are true for most
people:
There is nothing that needs to be "fixed." There appears to be a bug
in the way Microsoft has set up "Shared experiences" that brings up
an incorrect error message.
More importantly:
"Shared
experiences" is an obscure, nearly useless Windows feature that
should never call attention to itself. You aren't using it, you
won't use it, and it should be polite and shut up.
Message 1: "
Microsoft
Account
"" You need to fix your Microsoft Account for apps on
your other devices to be able to launch apps and continue experiences on
this device."
Message 2: "
Work
or school account problem
"" We need to fix your work or school
account before you can use shared experiences. Select this message to
open Settings and fix things."
I wrote
this
article two years ago
about those messages, which were just as wrong
then as the scary message you see today.
What are Windows 10 "Shared experiences"?
Let's zoom up to 36,000 feet and get the big picture.
Microsoft was badly burned when it missed the transition to mobile
devices. It wasn't for lack of trying! Before 2007 Microsoft had made
valiant efforts to develop handheld Windows devices. It was so
unsuccessful that when Apple introduced the iPhone, the world forgot
about Microsoft's mobile efforts. Today, most people think Apple
invented mobile computing.
After fumbling and flailing for a few more years, Microsoft launched a
new push to break into the iPhone/Android phone duopoly, redoubling its
efforts to develop a phone operating system and spending billions to
acquire Nokia and sell its own phones. The result: embarrassing failure,
layoffs, and huge write-downs.
Microsoft still has its dominant place in computer operating systems and
has brilliantly pivoted to enterprise services. It is embracing open
standards and has been avoiding the spotlight now being shone on other
tech companies for privacy and antitrust issues. As a result, Microsoft
is arguably the most successful tech company on the planet right now.
But Microsoft can't let go of its disappointment about being excluded
from the mobile world. The future belongs to the connections among our
devices, mostly mobile devices. Since Microsoft doesn't have its own
mobile platform, the company risks becoming irrelevant to consumers
unless they can be convinced to use Microsoft services to link their
devices together.
Thus the insistent push to store files in OneDrive, which with luck will
lead you to use OneDrive and the Office apps on your phone. (OneDrive is
doing pretty well.) Microsoft is retooling its Edge browser and will be
touting its ability to sync your bookmarks and preferences to the
Edge
mobile app
so that you can go back and forth between your computer
and your phone. (Edge has a user base of forty-three. That's not a
percentage, it's the number of people worldwide using Edge. I don't see
anything coming up that will change that.) Microsoft is putting
finishing touches on a new Windows app,
Your
Phone
, which will sync your Android phone to your computer and be
Fabulously Useful â„¢. (The Your Phone app will go nowhere "" some loyal
users, roundly ignored by everyone else.)
Shared Experiences is yet another halfhearted effort to create links
between our devices.
As
I wrote two years ago
:
In theory you can push your open web pages from your desktop
computer to your laptop, or transfer your work in a program on your
computer to the same program on your phone or tablet. "Shared
experiences" can be synced through the cloud as well as Bluetooth.
In addition to syncing your place in an app, it has the potential to
turn a mobile device into a remote control for, say, media playback
on the computer. There is also the chance to "invite others to use
apps with me," whatever that means.
The Shared Experiences feature was completely useless when it was
introduced two years ago. Nothing supported it. At best, it was only
going to be relevant if we used Microsoft apps on our phone that matched
the Microsoft programs on our computers "" and we don't. In any case, for
the most part, Microsoft apps were not ready to support Shared
Experiences, and third party developers showed no interest in supporting
it.
Today, two years later, I cannot find any evidence whatsoever that
anything has changed. If Microsoft is supporting this feature with its
own apps, it is not advertising that in anything I can turn up in a
Google search. I find zero evidence of any developer interest. It looks
like a feature begging to be abandoned.
Which makes the error message all the more infuriating. Microsoft has
had two years either to make this work smoothly or to get its feature
to
shut
up
.
This story ends in precisely the same place it did two years ago:
Microsoft showed you an unexplained error message instructing you to
fix your Microsoft account, which wasn't broken, for a feature that
does nothing now and might never do anything interesting ever.
I use a laptop and a PC simultaneously however only my browser is in sync. I use my mobile
for not much more than a telephone. My partner has a windows 10 laptop also.
If I want to share between computers I use Bluetooth, upload and download using my website,
use a USB stick, or email to myself. I do not want or need one drive. I do not need to use
my Microsoft account to share anything however I also get this harassment every day when I
boot up. I have spent untold unpaid hours searching for a way to block it
I remember when Yahoo had a service where people uploaded stuff and when Yahoo cancelled the
service there was nowhere else for the stuff to go.
Nothing is broken which needs fixing, no password relevant to Microsoft has been changed,
however I think the reference to "password" is the clue.
Possibly Microsoft wants windows users to sync their local computer log on password and
their Microsoft account password so that when you boot up your device, you will also log
into your Microsoft account.
Added to this is the persistent blocking by Microsoft of features in its Office Suite trying
to force me to change from a password to a PIN or something called "˜hello'. If you click to
"˜fix' this non-existent problem the only option offered is to use "˜hello'.
All this has achieved is I will not renew my Office 365 subscription next year.
I don't know the details yet but I've recently come to think that MS is pushing the
Windows Hello system (single-device PIN/fingerprint/camera) as a preferred alternative
to password login. I ran across a PC recently that asked for a PIN but didn't seem to
have the option to use a password instead, even though it had originally been set up
with a password. Seemed strange. Windows Hello is very secure "" it's good technology and
the goal of authenticating with something more secure than passwords is good. I'm
keeping my eye out to see where MS takes this.
I started getting a notification since I reinstalled Win 10 20H2 in January 2021.
The notification is as follows:
"Microsoft account problem
"We need to fix your Microsoft account (your password has probably been changed). Select
here to fix it in the Shared experiences settings."
Earlier, on December 30, 2018, I had installed Win 10 Home Version 1809 (32-bit version)
because my so-called local computer expert had warned that I might face driver problems with
the 64-bit version.
I updated up my Win 10 32-bit installation up to Win 10 20H2.
All these years, I never once got the above (or similar) notification.
Finally, this January, I took the leap and did a fresh install of the Win 10 Home 20H2
(64-bit version).
The installation went very smoothly, and I did not encounter any driver problems.
But soon after the fresh installation, I began to get frequent notifications that I have
mentioned above.
What did I do differently?
The first time (when I had installed the 32-bit version), I had entered the Windows product
key.
The second time (in January 2021), I opted not to put in the Windows product key (as advised
by some tech sites) and opted to activate using my Microsoft account.
I have tried many of the solutions proposed above (and by the Microsoft site listed below),
but to no avail.
I wonder if the notification from Microsoft are related to the fact that I did not use the
Windows product key and instead opted to activate my account with my Microsoft account.
Is anyone who installed Windows with the product key getting these notifications?
Thanks in advance.
Please note: I am posting this message on the following sites:
Good question. I haven't done an install with a product key for years. In the last year
or so, I've seen this password popup frequently and it's become harder or impossible to
make it stop. I tell people to ignore it "" a pretty weak answer but the best I've got.
The notification is not as frequent as before, but it still pops up now and
again.
Today, it popped up after a two-week gap.
So, no silver bullet yet.
Looks like I have to reinstall Win 10 using the product key.
ella
on
January 8, 2021 at 6:23 pm
This has been annoying me for months. Thank you for giving me something to try. Not even
sure why I had shared experiences on as I'm not trying to share anything with other devices.
I constantly get this notification on my desktop but not my on laptop which are both on the
same Microsoft account tried everything but it pops up at least once a week very annoying
and strange.
Well, no, it won't, not this problem. Fun fact: Windows does hard drive diagnostics
behind the scenes and drives have become more reliable "" I haven't had to pull out
chkdsk in a long time.
Albert van Leeuwen
on
December 23, 2020 at 3:54 am
Run regedit
Go to:
Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Identity\Identities
Clear string value FriendlyName
Export \identities and save as NoFriendlyName.reg
Make batch file containing this text:
REG IMPORT C:\Users\amvla\Documents\RegImportNoFriendlyName.bat
Save batch file as RegImportNoFriendlyName.bat
In Task Scheduler make task to launch RegImportNoFriendlyName.bat at log on.
Is it possible to notify Microsoft of all these sorts of problems? I'd sure like to inform
them of how incredibly annoying everything involved with their Microsoft Accoumt is.
I get the notification- need to fix account but I think the prompt is due to not being
signed into Microsoft account as it does not exist anymore. I closed it maybe two years ago.
I try not to use Microsoft anything much. No email, no Office, Edge, etc. Just stuff that I
don't need to be logged in for once in a while. No way to stop it buggin me as far as I can
figure out. I use a local account and password or at least I guess that's what I do but I
don't use much of Windows that I can help. Pretty much Chrome and stuff. Thanks for allowing
me the space to ramble.
This seems to also be tied into Windows Update. I had to search for a "fixed" driver to use
my Samsung S10+ as a hotspot on Saturday because the default NDIS driver wouldn't work" and
this has been happening every day since.
I have no sharing options turned on, no accounts linked in the "View apps and services "¦",
etc. I simply have no need to share with other devices, since in order for search queries to
*not* be customized (I hate reinforcement bias limiting my results) I have my browsers set
to always delete history. This is a new machine, never had any accounts on it other than
mine, so there are no hidden ids from a previous user.
And FWIW in my experience you *can't* delete a Microsoft account; it is the only way to
enable updates, and if you don't get updates it will eventually break, because in
Microsoft's eagerness to "be mobile" that's one model they've followed perfectly: don't
allow the user to refuse updates and keep what they have that's working just fine, force
them to participate in the madness.
Don't get me started on Samsung's little attempt at trickery "¦ suffice to say my next phone
"" after 6 Samsungs in a row" will *not* be a Samsung. Troo dat.
Thanks. This has been occuring on my MS Win10 box, and gets annoying "" part of the reason
why it's still an optional box, not my main one. (I use Linux on the desktop.
And
being "Linux-bred" as one might say, I did take the chance to disable as many of the
unnecessary options in Settings as I felt necessary, and it's still turning up!
Thank you for this: I just hope it works! This is yet another irritation which I think was
just introduced with Windows 10. What a disaster! I'm being driven into the arms of Linux ""
I should have done it years ago. Again, thank you for your help.
Turning off "Nearby Sharing" and "Share across devices" has no effect on the
notification "We need to fix . . .". I have 1 Hotmail account I use and no other apps
and devices I want to share. I still get this error message every time I start my PC.
I get this damn message every day. I have several accounts I use for different things (for
example, it's the only I can play the same game with two different accounts). I click "fix"
and put in all the passwords, and the message goes away "" till the next day. I already have
shared experiences turned off. I am so SICK of this!
I keep getting it too. On the PC that uses outlook email account, it will not operate the
email unless I fix the account which I do by confirming the MS login & password. I disables
all the sharing options "" no effect
I keep getting these notifications from Microsoft about fixing my husband's account . He
passed away last year and I deleted his email account. Our email accounts were linked. When
I try to amend this, Microsoft say his account no longer exists, but then I get daily
notifications to say his account needs to be fixed! I tried the help line and requested to
speak to a person not a computer. I waited and waited to be connected and then gave up. Any
suggestions?
Although there might be other things that need to be addressed about his account, the
easiest thing (and possibly the only thing) to do with these notifications is ignore
them.
yep that's why she was having to me but I called the lawn if my sister-in-law she
backed off my accounts and now I got my came back and my coach and I like they're
showing up stuff at me for I got to relearn it. She blocked me and stop me and kept
me out of all my phones in my computer's she has control and access to all my stuff
and I didn't give her access to it I still got a credit card in my phone I can't get
it off I do know if you can help me I have I know I got bitches out there I know
that I started and then she put them in there and do whatever she asks him to it ok
I don't know none of the name don't know how to get to names so I can claim company
back and I do not know what domain she's using stocking do I got to do to get it off
my I get it off my accounts and out of my name I'll get it to where is transferred
and only my name is she can get access to it
You called the lawn? What did it say? Did it help you with the annoying
notification Windows is displaying? If so, can I have that lawn's email so I can
ask it some more indepth questions please?
Thank you! I laughed out loud. I too wondered what the "lawn's" Email
address would be!!
rmhartman
on
August 6, 2020 at 10:54 am
What I am more interested in is what happens if you press the [Fix Now] button? I sure as
heck am not going to blindly press a box that lets Microsoft do whatever the heck they think
needs to be done to "fix" whatever situation they _think_ is happening. Tell me what's
wrong, darn it, and let me take care of it. But a blind "let us fix it for you"? Hell no.
So "¦ do you have any idea what this button actually does when pressed?
Microsoft has an elaborate collection of troubleshooting tools built into Windows 10 ""
look in Settings / Update & Security / Troubleshoot. I haven't used many of them but
occasionally they turn out to be quite helpful. One of them may be what's launched by
that Fix It button. There's a similar elaborate set of troubleshooting tools for Office
365 ""
Microsoft
Support & Recovery Assistant for Office 365
. There's no way to know what any of
these tools do, but the Office 365 tool is frequently the only way to fix problems with
licenses, connectivity, or whatever.
So it's Microsoft roulette. Will it fix the problem, miss the point, or make things
worse? That's a familiar game these days.
I have clicked the Fix Now button multiple times and it always comes back with the error
message to the extent of "You need internet for that. You are not connected to the
internet". Followed by a code #
I tried the "fix" button and I got a pop-up saying "OOPS something went wrong "¦ connect
to account.live.com "¦" which was useless. I suspect that the message will go away once I
hand over my Visa card #, but I won't.
I've lost track of what's going on with this message. The fixes I suggested in the
article don't seem to work any more. I can't find a pattern to it "" I saw it for a
while, didn't change anything, and now it hasn't popped up for a while on my own
computers. Frustrating problem!
I know what happens! It tells you that your account name "is ALREADY a Microsoft domain
name" and there is NO password that I gave to MS that will allow me to access my account
(or domain). I've only tried 6-7 times to "˜fix' something that wasn't broken. No more. I
get the "˜problem' message a few times a week and I just ignore it.
I have been battling this infuriating message for months. I tried everything else, including
turning off "Shared Experiences". No joy. I added a new local account and started using
that. No joy.
Below is what seems to be working for me. It was really simple so maybe worth a try"¦
Following up"¦ I have not seen this notification since I deleted my Windows Hello PIN and
started using a local account. I am calling my particular flavor of this nuisance
resolved. Good luck to everyone still battling this.
I've been having this problems for months. Im trying Shared Experiences method. Thank
you. I did notice every time another country tried to sync my email, unsuccessfully, the
next day I got this message to fix my account. don't know if that's a trigger too.
I have four computers and two e-mails work and home. My switches referenced here are turned
off. Microsoft seems to want me t have a separate e-mail for each computer which I think is
rather stupid. Two of the computers are running BOINC and I don't need to check them very
often. It appears if I succumb to the stupidity and let them create a Microsoft e-mail for
each machine I can get rid of the error.
But then just try deleting the account"¦! Might happen in 60 days, or not.
They have no precaution for a hacked account, which should never have been hackable in
the first place"¦"¦"¦"¦"¦
For what it's worth one tech told me that this occurs when you inherit a machine from
another user, and some functions require the old userid. When the old user changes their
password, this "your password changed" stupidly nonspecific error message appears.
I know, not much of an answer, and particularly frustrating since you are not told WHICH
function is trying to log in with the old userid. Just giving you guys one more avenue to
consider.
I started getting the error message when I voluntarily changed my password, which makes
no sense. Why would they ask me to change my password for changing my password? That
creates an endless cycle. I will not change it again.
I've been seeing this notification pop up on machines where there is simply no good
explanation. It's maddening and my tips don't always work "" even on my own laptop!
Makes me crazy.
Nothing works. It just keeps coming back. I wasn't even sure I had a microsoft account until
this started happening. Apparently it's not important to have an account if they can notify
you that it has problems and the problems make no difference whatsoever to the functioning
of your computer.
Am having a problem to open my micro account and I don't know what to do,especially when I
am trying to download eg facebook lite and any application.downloading music
and
streaming is actually working so please I need your help now in order for me to open a store
Hi! Thank you for doing this. Same problem here, also with Shared Experience insisting FIX
NOW. And this, while share options are, and stay, OFF. The Microsoft account for this email
address had its password changed 3 months ago "" 3 months of that notification aarrgghh, but
seems to function ok. I am sure, by a hacker. Because it coincided with definite hacking via
this email address of my Facebook, Amazon, GoDaddy. All three now fixed but Microsoft is
less helpful. I ask for a OTP but it wants to send it to a gmail address I don't recognise
(the hacker's?). I complete the required form to get in. A dozen ways, a dozen rejection
emails. Even though I've given additionally loads of Skype info "" that only I could know ""
that's linked to the email address and Mic account. And it's old enough to have a unique
Skype name alongside the unique email address. Insult to inury .. the rejection emails offer
the fact that emails on this address/account, their subject and addressee, would help "¦ but
I am never given the option or any method of providing these on the form that gets assessed.
Help!! Anything I've not tried, but should?! Thank you again .. DB
I have tried RichH's Feb 1 suggestion above on my PC and so far it seems to be working. I
simply switched from PIN Microsoft login authentication to local login (windows
settings->accounts->sign-in options). I then switched it back to my usual PIN. So far so
good. Thanks, Rich and Bruce. Fingers crossed!
I have had much the same frustrations and annoyances, using my MS Surface Pro4. However, I
continue to act on its prompts, as I have associated it (right or wrong) with my "Inbox's
lagging up to three days in recording messages received. These are later confirmed, when it
finally "catches-up". (After "Fixing" my "need to up-date my Account". I too puzzle, with
all this long history "" why wont/doesn't MS just FIX the problem?? It would seem a matter of
its "integrity"!
I'm trying your fix first, but while checking notifications I noticed 2 things. First, no
notification for Microsoft Account (no real surprise) but second, the app Nearby Sharing is
listed twice. Nothing else is.
But I'm prepared to use the old IT solution of chicken entrails on the keyboard at midnight,
if need be.
I've been running into this issue, turning off sharing to no avail. Whenever I clicked Fix
Now, I'd go to a login dialog with my work account that uses Office 365. After months, I
then did a search in the Windows search bar for work account, and came to an "˜Access Work or
School'. Found my work account there, removed it, and the notifications have gone. For now"¦
I've probably changed my work or office 365 password in the past, and the preserved old
password on my own Win 10 machine has been out of synch as a result.
Steps:
Go to Settings, Accounts, Access work or School. There is a option to remove Office 365
accounts that way.
Hope this helps someone else"¦ I too had the issue with the pop-up despite me disabling
shared experience.
I went to action center and told it I didn't want to see this again. As soon as I did I got
a new message in AC telling me that an account in "mail" needed attention. I haven't used
mail in years now that I use Outlook. So I opened mail and lo and behold my work email
account for which the password would have expired many moons ago. I deleted this account
from mail and went back to shared experiences. I clicked the "fix account" and rather than
it pop up with a password prompt it instantly changed to "all accounts are working properly"
Sounds promising. Fingers crossed. Maybe be worth others looking at Win10 apps they may have
once sync'd with an external account that has since had a password change.
Total BS None of these suggestions work.. Nobody here has identified the cause, obviously. I
know the cause"¦ MS has dropped the ball on the quality of their developers"¦ End of story.
Oh, its so embarrassing when I make simple grammar mistakes! Their's really
no excuse. Thanks for a feedbacks!
Reiko
on
April 13, 2020 at 5:21 am
The most annoying thing is each time I went to fix it I lost my language setting, my
documents in folders, even my photo folder on the desk top! So I have to save files and
photos into WD before trying fixing the warning message. I have been doing this once a
week!, which is too much! Each time my desk top are swiped out. I wonder if this relates
that I use Chrome instead of Microsoft Edge.
That sounds like a bigger problem than just the notification. 大変ã§ã™ãï¼ï¼ˆç§ã‚‚æ -- ¥æœ¬ã"ã™ã‚"ã§ã„ã¾ã™ã€‚)No,
using a different browser will not cause such things. I use both Firefox and Chrome, and
I never use Edge.
It sounds like your user settings are getting lost or confused. Documents, Pictures,
etc. are folders specific to the logged-in user, and language setting is also unique to
each user. So if you create a new user, or log in as a different user, those things will
seem to disappear. It is important to log in as the same user every time.
I can't believe that I didn't notice that the Microsoft Account problem notifications were
coming from the Settings notification. I will turn that off and see if those notifications
stop.
Turning off the Microsoft Account notification did not stop the problem after all. The
notification still shows up from time to time.
Also, to Bruce Berls, I don't have the option to tell the admin to change the policy. It was
quite a few years ago that one of my son's college professors gave the class the Office 365
pro -plus download with a permanent subscription. He can't be contacted anymore.
That -nonsense- has been irritating me for too long. I deleted the "˜I don't know how it got
there' account today. "¦and am waiting with bated breath to see how long before MS puts it
back.
"¦
A comment about where mobile madness began: General Magic.
No, not a magic show, tho' in those days the ideas that came from that group of people might
have been seen as magic(or insanity). It was startup company and is a movie/Documentary that
has quite an amazing story to tell.
[FYI, IMDb has a trailer for it via `https://www.imdb.com/title/tt6849786/?ref_=fn_al_tt_1`
if interested.]
Turning off the Microsoft Account in the Notifications & actions list definitely stopped the
Microsoft account problem notifications. It seems like a lot of people don't have the
Microsoft Account setting in the Notifications & actions list. In my case one my son's
professors gave his class a lifetime subscription to Microsoft Office 365 Pro-Plus a few
years back. Roughly every 3 months the password has to be changed. I get a notification from
Microsoft Work or School account 2 weeks prior to the password expiration. After changing
the password I would get the Microsoft Account Shared Experiences notification. In Shared
experiences it would say Fix account . It was simply a matter of updating the password then
it would say all accounts are working properly again. At some point however the Microsoft
Account problem notifications kept coming for whatever reason. So in the future I'll check
the Shared experiences after updating the Work or School account password to see if it needs
to be fixed since I now have the Microsoft Account notification turned off. Hope this is
helpful to someone.
Fun fact about password changes: In the early days of Office 365, accounts were set up
by default with a 90-day password expiration policy. For a short while, it was
effectively impossible to change that; then for a while it could be set to longer
periods or set to never require changes, but it could only be done with Powershell
commands.
As time went on, the conventional wisdom changed and now it's widely believed that
frequent password changes make you LESS safe "" because people choose new passwords
poorly (adding a number to the end of the password, say), or they write passwords down
on post-its attached to their monitor.
Now Microsoft puts up a big notice in the Office 365 admin dashboard urging admins to
change the password policy to "never expire."
So if you're being prompted to change your password every 90 days, tell your admin to
change the policy and give you a break.
Hi. Turning off Shared experiences didn't work. I just checked the System/Notifications
&actions list and I do have a Microsoft Account on the list. I just turned it off and have
to wait and see if that stops those annoying notifications. I'll post back if this worked
for me or not.
Microsoft seem to have managed to make it even worse"¦ the fix of disabling Shared
Experiences worked for me for a few months, but now I'm getting the notification on every
boot again, despite Shared Experiences still being disabled. The behaviour is the same as
before, as soon as I click the notification about supposed account problems, I get to the
Settings page for Shared Experiences, which says that all accounts are working correctly.
I'm not sure if it was a Windows 10 feature update I might have installed in the meanwhile
that broke things even more, but I'm currently on Windows 10 Pro version 1909 build
18363.657. I didn't write down the build I was on when the fix still worked.
Interesting! I haven't seen that yet. FWIW, on my own computer I turned off
all
Windows
notifications. It's very peaceful. (Settings / System / Notifications & actions / turn
off "Get notifications from apps and other senders")
I have followed various recommendations for solving this problem, and nothing makes any
difference. Having followed Microsoft's own instructions for "˜fixing' it, I got the message
"˜All accounts are working correctly' "" but I still get the "˜Microsoft account problem we
need to fix your Microsoft account' notification many times throughout each day.
Thank you Bruce, and other commenters. I have tried your settings. Fingers crossed. FWIW I
actually DID go through the laborious process of changing my password for an account I never
use! Still get the stupid message.
I guess you know the joke about the helicopter pilot lost in fog over Seattle. Edges up to a
building, holds a sign in the window: "Where am I?"
People in the building hold up a sign: "You are in a helicopter"
The pilot then had his orientation. It was clear he was at the Microsoft Building.
I had this problem for about a month and managed to fix it last week. In my case it had
nothing to do with Shared Experiences or waiting for network connections to become
available. The problem was related to the process by which the *locally stored* PIN or
Picture Password is used to authenticate against the *real* MS account password when you
sign-in. I can't find a detailed technical explanation of exactly how this process works,
but in my case that mechanism seems to have become corrupted. Thankfully though, the
solution was to simply switch to a different sign-in method i.e. instead of using a Picture
Password, set up a PIN or vice-versa. This seems to reset and fix the authentication
mechanism so that it now works correctly and I can successfully sign-in using either a
Picture Password or PIN without those infuriating notifications popping up"¦ at least until
it breaks again!
UPDATE "" After six months of peace and quiet the dreaded notification returned! And,
this time, no amount of switching back and forth between different sign-in options
fixed the problem, so clearly something else was at play. But after a bit of digging
I found the culprit.
In Settings, Accounts, Sign-in Options, there is a Privacy section at the bottom
with a switch to enable/disable the following setting:
"Use my sign-in info to automatically finish setting up my device and reopen my apps
after an update or restart".
After disabling this setting the "account problem" notification was banished once
more. Re-enabling the setting caused the notification to re-appear.
Disabling this setting prevents many Start-up programs from starting until AFTER you
log in (just like Windows XP used to do), including OneDrive synchronisation which I
think is the problem application here. If, like me, you have a lot of Start-up
programs, I'm guessing that OneDrive synchronisation times out whilst all those
other programs are starting up, logging in and doing their stuff. Even though the
syncronisation service (OneSyncSvc / Sync Host) is set to a delayed start, I'd guess
that the system is still too busy for OneDrive Sync to get a look in and, when it
fails, that triggers the "account problem" notification. By preventing many of the
Start-up programs from starting until after you log in, the system is at least a bit
less busy and OneDrive Sync is then able to complete its task successfully.
I'm going to try disabling a few Start-up programs that I don't really need (eg.
Skype, Send to OneNote Tool, Spotify etc.) and then try re-enabling the setting
above to see if OneDrive Sync then has sufficient time and resources to complete its
Start-up routine successfully.
Oh, nice detective work! The notice has also been popping up on my computers in
the last month or so. I've never seen that setting and the explanation is opaque
about what it does. I'm going to play a bit and see if I can replicate what you
describe. Thanks!
I was having this problem on my Desktop but not my Notebook or Tablet. I think I finally
fixed it.
When I went to Shared Experiences, those two BluTooth options did not appear, so I couldn't
verify that they were off, or turn them off if there were on. I only have BT on my Desktop
via one of those USB plug in thingies. When not in use, which is almost always, I don't have
it pushed in all the way so it's not seen by the system. I pushed it in and the Shared
Experiences options came up. Lo and behold, Share Across Devices was turned on. I turned it
off and I haven't seen the problem message since, even with the BT device pulled out.
Brilliant, thank you. I'll try the various approaches "" yours and commenters. But just
knowing this is corporate wishful thinking run amok and I can blissfully ignore is valuable
information. Found you on Google search, I just subscribed.
Thank you for this intelligent and empathetic write-up.
In my case, unfortunately, changing the "Shared experiences" settings has not done away with
the nuisance. The only difference I see from your description is that the settings dialog,
instead of saying "all accounts are working properly", says (in red) "Some of your accounts
require attention ã€Fix nowã€'" I am using Win 10 Pro, 64-bit, version 1903, OS build
18362.592.
Just began receiving the annoying "Microsoft account problem" notification about three days
ago. Have turned off the Shared Experiences, but unfortunately, I am still receiving the
notifications. Have read that switching to a local account, as opposed to a Microsoft
account, may resolve the issue, but I have yet to do that. Will give that a go and see if I
am still pestered by the notifications. Really, enough to drive anyone absolutely barmy.
Hi Bruce,
Don't know if this helps, but I get the "Microsoft account problem" notification every
single time I boot up my PC. I've noticed that every time I open the Microsoft "Mail" app it
tells me "Your account settings are out of date" and it gives me three options:
*A "Learn more" link, which is a link to a Microsoft "help" page (it's useless by the way)
*A "Fix account" button
*A "Dismiss" button.
Selecting "Fix account" brings up a Pop-up box titled "Attention required" (the rest of the
box is blank), a second pop-up comes up (no title "" completely blank) and a third pop-up
comes up titled "Windows Security" where I enter my PC's Login Password. After entering my
password the third box disappears, the second box displays a message but disappears too
quickly and the Third box says the problem is fixed. My email account then starts
downloading messages.
It's as if the PC settings are forgetting that the built in mail app is connected to my
account and is flagging it "" hence the "Microsoft account problem" notification?
For info, I've never had "Nearby sharing" or "Share across devices" turned on. The pop-up
used to be once every so often and it's gradually gotten more and more persistant, until now
"" it's every single time!
If I find anything else about this I'll come back and share it.
Good luck everyone.
Microsoft's password prompts are out of control. I'm running into them constantly for
Office programs that demand proof that there's a license in force. So frustrating!
I'm honestly not sure why that warning exists. It would take a rather bizarre
sequence of events to disconnect from a business account or disrupt your data.
But for what it's worth, if you think you can't log in, make sure you know that
you can switch to your password "" click on Sign-In Options below the prompt.
There shouldn't be any danger to changing your PIN while you're signed in.
I get the same problem. Started when MS sent my account number to a corrupted email address.
naturally I did not receive it. The instructions to correct it did not work, just went round
in a never ending circle. Re-applied with my correct address and things went through ok. But
the old one is still there and impossible to remove. I've given up now.
MS made some mistakes but mainly by not following-thru with their ideas and being late with
others. The sturdy Nokia Windows Phone was a breakthru as a sandbox device, not having to
worry about virus infections, but was let down by poor and few applications and timing to
market.
The concept of shared devices is important today for me in business and will be in the
future for many where you can get/use your data anywhere and on any device. Someone needs to
design a secure application that works cross-platform seemlessly, securely and quickly and
for (ideally) free. If MS can do this then I am one of the Shared Experience guys that would
use it and their platforms. I already use MS Launcher on Android and find it works resonably
well apart from this annoyng bug which is the subject of this article. Waiting patiently..
I bought a new Win 10 laptop for a grandson. I set it up without the need to log in on start
up. Almost straight away I started getting the "Microsoft Account Problem" Notification"¦
I've tried the method above regarding Shared Experiences with no luck. I've also changed my
password and attempted to address the problem through the settings area with no results.
Is there any way that someone could communicate with the "suits" at Microsoft and ask them
why they are sending this message? I get it ion the Action Center every time I start the
computer. It's really annoying.
hi I am 57 and not computer savvy. I keep getting the message. could it be that it is
because I have just been using an old computer for somethings. it says the old account is
and wont take my old pass word. please help an old fart lol
I think the message for me might be related to something different. I set up a Surface
tablet for a friend and installed an old version of Office on it and logged in with my MS
account. I have since changed my password and I think that person never set up their own MS
account so the old account info is trying to update"¦..I could be wrong tho
Today there is no problem; no daft messages about passwords and my MS Account:
For some reason W10 suddenly asked for my Pincode under Settings/Accounts. as evidence of my
identity. "" even though I have been logging on with the same Pincode umpteen times during my
efforts to solve the MS Account problem.
I have no idea when this demand for Confirmation of identity appeared.
I may have provoked it underways "¦ ?
1 "" I have now confirmed my identity under Settings/Accounts.
2- I have logged on to my MS Outlook account. directly online, and in Office, and left them
open.
3 "" I have incidentally reloaded a reader extension for Chrome which was messing up my virus
updates and/or messages.
It may have no relevance to the MS Account issue of course. Just mentioning it.
Many thanks for some perspective and a reset of my sanity.
W7 is so much better, but I only have a month now before W7 updates cease.
I have had both Shared experience options turned off for a while:
It doesn't stop the messages, but the options do stay off.
Yes, I have the same suspicion that the lack of network connection is freaking it out
(Daniel november 12):
I had to log into a Microsoft account, to use a one-time code from Gmail, so I could link my
Gmail to Outlook. (There was the irony that the one-time code was rejected, wheras using the
MS account password again worked, )
Since then I have logged off the MS account, and I suspect the problem (for me) is due to
the lack of immediate network connection.
But I ignore the demands for pincode and just open Outlook anyway.
I have also removed Onedrive (although the folder remains), which may have MS account
issues.
The correct perspective is perhaps afterall to hide the symptom and don't try to cure W10,
(Karen E november2).
Just to get closure "" on this issue.
Don't expect MS to solve this W10 issue any time soon. I have just left a string going back
to 2013 and W8 with just this problem.
There were 100 entries "" on this one string "" so this is truly a Shared Experience.
i would like to have one password, rather than having to remove the need for any passwords.
it just keeps coming back.
it is a microsoft update feature to show you why you should get away from microsoft. fallen
from innovation to cheap privacy theft.
I was receiving the same message to fix shared experiences across devices. I ignored
message, than one day I clicked on it and decided to turn off nearby sharing and share
across devices. When I did that my PC became much faster and I felt that shared experiences
is worthless. But almost every time I turn on my PC the notice pops up again and when I go
back to shared experiences the nearby sharing was off but the share across devices was
turned back on again so I turned it off again. Now every time I turn on my computer share
across devices is back on, so I keep shutting it off where I enjoy a faster internet. Every
time I turn on my computer share across devices is always somehow turned back on so the
first thing I do is turn it off before using it . Very frustrating. I don't know why it
keeps turning back on and if anyone else is still getting notices to fix shared experiences
after you turned everything off, chances are nearby sharing is turned back on.
Thank you for this very helpful (and very funny) article that puts things into a proper
perspective. In addition to the mentioned problems, I've been receiving phone calls in which
a female voice from India haltingly announces, "Hello, I'm from Microsoft and we are
receiving worrying signals from your computer "¦"
At first I assumed this was a simple scam and put down the phone, then I thought it might be
connected with the problem-message of the Microsoft account, and now I wonder what to say if
they call again. They seem very persistent "" any thoughts?
It's a scam! Microsoft does not call to fix your PC. In fact, I wrote a whole article
about that ""
Microsoft
Does Not Call To Fix Your PC
. And there's a bigger issue "" the volume of robocalls
is steadily increasing, from criminals and scammers.
Here's
more info about that
. Here's my advice from that article:
"The most effective thing you can do is: don't answer calls from numbers you don't
recognize. Leave messages when you call people you know, and count on real people
leaving messages for you if you don't pick up.
"If you answer the phone and discover it's a telemarketer, don't engage a live person in
any kind of conversation and don't hit 1 "to be added to our Do Not Call list." Any
response will confirm that it's a live number, which moves the number to a list that is
called more often."
Hang up, shake your head about the state of the world, and move on. Be careful out
there!
Totally agreed with your article on Microsoft. My clients frequently gnash their collective
teeth at them.
There is a verse in the Bible that includes the phrase "let not your right hand know what
your left is doing". I suspect Microsoft view that as direction to them, not a verse about
giving alms to the poor"¦.
I, also get the same notification. I would simply delete it but have now decided to just
leave it up and ignore it.
Wonder if whom/what ever will be aware of it and just give up. I will leave it up for 2
months and see what happens.
Yes, it is a PIA. Guess it's just another annoyance.
Thank you for the quick solution, and thank you for the amusing write-up to go along with
it!
When the Settings page opens after clicking the notification, there's a message saying "All
accounts are working correctly," which makes me believe that this might be a timing issue. I
get this notification after every boot, so it might be freaking out about not being able to
log in while the network connection is not even available yet. Software testing is hard. I
initially also thought that clicking the notification might simply open the wrong Settings
page, because it's so confusingly worded.
If I had to think of a feature name that most offensively sounds like it does absolutely
nothing of any use, "Shared Experiences" might be something I'd have come up with.
Hey Bruce. It's funny how Microsoft Windows 10 is a whole different from system to system
even with the same software version. The one i'm using don't have either the "Microsoft
Account" switch under notifications (like your) but also in "Nearby Sharing" it's only two
sections: 1) Accounts 2) Share Across Devices. It doesn't have the whole "Nearby Sharing"
section. So i ALREADY had "shared across devices" turned off and it's still pestering me
with the messages.
At this point I've lost track of what to expect. My laptop is set up with a local
account, not a personal MS account, and it's been updated to version 1903. I've got the
same sharing options, including Nearby Sharing. So I have no idea why you're not seeing
it. Oh, Microsoft!
I also am still getting the notifications even with those two settings off. [I also get a
complaint from Calendar (which I don't use) saying that my Outlook account (which I don't
have) settings are out of date "" I suspect the two are related.]
But Gina's suggestion to turn off notifications for Microsoft Account and Calendar seems the
wrong way to go about this "" I want to fix the root cause, not just prevent Windows from
telling me about it.
[BTW: Bruce, I'm sure you have that option. Under System -> Notifications & actions, as long
as the main switch right under "Notifications" is on, you can scroll farther down to "Get
notifications from these senders" and there should be a list of apps and services whose
notifications you can silence individually.]
I love this mystery! I don't have "Microsoft Account" listed in
System
/ Notifications & actions / Get notifications from these senders
. This just
occurred to me "" I don't have my PCs linked to an individual Microsoft account. (
More
about that here
.) One is linked to a business Office 365 account, one isn't linked
to any online account. I bet the "Microsoft Account" option has something to do with
that connection. That doesn't tell us what you're being notified about, though.
Hello. I have had this problem for a while, turned off the shared experiences option several
times without success.
The message always came back.
So I did Settings/Systems/Notifications and actions. Scrolled down to "˜Get notificatons from
these apps'.
I turned off notifications from Microsoft Account. Nothing has come back so far. Fingers
crossed. Not sure why I would need notifications from my Microsoft accoun anyway, the only
one I've ever had is this irritating "˜Fix it', pointless warning,
You have a slider to turn notification on/off from "Microsoft Account"? That's
fascinating. I don't think I've ever seen that. I don't have it on my PCs. I wonder what
that's about?
First of all those idiots assume that each phone have test capability. Second the whole idea
of binding your PC to microsoft email account is extremely idiotic and smell with total
surveillance.
LO LoLOuT
Created on February 9, 2019 Login Problem Call us overprotective...
...but we need to make sure you can receive a security code if you ever lose access to this
account. (idiotism)
Where should we send your code? and shows my **** old email which i had 20 years ago and i
dont remember it i think its dead by now. also i changed my email from here
We use your contact details to deliver important information about your account. It also
helps friends to find you on Skype and Skype for Business.
Add Email address then i changed old email to myfuckingnewemail.gmail.com its just example
:D gave it Primary Email status but i still get old email from login what should i do with this
bug
i have this account from my lifetime so i dont want lose it for some childish developers
This thread is locked. You can follow the question or vote as helpful, but you cannot reply
to this thread. I have the same question (5) Subscribe | Report abuse
Replies (1) îœ RA Rain_A
While it's great to hear that you've never had problems with your account, it's still
important to have insurance against accidents and that's what security info is.
Also, while you might be good at remembering your passwords, you never know when someone
might try to compromise your account. Having up-to-date security info helps protect against
that too. Also, security info is the key to getting back into an account if you ever forget
your password or if someone tries to break into your account. Without that info, you could
permanently lose access to your account, your games, apps, subscriptions, email, photos, and
files so we occasionally ask customers to confirm their info is accurate so that doesn't
happen.
I also sent you a private message which you can via this link:
https://answers.microsoft.com/en-us/privatemessage/inbox?tm=1549741139506
paid nearly $5 million to Eastern European hackers on Friday, contradicting reports earlier
this week that the company had no intention of paying an extortion fee to help restore the
country's largest fuel pipeline, Bloomberg reported Thursday, citing two people familiar with
the transaction. From the report:
The company paid the hefty ransom in untraceable cryptocurrency within hours after the
attack, underscoring the immense pressure faced by the Georgia-based operator to get gasoline
and jet fuel flowing again to major cities along the Eastern Seaboard, those people said.
Once they received the payment, the hackers provided the operator with a decrypting tool to
restore its disabled computer network. The tool was so slow that the company continued using
its own backups to help restore the system, one of the people familiar with the company's
efforts said.
(therecord.media) 53Ireland's national health service, the Health Service
Executive (HSE), temporarily shut down its
IT systems today after suffering a ransomware attack overnight. The organization, which is
in the mid of its COVID-19 vaccination program, said the attack did not impact its ability to
provide urgent medical care but that some routine checks and services might be delayed or
canceled. The HSE described the ransomware incident as "significant" and "human-operated," a
term used to describe high-end sophisticated ransomware groups which orchestrate targeted
attacks against carefully big organizations. In a morning radio show with public broadcaster
RTE, HSE Chief Executive Paul Reid said the agency's IT teams are currently investigating the
incident to find out its breadth. In a different radio show, Reid identified the ransomware
gang behind the attack as Conti, a ransomware gang that started operating in the summer of
2020.
Microsoft officials made the announcement on Day 1 of its virtual Build 2021 developers
conference. From a report: During his Day 1 keynote, CEO Satya Nadella basically
acknowledged there will be another event "soon" about the next Windows. He said: ""And soon we
will share one of the most significant updates of Windows of the past decade." He said he has
been self-hosting it over the past several months and called it "the next generation of
Windows."
Microsoft released a preview of Linux GUI apps on the Windows Subsystem for Linux (WSL)
in April, 2021. This capability is meant to allow developers to run their preferred Linux
tools, utilities and apps directly on Windows 10. With GUI app support, users can now run GUI
apps for testing, development and daily use without having to set up a virtual machine.
Posted by msmash on Monday May 17, 2021 @12:02PM from the how-about-that dept. Microsoft
is launching the personal version of Microsoft Teams today. After previewing the service nearly
a year ago, Microsoft Teams is now
available for free personal use amongst friends and families . From a report:
The service itself is almost identical to the Microsoft Teams that businesses use, and
it will allow people to chat, video call, and share calendars, locations, and files easily.
Microsoft is also continuing to offer everyone free 24-hour video calls that it introduced in
the preview version in November.
You'll be able to meet up with up to 300 people in video calls that can last for 24
hours. Microsoft will eventually enforce limits of 60 minutes for group calls of up to 100
people after the pandemic, but keep 24 hours for 1:1 calls.
While the preview initially launched on iOS and Android, Microsoft Teams for personal
use now works across the web, mobile, and desktop apps. Microsoft is also allowing Teams
personal users to enable its Together mode -- a feature that uses AI to segment your face and
shoulders and place you together with other people in a virtual space. Skype got this same
feature back in December.
Microsoft has bifurcated Windows several times over the years, and every time it did, the
decision to do so ended badly. First, there was OS/2 vs. Dos/Windows, then Windows 95. OS/2 was
ahead of its time; the desktop hardware wasn't yet capable of running a heavy OS. Even at IBM,
the primary backer of OS/2, many departments avoided it like the plague for compatibility and
slow-boot reasons, though it was arguably more reliable. Then came Windows NT, an updated,
clean room version of NT, and Windows 9x.
Amazon Web Services (AWS) continues to expand with new cloud products and services. The
Center for Internet Security (CIS) responded with more resources to help secure these AWS cloud
offerings.
Windows NT went from being an alternative to UNIX to becoming the "corporate" desktop OS.
Windows 9x focused on consumers, but in-fighting between the two groups was ugly, and when
Windows 2000 (the follow on to NT) and Windows Millennium came out, neither OS was loved.
Millenium, in fact, was a train wreck.
Windows 2000 became Windows XT, but there were embedded versions of Windows and versions
that worked on an ARM that sucked as the failed Windows Mobile and Phone platforms. Every time
Microsoft tried to have multiple desktop versions of its OS, things ended badly.
I expected Windows 10X to continue that trend. Fortunately for us, someone at Microsoft got
tired of dealing with new Windows variants and decided to roll many of the Windows 10X features
into a full Windows 10 update. Thus, we got Windows 10 21H1.
how Norwegian firm Volue Technology handled a ransomware attack that began on May 5th:
The company has set up a Web
page with information about the attack and also links to frequent updates about the status
of its systems. There was no obfuscation about the attack, none at all. The company said: "The
ransomware attack on Volue Technology ('Powel') was caused by Ryuk, a type of malware usually
known for targeting large, public-entity Microsoft Windows systems."
What is even more remarkable about this page is that it has provided the telephone number
and email address of its chief executive, Trond Straume, and asked for anyone who needs
additional information to contact him. Not some underling.
ITWire argues this response "demonstrated to the rest of the world how a ransomware attack
should be handled."
(cnbc.com) 56BeauHD on Thursday May 13,
2021 @09:00AM from the there's-more-where-that-came-from dept. PolygamousRanchKid shares a report from CNBC:
The hacker group DarkSide
claimed on Wednesday to have attacked three more companies , despite the global outcry over
its attack on Colonial Pipeline this week, which has caused shortages of gasoline and panic
buying on the East Coast of the U.S. Over the past 24 hours, the group posted the names of
three new companies on its site on the dark web, called DarkSide Leaks. The information posted
to the site includes summaries of what the hackers appear to have stolen but do not appear to
contain raw data. DarkSide is a criminal gang, and its claims should be treated as potentially
misleading.
The posting indicates that the hacker collective is not backing down in the face of an
FBI investigation and denunciations of the attack from the Biden administration. It also
signals that the group intends to carry out more ransom attacks on companies, even after it
posted a cryptic message earlier this week indicating regret about the impact of the Colonial
Pipeline hack and pledging to introduce "moderation" to "avoid social consequences in the
future." One of the companies is based in the United States, one is in Brazil and the third is
in Scotland. None of them appear to engage in critical infrastructure. Each company appears to
be small enough that a crippling hack would otherwise fly under the radar if the hackers hadn't
received worldwide notoriety by crippling gasoline supplies in the United States. In a
separate report from The Associated Press, the East Coast pipeline company was found to
have "atrocious" information management practices and "a patchwork of poorly connected and
secured systems," according to an outside audit from three years ago. Slashdot reader
wiredmikey shares an excerpt
from the report: "We found glaring deficiencies and big problems," said Robert F. Smallwood,
whose consulting firm delivered an 89-page report in January 2018 after a six-month audit. "I
mean an eighth-grader could have hacked into that system." Colonial said it
initiated the restart of pipeline operations on Wednesday afternoon and that it would take
several days for supply delivery to return to normal.
Probably it was not a false flag. First of all the state of IT security at Colonial Pipeline
was so dismal that it was strange that this did not happened before. And there might be
some truth that they try to exploit this hack to thier advantage as maintenance of the
pipeline is also is dismal shape.
Notable quotes:
"... "As for the money-nobody really knows where it really went." If you are right about the perpetrators, my guess would be that it went into the black-ops fund, two birds one stone. ..."
"... I have become so used to false flags, I am going to be shocked when a real intrusion happens! ..."
"... an in depth article researching solarwinds hack - looks like it was Israel, not a great leap to see that colonial was a false flag https://unlimitedhangout.com/2021/01/investigative-reports/another-mega-group-spy-scandal-samanage-sabotage-and-the-solarwinds-hack/ ..."
"... Regarding the ownership of Colonial Pipeline: 'IFM Investors, which is owned by 27 Australian union- and employer-backed industry superannuation funds, owns a 16 per cent stake in Colonial Pipeline, which the infrastructure manager bought in 2007 for $US651 million.' ..."
"... 'The privately held Colonial Pipeline is valued at about $US8 billion, based upon the most recent sale of a 10 per cent stake to a unit of Royal Dutch Shell in 2019.' ..."
The Colonial Pipeline Co.,ransomware attack was a false flag. They wanted to blame Russian
hackers so they could derail Nordstream II
It is common knowledge that the only real hackers that are able of such sabotage is CIA
and Israeli. It's the same attack types they do to Iranian infrastructure on a regular
basis.
The Russians are not that stupid to do something they know will be blamed on them and is
of no political use to them. And could derail Nordstream2.
As for the money-nobody really knows where it really went. CEO is ultra corrupt. They
never ever invested in their infrastructure so when it went down they came up with a
profitable excuse. Just look at their financials/balance sheet over the years. No real
investment in updating and maintaining infrastructure. Great false flag. Corruption and
profiteering.
"As for the money-nobody really knows where it really went." If you are right
about the perpetrators, my guess would be that it went into the black-ops fund, two birds one
stone.
I'm not familiar with your handle - hello. IMO, it would be counterproductive for Russia
to initiate such a hack. What really affects and debilitates US oil and gas interests is low
prices, both at the pump and on the stock exchange. The hack helped jack up prices (which
were already being jacked-up despite demand still lagging behind supply) which only HELPS
those energy interests. It has long been known, the math isn't complicated, what level crude
must trade at for US domestic oil & gas operations to be profitable. Remember that just
as the pandemic was emerging Russia and Saudi Arabia once again sent the global crude market
into the depths of despair.
I do agree the hack can be interpreted in light of the desperation of US energy interests
to try to kill NS2. I have not yet read the recent articles discussing Biden's recent moves
in that regard. If these moves are a recognition that US LNG to Europe (and elsewhere) are
diametrically opposed to climate responsibility, I'd welcome those moves. As is usually the
case though, environmental responsibility is probably the least likely reason.
Regarding the ownership of Colonial Pipeline: 'IFM Investors, which is owned by 27
Australian union- and employer-backed industry superannuation funds, owns a 16 per cent stake
in Colonial Pipeline, which the infrastructure manager bought in 2007 for $US651
million.'
also
'The privately held Colonial Pipeline is valued at about $US8 billion, based upon the
most recent sale of a 10 per cent stake to a unit of Royal Dutch Shell in 2019.'
Gangs have been operating by registering accounts on selected platforms, signing up for
a free tier, and running a cryptocurrency mining app on the provider's free tier
infrastructure.
After trial periods or free credits reach their limits, the groups register a new
account and start from the first step, keeping the provider's servers at their upper usage
limit and slowing down their normal operations...
The list of services that have been abused this way includes the likes of GitHub,
GitLab, Microsoft Azure, TravisCI, LayerCI, CircleCI, Render, CloudBees CodeShip, Sourcehut,
and Okteto.
GitLab and
Sourcehut have
published blog posts detailing their efforts to curtail the problem, with Sourcehut
complaining cryptocurrency miners are "deliberately circumventing our abuse detection," which
"exhausts our resources and leads to long build queues for normal users."
In the article an engineer at CodeShip acknowledges "Our team has been swamped with
dealing with this kind of stuff."
Who are the Vendors for the SCADA systems? Rockwell, Honeywell, Siemens? Think twice about
public facing gear from publicly listed companies, it's too costly to be honest about many
exploits. I deploy routers from MikroTik, Tools built in to watch connections/traffic live.
Simple to re-flash everything if you get suspicious. Lessons learned from the latest exploits
of Solarwinds and M$ Exchange is the more you know you realize the wider the net. Blaming
nation states for your own stupidity could result TEOTWAWKI. Building fault tolerant systems
can reduce downtime, but who holds the keys? Covid wars is now ramping up into I N F R A W A R
S
REPLYLONGTIMBER IGNORED05/10/2021
at 12:43 pm
"Complexity and connectivity are the Achilles heel of industrial civilization ."
How about foolish interdependence?
-Using Grid Power for refinery & pipelines
-UL1741 Grid Inter-tie Prevents most Solar Customers from using his own "System"
Fukushima survived the events just fine. The Final outcome was due to loss of power.
Evidence is thin, but Natanz enrichment facility is offlineSimon Sharwood, APAC Editor Mon 12 Apr 2021
// 06:57 UTC SHARE
Iran has admitted that one of its nuclear facilities went offline over the weekend, and a
single report claiming Israeli cyber-weapons were the cause has been widely accepted as a
credible explanation for the incident.
Iran on Sunday published
this announcement that said an "accident" impacted the "electricity distribution network"
at its Natanz enrichment facility.
The facility was
inaugurated the previous day, and is thought to have the capability to enrich Uranium and
to represent capacity for uses prohibited under the US/Iran nuclear deal. The Trump
administration tore up that deal, but the Biden administration hoped to revisit the pact.
Iranian officials have said that whatever hit Natanz was an act of "nuclear terrorism".
The Register can find no indication that any radioactive material has been exposed.
Few nations like the idea of anyone in the Gulf region obtaining nuclear capabilities, but
Israel is implacably opposed to the idea. In 1981 Israel bombed a nuclear plant in the early
stages of construction in Iraq and is thought to have collaborated on the Stuxnet worm,
discovered in 2010, that eventually damaged centrifuges used to refine nuclear materials at
Iran's Natanz.
Not long after the news of this weekend's electrical incident, the Israeli Public
Broadcasting Corporation reported that intelligence sources had told
its reporters the accident was in fact a cyber-attack. The corporation is an independent public
broadcaster.
But the say-so of just one of the corporation's shows is all the evidence that Israel had
any hand in the attack. While Israel does not comment on such matters officially, Israeli
politicians have claimed that Natanz was more badly damaged than Iran is letting on. And now
the New York Times reports the
event was a "detonation of explosives."
Iran says it is investigating the cause of the incident and will announce its findings in
due course. ®
Just because a vulnerability is old doesn't mean it's not useful. Whether it's Adobe Flash
hacking or the EternalBlue exploit
for Windows , some methods are just too good for attackers to abandon, even if they're
years past their prime. But a critical 12-year-old bug in Microsoft's ubiquitous Windows
Defender antivirus was seemingly overlooked by attackers and defenders alike until recently.
Now that Microsoft has finally patched it, the key is to make sure hackers don't try to make up
for lost time.
The flaw, discovered by researchers at the security firm SentinelOne, showed up in a driver
that Windows Defender -- renamed Microsoft Defender last year -- uses to delete the invasive
files and infrastructure that malware can create. When the driver removes a malicious file, it
replaces it with a new, benign one as a sort of placeholder during remediation. But the
researchers discovered that the system doesn't specifically verify that new file. As a result,
an attacker could insert strategic system links that direct the driver to overwrite the wrong
file or even run malicious code.
Windows Defender would be endlessly useful to attackers for
such a manipulation, because it ships with Windows by default and is therefore present in
hundreds of millions of computers and servers around the world. The antivirus program is also
highly trusted within the operating system, and the vulnerable driver is cryptographically
signed by Microsoft to prove its legitimacy. In practice, an attacker exploiting the flaw could
delete crucial software or data, or even direct the driver to run their own code to take over
the device.
"This bug allows privilege escalation," says Kasif Dekel, senior security researcher at
SentinelOne. "Software that's running under low privileges can elevate to administrative
privileges and compromise the machine."
SentinelOne first reported the bug to Microsoft in mid-November, and the company released a
patch on Tuesday. Microsoft rated the vulnerability as a "high" risk, though there are
important caveats. The vulnerability can only be exploited when an attacker already has access
-- remote or physical -- to a target device. This means it isn't a one-stop shop for hackers
and would need to be deployed alongside other exploits in most attack scenarios. But it would
still be an appealing target for hackers who already have that access. An attacker could take
advantage of having compromised any Windows machine to bore deeper into a network or victim's
device without having to first gain access to privileged user accounts, like those of
administrators.
SentinelOne and Microsoft agree there is no evidence that the flaw was discovered and
exploited prior to the researchers' analysis. And SentinelOne is withholding specifics on how
the attackers could leverage the flaw to give Microsoft's patch time to proliferate. Now that
the findings are public, though, it's only a matter of time before bad actors figure out how to
take advantage. A Microsoft spokesperson noted that anyone who installed the February 9 patch,
or has auto-updates enabled, is now protected.
Limit third-party security software. I limit mine, so if I have a machine that's going to
be on the latest feature release when it comes out, I only use Windows Defender. If you use
third-party antivirus or multiple antivirus products (such as an antivirus and an
anti-malware) I recommend you Windows 10 Professional version and defer feature releases.
Always check with your antivirus vendor to see what Windows 10 version they support. Don't
assume they will support a new release on day one.
Don't overclock the machine or use any third party software that boosts the performance
(or claims to). Often, I see interaction with performance-enhancing software that causes
issues.
Computer games. If you play computer games, also be aware of potential unwelcome In
particular, I have seen issues related to game licensing or anti-cheating
software .
Dual booting. As much as many of us love to create dual-boot machines, this is something
that can trigger issues. I recommend only doing dual booting if you are an expert user -- and
ensure you have a backup of the system.
Watch for other updates that could be impacting your system.
Windowslatest reports that KB4592438 when installed with Intel Driver & Software
Assistant Tool (DSA) may trigger high CPU usage. Always remember what else you've installed
along with the main Windows patch and see if it's the other thing that's triggered an
issue.
Install video driver updates and BIOS updates. At one point, I would install BIOS updates
when I first purchased a computer or laptop and never ever installed BIOS updates after that
point. Now, before each feature release, I make sure that my systems have up-to-date BIOS
patches installed. I have not had a failure in installing BIOS updates.
Coincidences do occur. From my experience, sometimes when a system reboots, it can expose
and trigger an underlying issue. The problem may not be the update but rather a reboot. For
many years, the best practice -- especially for servers -- was to reboot a system before
installing updates to ensure that the system was healthy before the update is installed.
CISA is an agency full of bureaucrats, not computer specialists. So any judgement is highly
suspect. In my view "computer security bureaucrat" is typically a parasite or a charlatan.
Traditionally computer security departments in large corporations often serve as a place to exile
incompetent wannabes. I do not think the government is different. Real high quality programmers
usually prefer to write their own software not to spend their time analyzing some obtuse malware
code. Often high level honchos in such department are so obviously incompetent that it hurts.
This is the same agency that declared Presidential election 2020 to be the most secure in
history. So their statements are not worth the electrons used to put them on the screen, so say
nothing about a ppar , if they manage to get into such rags as NYT or WaPo.
We need clear-eyed assessment from a real Windows OS specialists like for Stuxnet was
Mark
Russinovich , which is difficult in current circumstances.
The supply chain attack used to breach federal agencies and at least one private company
poses a "grave risk" to the United States, in part because the attackers likely used means
other than just the SolarWinds backdoor to penetrate networks of interest, federal officials
said on Thursday. One of those networks belongs to the National Nuclear Security
Administration, which is responsible for the Los Alamos and Sandia labs, according to a report
from
Politico .
"This adversary has demonstrated an ability to exploit software supply chains and shown
significant knowledge of Windows networks," officials with the Cybersecurity Infrastructure and
Security Agency wrote in an alert . "It is likely that the adversary
has additional initial access vectors and tactics, techniques, and procedures (TTPs) that have
not yet been discovered." CISA, as the agency is abbreviated, is an arm of the Department of
Homeland Security.
Elsewhere, officials wrote: "CISA has determined that this threat poses a grave risk to the
Federal Government and state, local, tribal, and territorial governments as well as critical
infrastructure entities and other private sector organizations."
Reuters, meanwhile, reported that the attackers
breached a separate major technology supplier and used the compromise to get into
high-value final targets. The news services cited two people briefed on the
matter.
FURTHER READING
Premiere security firm FireEye says it was breached by nation-state hackers The attackers,
whom CISA said began their operation no later than March, managed to remain undetected until
last week when security firm FireEye reported that hackers backed by a nation-state had
penetrated deep into its network . Early this week, FireEye said that the hackers were
infecting targets using Orion, a widely used network management tool from SolarWinds. After
taking control of the Orion update mechanism, the attackers were using it to install a backdoor
that FireEye researchers are calling Sunburst. Advertisement
FURTHER READING
Russian hackers hit US government using widespread supply chain attack Sunday was also when
multiple news outlets, citing unnamed people, reported that the hackers had
used the backdoor in Orion to breach networks belonging to the Departments of Commerce,
Treasury, and possibly other agencies. The Department of Homeland Security and the National
Institutes of Health were later added to the list. Bleak assessment
Thursday's CISA alert provided an unusually bleak assessment of the hack; the threat it
poses to government agencies at the national, state, and local levels; and the skill,
persistence, and time that will be required to expel the attackers from networks they had
penetrated for months undetected.
"This APT actor has demonstrated patience, operational security, and complex tradecraft in
these intrusions," officials wrote in Thursday's alert. "CISA expects that removing this threat
actor from compromised environments will be highly complex and challenging for
organizations."
The officials went on to provide another bleak assessment: "CISA has evidence of additional
initial access vectors, other than the SolarWinds Orion platform; however, these are still
being investigated. CISA will update this Alert as new information becomes available."
The advisory didn't say what the additional vectors might be, but the officials went on to
note the skill required to infect the SolarWinds software build platform, distribute backdoors
to 18,000 customers, and then remain undetected in infected networks for months.
"This adversary has demonstrated an ability to exploit software supply chains and shown
significant knowledge of Windows networks," they wrote. "It is likely that the adversary has
additional initial access vectors and tactics, techniques, and procedures that have not yet
been discovered."
Among the many federal agencies that used SolarWinds Orion, reportedly, was the Internal
Revenue Service. On Thursday, Senate Finance Committee Ranking Member Ron Wyden (D-Ore.) and
Senate Finance Committee Chairman Chuck Grassley (R-Iowa) sent a
letter to IRS Commissioner Chuck Rettig asking that he provide a briefing on whether
taxpayer data was compromised.
The IRS appears to have been a customer of SolarWinds as recently as 2017. Given the
extreme sensitivity of personal taxpayer information entrusted to the IRS, and the harm both
to Americans' privacy and our national security that could result from the theft and
exploitation of this data by our adversaries, it is imperative that we understand the extent
to which the IRS may have been compromised. It is also critical that we understand what
actions the IRS is taking to mitigate any potential damage, ensure that hackers do not still
have access to internal IRS systems, and prevent future hacks of taxpayer data.
IRS representatives didn't immediately return a phone call seeking comment for this
post.
The CISA alert said the key takeaways from its investigation so far are:
This is a patient, well-resourced, and focused adversary that has sustained long duration
activity on victim networks The SolarWinds Orion supply chain compromise is not the only
initial infection vector this APT actor leveraged Not all organizations that have the
backdoor delivered through SolarWinds Orion have been targeted by the adversary with
follow-on actions Organizations with suspected compromises need to be highly conscious of
operational security, including when engaging in incident response activities and planning
and implementing remediation plans
What has emerged so far is that this is an extraordinary hack whose full scope and effects
won't be known for weeks or even months. Additional shoes are likely to drop early and
often.
video.ch9.ms
/sessions/teched/na/2013/ATC-B308_Russinovich.pptxStuxnet . Discovered June 2010
after it had spread for year. Exploited 4 zero day Windows vulnerabilities. Print spooler for
remote code execution. ... Written by MarkRussinovich andAaron Margosis. Full
chapters on the major tools: Process Explorer. Process Monitor. Autoruns.
I worked electrical/nuclear with early Programmable controllers/and at maintenance at Nuc
Pwr Generators and alongside Westinghouse and Alstom personnel, etc. and could not make sense
of , for example,
1. Big rush job to "upgrade" nuc electrical control and s/ware at a pwr plant
2.Suddenly GE buys Alstom
3. Siemens intimately involved in sabotage of Iran centrifuges ;[BTW was at U. when Jesse
Beams was spinning at 1 million rps., so I paid attention]
4. Mitsubishi Heavy Ind. sells 4 unique steam generators to US nuc plant, , they all fail,
and 2 operating nuc pwr plants are suddenly shut down...forever [SONGS]. The entire reasons
for failure are true, but absurd in how the failures were "allowed" to happen. E.g., the
certification process was grossly inept and failure was invited, if not assured.
Reminds me the attack on Iranian uranium enrichment infrastructure, which also used patches
as the way to inject malware into the system. And who were the players in this attack?
Notable quotes:
"... Moon of Alabama ..."
"... Next to the NSA and Britain's GHCQ there are at least Israel, China and maybe Russia which do have such capabilities. But whoever had the chutzpah to intrude the cybersecurity company FireEye ..."
"... 'People familiar with the issue' say 'Russia is believed to be responsible'. Well, some kids familiar with wobbly teeth believe in the tooth fairy. What is that 'believe' based on? ..."
Based on my 25 years in cyber security and responding to incidents, I've concluded we are
witnessing an attack by a nation with top-tier offensive capabilities. This attack is
different from the tens of thousands of incidents we have responded to throughout the years.
The attackers tailored their world-class capabilities specifically to target and attack
FireEye. They are highly trained in operational security and executed with discipline and
focus. They operated clandestinely, using methods that counter security tools and forensic
examination. They used a novel combination of techniques not witnessed by us or our partners
in the past.
We are actively investigating in coordination with the Federal Bureau of Investigation and
other key partners, including Microsoft. Their initial analysis supports our conclusion that
this was the work of a highly sophisticated state-sponsored attacker utilizing novel
techniques.
Intruding a cybersecurity company is a mistake as the chance of getting caught is
significantly higher that during an intrusion into other environments. The intruders allegedly
made off with some tools which likely can also be found in the wild.
We have identified a global campaign that introduces a compromise into the networks of
public and private organizations through the software supply chain. This compromise is
delivered through updates to a widely-used IT infrastructure management software -- the Orion
network monitoring product from SolarWinds . The campaign demonstrates top-tier operational
tradecraft and resourcing consistent with state-sponsored threat actors.
Based on our analysis, the attacks that we believe have been conducted as part of this
campaign share certain common elements:
Use of malicious SolarWinds update : Inserting malicious code into legitimate software
updates for the Orion software that allow an attacker remote access into the victim's
environment
Light malware footprint : Using limited malware to accomplish the mission while
avoiding detection
Prioritization of stealth : Going to significant lengths to observe and blend into
normal network activity
High OPSEC : Patiently conducting reconnaissance, consistently covering their tracks,
and using difficult-to-attribute tools
Based on our analysis, we have now identified multiple organizations where we see
indications of compromise dating back to the Spring of 2020, and we are in the process of
notifying those organizations. Our analysis indicates that these compromises are not
self-propagating; each of the attacks require meticulous planning and manual interaction.
Neither FireEye
nor Microsoft named any suspected actor behind the 'difficult-to-attribute'
intrusion effort. Next to the NSA and Britain's GHCQ there are at least Israel, China and
maybe Russia which do have such capabilities. But whoever had the chutzpah to intrude the
cybersecurity company FireEye also blew up their own operation against many targets of
much higher value. Years of work and millions of dollars went to waste because of that one
mistake.
Despite the lack of evidence that points to a specific actor 'western' media immediately
blamed Russia for the spying attempt.
Hackers believed to be working for Russia have been monitoring internal email traffic at the
U.S. Treasury and Commerce departments, according to people familiar with the matter, adding
they feared the hacks uncovered so far may be the tip of the iceberg.
The hack is so serious it led to a National Security Council meeting at the White House on
Saturday, said one of the people familiar with the matter.
...
The U.S. government has not publicly identified who might be behind the hacking , but three
of the people familiar with the investigation said Russia is currently believed to be
responsible for the attack . Two of the people said that the breaches are connected to a
broad campaign that also involved the recently disclosed hack on FireEye, a major U.S.
cybersecurity company with government and commercial contracts.
In a statement posted here to Facebook, the Russian foreign ministry described the
allegations as another unfounded attempt by the U.S. media to blame Russia for cyberattacks
against U.S. agencies.
'People familiar with the issue' say 'Russia is believed to be responsible'. Well, some
kids familiar with wobbly teeth believe in the tooth fairy. What is that 'believe' based
on?
The Associated Press
reported on the wider aspect of the intrusions and also blamed Russia:
Hackers broke into the networks of the Treasury and Commerce departments as part of a
monthslong global cyberespionage campaign revealed Sunday, just days after the prominent
cybersecurity firm FireEye said it had been breached in an attack that industry experts said
bore the hallmarks of Russian tradecraft.
I have read FireEye's and Microsoft's detailed technical analysis of the
intrusion and took a look at the code . As a
(former) IT professional very familiar with network management, I have seen nothing in it that
points to Russia. Who are those 'industry experts' who make such unfounded claims?
In response to what may be a large-scale penetration of U.S. government agencies, the
Department of Homeland Security's cybersecurity arm issued an emergency directive calling on
all federal civilian agencies to scour their networks for compromises.
The threat apparently came from the same cyberespionage campaign that has afflicted
FireEye, foreign governments and major corporations, and the FBI was investigating.
"This can turn into one of the most impactful espionage campaigns on record," said
cybersecurity expert Dmitri Alperovitch .
Ah - the AP talked to Alperovitch, the former chief technical officer of the
cybersecurity firm CrowdStrike . The company which in 2016 claimed that Russia had
stolen emails from the Democratic National Council but could not provide any evidence of that
to the FBI. The company that admitted in Congress testimony that it
did not see any exfiltration of emails from the DNC and had no evidence that Russia was
involved. Alperovitch is also the 'industry expert' who falsely
claimed that Russia hacked into an application used by the Ukrainian artillery. The same
Alperovich who is a Senior Fellow of the
anti-Russian lobbying organization Atlantic Council . Alperovitch apparently has never
seen a software bug or malware that was not made by Russia.
Quoting an earlier version of the above AP story Max Abrams predicted:
"The U.S. government did not publicly identify Russia as the culprit behind the hacks,
first reported by Reuters, and said little about who might be responsible."
You know this story will be retold as all 17 intel agencies 100% certain Putin is behind
it.
That is indeed likely to happen.
Even while there is no hint in the intrusion software where it might have come from the
media all started to blame Russia.
On Sunday, in its first report on the attack, the New York Times headlined:
The Trump administration acknowledged on Sunday that hackers acting on behalf of a foreign
government -- almost certainly a Russian intelligence agency, according to federal and
private experts -- broke into a range of key government networks, including in the Treasury
and Commerce Departments, and had free access to their email systems.
...
News of the breach,
reported earlier by Reuters , came less than a week after the National Security Agency,
which is responsible for breaking into foreign computer networks and defending the most
sensitive U.S. national security systems,
issued a warning that "Russian state-sponsored actors" were exploiting flaws in a system
broadly used in the federal government.
That
warning by the NSA was about a known vulnerability in VMware, a software issue that is
completely unrelated to the intrusions FireEye had detected and which targeted
multiple government agencies.
Not bothering with facts the NYT continued its
insinuations :
At the time, the N.S.A. refused to give further details of what had prompted the urgent
warning. Shortly afterward, FireEye announced that hackers working for a state had stolen
some of its prized tools for finding vulnerabilities in its clients' systems -- including the
federal government's. That investigation also pointed toward the S.V.R., one of Russia's
leading intelligence agencies. It is often called Cozy Bear or A.P.T. 29, and it is known as
a traditional collector of intelligence.
No, the investigation by FireEye does not point in any direction. The company did
not name a suspected actor and it did not mention Russia or the S.V.R. at all. The intrusion is
also in no way similar to those phishing attempts that some have named Cozy Bear or APT 29.
The Times then further discredits itself by quoting the anti-Russian nutter
Alperovich.
On Monday another NYT piece, co-written by Sanger,
describes the wider attack and includes the word 'Russia' 23 times! But it does not provide
any evidence for any Russian involvement in the case. This is the nearest it comes to:
The early assessments of the intrusions -- believed to be the work of Russia's S.V.R., a
successor to the K.G.B. -- suggest that the hackers were highly selective about which victims
they exploited for further access and data theft.
'Believed to be' the tooth fairy?
The piece also falsely insinuates that FireEye has linked the attack to Russia:
FireEye said that despite their widespread access, Russian hackers exploited only what was
considered the most valuable targets.
Nowhere did FireEye say anything about Russian hackers. It only stated that the
intrusions were specifically targeted. The implication of Russia only happened in the
NYT writers' heads.
On Monday, SolarWinds confirmed that Orion - its flagship network management software - had
served as the unwitting conduit for a sprawling international cyberespionage operation. The
hackers inserted malicious code into Orion software updates pushed out to nearly 18,000
customers.
And while the number of affected organizations is thought to be much more modest, the
hackers have already parlayed their access into consequential breaches at the U.S. Treasury
and Department of Commerce.
Three people familiar with the investigation have told Reuters that Russia is a top
suspect, although others familiar with the inquiry have said it is still too early to
tell.
As of now no one but the people behind the intrusion know where it has come from.
SolarWinds , the company behind the network management software that was abused to
intrude agencies and companies, is known for a lack of security:
SolarWinds' security, meanwhile, has come under new scrutiny.
In one previously unreported issue, multiple criminals have offered to sell access to
SolarWinds' computers through underground forums, according to two researchers who separately
had access to those forums.
One of those offering claimed access over the Exploit forum in 2017 was known as "fxmsp"
and is wanted by the FBI "for involvement in several high-profile incidents," said Mark
Arena, chief executive of cybercrime intelligence firm Intel471. Arena informed his company's
clients, which include U.S. law enforcement agencies.
Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that
anyone could access SolarWinds' update server by using the password "solarwinds123"
"This could have been done by any attacker, easily," Kumar said.
And that's it.
Any significant actor with the necessary resources could have used the publicly known
SolarWinds' password to sneak some malware into the Orion software update
process to thereby intrude SolarWinds' customers and spy on them. Without further
definitive evidence there is no reason to attribute the intrusions to Russia.
If anyone is to blame it is surely SolarWinds which has learned nothing from the
attack. Monday night, days after it was warned, its infected software was still available on its
servers . It seems that the SolarWinds people were busy with
more important issues than their customers' security:
Top investors in SolarWinds, the Texas-based company whose software was breached in a major
Russian cyberattack, sold millions of dollars in stock in the days before the intrusion was
revealed.
The timing of the trades raises questions about whether the investors used inside
information to avoid major losses related to the attack. SolarWinds's share price has plunged
roughly 22 percent since the company disclosed its role in the breach Sunday night.
Note the casual use of 'Russian cyberattack', for which there is no evidence, in the very
first sentence.
Silver Lake, a Silicon Valley investor with a history of high-profile tech deals including
Airbnb, Dell and Twitter, sold $158 million in shares of SolarWinds on Dec. 7 -- six days
before news of the breach became public. Thoma Bravo, a San Francisco-based private equity
firm, also sold $128 million of its shares in SolarWinds on Dec. 7.
Together, the two investment firms own 70 percent of SolarWinds and control six of the
company's board seats, giving the firms access to key information and making their stock
trades subject to federal rules around financial disclosures.
Well, grifters are gonna grift.
And 'western' mainstream writers will
blame Russia for anything completely independent of what really happened.
Posted by b on December 16, 2020 at 19:07 UTC |
Permalink
since when has USA needed evidence? They blamed Saddam for years that he had "weapons of mass
distraction". And back in 1990, they created the famous "Iraq solders took babies out fo
incubators " lies. Some of us have lived longer than 30 years and we remember all the lies
USA has said.
all part of the plan to cut Russia from the SWIFT in 2021.
once Biden becomes a president, he will call on all "democracies" to stand up to Russia. He
and other "Western democracies" will hold a joint meeting sometime in 2021 where they will
"condemn Russia for all the malign things Russia has done" and will press Belgium to cut
Russia fro the SWIFT.
Whats wore, instead of doing anything, Russia is just sitting and watching them instead of
warming Europe that this will mean Europe will freeze their collective asses next winter when
they won't be able to get Russia gas. Even Iran is warning Russia that they will be cut off
from the SWIFT.
Putin is getting old and sick, Russia desperately needs a leader who will stand up to those
assholes and warn them to stop. Oh well, it's NOT my problem. Russia better get its asshole
oiled up, it will need it. Putin is a weak and inefficient leader, and the SAker IS full of
shit.
I believe that there are a few golden rules that can be applied to news stories:
1) If the first sentence contains a variation of the words "according to," then the story
is at least partially bullsh*t
2) If a variation of "according to" is in the headline, then every word of the story is a
lie
I have to agree with you, the deep state just cannot get over losing Russia to Putin and
nationalism after the thought that they had turned it into their playground in the 1990s.
They are hot to trot to take out Russia and make it bend the knee, whatever the risks are.
Would not put it past them to pull the SWIFT option, although that would have huge
implications for the Europeans who buy so much oil and gas from Russia.
It could end up as an own goal, as the Europeans join the Russian payments network and
start paying in Euros convertible directly into Rubles (especially with Nordstream 2 in
place). The Indians and Chinese are already setup for payments in local currencies. Right now
China needs Russia as an ally, so they would also probably re-source oil imports to take more
from Russia.
Russia has already made itself self sufficient in food etc., and has been working on
payments in local currencies. They are not stupid, and see such a move coming.
iv> Since Wikileaks first publicised its hacking of the infamous Vault 7
emails demonstrating that the CIA had the ability to attach certain metadata to its own hacking
activities, to insinuate that Russian or Chinese hackers were responsible (and thus put future
investigators on a wrong trail away from the actual culprits), I don't rule out that the CIA
and possibly other intel agencies chummy with it may have penetrated FireEye. Especially as
these hacking attempts appear to have specific targets and some investors in the companies
affected by these hacking attempts seem to employ crystal ball gazers so they were able to
divest themselves of huge numbers of shares and make tidy profits before news of the hacking
came out which would have sent these hacked companies' share prices down into an abyss. Could
some of the hackers themselves be shareholders in the hacked firms?
Since Wikileaks first publicised its hacking of the infamous Vault 7 emails demonstrating
that the CIA had the ability to attach certain metadata to its own hacking activities, to
insinuate that Russian or Chinese hackers were responsible (and thus put future investigators
on a wrong trail away from the actual culprits), I don't rule out that the CIA and possibly
other intel agencies chummy with it may have penetrated FireEye. Especially as these hacking
attempts appear to have specific targets and some investors in the companies affected by
these hacking attempts seem to employ crystal ball gazers so they were able to divest
themselves of huge numbers of shares and make tidy profits before news of the hacking came
out which would have sent these hacked companies' share prices down into an abyss. Could some
of the hackers themselves be shareholders in the hacked firms?
Meanwhile in East Flatrock Tennessee a group of teens is laughing.
"They said our hack was 'an attack by a nation with top-tier offensive capabilities'!
You hear that? We're a nation now! With 'top-tier offensive capabilities' at that! How
awesome is that?"
I believe the Russian President's annual Q&A session is taking place on 17 December
2020. It will be televised and probably videos of it will be uploaded to Youtube and other
platforms over the next few days. The President's own website will feature transcripts of the
session in Russian and English, and probably sevetal other languages. The Q&A session is
usually a marathon affair running several hours. If you watch it, you will find out how ill
Putin appears to be.
b - master propaganda buster, lol... go get em b! i am surprised they aren't coming after
you! maybe they figure you are a relatively obscure presence that will remain irrelevant for
all intensive purposes... and they haven't figured out how to pull an assange or snowden on
you - yet.... you better have some protection with the kgb and know how to speak a little
russian!
Based on my 25 years in cyber security and responding to incidents, I've concluded we are
witnessing an attack by a nation with top-tier offensive capabilities.
Translation: we fucked up and we're gonna blame either China or Russia, depending on the
customer's preference (Republican or Democrat), in order to avoid blame and keep our stock
prices from falling.
If you go to Fox News et al, I'm sure they'll be blaming China.
If you've followed Lavrov's trail for the month of December, he's been in top form in his
denunciations of the United States of Voldemort and its neverending illegalities and immoral
actions. For the curious, the most recent are on the week in review thread. IMO, what
constitutes the Outlaw US Empire's mainstream media lacks credibility across the spectrum of
potential topics just as does the federal government. The planet will be a happier place if
those two entities are just cast away and allowed to drift upon the endless sea of filth they
generate daily.
The Russian Federation can annihilate the United States and US has no defenses against
that.
So they indulge in such self-propaganda exercise, puffing up themselves and their
population, and then they go home, knowing that RF can destroy them.
On the other hand, US can annihilate Iran and Iran cannot do anything about that
either.
So they indulge in such self-propaganda exercise, puffing up themselves and their
population, and then they go home, knowing that US can destroy them.
The only difference between Iran and Russia is that Iran is not a nuclear-armed state,
targeting US cities.
I wonder what percentage of Americans are willing to nuke the Russian Federation - in
contradistinction to the 59% who are willing to nuke Iran - per this M.I.T. report
SL Ayatollah Khamenei by audience of General Soleimani family
"Ayatollah Khamenei said: The funeral of millions of martyrs of Soleimani was the first
severe slap in the face to the Americans, but the more severe slap is "software overcoming
the absurd hegemony of arrogance" and "expelling the United States from the region". It is
definite whenever possible." Fars News Agency 16.12.20
iv> To be honest, this isn't even worth talking about. A non-story that
doesn't deserve any oxygen at all.
The funerals of the late Abu Mehdi Mohandess, the late Brigadier General Solimani and
their companions have been unprecedent in the history of Shia Islam - to my knowledge.
Americans carried out an act that betrayed the extent of their hatred for Iran (as a
country) and Shia (as a religion).
It was not the act of a sane sovereign - but as I have maintained for a long time - those
of a Mad King.
That action, in my opinion, ended the possibility of the United States staying in Iraq, in
Afghanistan, in Syria, or in Lebanon.
I wonder how the Shia would react, overtime, in the Azerbaijan Republic, in Kuwait, in
Bahrain to the United States in the future.
"Neither FireEye nor Microsoft named any suspected actor behind the 'difficult-to-attribute'
intrusion effort. Next to the NSA and Britain's GHCQ there are at least Israel, China and
maybe Russia which do have such capabilities. But whoever had the chutzpah to intrude the
cybersecurity company FireEye also blew up their own operation against many targets of much
higher value. Years of work and millions of dollars went to waste because of that one
mistake."
Well if software+SolarWind+elections = manipulation => proven[before date]
then a country, either from the list of those with 'capabilities', or another whose
capablities were until now unknown, will have invalidated the US election.
Perhaps it may be not worthwhile to discuss the main topic of this thread but I think it
is worthwhile to note it as an indication of the unwillingness to face the World as it is by
many in the United States at all levels.
Now der spiegel,le monde and le figaro have info from Bellingcat about a team of eight FSB
spies and chemical specialist following Navalny for years to take him out,yet not
succeeding.Even the most gullible "Russia,Russia,Russia" consumers start to find this
ridiculous,judging by the comments.Some indeed start to have concerns about a new war on
russia ,that will obviously obliterate all of western-europe.
They had four articles about this in two days.Mockingbird in full speed.It is very clear
to me now that Spiegel ex-journo Udo Ulfkotte was "heartattacked" for outing CIA mastering
der Spiegel in his book.
"This attack is different from the tens of thousands of incidents we have responded to
throughout the years.[...] ...this was the work of a highly sophisticated state-sponsored
attacker utilizing novel techniques"
"Incidents we have responded to"? Meh. Also, this "attack" may or may not be different
from the (likely) tens of thousands of incidents that they've never detected.
Facebook discovered and neutralized a troll farm's accounts related to the french army in
Central African Republic and Mali,working against russian st.petersburg related trollfarm
accounts,that they neutralized as well.This is all about the french countering russians (and
chinese) getting foothold amongst africans,you know the people they threw napalm on in the
fifties,like they did in Vietnam way before the americans,to pacify those people.
And of course Navalny is such a hot item that bellingcats's video on youtube got 10 million
viewers within 48 hours.War on Russia,who is marching on Moscou,any volunteers?The germans
and the french were not very lucky with that in the past,let the united americans have a
try,after all its only europe that is meant for destruction either way.The Rotschilds will be
proud of you.
For me it was enough to read in the news that U.S. Treasury and Commerce department was
among the targets to know who stand behind this operation. It must be very humiliating for US
government, that's why the synchronous chorus about the "Russian Cyberattack", they know well
that it was not Russia ...
U.S. Treasury and Commerce department is the driving force behind "maximum pressure"
sanctions against Iran, terrorizing the Iranian population even blocking trade of medicine
necessary for the treatment of kids with chronically illness.
Now Iranians sit with a complete list of U.S. Treasury and Commerce executives and their
secrets, that would make it difficult for these economical terrorists to have a relaxing
sleep at night. The extra bonus is what Iran got from all other US departments, useful for
the future.
US need to restructure a whole lot of their IT network. protocols, hardware, even
administrators at government and security level to repair at least part of the damage
done.
Khameneie calls it a "sever slap" for the assassination of general Soleimani, one must
agree a mind-blowing one indeed ...
"We are actively investigating in coordination with the Federal Bureau of Investigation and
other key partners, including Microsoft. Their initial analysis supports our conclusion
that this was the work of a highly sophisticated state-sponsored attacker utilizing novel
techniques."
Interpreted as "we screwed up, that Microsoft Defender software is a POS and to think
FireEye AND FBI relied on their crap upgrades - we had better blame Russia and save our total
embarrassment.
They had four articles about this in two days.Mockingbird in full speed.It is very clear to
me now that Spiegel ex-journo Udo Ulfkotte was "heartattacked" for outing CIA mastering der
Spiegel in his book.
Thank you and I fully agree - 'heartbreaker herb' is native to a few eastern countries and
known as an end of life choice of tea that is used by malign actors for centuries. Hard to
find a reference to it these days as most search engines have hidden it. One used to be able
to read of it.
The "united americans" had their try during Russia's Civil War but didn't get very far.
Then they tried carpetbagging neoliberal parasites, and they failed too, although they did
considerable damage. Currently within the Outlaw US Empire, about as many people are out of
work as reside within all of Russia, and their government cares not a whit what happens to
them. On the other hand, President Putin has made it clear on many occasions that every
Russian life is treasured by him and the Russian government, with more support given Russians
than at any previous time by the USSR.
Just so that everyone knows that what this => Framarz @23 poster says is entirely
possible, back in the olden days when I was helping with Linux kernel space stuff Iran was
one of the top five countries where code was being submitted from. Iran has more than just a
few very sharp codesmiths.
Regarding the David Sanger fantasy piece published in the NYT, I commented on the Times's
website that Sanger made the claim of Russian culpability without providing a shred of actual
evidence. Much to my surprise, my comment was accepted for publication. Shortly thereafter,
it mysteriously vanished into the ether, no doubt having been read and removed by some editor
or even by slimeball Sanger himself. Now that was not a surprise.
Thanks for your contribution but it's crystal clear that Khamenei took the responsibility for
this operation today, looking at the eyes of Soleimani's daughter and saying what he said:
(english text)
fna(dot)ir/f1cm2o
- looks like use of (ir) domain causing the text to be blocked, convert the dot
Indeed - if there's anything to be learned, it is that cyber security even in government
intel agencies (Snowden), the military (Manning), political parties (Clinton emails) and now
FireEye plus numerous other Solarwinds customers - is marked more for what it isn't than for
what it is.
This on top of the damage caused by NotPetya and WannaCry - both of which did so much damage
because clearly even Fortune 50 companies don't bother to segment their networks even between
countries.
Incompetence and CYA rules the day.
iv> framarz link might show up later.. i just posted it, but it is in the
cue to be released later, or not..
Re: They had four articles about this in two days.Mockingbird in full speed.It is very
clear to me now that Spiegel ex-journo Udo Ulfkotte was "heartattacked" for outing CIA
mastering der Spiegel in his book.
-Posted by: willie | Dec 16 2020 20:56 utc | 18
Didn't know that until you shared just now. Really terrible if true, but not that
surprising given recent events. Wikipedia sez he died 13 January 2017 (aged 56). That would
have happened during the Obama/Brennan period.
If I understand correctly what you're hinting at, then I'll add that the alps and the
nordic countries are also rife with it. It's principle active alkaloid is easily to determine
port-mortem and if you're lucky, a good clinician will also diagnose it correctly before it's
too late..
Less easy to pinpoint are the effects of targeted exposure with masers.
"But whoever had the chutzpah to intrude the cybersecurity company FireEye also blew up their
own operation against many targets of much higher value. Years of work and millions of
dollars went to waste because of that one mistake."
yankistan propaganda always inserts a clause to show that hackers are bumblers. Reading
the very short one sentence report in Reuters, the yanks got hit hard. pompus had to fly home
and cut short his cold/hot war rabble rousing efforts.
Thank you so much for "Yankistan". That sums it up nicely.
b's observation also gives a clue that it may very well be a white hat attack by the NSA.
Lucky for us they could go the extra mile and give it some "positive" spin. Snark.
[This post not appear, so here it is without links]
Whatever is the definition of "intelligence", certainly it must be inclusive of this
example, from Khamenei:
"Lifting sanctions is up to the enemy, but nullifying them is up to us'"
Also, he said "We must be strong in all areas, including economy, science, technology and
defense, because as long as we do not grow strong, the enemies will not give up greed and
aggression."
Now, compare that last to JV Stalin's 1931 speech in the run-up to WW 2:
"One feature of the history of old Russia was the continual beatings she suffered because
of her backwardness. ... All beat her -- because of her backwardness, because of her military
backwardness, cultural backwardness, political backwardness, industrial backwardness,
agricultural backwardness. They beat her because it was profitable and could be done with
impunity..."
Interesting, eh?
Hat-tip to Framarz | Dec 16 2020 21:53 utc | 30 for Khamenei link.
Stalin's speech link to follow...if it posts.
This cyber attack has NSA written all over it. Either that or the attackers had access to the
tools that were leaked from the NSA trove. The tactics at least are very similar in some
ways.
@willie - I posted a link to CNN's joint investigation with Bellingcat, Der Spiegel, and
"The Insider" the other day in the open thread. Nobody seemed to have noticed. Looks like
Russia has responded to them.
I didn't have time to delve into all the different pages that comprise Bellingcat's
allegations nor did I see anywhere in their stated methodology how they got access to these
phone records that they're claiming correspond to the agents tailing Navalny. At least they
didn't call him "opposition leader" this time - just "opposition activist" or something like
that. LOL I'll be interested to see b's take on this affair once he's had time to digest it -
and there is a lot to digest.
What is so cynical is that during the last three years of fake "Russian Collusion" certain
politicians were colluding with the Chinese CCP, ie in actuality doing what they were
accusing Trump of doing. Inevitable now that there is big trouble brewing in the US, I don't
see how all the fraud evidence on every level can be disregarded, let alone apparent foreign
involvement in the voting machines.
western' mainstream writers will blame Russia for anything completely independent of what
really happened.
can we get a list of these writers.. and store their names and aliases somewhere. a db..
is needed.
b - master propaganda buster, lol... go get em b! i am surprised the oligarch wealth and its
minions haven't
figured out how to pull an assange or snowden on you - yet.... you better have some
protection with the kgb
and know how to speak a little russian! by: james @ 8
James I think the propaganda monsters have discovered how to take b down, they
probably plan to ask B to self inject himself with one of their Gene Modifying
Vaccines(GMVs) with expectation that a mental giant will vegetate to a wimp.
.....
The CIA remains firmly in charge of US policy and the mainstream media. by: gottlieb @ 6
Not really, the people who support and control the CIA have firm control over
politics,
finance, CIA, and media, remember the nine layers of control consist of but two layers
that are public. The CIA is the leg breaker arm of that oligarch cartel. .. .. but mr
gottlieb
please list who in the CIA is the leg breaker in charge over US Policy and explain
how US Policy, CIA leg breaking, mainstream media, wall street execution are financed
marketed and coordinated. I suggest to you these are not government people but private
party marketers.
Just saying a bunch of puppets dressed in CIA suits are in charge is useless.. I will
bet when you identify to us, who it is you are talking about, it will be discovered the
person you think is in charge is not, but instead that person is executing orders given
by a private party someone else. Its the private party some one else that needs media
exposure.
who (by name) do the puppets work for,
how can the string pullers be identified, and
Ill bet because the string pullers are not government at all, but private exploitative
persons, that can be legally tracked?
To Norwegian @ 21 fascinating The private parties most likely responsible (PPMLR) for
the
cyber attack have been asked to investigate the victim of the cyber attack. The PPMLR's
initial findings support the victim pre investigation conclusion made before the
investigation
was complete that the cyber attack was the work of a highly sophisticated state
sponsored attacker utilizing novel techniques? Not all of us were born yesterday?
"I haven't looked at the kernel sources for any significant amount of time for years. It would be interesting to make a tally
of what kind of patches were brought in by Iranian contributors. That is to say, if at any time fixes were made to 'bugs'
brought/left in by the likes of IBM, Intel, Nvidia et al. Would be a nice holiday project."
A number of years back I used to contribute patches for inclusion in the Linux kernel
and stayed up to date on day to day submissions. One thing that surprised me back then was
how many were coming from Iran. Iran was one of the top ten countries where fixes and new
features for Linux were coming from.
After the CIA's Stuxnet attack on Iran back in 2010, Iran began to transition away from
using Windows operating system towards using Linux. This is because it was clear that
Microsoft played a part in distributing the Stuxnet code to computers in Iran embedded
within otherwise normal OS updates.
Presumably the version of Linux authorized for use in Iran by the military and in
strategic infrastructure is a custom distribution that has be heavily audited for security.
Iran certainly has the domestic talent to accomplish this so I have no doubt that the
rumors of it are true. This dramatically increases the difficulty the CIA faces in
launching their cyber attacks. Most of the CIA's tools use backdoors that software vendors
design into their products just for that purpose, but since you can build Linux from source
code it is difficult to hide backdoors that competent programmers cannot find in that
source code.
Basically, the biggest impact of letting the CIA go wild like this is that it will
encourage more people, institutions, and countries to ditch Microsoft products. That is a
very good thing.
The big danger here is that all sides can play such games. The U.S. does not have a
monopoly or even a large advantage in waging cyber wars. It is in fact more vulnerable
than others. Edward Snowden provided proof that the NSA is unable to protect its own
secrets. Wikileaks published Vault 7, the CIA's own secret cyber attack tool collection.
If even the NSA and the CIA can not protect their systems one can only imagine how bad
the security situation is in private institutions like U.S. banks, media organizations,
charities, religious institutions or businesses.
If the CIA targets such institutions in other countries counter attacks on similar
U.S. entities become legitimate.
There may be a method to this madness. Last "Open Thread", I linked this op-ed from an
American columnist for Bloomberg (via The Japan Times):
Fortunately, this is only a very partial history of Cold War America. The fever of
McCarthyism broke by the mid-1950s; the country's institutions proved stronger than the
challenge that movement posed to them. On the whole, the superpower rivalry was a force
for constructive change.
It seems there's an eschatological thesis among many post-war American intellectuals
(many of whom are certainly working for the CIA, in one position or another) that constant
(perpetual) warfare against foreign enemies can solve the USA's own inner capitalist
contradictions. That, if America's enemies attack it with all their guile and force of
will, America will inherently develop its own means of repelling their attack and, at the
same time, develop itself.
Certainly, this "theory" arose, in part, by necessity: as liberal democracy became less
and less compatible with capitalism, the USG had to resort more and more to foreign events
and States of Emergency to pass the legislation needed to satisfy the interests of its own
elite (bourgeoisie). The most illustrative example of this was the Patriot Act, born from
the ashes of the Twin Towers.
But I don't think it is just that. The author mentions many legitimate episodes during
the Cold War where the USA reformed directly because of pressure exerted by the USSR (the
Civil Rights Act of 1968). He could be even more eloquent and simply mentioned the concept
of Welfare State in Western Europe - which was only invented because of the shadow of the
USSR, cast from the other side of Berlin.
So, in this case, I think there is a significant portion of the American intelligentsia
who genuinely believe in this mad thesis that perpetual war will always solve positively
all the domestic problems of the USA. I don't think this is pure cynicism: many of those
Cold War living fossils really envision an even better America for their children and
grandchildren by promoting an all-out war against China, Russia, Iran, North Korea et al -
even in the stances where USA proper is attacked and Americans directly die because of
it.
Presumably the version of Linux authorized for use in Iran by the military and in
strategic infrastructure is a custom distribution that has be heavily audited for
security.
"... The application is an open source clone of the Windows-only TinyTask utility, which runs on both Windows and Linux with Xorg, with Wayland support "coming soon". ..."
Atbswp is a new graphical
utility (Python3) that can be used to record the mouse and keyboard events. You can then
reproduce (play) them identically as many times as you want by either clicking a button, or
save the mouse and keyboard actions as a script and run it without having to relay on
Atbswp.
The application is an open source clone of the Windows-only TinyTask utility, which runs
on both Windows and Linux with Xorg, with Wayland support "coming soon".
This
application can be useful to automate some demo for example, or to perform long tasks that
require clicking on the same items over and over again. In case you want to automate repetitive
typing (text expansion), I recommend AutoKey
instead.
Atbswp desktop automation tool features:
Record and play the mouse movement / clicks and keyboard presses on demand
Save the capture (macro) as a script and run it independently of Atbswp
Can use hotkeys to start recording and playback
Allows repeating a capture for a given number of times or indefinitely
The reason European customers trust Huawei is because Huawei uses open-source software or at
least makes their code available for inspection by customers.
Closed-source software cannot provide secrecy or security. This was vividly demonstrated
last month when
NSA revealed a critical vulnerability in Windows 10 that rendered any cryptographic
security worthless.
Rashid's simulated attack exploits CVE-2020-0601, the critical vulnerability that
Microsoft patched on Tuesday after receiving a private tipoff from the NSA. As Ars
reported, the flaw can completely break certificate validation for websites, software
updates, VPNs, and other security-critical computer uses. It affects Windows 10 systems,
including server versions Windows Server 2016 and Windows Server 2019. Other versions of
Windows are unaffected.
The flaw involves the way the new versions of Windows check the validity of certificates
that use elliptic-curve cryptography. While the vulnerable Windows versions check three ECC
parameters, they fail to verify a fourth, crucial one, which is known as a base point
generator and is often represented in algorithms as 'G.' This failure is a result of
Microsoft's implementation of ECC rather than any flaw or weakness in the ECC algorithms
themselves.
The attacker examines the specific ECC algorithm used to generate the root-certificate
public key and proceeds to craft a private key that copies all of the certificate
parameters for that algorithm except for the point generator. Because vulnerable Windows
versions fail to check that parameter, they accept the private key as valid. With that, the
attacker has spoofed a Windows-trusted root certificate that can be used to mint any
individual certificate used for authentication of websites, software, and other sensitive
properties.
I do not believe this vulnerability was a bug. It is more likely a backdoor intentionally
left in the code for NSA to utilize. Whatever the case, NSA must have known about it for
years. Why did they reveal it now? Most likely someone else had discovered the back door and
may have been about to publish it.
(I
commented on these same issues on Sputnik a few weeks ago.)
Are you new to PowerShell? Use this guide to create and run your first script file on
Windows 10. Mauro Huculak 9 Oct 2019 8
<img
src="https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/01/run-script-file-powershell-remotesigned-windows-10_.jpg?itok=uUp-wanV"
width="800" height="600" alt="">
On Windows 10, PowerShell is a command-line tool that allows you to run commands and scripts
to change system settings and automate tasks. It's similar to Command Prompt. Still, PowerShell
is a more capable command-line interface (CLI) that provides an extensive set of tools and
offers more flexibility and control (especially for scripting).
A script is just a collection of commands saved into a text file (using the .ps1 extension)
that PowerShell can understand and execute in sequence to perform one or multiple actions. The
only caveat is that unlike Command Prompt, the default security protocol always prevents all
scripts from running on your device.
This means that when double-clicking a ".ps1" file on Windows 10 nothing will happen, and if you try
to execute the script within PowerShell, you'll get the "cannot be loaded because running
scripts is disabled on this system" error message. However, it's not impossible to run scripts.
You just need to enable the correct execution policy.
How to create a PowerShell script file on Windows 10
On Windows 10, you can create PowerShell script files using virtually any text editor or the
Integrated Scripting Environment (ISE) console that comes preinstalled on every
installation.
Creating a script using Notepad
To create a PowerShell script using Notepad on Windows 10, use these steps:
Open Start .
Search for Notepad , and click the top result to open the app.
Write a new or paste your script on the text file -- for example:
Write-Host "Congratulations! Your first script executed successfully"
Once you complete the steps using Notepad or PowerShell ISE, the script is ready to run, but
it will fail by default. This is because the default PowerShell settings are always set to
block the execution of any script.
How to run a PowerShell script file on Windows 10
If you want to run a script file on PowerShell, you have to change the execution policy on
Windows 10.
To change the execution policy to run PowerShell scripts, use these steps:
Open Start .
Search for PowerShell , right-click the top-result and click the Run as administrator
option.
Type the following command to allow scripts to run and press Enter :
In the above command, make sure to change "PATH\TO\SCRIPT" to the location of your
script.
After you complete the steps, the script will run, and if it was crafted correctly, you
should see its output without issues.
On Windows 10, PowerShell includes four execution policies, including:
Restricted -- Stops any script from running.
RemoteSigned -- Runs scripts created on the device. However, scripts created on another
computer won't run unless they include a signature of a trusted publisher.
AllSigned -- All the scripts will run as long as they've been signed by a trusted
publisher.
Unrestricted -- Runs any script without any restrictions.
In the above steps, we use the command to allow local scripts to run on Windows 10. However,
if you're not planning to execute scripts regularly, you can restore the default settings to
prevent running scripts that you don't trust using the same instructions, but on step No. 4 ,
make sure to use the Set-ExecutionPolicy Restricted command.
More Windows 10
resources
For more helpful articles, coverage, and answers to common questions about Windows 10, visit
the following resources:
Something is really fishy here. Dynamic IP address is reassigned only if you do not switch on you computer on for several days,
which is not very probable for Krugman. Otherwise it is glued to this device and is difficult to highjack without installing
malware on the computer or router. and he should have static IP anyway, he is not some poor shmuck and can
afford extra $10 a month to have.
Two devices with the same IP on the network are usually automatically detected and it is
difficult to use them for download, as during this time the second device will lose Internet connection completely and the
problem will be detected by the ISP support.
So the only option is that somebody installed backdoor malware on Krugman computer and used his harddrive for storage. That's
an extremely improbable scenario, unless he visited some grey site himself.
Posted by EditorDavid on Saturday October 12, 2019 @04:34PM from the Microsoft-Android dept. An
anonymous reader quotes VentureBeat:
At Samsung's Galaxy Unpacked 2019 in August and the
Surface hardware event last week, Microsoft talked about Windows 10's Your Phone app getting a
new "Calls" feature. Today, the company is letting Windows Insiders start testing an early
preview
of Android calling on Windows 10 .
Having given up on Windows Phone, Microsoft has increasingly poured more resources into
Android as its mobile platform of choice. The company offers plenty of Android apps and
features, including some that it can't match on Apple's more restricted iOS platform. Last
week, Microsoft even unveiled the
dual-screen Surface Neo Android phone , coming in holiday 2020.
Your Phone is part of Microsoft's "Continue on PC" functionality, which lets you send
a task from your Android or iOS device to Windows 10. The app's main purpose is to let you
access your phone's content -- like text messages, photos, and notifications -- right on your
PC. The feature first arrived with the Windows 10 Fall Creators Update in October 2017, and
Microsoft has been broadening it ever since. Calling support means you no longer have to grab
your Android phone to answer a call when you're at your computer. You can interact with the
call using your PC's speakers, microphone, and screen.
ccnafr shared their report:
One of the gang's victims was Tobias
Frömel , a German software developer. Frömel was one of the victims who paid the
ransom demand so he could regain access to his files. However, after paying the ransom,
Frömel also analyzed the ransomware, gained insight into how Muhstik operated, and then
retrieved the crooks' database from their server . "I know it was not legal from me," the
researcher wrote in a text file he
published online on Pastebin earlier Monday, containing 2,858 decryption keys. "I'm not the
bad guy here," Frömel added.
Besides releasing the decryption keys, the German developer also published a decrypter
that all Muhstik victims can use to unlock their files. The decrypter is available on
MEGA [
VirusTotal scan ], and
usage instructions are avaiable on the Bleeping Computer forum.
In the meantime, Frömel has been busy notifying Muhstik victims on Twitter about the
decrypter's availability, advising users against paying the ransom.
Carbyne's current CEO, Amir Elichai, served in Unit 8200 and tapped
former Unit 8200 commander and current board member of AIPAC Pinchas
Buchris to serve as the company's director and on its board. In addition to Elichai,
another Carbyne co-founder, Lital Leshem , also served in Unit 8200 and
later worked for Israeli private spy company Black Cube. The only Carbyne co-founder that
didn't serve in Unit 8200 is Alex Dizengof, who previously worked for Israel's Prime
Minister's office.
As MintPress noted in
a past report detailing Israeli military intelligence's deep ties to American tech giant
Microsoft, Unit 8200 is an elite unit of the Israeli Intelligence corps that is part of the
IDF's Directorate of Military Intelligence and is involved mainly in signal intelligence (i.e.,
surveillance), cyberwarfare and code decryption. It is frequently described as the Israeli
equivalent of the NSA and Peter Roberts, senior research fellow at Britain's Royal United
Services Institute, characterized the unit in an interview with the
Financial Times as "probably the foremost technical intelligence agency in the world and
stand[ing] on a par with the NSA in everything except scale."
Notably, the NSA and Unit 8200 have collaborated on numerous projects, most infamously on
the
Stuxnet virus as well as the Duqu
malware . In addition, the NSA is known to work with veterans of Unit 8200 in the private
sector, such as when the NSA hired two Israeli companies , to
create backdoors into all the major U.S. telecommunications systems and major tech companies,
including Facebook, Microsoft and Google.
Both of those companies, Verint and Narus, have top executives with ties to Israeli
intelligence and one of those companies, Verint (formerly Comverse Infosys), has a history of
aggressively
spying on U.S. government facilities.
Unit 8200 is also
known for spying on civilians in the occupied Palestinian territories for "coercion
purposes" -- i.e., gathering info for blackmail -- and also for
spying on Palestinian-Americans via an intelligence-sharing agreement with the NSA.
So before MH17 Dutch intelligence was involved with Stuxnet. Nice, if we can believe the author... It is possible that this
is a plated story with fake facts and dates designed to cover something up. Iranians now probably know a lot more, but they are
not talking.
BTW the following completely discredits the article exposing the authors as frauds: " AIVD's cyber capabilities are well known now
-- last year it was revealed that AIVD was responsible for tipping off the FBI to the 2016 hack of the Democratic National Committee,
knowledge it had acquired because
its operatives had hacked into computers belonging to the Russian hacking group known as Cozy Bear in 2014 and were watching in
2015 when the Russians broke into computers at the U.S. State Department and the DNC. "
DNC was most probably an internal
leak (possibly by Seth Rich),
not a hack and any intelligence agency. Which makes any authors who claims that it was hack a part of the cover-up operation.
Comments are very interesting, much more then the article itself, as they reveals unprecedented level of distrust among commenters
toward Israel (who was the main beneficiary of the sabotage of the Iran nuclear program, as it complete with Iran for regional hegemony)
and by extension the USA.
Notable quotes:
"... An Iranian engineer recruited by the Dutch intelligence agency AIVD provided critical data that helped the U.S. developers target their code to the systems at Natanz, according to four intelligence sources. That mole then provided much-needed inside access when it came time to slip Stuxnet onto those systems using a USB flash drive. ..."
"... The Dutch were asked in 2004 to help the CIA and Mossad get access to the plant, but it wasn't until three years later that the mole, who posed as a mechanic working for a front company doing work at Natanz, delivered the digital weapon to the targeted systems. "[T]he Dutch mole was the most important way of getting the virus into Natanz," one of the sources told Yahoo. ..."
"... The Olympic Games operation was primarily a joint U.S.-Israel mission that involved the NSA, the CIA, the Mossad, the Israeli Ministry of Defense and the Israeli SIGINT National Unit, Israel's equivalent of the NSA. But the U.S. and Israel had assistance from three other nations, according to sources, hence the covert codename that gave nod to the five-ring symbol of the world's most famous international sporting event. Two of the three participating players were the Netherlands and Germany. The third is believed to be France, although U.K. intelligence also played a role. ..."
"... The Dutch intelligence agency, known as AIVD, along with U.S. and British intelligence, infiltrated Khan's supply network of European consultants and front companies who helped build the nuclear programs in Iran and Libya. That infiltration didn't just involve old-school tradecraft but also employed offensive hacking operations being developed as part of the burgeoning field of digital espionage. ..."
"... The Dutch intelligence agency already had an insider in Iran, and after the request from the CIA and Mossad came in, the mole decided to set up two parallel tracks -- each involving a local front company -- with the hope that one would succeed getting into Natanz. ..."
"... it wasn't until February 2007 that they formally launched the enrichment program by installing the first centrifuges in the main halls at Natanz. ..."
"... A sabotage test was conducted with centrifuges some time in 2006 and presented to President George Bush, who authorized the covert operation once he was shown it could actually succeed. ..."
"... sometime before the summer of 2007, the Dutch mole was inside Natanz. ..."
"... they made final changes to the code on Sept. 24, 2007, modifying key functions that were needed to pull off the attack, and compiled the code on that date. Compiling code is the final stage before launching it. ..."
"... Engineers at Natanz programmed the control systems with code loaded onto USB flash drives, so the mole either directly installed the code himself by inserting a USB into the control systems or he infected the system of an engineer, who then unwittingly delivered Stuxnet when he programmed the control systems using a USB stick. ..."
"... the malware worked its sabotage throughout 2008. In 2009 the attackers decided to change tactics and launched a new version of the code in June that year and again in March and April 2010. This version, instead of closing valves on the centrifuges, varied the speed at which the centrifuges spun, alternatively speeding them up to a level beyond which they were designed to spin and slowing them down. ..."
"... But their later tactic had a different drawback. The attackers added multiple spreading mechanisms to this version of the code to increase the likelihood that it would reach the target systems inside Natanz. This caused Stuxnet to spread wildly out of control, first to other customers of the five contractors, and then to thousands of other machines around the world, leading to Stuxnet's discovery and public exposure in June 2010. ..."
"... Gen. Michael Hayden, former head of the CIA and the NSA, acknowledged its groundbreaking nature when he likened the Stuxnet operation to the atomic bombs dropped on Hiroshima and Nagasaki. "I don't want to pretend it's the same effect," he said, "but in one sense at least, it's August 1945." ..."
"... Could it be that the story itself has been planted by intelligence operatives? Well, yeah. Okay. Now we have a story with a potential epiphany. ..."
"... The assassination of civilian scientists fall under the same umbrella but as a crime of murder. The malware move does not bother me but could have caused the release of toxic radiation throughout the world. Killing civilians is wrong. ..."
"... Interesting how Israel planted a virus to help "not to destroy Iran's nuclear program outright but to set it back for a while to buy time for sanctions and diplomacy to take effect." And now Israel is so adamant in trying to derail it. ..."
"... Lot's of misinformation out there about Iran and Nuclear power, they have never tried to put a nuke BOMB together. They may not like Israel but they have never threatened them with Nukes either ..."
"... Israel has provoked so many neighbors, their troubles are on them. They are bullies in the region and the world protects them even when they mistreat and attack others. They always claim they are going after enemies who are plotting against them, but the truth is they are stealing more land. ..."
"... The Mossad is spying on US citizens ..."
"... We're supposed to believe these sources? This piece is typical of the Huff who makes up sensational conspiracies, revelations, showing them as be a or facts. Laughable ..."
"... As always, if we turn the situation around, the major news media would be screaming bloody murder and calling for war with Iran. ..."
"... One of the top American generals, Smedley Butler, was correct when he called war nothing but a racket. ..."
"... to help Israel achieve its demented goal, Stuxnet, ultimately, has come back to bite the US in the >ssa<. Good going morons. How to teach the enemy defeat you in your own game. ..."
"... Yet, as a signatory to the NNPT, Iran has every right to pursue nuclear energy, for civilian purpose ..."
"... Meanwhile, India, Pakistan and Israel couldn't legally sign the NNPT, as they refused to divulge how many nukes they had... ..."
"... This article glorifies the typical USA interference in other countries affairs, the hate and mistrust toward the USA is 100% founded, that country through out its history has shown his neighbors and the the rest of the world that they are friends of no one and always try to undermine other nations. ..."
"... They practically exterminated the native Americans, stole half of Mexico, sponsored coups all over the world, promoted wars and became the biggest producer of arms. All historical facts that no one can denied, and so much more, karma will eventually catch up with the USA, is already starting ..."
"... Another propaganda by YAHOO. Nothing about the 6 billion Obama gave them ??? What do you thing that money went towards. Yahoo should be investigated for treason. ..."
"... The Neocons (and NeoLiberals) opened Pandora's box when they came up with the plan to destabilize the Middle East. Instead they destabilized our planet.. ..."
"... Did you know the UK and Australia worked with Clapper and Brennan to spy on Trump and his campaign team? ..."
"... Zionist are finally losing their propaganda war little by little. American people are fed up ..."
"... "Stuxnet was pretty much dead as a spreading worm a month after it was discovered," he added. "Every antivirus company worth its salt had Stuxnet detection signatures out quickly. It was a worm designed to never be found in the 1st place. Once it was uncovered, it was defenseless." ..."
"... How is this story any more than gossip with international security ramifications? ..."
The first-of-its-kind virus, designed to sabotage Iran's nuclear program, effectively launched the era of digital warfare and
was unleashed some time in 2007, after Iran began installing its first batch of centrifuges at a controversial enrichment plant near
the village of Natanz.
The courier behind that intrusion, whose existence and role has not been previously reported, was an inside mole recruited by
Dutch intelligence agents at the behest of the CIA and the Israeli intelligence agency, the Mossad, according to sources who spoke
with Yahoo News.
An Iranian engineer recruited by the Dutch intelligence agency AIVD provided critical data that helped the U.S. developers
target their code to the systems at Natanz, according to four intelligence sources. That mole then provided much-needed inside access
when it came time to slip Stuxnet onto those systems using a USB flash drive.
The Dutch were asked in 2004 to help the CIA and Mossad get access to the plant, but it wasn't until three years later that
the mole, who posed as a mechanic working for a front company doing work at Natanz, delivered the digital weapon to the targeted
systems. "[T]he Dutch mole was the most important way of getting the virus into Natanz," one of the sources told Yahoo.
Neither the CIA nor the Mossad responded to inquiries from Yahoo News about the information. The AIVD declined to comment on its
involvement in the operation.
The now famous covert operation known as "Olympic Games" was designed not to destroy Iran's nuclear program outright but to set
it back for a while to buy time for sanctions and diplomacy to take effect. That strategy was successful in helping to bring Iran
to the negotiating table, and ultimately resulted in an agreement with the country in 2015.
The revelation of Dutch involvement harkens back to a time when there was still extensive cooperation and strong, multilateral
agreement among the U.S. and its allies about how to deal with the Iranian nuclear program -- a situation that changed last year
after the Trump administration pulled out of the hard-won nuclear accord with Tehran.
withdrawal from the Iran nuclear deal, May 8, 2018. (Photo: Saul Loeb/AFP/Getty Images)
The Olympic Games operation was primarily a joint U.S.-Israel mission that involved the NSA, the CIA, the Mossad, the Israeli
Ministry of Defense and the Israeli SIGINT National Unit, Israel's equivalent of the NSA. But the U.S. and Israel had assistance
from three other nations, according to sources, hence the covert codename that gave nod to the five-ring symbol of the world's most
famous international sporting event. Two of the three participating players were the Netherlands and Germany. The third is believed
to be France, although U.K. intelligence also played a role.
Germany contributed technical specifications and knowledge about the industrial control systems made by the German firm Siemens
that were used in the Iranian plant to control the spinning centrifuges, according to sources. France is believed to have provided
intelligence of a similar sort.
But the Dutch were in a unique position to perform a different role -- delivering key intelligence about Iran's activities to
procure equipment from Europe for its illicit nuclear program, as well as information about the centrifuges themselves. This is because
the centrifuges at Natanz were based on designs stolen from a Dutch company in the 1970s by Pakistani scientist Abdul Qadeer Khan.
Khan stole the designs to build Pakistan's nuclear program, then proceeded to market them to other countries, including Iran and
Libya.
The Dutch intelligence agency, known as AIVD, along with U.S. and British intelligence, infiltrated Khan's supply network
of European consultants and front companies who helped build the nuclear programs in Iran and Libya. That infiltration didn't just
involve old-school tradecraft but also employed offensive hacking operations being developed as part of the burgeoning field of digital
espionage.
AIVD's cyber capabilities are well known now -- last year it was revealed that AIVD was responsible for tipping off the FBI to
the 2016 hack of the Democratic National Committee, knowledge it had acquired because
its operatives had hacked into computers belonging to the Russian hacking group known as Cozy Bear in 2014 and were watching
in 2015 when the Russians broke into computers at the U.S. State Department and the DNC.
But during the early days of Iran's nuclear program, AIVD's hacking team was small and still developing.
The Iranian program, which had been on the back burner for years, kicked into high gear in 1996, when Iran secretly purchased a set
of blueprints and centrifuge components from Khan. In 2000, Iran broke ground at Natanz with plans to build a facility that would
hold 50,000 spinning centrifuges for enriching uranium gas. That same year, AIVD hacked the email system of a key Iranian defense
organization in an effort to obtain more information about Iran's nuclear plans, according to sources.
Israeli and Western intelligence agencies secretly monitored the progress at Natanz over the next two years, until August 2002,
when an Iranian dissident group publicly exposed the Iranian program at a press conference in Washington, D.C., using information
provided by the intelligence agencies. Inspectors for the International Atomic Energy Agency, the United Nations body that monitors
nuclear programs around the world, demanded access to Natanz and were alarmed to discover that the Iranian program was much further
along than believed.
Iran was pressed into agreeing to halt all activity at Natanz while the IAEA sought to obtain more information about the nuclear
program, and the suspension continued throughout all of 2004 and most of 2005. But it was only a matter of time before operations
at Natanz resumed, and the CIA and the Mossad wanted to be inside when they did.
The request to the Dutch for help with this came toward the end of 2004, when a Mossad liaison working out of the Israeli Embassy
in the Hague and a CIA official based at the U.S. Embassy met with a representative from AIVD. There was no talk yet about inserting
a digital weapon into the control systems at Natanz; the aim at that time was still just intelligence.
But the timing wasn't random. In 2003, British and U.S. intelligence had landed a huge coup when they intercepted a ship containing
thousands of centrifuge components headed to Libya -- components for the same model of centrifuges used at Natanz. The shipment provided
clear evidence of Libya's illicit nuclear program. Libya was persuaded to give up the program in exchange for the lifting of sanctions,
and also agreed to relinquish any components already received.
By March 2004, the U.S., under protest from the Dutch, had seized the components from the ship and those already in Libya and
flown them to the Oak Ridge National Lab in Tennessee and to a facility in Israel. Over the next months, scientists assembled the
centrifuges and studied them to determine how long it might take for Iran to enrich enough gas to make a bomb. Out of this came the
plot to sabotage the centrifuges.
The Dutch intelligence agency already had an insider in Iran, and after the request from the CIA and Mossad came in, the mole
decided to set up two parallel tracks -- each involving a local front company -- with the hope that one would succeed getting into
Natanz.
Establishing a dummy company with employees, customers and records showing a history of activity, takes time, and time was in
short supply. In late 2005, Iran announced it was withdrawing from the suspension agreement, and in February 2006 it began to enrich
its first batch of uranium hexaflouride gas in a pilot plant in Natanz. The Iranians ran into some problems that slowed them down,
however, and it wasn't until February 2007 that they formally launched the enrichment program by installing the first centrifuges
in the main halls at Natanz. [ in 2007 it is still Bush administration (which means Cheney) at the helm]
By then, development of the attack code was already long under way. A sabotage test was conducted with centrifuges some time
in 2006 and presented to President George Bush, who authorized the covert operation once he was shown it could actually succeed.
By May 2007, Iran had 1,700 centrifuges installed at Natanz that were enriching gas, with plans to double that number by summer.
But sometime before the summer of 2007, the Dutch mole was inside Natanz.
The first company the mole established had failed to get into Natanz -- there was a problem with the way the company was set up,
according to two of the sources, and "the Iranians were already suspicious," one explained.
The second company, however, got assistance from Israel. This time, the Dutch mole, who was an engineer by training, managed to
get inside Natanz by posing as a mechanic. His work didn't involve installing the centrifuges, but it got him where he needed to
be to collect configuration information about the systems there. He apparently returned to Natanz a few times over the course of
some months.
"[He] had to get in several times in order to collect essential information [that could be used to] update the virus accordingly,"
one of the sources told Yahoo News.
The sources didn't provide details about the information he collected, but Stuxnet was meant to be a precision attack that would
only unleash its sabotage if it found a very specific configuration of equipment and network conditions. Using the information the
mole provided, the attackers were able to update the code and provide some of that precision.
There is, in fact, evidence of updates to the code occurring during this period. According to the security firm Symantec, which
reverse-engineered Stuxnet after it was discovered, the attackers made updates to the code in May 2006 and again in February 2007,
just as Iran began installing the centrifuges at Natanz. But they made final changes to the code on Sept. 24, 2007, modifying
key functions that were needed to pull off the attack, and compiled the code on that date. Compiling code is the final stage before
launching it.
The code was designed to close exit valves on random numbers of centrifuges so that gas would go into them but couldn't get out.
This was intended to raise the pressure inside the centrifuges and cause damage over time and also waste gas.
This version of Stuxnet had just one way to spread -- via a USB flash drive. The Siemens control systems at Natanz were air-gapped,
meaning they weren't connected to the internet, so the attackers had to find a way to jump that gap to infect them. Engineers
at Natanz programmed the control systems with code loaded onto USB flash drives, so the mole either directly installed the code himself
by inserting a USB into the control systems or he infected the system of an engineer, who then unwittingly delivered Stuxnet when
he programmed the control systems using a USB stick.
Once that was accomplished, the mole didn't return to Natanz again, but the malware worked its sabotage throughout 2008. In
2009 the attackers decided to change tactics and launched a new version of the code in June that year and again in March and April
2010. This version, instead of closing valves on the centrifuges, varied the speed at which the centrifuges spun, alternatively speeding
them up to a level beyond which they were designed to spin and slowing them down. The aim was to both damage the centrifuges
and undermine the efficiency of the enrichment process. Notably, the attackers had also updated and compiled this version of the
attack code back on Sept. 24, 2007, when they had compiled the code for the first version -- suggesting that intelligence the Dutch
mole had provided in 2007 may have contributed to this version as well.
By the time this later version of the code was unleashed, however, the attackers had lost the inside access to Natanz that they
had enjoyed through the mole -- or perhaps they simply no longer needed it. They got this version of Stuxnet into Natanz by infecting
external targets who brought it into the plant. The targets were employees of five Iranian companies -- all of them contractors in
the business of installing industrial control systems in Natanz and other facilities in Iran -- who became unwitting couriers for
the digital weapon.
"It's amazing that we're still getting insights into the development process of Stuxnet [10 years after its discovery]," said
Liam O'Murchu, director of development for the Security Technology and Response division at Symantec. O'Murchu was one of three researchers
at the company who reversed the code after it was discovered. "It's interesting to see that they had the same strategy for [the first
version of Stuxnet] but that it was a more manual process. ... They needed to have someone on the ground whose life was at risk when
they were pulling off this operation."
O'Murchu thinks the change in tactics for the later version of Stuxnet may be a sign that the capabilities of the attackers improved
so that they no longer needed an inside mole.
"Maybe back in 2004 they didn't have the ability to do this in an automated way without having someone on the ground," he said.
"Whereas five years later they were able to pull off the entire attack without having an asset on the ground and putting someone
at risk."
But their later tactic had a different drawback. The attackers added multiple spreading mechanisms to this version of the
code to increase the likelihood that it would reach the target systems inside Natanz. This caused Stuxnet to spread wildly out of
control, first to other customers of the five contractors, and then to thousands of other machines around the world, leading to Stuxnet's
discovery and public exposure in June 2010.
Months after Stuxnet's discovery, a
website in Israel indicated
that Iran had arrested and possibly executed several workers at Natanz under the belief that they helped get the malware onto systems
at the plant. Two of the intelligence sources who spoke with Yahoo News indicated that there indeed had been loss of life over the
Stuxnet program, but didn't say whether this included the Dutch mole.
While Stuxnet didn't significantly set back the Iranian program -- due to its premature discovery -- it did help buy time for
diplomacy and sanctions to bring Iran to the negotiating table. Stuxnet also changed the nature of warfare and launched a digital
arms race. It led other countries, including Iran, to see the value in using offensive cyber operations to achieve political aims
-- a consequence the U.S. has been dealing with ever since.
Gen. Michael Hayden, former head of the CIA and the NSA, acknowledged its groundbreaking nature when he likened the Stuxnet
operation to the atomic bombs dropped on Hiroshima and Nagasaki. "I don't want to pretend it's the same effect," he said, "but in
one sense at least, it's August 1945."
Operation Ajax seem to be forgotten by the West, but well remembered, by the Iranian folks. Gary
"The now famous covert operation known as "Olympic Games" was designed not to destroy Iran's nuclear program outright but
to set it back for a while to buy time for sanctions and diplomacy to take effect."
REALITY CHECK 2 hours ago
General Michael Hayden (ex CIA and NSA head) "In other words, there were many of us in government who thought the purpose of
the [Israeli threatened air] raid wasn't to destroy the Iranian nuclear system but the purpose of the raid was to put us at war
with Iran." -in "Zero Days" 2016 documentary about the Stuxnet attack on Iran
From the 'Zero days' documentary on Stuxnet: "Inside the ROC (NSA Remote Operations Center] we were furious. The Israelis took
our code for the [Stuxnet] delivery system and changed it. Then, on their own, without our agreement they just ****ing launched
it. 2010, around the same time they started killing Iranian scientists, [unintelligble] ****ed up the code, Instead of hiding,
the code started shutting down computers, so naturally people noticed. Because they [Israel] were in a hurry, they opened Pandora's
Box. They let it out, and it spread all over the world. ... The problem was that the Israelis, Unit 8200, were always pushing
us to be more aggressive ----
Our "friends" in Israel took a weapon that we jointly developed, in part to keep Israel from doing something crazy, and then
used it on their own in a way that blew the cover of the operation and could have led to war. And we can't talk about that?" But
my concern, and the reason I'm talking, is because when you shut down a country's power grid, it doesn't just pop back up. It's
more like Humpty Dumpty. and if all the King's men can't turn the lights back on, or filter the water for weeks, then lots of
people die. And something we can do to others, they can do too. Is that something we should keep quiet? Or should we talk about
it? ---- R
REALITY CHECK 1 hour ago
@potz.. Nice try at the diversion. In fact it's already well known that the "jewish state" funds your internet propaganda operations.
In fact I'll give readers a little insight to your operation. Ever wondered why Mid East comments are so overwhelmingly anti-Muslim,
anti-Iran, anti-Palestinians and pro-israel? A new propaganda app sponsored by the Israeli Strategic Affairs Ministry for israel's
thousands of internet trolls, Act.il : "A new app 'arms' thousands of motivated civilians worldwide, defending Israel's image
online" ... ... ..
"We had about 1,000 volunteers, most of them students from the IDC, who created pro- Israel PR content in 35 different languages,
reaching some 40 million web users."... we started working from the operations room on a regular basis. We had a database of
student volunteers from dozens of countries, and it became more and more organized. We started setting up departments: One
department created pro-Israeli marketing content, another department found and marked online articles that required our attention,
and a third department dealt with finding and reporting pages that incite against Israel."...
Within only two weeks, it was downloaded by over 6,000 people in 27 countries around the world ... "In the months before
the app's launch, we ran it a pilot among a group of some 800 students, most of them Americans,"...
During the pilot period, we were able to remove 2-5 inciting pages or videos every week. We re working with the IDF [Israeli
Defense Forces] and the Shin Bet [Israeli version of theFBI], who are giving us information on such inciting content, and even
they couldn't keep uswith how fast we were getting things removed."
"Companies, such as Facebook, remove content following reports from the community," Ben-Yosefexplains. "If there is only
one person reporting it, he usually gets told by Facebook the content doesn't meet the criteria for removal. If300 report it-the
content is removed immediately. As soon as content inciting against "Companies, such as Facebook, remove content following
reports from the community," Ben-Yosefexplains. "If there is only one person reporting it, he usually gets told by Facebook
the content doesn't meet the criteria for removal. If300 report it-the content is removed immediately. As soon as content inciting
against Israel is posted online, we send a message through the app and all of its subscribers immediately report it." ...
"Students from the University of California (UC), where there are a lot of anti-Israel activists, came to us for help,"
Briga says. "We organized a joint campaign, in which we opened Skype chats at the IDC and at UC campuses and we let random
students just sit down and have a conversation with someone from here [Israel].
People need to research just how much the Zionist jew state skrewed the U.S. and the world with this Stuxnet, and many OTHER
computer viruses.
Unit 8200 is a cyber terrorist training facility just outside Jerusalem. https://www.forbes.com/sites/startupnationcentral/2018/05/28/rise-of-computer-vision-brings-
obscure-israeli-intelligence-unit-into-spotlight/#7530b9743c19
The accelerating shift toward technologies like autonomous driving, satellite navigation, image recognition, and augmented
and virtual reality, are bringing to the fore Israeli intelligence unit 9900, whose grads are starting to make a name for The
accelerating shift toward technologies like autonomous driving, satellite navigation, image recognition, and augmented and virtual
reality, are bringing to the fore Israeli intelligence unit 9900, whose grads are starting to make a name for them
www.forbes.com
korok malfesio, 2 hours ago
If the CIA, Mossad, and AIVD have refused to comment on the veracity of this story, where did the information come from, and
how did the reporters verify the story? The Dutch mole, who was actually an Iranian citizen, is a possibility, but another insider
is needed for confirmation. This cyber sortie has more leaks in it than the Titanic.
Could it be that the story itself has been planted by intelligence operatives? Well, yeah. Okay. Now we have a story with
a potential epiphany.
rod, 8 hours ago
A little bit of disinformation here on this story. The article refers to "enrich its first batch of uranium hexaflouride gas"
This is incorrect. You can not enrich Hexaflouride gas. You can however, use a radioactive gas such as Irridium gas,
or any other gas that is radioactive in nature such as xenon gas which will bind to the raw uranium molecule and make it bigger.
Therefor allowing the refinement process to become more efficient. This is why Baghdad calls their bahgatrons, an improvement
from a traditional centerfuge.
Also, I remember how the U.S. infiltrated the Iraq military command by installing special chips inside printers to get into
their command and control systems. Not much was talked about in this article about the torture of the people who were suspected
of being #$%$. sympathizer.
NativeRedemption, yesterday
The assassination of civilian scientists fall under the same umbrella but as a crime of murder. The malware move does not
bother me but could have caused the release of toxic radiation throughout the world. Killing civilians is wrong.
True Blue, yesterday
Former Ohio Congressman James Traficant ~ "Israel Owns the Congress and the Senate" ...
ChrisP.Bacon, yesterday
We had an agreement that stopped Iranian development of Nukes. It was verified by international inspectors that Iran was and
is living up to the agreement. America didn't live up to their end of the bargain. Because Trump walked away from the agreement
after America gave their word, now Iran has been given a green light to restart their program courtesy of Donald Trump.
True Blue, yesterday
AIPAC is an organization holding our elected government officials hostage to their foreign policy directives ! Before Israel
we had no enemies in the Middle East... fact !
Ryan, yesterday
Just sayin...It was a combination of the CIA, Mossad, Meyer Lansky, and Israel that killed JFK, Israel wanted nuclear weapons,
Kennedy would have none of it. Lansky wanted his properties back that Castro nationalized when he took over Cuba, and the Jewish
James 'Jesus' Angleton was an Israeli 'mole' who rose to be the 3rd ranked member of the CIA. The book 'Finale Judgement' lays
out all the connections extremely well, there's no doubt than David Ben Gurion and Israel were a part of the scheme to take out
an American president...
Ally M, yesterday
ALL my Congressmen and ALL my Senators have ASSURED me that they will make certain that America provides Israel with all the
Military Intelligence and Military equipment that they should require not only to Defend themselves, but to ensure that they will
Defeat their enemies in any major conflict.
Thank you to ALL our C.I.A. and Military Intelligence officials in Iraq, Syria, Lebanon, Egypt, Qatar, and, yes, Iran who are
providing our Israel friends with Real-time Intelligence information!
AliMD, 18 hours ago
Interesting how Israel planted a virus to help "not to destroy Iran's nuclear program outright but to set it back for a
while to buy time for sanctions and diplomacy to take effect." And now Israel is so adamant in trying to derail it.
vani, 9 hours ago
Lot's of misinformation out there about Iran and Nuclear power, they have never tried to put a nuke BOMB together. They
may not like Israel but they have never threatened them with Nukes either.
Israel has provoked so many neighbors, their troubles are on them. They are bullies in the region and the world protects
them even when they mistreat and attack others. They always claim they are going after enemies who are plotting against them,
but the truth is they are stealing more land.
The Mossad is spying on US citizens, they are as bad as Russia on interfering with our sovereign rights to fair elections,
and a threat to our constitutional rights.
Mike, 4 hours ago
We're supposed to believe these sources? This piece is typical of the Huff who makes up sensational conspiracies, revelations,
showing them as be a or facts. Laughable
idiocracynowi, yesterday
As always, if we turn the situation around, the major news media would be screaming bloody murder and calling for war with
Iran.
This hypocrisy by the American media has been going on since the early 1900s, and is the reason America gets into so many unnecessary
wars. One of the top American generals, Smedley Butler, was correct when he called war nothing but a racket.
Mark Paris, yesterday
"While Stuxnet didn't significantly set back the Iranian program - due to its premature discovery - it did help buy time
for diplomacy and sanctions to bring Iran to the negotiating table." - Or they have to say that since there has been loss of
innocent lives as they say, themselves. - _
"Stuxnet also changed the nature of warfare and launched a digital arms race. It led other countries, including Iran, to
see the value in using offensive cyber operations to achieve political aims - a consequence the U.S. has been dealing with
ever since."
Otherwise, to help Israel achieve its demented goal, Stuxnet, ultimately, has come back to bite the US in the >ssa<. Good
going morons. How to teach the enemy defeat you in your own game.
Kate, yesterday
What comes around, often goes around...
Everyman, 21 hours ago
Operation Talpiot is the back door data pipeline from your computer/cell phone to Israel. Everything you communicate electronically
is stored and analyzed by Israel...
sam spade, 17 hours ago
So this why you stay in the nuclear deal. They know we did it. They signed the deal anyway. They have no reason to trust us,
yet they signed the deal. Can we get back into the deal?
TommyGun, 22 hours ago
This is a nice story-cloak and dagger and all that. Why would anyone want to expose this? ..and endanger the lives of those
involved as there will always be retributions.
Eli, yesterday
Israel will always have people around the world willing to help because if you believe in God and the Bible then helping Israel
is an easy decision against the evil Ishmaelite's. God will forever protect Israel against her enemies those who want to destroy
Israel are on a collision with God, just look at all the countries who hate Israel, they are the worse human rights countries
on the planet, no mans land.
Loyal Tribune, 15 hours ago
Stuxnet haven't had much affect on Iranian side. I read, they through out all infected centrifuges and replaced with brand
new ones in matter of a news weeks. although to them it was like nothing important happened, but a few life are gone for not much
to gain.
IrishAmericanPsycho, 7 hours ago
Yet, as a signatory to the NNPT, Iran has every right to pursue nuclear energy, for civilian purposes.
Meanwhile, India, Pakistan and Israel couldn't legally sign the NNPT, as they refused to divulge how many nukes they had....YET
THE US SHARED NUCLEAR TECH with those countries anyway.....
Censored, 11 hours ago
US and Israel have tried everything to topple Iran: malware terrorism, sanctions, oil embargo, supporting Wahhabi terrorists,
financial terrorism, economic war, sanctioning any country who does business with Iran, disinformation, sabotage, threats, disallowing
Red Cross to help flood victims, pirating... yet, Iran stands tall and grows. The only reason they didn't attack Iran is simple:
they can't.
American, yesterday
Famous act of war. Imagine if Iran had done this? Amazing how restrained the Iranians have been in the face of all the attacks.
anatoly, 16 hours ago
betcha stuff like this is still going on!
P KP K, 4 hours ago
Stuxnet was working fine until Israel decided without US knowledge to increase the effects of the virus and it was caught by
the Iranians. Then it was subsequently used by the Iranians on attacks against Saudi and the US.
Funny how that part of the story was left out
Shekel_Trader, 4 hours ago
If the US had put in half the effort back in the '60's to stop Israel's illicit nuke program, as they did with Stuxnet, we'd
all be a much happier and healthier society today, without Israel threatening its neighbors with one hand while waving the "Sampson
option" in the other.
-S/T
Alex, 17 hours ago
This article glorifies the typical USA interference in other countries affairs, the hate and mistrust toward the USA is
100% founded, that country through out its history has shown his neighbors and the the rest of the world that they are friends
of no one and always try to undermine other nations.
They practically exterminated the native Americans, stole half of Mexico, sponsored coups all over the world, promoted
wars and became the biggest producer of arms. All historical facts that no one can denied, and so much more, karma will eventually
catch up with the USA, is already starting
Tony, 22 hours ago
Another propaganda by YAHOO. Nothing about the 6 billion Obama gave them ??? What do you thing that money went towards.
Yahoo should be investigated for treason.
Collapsing Society, 20 hours ago
Fact: Iran has not attacked any country since the year 1798. Why does the West so bent on bringing Iran down? Answer:
https://youtu.be/HP7L8bw5QF4
rene, yesterday
If Eisenhower hadn't overthrew Iran's government and put our puppet, the Shah, in its place, and if Reagan hadn't shot down
an Iranian civilian jet killing 250 people they'd still be our ally.
William, 23 hours ago
Now that the details are coming out, it doesn't sound like it was a terribly effective operation.
Antiestablishmentarian, 2 hours ago
The Neocons (and NeoLiberals) opened Pandora's box when they came up with the plan to destabilize the Middle East. Instead
they destabilized our planet..
----------10 hours ago
This is a fictitious article. Another fake news from liberal Yahoo-Verizon. It's purpose is to falsely attack President Trump
as someone who has permanently damaged relations with all of our allies. Complete lie.
Did you know the UK and Australia worked with Clapper and Brennan to spy on Trump and his campaign team? Trump is
weeding out all the bad leaders of the world who supported the terrorist state called Iran and threatened his Presidency with
a silent coup. Those people are not allies, they are the Obama era monsters. Yahoo-Verizon liberals want Iran to have nuclear
weapons to destroy the planet. Liberals cry over plastic in the ocean, yet support the most destructive device on earth being
sold to violent, homosexual murdering, muslim terrorists?
Everyman, 21 hours ago
Zionist are finally losing their propaganda war little by little. American people are fed up. In Dickenson Texas,
if you need Federal relief assistance after Hurricane Harvey, you have to sign an unconditional pledge to support Israel. Will
Floridians who slaves or destroyed by Hurricane Dorian be forced to do the same? Will we have to sign an unconditional oath to
support Israel or be refused Federal disaster relief funds?
You're free to be a Zionist if you wish. The rest of us are free to criticize those beliefs. If you wish to push those beliefs
into the public domain and include them in political discourse, they WILL be criticized harshly, rightly so.
Ruban, 18 hours ago
If Russians or Chines has done something like this then, western media would whine for months and call for new sanctions against
them
Can anyone read this article, and NOT understand that the Zionist faction CONTROLS America? And that this incident is just
more proof of it?
Rob, yesterday
So all the fuss about "Russian hacking" was crocodile tears western propaganda.
Sheri, yesterday
And when they repay in kind, don't scream terrorism.
Brook, 13 hours ago
No one wants to mention that the coup was pulled off during the Bush administration.
Jax,15 hours ago
The Stuxnet operation transferred malware technology from Israel to Iran and Russia. This is the unintended consequence. Now
Iran can update the malware and distribute it to attack targets anywhere.
Wallstreet, 6 hours ago
The success of this virus attack spurred on a gold rush for Israel. They now get extra billions per year in funding from USA
to keep developing their security software activities which turned commercial and now allows spying around the world. Israel now
has access to most of the world's governments secrets and is turning that access into gold.
SamS, 22 hours ago
I am truly glad that its only patriotic defense, when we use our computers and hackers to hack into things in Iran, China or
NK and not espionage hacking, as when they do the same exact thing, in reverse!
bez22, yesterday
NSA designed... June 24, 2012, as Big Sleep day for the infamous malware. On that day, it stopped replicating. Its more like
neutered, rather than dead," Eric Byres, CTO and vp for engineering at Tofino Security, told TechNewsWorld.
"The 6/24 date stops it from replicating, but if it has infected your uranium centrifuge, it will still be doing its destructive
work in the PLCs & the drive controllers.
"Stuxnet was pretty much dead as a spreading worm a month after it was discovered," he added. "Every antivirus company
worth its salt had Stuxnet detection signatures out quickly. It was a worm designed to never be found in the 1st place. Once it
was uncovered, it was defenseless."
Susie, 11 hours ago
Dutch pirates continue to work at the destruction of other nations. The Dutch East India company created the skull and cross
bones flag for its' vessels. That flag soon meant violent pirate ship and continues today as the same warning.
Will, 22 hours ago
Thankfully the Apartheid government of Israel with their "Samson Option" is on our side. They held back information about the
impending 9/11 attacks (then celebrated afterwards and were arrested) then gave us false intelligence about Iraq having WMDs.
But yes they are our closest allies and we should continue giving them billions in cash and openly allow their spies into top
secret facilities.
John, yesterday
Israel has an arsenal of nuclear weapons estimated at 200 to 300 war heads. Yet Israel has refused to sign the Nuclear Non
Proliferation Treaty or the Chemical Weapons Conventions. And the US says NOTHING about that.
Rudolph, 16 hours ago
If you Turn the Tables and If Iran does the same thing to Israel,why is that considered "Terrorism" ? Because they OWN the
media?
opaw, 10 hours ago
we should allow every nation to develop their own nuclear programs in the spirit of competition, deterrence and mutually assured
destruction. nobody has the right to say that "you can't have nuclear weapons you are not democracy." the moment that you lay
your hands on nukes you already lost the moral decency. plus the more the merrier.
dan, 6 hours ago
The worlds greatest hack of all time is Israeli agents steeling US Nuclear secrets and developing a vast nuclear arsenal. Once
the hack was found, Israeli influences dramatically changed to that of soft hacking of the US congress and all other political
branches. The greatest 'check and mate'!
Singl, 6 hours ago
So, this secret operation took place from 2004 thru 2015 initiated by the Netherlands and Germany, with an assist from France.....under
the ObAMA administration (who also went along with it) .
So Iran development was stalled ...so the agreement could be hammered out.
But it was an OBAMA admin agreement...so it HAD TO be destroyed by the Trump administration.... a crisis created ,...so that
the TRUMP administration could,-- one way or another -- "resolve" , the crisis. SICK. This man Trump,...is SICK....and MUST be
removed.
MatthewL, yesterday
How is this story any more than gossip with international security ramifications?
Juan, 4 hours ago
Great! We just put a target on the back of every Dutch in a Muslim nation. Sounds to me like payback for not wanting to join
the current Israel/US effort against Iran.
ccc, 22 minutes ago
And when other nations attack us using cyber We claim it's a declaration of war
Anonymous, yesterday
Wondering what these other countries are doing to us and we dont know?
HC, 7 hours ago
About the last successful thing the CIA's ever done in Iran.
JASON, 6 hours ago
I remember when my parents told me to mind my own business. It seems like the U.S. and Israeli government can't mind their
own business. It seems like they are the problem for world peace.
So Dutch government participated is Stuxnet and MH17 false flag operation. Nice...
Notable quotes:
"... The first-of-its-kind virus, designed to sabotage Iran's nuclear program, effectively launched the era of digital warfare and was unleashed some time in 2007, after Iran began installing its first batch of centrifuges at a controversial enrichment plant near the village of Natanz. ..."
"... The courier behind that intrusion, whose existence and role has not been previously reported, was an inside mole recruited by Dutch intelligence agents at the behest of the CIA and the Israeli intelligence agency, the Mossad, according to sources who spoke with Yahoo News ..."
@Lot Iran is also
involving into Israel-India relationship. Netanyhooo has cancelled his visit just 2 weeks
before the election – Haaretz.
And now we don't hear much about terrorism on Europe soil but bit by bit we hear the
terrorism committed by Dutch Norwegian Danish against Iran . Justice ? It will arrive one day
. Dutch will be supposed so will be the numerous pundits . Why Dutch? Yes that question will
find its answer "why Afghanistan ?" after 911.
"Revealed: How a secret Dutch mole aided the U.S.-Israeli Stuxnet cyberattack on Iran
--
For years, an enduring mystery has surrounded the Stuxnet virus attack that targeted Iran's
nuclear program: How did the U.S. and Israel get their malware onto computer systems at the
highly secured uranium-enrichment plant?
The first-of-its-kind virus, designed to sabotage Iran's nuclear program, effectively
launched the era of digital warfare and was unleashed some time in 2007, after Iran began
installing its first batch of centrifuges at a controversial enrichment plant near the
village of Natanz.
The courier behind that intrusion, whose existence and role has not been previously reported,
was an inside mole recruited by Dutch intelligence agents at the behest of the CIA and the
Israeli intelligence agency, the Mossad, according to sources who spoke with Yahoo News."
How to Flash/burn an OS Image with Etcher on Ubuntu Etcher, now named balenaEtcher,
is a free and open-source application used for burning ISO and IMG files, and also zipped
folders to USB drives and SD cards. This tool is available for Linux, Windows and macOS and
that too with the same UI so that you get the same user experience everywhere. So, whenever you
want to burn a flash drive or even a microSD card, you can rely on Etcher as your go-to tool.
We have tried to explain a step-by-step process for installing and using Etcher so that the USB
burning/flashing process becomes even simpler for you. We are taking the Ubuntu 18.04 LTS ISO
file as an example, downloaded from the Internet, to describe the entire process for you.
We have run the commands and procedures mentioned in this article on a Ubuntu 18.04 LTS
system.
Please follow these steps in order to easily write an ISO image to a flash/USB
drive:
Step 1: Download the Etcher .zip file
The Etcher download package is available on the official Balena website at this link:
The CPU op-mode(s) entry tells you about the flavor of Ubuntu you are running on your
system; 32-bit means you are running a 32-bit Linux OS, 32-bit, 64-bit signifies that you are
running a 64-bit OS.
Since mine is a 64-bit system, I will click on the 'Download for Linux x64' link. The
following dialog will display:
Select the Save File option and then click OK. The .zip package will be saved to your
Downloads folder.
Step 2: Extract AppImage from the downloaded .zip file
The Etcher package that we just downloaded is in .zip format. We now need to extract the
AppImage file so that we can install and use the software.
Open your Ubuntu command line, the Terminal, either through the Ubuntu Application Launcher
search or by using the Ctrl+Alt+t shortcut.
Then, use the following unzip command to extract the AppImage file to your current(home)
folder from the Downloads folder:
Use the ls command to verify that the AppImage file is now located in your current
directory.
Step 3: Run the Etcher AppImage
You can now easily run Etcher by executing its AppImage. You can do so through the following
command:
$ ./balenaEtcher-1.5.47-x64.AppImage
This will open the Etcher application in the following view:
Note: Whenever you want to uninstall Etcher from your system, simply delete this AppImage.
You do not need to run any other download procedures with AppImages.
Step 4: Flashing an
ISO file
Click on the Select image button; this lets you browse to the ISO image you want to select
for writing. I have selected Ubuntu 18.04 ISO image downloaded from the official Ubuntu
website.
Now you will see the Select target button highlighted. Insert a USB drive; if a single
device is connected to your system, you will see it selected as follows:
Otherwise, you will be given an option to select from the available devices. You will then
see the Flash button highlighted. Click on it so that Etcher starts to write the ISO file on
the USB. You will also be presented with an Authentication dialog as only an authorized user
can Flash a USB.
The writing process will start and you will be able to see a progress bar as follows:
On successful completion of image writing, you will be able to see the following view:
Close the window and your process is complete!
This is how you can make use of this efficient flashing tool to write OS images on your USB
and also microSD cards. The process is pretty much the same when writing images on an SD
card.
Ransomware can be fatal for badly managed IT infrastructure, such as often is found in school, hospitals and even medium size
manufacturing companies. Often there are not enough firewalled segments and there is not distinction in the access of vital data
and semi-useless employees generated files.
BTW Microsoft offers some level of ransomware protection with its Microsoft Drive.
This interesting discussion which points out like like infections in nature, ransomware typically successfully attack badly
managed (or completely screwed up) IT systems. But why NSA does not catch such guys almost instantly is beyond me. Payment
can be traced by NSA for sure and that a death sentence for malware authors.
Notable quotes:
"... Earlier today, some residents of Johannesburg have been left without electricity after a ransomware infection. ..."
"... If something a student clicks can fuck your whole network, you have bigger problems ..."
"... It has impacted three school districts as in every school in each district, so clearly this is a high level admin security failure and not something happening at school level. At least one benefit, find what is common with those three districts and you are on the path to tracking the insider who did it ..."
"... Can confirm. Myself and my 2 best friends in high school where the admins for my junior and senior year. Dunno who got the job when we graduated. ..."
The ransomware
infections took place this week and have impacted the school districts of three North Louisiana
parishes -- Sabine, Morehouse, and Ouachita. IT networks are down at all three school
districts, and files have been encrypted and are inaccessible, local media outlets are
reporting. By signing the Emergency Declaration, the Louisiana governor is making available
state resources to impacted schools. This includes assistance from cybersecurity experts from
the Louisiana National Guard, Louisiana State Police, the Office of Technology Services, the
Governor's Office of Homeland Security and Emergency Preparedness (GOHSEP), and others.
State
officials hope that additional IT expertise will speed up the recovery process so schools can
resume their activity and preparations for the upcoming school year.
Earlier today, some
residents of Johannesburg have been
left without electricity after a ransomware infection.
Uh, once a student clicks on the wrong .exe it's too late to unplug
anything.
If something a student clicks can fuck your whole network, you have bigger problems.
Ocker3 ( 1232550 ) on Thursday July 25, 2019 @11:27PM (#58988772)
Re:State of emergency? (Score:2)
Does the student also have admin rights on the server?
When you're getting attacked by serious teams who know what they're doing, sometimes smaller enterprises just don't have
the resources to fight back, only shut down and restore everything from backups (which hopefully aren't also compromised).
With BYOx being So common, the amount of hostile traffic coming from authenticated users Inside your network is a huge
PITA.
rtb61 ( 674572 ) on Friday July 26, 2019 @03:19AM (#58989406) Homepage
Re:State of emergency? (Score:2)
It has impacted three school districts as in every school in each district, so clearly this is a high level admin
security failure and not something happening at school level. At least one benefit, find what is common with those three
districts and you are on the path to tracking the insider who did it, although it is likely they did not attack every
school district they could for the same reason, similarly figuring out which school districts they could have attacked and
didn't will likely help point the finger.
Re:High School IT (Score:2)
by drinkypoo ( 153816 ) <[email protected]> on Friday July 26, 2019 @09:06AM (#58990296) Homepage Journal
High schools won't trust students with that kind of access, and colleges don't need to, since tuition is high enough these
days to hire IT staff.
Re:High School IT (Score:1)
by plloi ( 1055946 ) on Friday July 26, 2019 @09:57AM (#58990628)
Can confirm. Myself and my 2 best friends in high school where the admins for my junior and senior year. Dunno who got
the job when we graduated.
all the admin machines should be vms with snapshots. that way if this happens you can
quickly restore. but public schools never have a good setup and normally stock unpatched end
of life windows.
Substandard employees that they hire. They will blame IT first. Ideally their IT should
have proper backups that are air gaped at some part of the process. But ultimately these
things happen because clueless employees allow it to happen.
Heavens! Are you saying that getting the cheapest contractors they can find isn't the best
financial decision they could have made? But those nice MBAs assured them that running things
like a cutthroat corporation was the best way!
Heavens no. For instance I know of a city municipality that has the wan side of their
internet merged with the lan side of their network. potentially exposing their whole
infrastructure. I know and I told them but they would rather trust the guy who did the wiring
to know more about networking than the guy who configured their fiber circuit. I'm sure that
when they get their asses hacked again they will try to cast the net wide looking for anyone
other than themselves to blame. That is why I fired off
Well, the MBA morons think that one unit of "employee xyz" is of course exactly the same
as another one. Hence getting the cheapest ones does make sense to them. It is a sure recipe
for an eventual collapse, of course.
You can't blame the substandard and clueless employees. You can blame the people who
decided to hire substandard and clueless people. Responsability goes from top to bottom. Not
the other way around.
So why did they hire substandard people? Because of money. And why did they not have more
money? Because people elected those who lowered taxes or apointed them elsewhere.
So who do we blame? The shareholders, or the voters in this case.
What kills me about the low-tax, free market crowd is that they don't seem to be able to
link these ideas together. If you want competent teachers and other school staff, you need to
pay enough that competent people want to do that job.
Starting salary around here for a teacher who has to have a bachelor's degree at minimum,
with a master's preferred is mid-$50k. For someone with a BA in English, that's not bad. But
how do you get someone with a MS in a STEM field for that sort of money, when they could, at
minimum, be making 50% more in the private sector, and likely close to double that, depending
on their field. And that's not even considering that the work environment sucks.
While only working about 190 days a year seems like a nice benefit, the flip side is that
you get no vacations during the school year other than the ones scheduled for the kids. That
makes things like going to a wedding or joining a family vacation pretty much impossible if
it falls during the school year.
And it used to be that teachers got the summers largely off, but now a good portion of
states are requiring continuing education to retain your license, which means going back to
school during your "summer off". And every time the standards or state curriculum change,
teachers get to re-do their lesson plans. Unpaid, during the summer.
And IT? No break for them. Summer is when you refresh all the machines, update the
network, get rid of the old stuff that students broke and set up all the new stuff. Likely in
a steaming hot school with no AC, or if it has AC, with the thermostat set at 80 to save
money since "nobody is there during the summer".
If you want competent people to work in these conditions, you need to pay them
appropriately. If you need to pay them more, you need money to do that. And that money comes
from taxes, or from finding other things to cut spending on. Of course, we'd never consider
violating the sanctity of the football program, so the $2m we're going to spend refreshing
the turf and bleachers can't be put to better use....
For years, malware was used for things like nabbing credit card numbers and selling them
on the black market, or for sending spam emails. Deleting files and defacing web sites was
good for the lulz, but nobody made money off that. But two concepts changed all that:
Ransomware + Cryptocurrency. Now, ransoming files is safe AND profitable! Expect to see more
and more of this.
Ransomware is really kinda genius when you think of it as a business model. The hacker
steals the files - but does not need to store the files themselves! The files are still on
the victim's own hard drives! So the hacker does not need to pay for storage, rent a server,
or pay for bandwidth. It's akin to sneaking into a bank and instead of stealing the money,
you just change the combination on the vank vault so they can't get in. The money is still in
their own vault, just inaccessible!
Cryptocurrency has made it possible to transfer money with no physical presence, and no
presence in any "legitimate" managed institution. Yes, it's still a visible transaction, but
there's nobody's name and address and tax ID number assigned to the account.
It seems to me this will re-invigorate the hacking community, and everyone needs to become
hyper vigilant. 5 years ago we could say "meh, nobody will hack me" and we were 99.9% right.
And if they did, you just had to get a new credit card number or phone number or something.
Now, the threat is losing everything.
I work in a school. Chromebooks and iPads are certainly used a lot in education - but the
bread-and-butter of school IT, in every school, is Windows. On desktops, or on laptops. It
really has to be - the ICT classes need it because their course materials and exam standards
expect it. Plus we like Active Directory - there's nothing so easily administered for
managing large numbers of desktops on other operating systems.
Plus we like Active Directory - there's nothing so easily administered for managing
large numbers of desktops on other operating systems.
The thing with centralised administration is that if compromised, it becomes centralised
compromise and allows the ransomware (or whatever else) to infect every machine
simultaneously.
Active directory is not very secure by default, and is extremely complex... Actually keeping
it secure is extremely difficult and expensive, requiring significant investment, highly
skilled staff and quite a lot of inconvenience for users.
Active directory is far from easy if you actually want it to be secure, if you want it to
be easy then it also becomes easy to compromise and significantly increases the damage from a
ransomware infection.
Active Directory is easy to secure if you aren't stupid. Don't expose it directly to the
internet and firewall off all non essential ports.
And Centralized data stores are easy to restore if compromised. Just use your
offsite/offline/warm backup/restore plan. You test that regularly, offline, with false hw
date clocks, so even if there is a timebonb strawman to worry about, you've git it
covered.
And apparently no backups and no Business Continuity Management.
IT is not cheap. It is just cheaper than doing it in the traditional ways. If you try to
do it on the cheap, it can get very expensive though, and that is why you do not if you have
a clue.
What does Democratic Governor John Bel Edwards have to do with low taxes? Louisiana spends
$11K/student, about the same as California, which is pretty damn high for a State with such a
low cost of living in comparison.
Or just block people from opening certain files and restrict them from only being able to
do the basic stuff. Also this should be a heads up to people. HAVE BACKUPS! I don't
understand how any enterprise can overlook this. Yeah it's expensive, but what's cheaper?
Maintaining that, or being locked out of your data for a while/forever or having to pay a
ransom that would've cost the same if not more?
An
anonymous reader quotes ZDNet: On the three-year anniversary of the No More Ransom project,
Europol announced today that users who downloaded and decrypted files using free tools made
available through the No More Ransom portal have
prevented ransomware gangs from making profits estimated at at least $108 million ...
However, an Emsisoft spokesperson told ZDNet that the $108 million estimate that Europol shared
today is "actually a huge underestimate. They're based on the number of successful decryptions
confirmed by telemetry -- in other words, when the tools phone home to confirm they've done
their job," Emsisoft told ZDNet... Just the free decryption tools for the GandCrab ransomware
alone offered on the No More Ransom website have prevented ransom payments of nearly $50
million alone, Europol said.
The project, which launched in July 2016, now hosts 82 tools that can be used to decrypt
109 different types of ransomware. Most of these have been created and shared by antivirus
makers like Emsisoft, Avast, and Bitdefender, and others; national police agencies; CERTs; or
online communities like Bleeping Computer. By far the most proficient member has been antivirus
maker Emsisoft, which released 32 decryption tools for 32 different ransomware strains... All
in all, Europol said that more than three million users visited the site and more than 200,000
users downloaded tools from the No More Ransom portal since its launch.
One Emisoft researcher said they were "pretty proud" of their decryptor for MegaLocker, "as not
only did it help thousands of victims, but it really riled up the malware author."
"... a) detected the DNC server hack, but failed to stop it b) falsely accused the Russians of hacking Ukrainian artillery c) failed to prevent the NRCC from being hacked, even though that was why they were hired ..."
"... In other words, Crowdstrike is really bad at their job. In addition, Crowdstrike is really bad at business too. CrowdStrike recorded a net loss last year of $140 million on revenue of $249.8 million, and negative free cash flow of roughly $59 million. ..."
a) detected the DNC server hack, but failed to stop it
b) falsely
accused the Russians of hacking Ukrainian artillery
c) failed to prevent the NRCC from being hacked, even though that was why they were
hired
In other words, Crowdstrike is really bad at their job. In addition, Crowdstrike is
really bad at business
too. CrowdStrike recorded a net loss last year of $140 million on revenue of $249.8 million,
and negative free cash flow of roughly $59 million.
So what does a cybersecurity company that is hemorrhaging money and can't protect it's
clients do? It does an IPO
.
It just goes to show that "getting it right" is not the same thing as "doing a good job." If
you tell the right people what they want to hear, the money will take care of itself.
It just goes to show that "getting it right" is not the same thing as "doing a good
job."
If you tell the right people what they want to hear, the money will take care of
itself.
It's all about making the people at the top feel smart for having hired you and assuring
them they don't need to waste their beautiful minds trying to understand what it is you do.
Whoops, you got hacked? Gee, nothing we could have done. More money please!
Iran purged Microsoft Windows OS from military uses years ago, so Stuxnet style attacks
are no longer possible. Stuxnet itself was only possible because the manufacturer provided
the CIA with a backdoor to the operating system. Prior to 2010 Iran was in the top 10
countries from which patches to the Linux kernel came from, but that has dropped to 0% since
then. Though I do not know this for a fact, this suggests that Iran forked Linux in 2010 and
has been encouraging domestic development of that operating system.
What does this have to do with claims that the US launched a cyber attack on Iran? It
means that any American cyber attack on Iran almost certainly failed 100%.
America's misnamed "intelligence" agencies are spoiled by having easy access to
targets' communications through built-in back doors and vulnerabilities that American
industry build into their products. Despite appearances, US "intelligence" agencies
are not very good at real hacking. In fact, they suck badly at it. If Microsoft, Cisco,
Google or Apple don't provide them access to the products that they sell, then the CIA is
sh!t out of luck (which is why they hate Huawei, by the way). Since Iran no longer uses
Microsoft Windows in any critical functions, and instead uses a version of Linux that has
diverged from the ones that the West uses for almost a decade, the chances that the CIA or
Pentagram's Visual Basic script kiddies could hack them effectively drops to 0%.
@WHAT
The point is not to stop them entirely, but to delay and disrupt their ambitious programs.
The infamous Stuxnet cyberweapon did not destroy more than a fifth of Iran's nuclear
centrifuges, but that does not mean it was not a real success for Israel/America's campaign
against the Iranian nuclear program.
...I suspect that for
both of those, when they hit, you need to resolve things quickly and efficiently, with panic
being the worst enemy.
Panic in my experience stems from a number of things here, but two crucial ones are:
– input overload
– not knowing what to do, or learned actions not having any effect
Both of them can be, to a very large extent, overcome with training, training, and more
training (of actually practising the emergency situation, not just reading about it and
filling questionairres).
The U.S. military's love affair with bug bounty programs continues.
The second iteration of "Hack the Air Force" in December paid out $103,883 in bounties
to freelance hackers for 106 vulnerabilities found over a 20-day period. The highest bounty
was $12,500, the largest paid by the U.S. government to date.
The Air Force's first bug bounty program launched in April 2017 following similar
efforts like Hack the Pentagon and Hack the Army in 2016. In total, more than 3,000
vulnerabilities have been found in federal government systems since the programs began.
The bug bounty platform HackerOne, a private company, continues to handle the military's
bug bounty initiatives. Air Force CISO Peter Kim, who helped kick off and cheerlead the
service's first round last year, also played a leading role this time. . . here
Is this shadow of Integrity Initiative in the USA ? This false flag open the possibility that other similar events like
DNC (with very questionable investigation by Crowdstrike, which was a perfect venue to implement a false flag; cybersecurity area is
the perfect environment for planting false flags), MH17 (might be an incident but later it definitely was played as a false flag), Skripals
(Was Skripals poisoning a false flag decided to hide the fact that Sergey Skripal was involved in writing Steele dossier?) and Litvinenko
(probably connected with lack of safety measures in the process of smuggling of Plutonium by Litvinenko himself, but later played a
a false flag). All of those now should be re-assessed from the their potential of being yet another flag flag operation
against Russia. While Browder was a MI6 operation from the very beginning (and that explains
why he abdicated the US citizenship more convincingly that the desire to avoid taxes) .
Notable quotes:
"... Democratic operative Jonathon Morgan - bankrolled by LinkedIn founder Reid Hoffman, pulled a Russian bot "false flag" operation against GOP candidate Roy Moore in the Alabama special election last year - creating thousands of fake social media accounts designed to influence voters . Hoffman has since apologized, while Morgan was suspended by Facebook for "coordinated inauthentic" behavior. ..."
"... Really the bigger story is here is that these guys convincingly pretended to be Russian Bots in order to influence an election (not with the message being put forth by the bots, but by their sheer existence as apparent supporters of the Moore campaign). ..."
"... By all appearances, they were Russian bots trying to influence the election. Now we know it was DNC operatives. Yet we are supposed to believe without any proof that the "Russian bots" that supposedly influenced the 2016 Presidential election were, actually, Russian bots, and worthy of a two year long probe about "Russian collusion" and "Russian meddling." ..."
"... The whole thing is probably a farce, not only in the sense that there is no evidence that Russia had any influence at all on a single voter, but also in the sense that there is no evidence that Russia even tried (just claims and allegations by people who have a vested interest in convincing us its true). ..."
For over two years now, the concepts of "Russian collusion" and "Russian election meddling" have been shoved down our throats
by the mainstream media (MSM) under the guise of legitimate concern that the Kremlin may have installed a puppet president in Donald
Trump.
Having no evidence of collusion aside from a largely unverified opposition-research dossier fabricated by a former British spy,
the focus shifted from "collusion" to "meddling" and "influence." In other words, maybe Trump didn't actually collude with Putin,
but the Kremlin used Russian tricks to influence the election in Trump's favor. To some, this looked like nothing more than an establishment
scheme to cast a permanent spectre of doubt over the legitimacy of President Donald J. Trump.
Election meddling "Russian bots" and "troll farms" became the central focus - as claims were levied of social media operations
conducted by Kremlin-linked organizations which sought to influence and divide certain segments of America.
And while scant evidence of a Russian influence operation exists outside of a handful of indictments connected to a St. Petersburg
"Troll farm" (which a liberal journalist
cast serious doubt ov er), the MSM - with all of their proselytizing over the "threat to democracy" that election meddling poses,
has largely decided to ignore actual evidence of "Russian bots" created by Democrat IT experts, used against a GOP candidate in the
Alabama special election, and amplified through the Russian bot-detecting "Hamilton 68" dashboard developed by the same IT experts.
Democratic operative Jonathon Morgan - bankrolled by LinkedIn founder Reid Hoffman, pulled a Russian bot "false flag" operation
against GOP candidate Roy Moore in the Alabama special election last year - creating thousands of fake social media accounts designed
to influence voters . Hoffman has since apologized, while Morgan was suspended by Facebook for "coordinated inauthentic" behavior.
As Russian state-owned RT puts
it - and who could blame them for being a bit pissed over the whole thing, "it turns out there really was meddling in American democracy
by "Russian bots." Except they weren't run from Moscow or St. Petersburg, but from the offices of Democrat operatives chiefly responsible
for creating and amplifying the "Russiagate" hysteria over the past two years in a textbook case of psychological projection. "
A week before Christmas, the Senate Intelligence Committee released a report accusing Russia of depressing Democrat voter turnout
by targeting African-Americans on social media. Its authors, New Knowledge, quickly became a household name.
Described by the
New York Times
as a group of "tech specialists who lean Democratic," New Knowledge has ties to both the US military and intelligence agencies.
Its CEO and co-founder Jonathon Morgan previously worked for DARPA, the US military's advanced research agenc y. His partner,
Ryan Fox, is a 15-year veteran of the National Security Agency who also worked as a computer analyst for the Joint Special Operations
Command (JSOC). Their unique skill sets have managed to attract the eye of investors, who pumped $11 million into the company
in 2018 alone.
...
On December 19, a New York Times story revealed that Morgan and his crew had created a fake army of Russian bots, as well as
fake Facebook groups, in order to discredit Republican candidate Roy Moore in Alabama's 2017 special election for the US Senate.
Working on behalf of the Democrats, Morgan and his crew created an estimated 1,000 fake Twitter accounts with Russian names,
and had them follow Moore. They also operated several Facebook pages where they posed as Alabama conservatives who wanted like-minded
voters to support a write-in candidate instead.
In an internal memo, New Knowledge boasted that it had "orchestrated an elaborate 'false flag' operation that planted the idea
that the Moore campaign was amplified on social media by a Russian botnet."
It worked. The botnet claim made a splash on social media and was further amplified by Mother Jones, which based its story
on expert opinion from Morgan's other dubious creation, Hamilton 68. -
RT
Moore ended up losing the Alabama special election by a slim margin of just
In other words: In November 2017 – when Moore and his Democratic opponent were in a bitter fight to win over voters – Morgan
openly promoted the theory that Russian bots were supporting Moore's campaign . A year later – after being caught red-handed orchestrating
a self-described "false flag" operation – Morgan now says that his team never thought that the bots were Russian and have no idea
what their purpose was . Did he think no one would notice? -
RT
Disinformation warrior @ jonathonmorgan attempts to control
damage by lying. He now claims the "false flag operation" never took place and the botnet he promoted as Russian-linked (based
on phony Hamilton68 Russian troll tracker he developed) wasn't Russian https://www.
newknowledge.com/blog/about-ala bama
Even more strange is that Scott Shane - the journalist who wrote the New York Times piece exposing the Alabama "Russian bot" scheme,
knew about it for months after speaking at an event where the organizers bragged about the false flag on Moore .
Shane was one of the speakers at a meeting in September, organized by American Engagement Technologies, a group run by Mikey
Dickerson, President Barack Obama's former tech czar. Dickerson explained how AET spent $100,000 on New Knowledge's campaign to
suppress Republican votes, " enrage" Democrats to boost turnout, and execute a "false flag" to hrt Moore. He dubbed it "Project
Birmingham." - RT
Shane told BuzzFeed that he was "shocked" by the revelations, though hid behind a nondisclosure agreement at the request of American
Engagement Technologies (AET). He instead chose to spin the New Knowledge "false flag" operation on Moore as "limited Russian tactics"
which were part of an "experiment" that had a budget of "only" $100,000 - and which had no effect on the election.
New Knowledge suggested that the false flag operation was simply a "research project," which Morgan suggested was designed "to
better understand and report on the tactics and effects of social media disinformation."
While the New York Times seemed satisfied with his explanation, others pointed out that Morgan had used the Hamilton 68 dashboard
to give his "false flag" more credibility – misleading the public about a "Russian" influence campaign that he knew was fake.
New Knowledge's protestations apparently didn't convince Facebook, which
announced last week that five
accounts linked to New Knowledge – including Morgan's – had been suspended for engaging in "coordinated inauthentic behavior."
- RT
They knew exactly what they were doing
While Morgan and New Knowledge sought to frame the "Project Birmingham" as a simple research project, a leaked copy of the operation's
after-action report reveals that they knew exactly what they were doing .
"We targeted 650,000 like AL voters, with a combination of persona accounts, astroturfing, automated social media amplification
and targeted advertising," reads the report published by entrepreneur and executive coach Jeff Giesea.
The rhetorical question remains, why did the MSM drop this election meddling story like a hot rock after the initial headlines
faded away?
criminal election meddling, but then who the **** is going to click on some morons tactic and switch votes?
anyone basing any funding, whether it is number of facebook hits or attempted mind games by egotistical cuck soyboys needs a serious
psychological examination. fake news is fake BECAUSE IT ISNT REAL AND DOES NOT MATTER TO ANYONE but those living in the excited misery
of their tiny bubble world safe spaces. SOCIAL MEDIA IS A CON AND IS NOT IMPORTANT OR RELEVANT TO ANYONE.
far more serious is destroying ballots, writing in ballots without consent, bussing voters around to vote multiple times in different
districts, registering dead voters and imperosnating the corpses, withholding votes until deadlines pass - making them invalid.
Herdee , 10 minutes ago
NATO on behalf of the Washington politicians uses the same bullsh*t propaganda for continual war.
Mugabe , 20 minutes ago
Yup "PROJECTION"...
Yippie21 , 21 minutes ago
None of this even touches on the 501c3 or whatever that was set up , concerned Alabama voters or somesuch, and was funneled
a **** load of money to be found to be in violation of the law AFTER the election and then it all just disappeared. Nothing to
see here folks, Democrat won, let's move on. There was a LOT of " tests " for the smart-set in that election and it all worked.
We saw a bunch of it used in 2018, especially in Texas with Beto and down-ballot races. Democrats cleaned up like crazy in Texas,
especially in Houston.
2020 is going to be a hot mess. And the press is in on it, and even if illegal or unseemly things are done, as long as Democrats
win, all good... let's move on. Crazy.
LetThemEatRand , 21 minutes ago
The fact that MSM is not covering this story -- which is so big it truly raises major questions about the entire Russiagate
conspiracy including why Mueller was appointed in the first place -- is proof that they have no interest in journalism or the
truth and that they are 100% agenda driven liars. Not that we needed more proof, but there it is anyway.
Oldguy05 , 19 minutes ago
Dimz corruption is a nogo. Now if it were conservatives.......
CosineCosineCosine , 23 minutes ago
I'm not a huge fan, but Jimmy Dore has a cathartic and entertaining 30 minutes on this farce. Well worth the watch:
Really the bigger story is here is that these guys convincingly pretended to be Russian Bots in order to influence an election
(not with the message being put forth by the bots, but by their sheer existence as apparent supporters of the Moore campaign).
By all appearances, they were Russian bots trying to influence the election. Now we know it was DNC operatives. Yet we
are supposed to believe without any proof that the "Russian bots" that supposedly influenced the 2016 Presidential election were,
actually, Russian bots, and worthy of a two year long probe about "Russian collusion" and "Russian meddling."
The whole thing is probably a farce, not only in the sense that there is no evidence that Russia had any influence at all
on a single voter, but also in the sense that there is no evidence that Russia even tried (just claims and allegations by people
who have a vested interest in convincing us its true).
dead hobo , 30 minutes ago
I've been watching Scandal on Netflix. Still only in season 2. Amazing how nothing changes.They nailed it and memorialized
it. The MSM are useful idiots who are happy to make money publicizing what will sell the best.
chunga , 30 minutes ago
The media is biased and sucks, yup.
The reason the reds lost the house is because they went along with this nonsense and did nothing about it, like frightened
baby chipmunks.
JRobby , 33 minutes ago
Only when "the opposition" does it is it illegal. Total totalitarian state wannabe stuff.
divingengineer , 22 minutes ago
Amazing how people can contort reality to justify their own righteous cause, but decry their opposition for the EXACT same
thing. See trump visit to troops signing hats as most recent proof. If DJT takes a piss and sprinkles the seat, it's a crime.
DarkPurpleHaze , 33 minutes ago
They're afraid to expose themselves...unlike Kevin Spacey. Trump or Whitaker will expose this with one signature. It's
coming.
divingengineer , 20 minutes ago
Spacey has totally lost it. See his latest video, it will be a powerful piece of evidence for an insanity plea.
CosineCosineCosine , 10 minutes ago
Disagree strongly. I think it was excellent - perhaps you misunderstood the point? 6 minutes Diana Davidson look at it clarifies
"... This problem was recently discussed on Reddit, and it's pretty easy to confirm. Head to Settings > Privacy > Activity History and disable "Send my activity history to Microsoft." It was already disabled on our PC, so it made this easy to test. ..."
"... Update: Microsoft has confirmed this, telling us you'll need to set this option to "Basic" to stop Windows from sending your app usage history to Microsoft. ..."
Chris Hoffman @chrisbhoffman
December 10, 2018, 1:15pm EDT
Windows 10 collects an "Activity History" of applications you launch on your PC and sends it
to Microsoft. Even if you disable or clear this, Microsoft's Privacy Dashboard still shows an
"Activity History" of applications you've launched on your PCs.
Update: Microsoft's Marisa Rogers reached out to us with the following statement:
"Microsoft is committed to customer privacy, being transparent about the data we collect and
use for your benefit, and we give you controls to manage your data. In this case, the same term
"Activity History" is used in both Windows 10 and the Microsoft Privacy Dashboard. Windows 10
Activity History data is only a subset of the data displayed in the Microsoft Privacy
Dashboard. We are working to address this naming issue in a future update."
In addition to simply disabling the "Send my activity history to Microsoft" option,
Microsoft told us you must set your diagnostic data level to "Basic." This will prevent Windows
10 from sending app usage history to Microsoft.
This problem was recently discussed on Reddit, and it's pretty easy to confirm. Head to
Settings > Privacy > Activity History and disable "Send my activity history to
Microsoft." It was already disabled on our PC, so it made this easy to test.
For bonus points, you can also click the "Clear" button under Clear Activity History. This
should, theoretically, clear all that data from Microsoft's servers. But, apparently, it
doesn't.
You'll see a list of applications you've launched on your connected PCs, even if you've
disabled or cleared your Activity History on those PCs.
This is pretty strange and confusing, but we think there's a simple explanation: Microsoft
also collects a history of applications you launch through Windows 10's diagnostics. We think
the "Activity History" page in the Privacy Dashboard has an incorrect name. It's not part of
the Windows 10 "Activity History" feature, which is associated with the Timeline.
Windows 10's default diagnostic setting, "Full," says it sends "info about websites you
browse and how you use apps and features," so this data may just be sent to Microsoft through
Windows 10's normal telemetry. You can find these options at Settings > Privacy >
Diagnostics & Feedback.
Update: Microsoft has confirmed this, telling us you'll need to set this option to "Basic"
to stop Windows from sending your app usage history to Microsoft.
This whole confusing mess highlights how Microsoft has failed to explain exactly what data
Windows 10 collects and how you can control it.
The Privacy Dashboard was designed to make this more transparent, but even the dashboard is
confusing and uses incorrect names that don't match the associated features in Windows 10.
Microsoft still has a lot of work to do here.
My grandfather, in the early 60's could board a 707 in New York and arrive in LA in far
less time than I can today. And no, I am not counting 4 hour layovers with the long waits to
be "screened", the jets were 50-70 knots faster, back then your time was worth more, today
less.
Not counting longer hours AT WORK, we spend far more time commuting making for much longer
work days, back then your time was worth more, today less!
Software "upgrades" require workers to constantly relearn the same task because some young
"genius" observed that a carefully thought out interface "looked tired" and glitzed it up.
Think about the almost perfect Google Maps driver interface being redesigned by people who
take private buses to work. Way back in the '90's your time was worth more than today!
Life is all the "time" YOU will ever have and if we let the elite do so, they will suck
every bit of it out of you.
Last week, Iran's chief of civil defense claimed that the Iranian government had
fought off Israeli attempts to infect computer systems with what he described as a new
version of Stuxnet -- the malware reportedly developed jointly by the US and Israel that
targeted Iran's uranium-enrichment program. Gholamreza Jalali, chief of the National Passive
Defense Organization (NPDO), told Iran's IRNA news service, "Recently, we discovered a new
generation of Stuxnet which consisted of several parts... and was trying to enter our
systems."
On November 5, Iran Telecommunications Minister Mohammad-Javad Azari Jahromi accused Israel
of being behind the attack, and he said that the malware was intended to "harm the country's
communication infrastructures." Jahromi praised "technical teams" for shutting down the attack,
saying that the attackers "returned empty-handed." A report from Iran's Tasnim news agency
quoted Deputy Telecommunications Minister Hamid Fattahi as stating that more details of the
cyber attacks would be made public soon.
Jahromi said that Iran would sue Israel over the attack through the International Court of
Justice. The Iranian government has also said it would sue the US in the ICJ over the
reinstatement of sanctions. Israel has
remained silent regarding the accusations .
The claims come a week after the NPDO's Jalali announced that President
Hassan Rouhani's cell phone had been "tapped" and was being replaced with a new, more
secure device. This led to a statement by Iranian Supreme Leader Ayatollah Ali Khamenei,
exhorting Iran's security apparatus to "confront infiltration through scientific, accurate, and
up-to-date action."
While Iran protests the alleged attacks -- about which the Israeli government has been
silent -- Iranian hackers have continued to conduct their own cyber attacks. A
recent report from security tools company Carbon Black based on data from the company's
incident-response partners found that Iran had been a significant source of attacks in the
third quarter of this year, with one incident-response professional noting, "We've seen a lot
of destructive actions from Iran and North Korea lately, where they've effectively wiped
machines they suspect of being forensically analyzed."
The twin pillars of Iran's foreign policy - America is evil and Wipe Israel off the map -
do not appear to be serving the country very well.
They serve Iran very well, America is an easy target to gather support against, and Israel is
more than willing to play the bad guy (for a bunch of reasons including Israels' policy of
nuclear hegemony in the region and historical antagonism against Arab states).
Israeli hackers offered Cambridge Analytica, the data collection firm that worked on U.S.
President Donald Trump's election campaign, material on two politicians who are heads of
state, the Guardian reported Wednesday, citing witnesses.
While Israelis are not necessarily number one in technical skills -- that award goes to
Russian hackers -- Israelis are probably the best at thinking on their feet and adjusting to
changing situations on the fly, a trait essential for success in a wide range of areas,
including cyber-security, said Forzieri. "In modern attacks, the human factor -- for example,
getting someone to click on a link that will install malware -- constitutes as much as 85% of
a successful attack," he said.
The pro-Israel trolls out in front of this comment section...
You don't have to be pro-Israel to be anti-Iran. Far from it. I think many of Israel's
actions in Palestine are reprehensible, but I also know to (rightly) fear an Islamic
dictatorship who is actively funding terrorism groups and is likely a few years away from
having a working nuclear bomb, should they resume research (which the US actions seem likely
to cause).
The US created the Islamic Republic of Iran by holding a cruel dictator in power rather
than risking a slide into communism. We should be engaging diplomatically, rather than trying
sanctions which clearly don't work. But I don't think that the original Stuxnet was a bad
idea, nor do I think that intense surveillance of what could be a potentially very dangerous
country is a bad one either.
If the Israelis (slash US) did in fact target civilian infrastructure, that's a problem.
Unless, of course, they were bugging them for espionage purposes.
Agree. While Israel is not about to win Humanitarian Nation of the year Award any
time soon, I don't see it going to Iran in a close vote tally either.
(zdnet.com)
62Researchers have found flaws that can be
exploited to bypass hardware encryption in well known and popular SSD drives. Master
passwords and faulty standards implementations allow attackers access to encrypted data without
needing to know the user-chosen password.
SSDs from Micron (Crucial) and Samsung are affected. These are SSDs that support
hardware-level encryption via a local built-in chip, separate from the main CPU. Some of these
devices have a factory-set master password that bypasses the user-set password, while other
SSDs store the encryption key on the hard drive, from where it can be retrieved. The issue is
worse on Windows, where BitLocker defers software-level encryption to hardware
encryption-capable SSDs, meaning user data is vulnerable to attacks without the user's
knowledge. More in the research paper .
"... The DOI conducts IT security training once a year, during which employees sign a statement saying they understand those rules. The employee attended those annual training events and the OIG "confirmed he agreed to the Rules of Behavior for several years prior." ..."
"... The OIG recommended that USGS step up its monitoring of employee web usage, block pornographic websites and prevent unauthorized USB devices from being used on all employee computers. It gave USGS 90 days to indicate whether it plans on implementing those recommendations. ..."
A US government employee with an apparent addiction to Russian pornography is causing a
headache at the US Geological Survey (USGS) after infecting their network with malware. The
USGS's Office of Inspector General (OIG) released a report October 17 detailing the compromise.
The employee was apparently visiting pornography sites on his government-issued laptop, which
is how the malware was contracted and spread through the network.
The employee, whose name is redacted from the report, visited thousands of pornographic
websites. "Many of the 9,000 web pages [redacted] visited routed through websites that
originated in Russia and contained malware," the report says.
"Most of the larger porn sites are not actively trying to install malware on your device,
because that would interrupt their business model of getting you to come back to the site,
click and view ads, and subscribe to their premium content," web developer and technologist
Chris Garaffa told Sputnik News Tuesday. "However, third-party ad networks that do not properly
screen the ads they run can be exploited to serve malware along with the ad. This applies not
just to porn sites but to any site with advertisements on it."
"I recommend people use a safer browser like Mozilla Firefox or Brave, along with an
ad-blocker add-on like uBlock Origin to help mitigate the risks -- regardless of what content
they're viewing," Garaffa added.
According to the government's analysis, a number of pornographic images were saved on an
unauthorized USB device and the employee's personal Android phone, which also got infected with
the malware.
USGS is under the Department of Interior (DOI), which prohibits employees from viewing or
distributing pornography on government computers. Employees are also banned from connecting
their personal devices to government computers or networks, another rule that was violated by
the employee.
The DOI conducts IT security training once a year, during which employees sign a
statement saying they understand those rules. The employee attended those annual training
events and the OIG "confirmed he agreed to the Rules of Behavior for several years
prior."
The OIG recommended that USGS step up its monitoring of employee web usage, block
pornographic websites and prevent unauthorized USB devices from being used on all employee
computers. It gave USGS 90 days to indicate whether it plans on implementing those
recommendations.
According to NextGov, a number of US government agencies have had similar scandals in recent
history, including the Environmental Protection Agency, the Securities and Exchange Commission,
the Internal Revenue Service and
about a dozen others .
Representative Mark Meadows (R-NC) has on three occasions introduced legislation banning the
viewing of pornography on federal government computers, NextGov notes. It isn't clear why the
bills have failed to come to fruition.
"If your employer owns your phone, computer or even just the network you're connecting to,
they have the legal right to monitor, log and save records of what you're typing, what websites
you're visiting, the content of the emails you send -- even on your personal accounts -- and
the right to look at your screen," Garaffa said.
"Employees should effectively keep in mind that they currently have no legal right to
privacy when using a company-owned device or network," he added.
"... Iranian Students News Agency (ISNA) then reported on Monday that Rouhani's cell phone had recently been discovered to be bugged, citing Jalali as saying that Rouhani's phone would be replaced with a more secure device. Again, Jalali made no indication as to who was believed to be behind the wire tap ..."
"... Earlier this year, Israel claimed it had accomplished a vast cyber-heist, stealing an archive that Israel claimed documented Tehran's continuing nuclear weapons program. Israeli Prime Minister Benjamin Netanyahu presented those claims to the UN in September. ..."
"... "What Iran hides, Israel will find," Netanyahu declared in his UN speech at the time. ..."
"... What kind of sick people put viruses in nuclear power stations? ..."
"... Who else could it be but one of the dirty 4, US, UK, France or Israel ..."
The head of Iran's civil defense agency announced on Sunday that a new version of the
Stuxnet virus, believed to be a US-Israeli creation, had been found by Iranian authorities. The
announcement came amid news that President Hassan Rouhani's phone had been bugged and a call
for increased defenses to "confront infiltration." "Recently we discovered a new generation of
Stuxnet which consisted of several parts and was trying to enter our systems," announced
Brigadier General Gholamreza Jalali, head of Iranian civil defense, Reuters reported. He gave
no further details, such as whom the Iranian government believes to be behind the attack or how
much damage it had caused.
The original Stuxnet virus targeted nuclear centrifuges at Iran's Natanz Uranium Enrichment
Facility in June 2009, when it caused about 20 percent of the facility's centrifuges to spin
out of control until they broke. It's widely believed to have been a joint creation by the US
and Israel.
The Times of Israel noted that Israeli officials have refused to discuss what role, if any,
they played in either Stuxnet operation.
That same day, Iranian Supreme Leader Ayatollah Ali Khamenei said Sunday, "In the face of
the enemy's complex practices, our civil defense should confront infiltration through
scientific, accurate and up-to-date action."
Iranian Students News Agency (ISNA) then reported on Monday that Rouhani's cell phone
had recently been discovered to be bugged, citing Jalali as saying that Rouhani's phone would
be replaced with a more secure device. Again, Jalali made no indication as to who was believed
to be behind the wire tap .
Still, Israel seems to be name on everyone's lips. The news is only one episode in a rapid
succession of moves between Israel and Iran, with Israel's Mossad intelligence agency saying on
Wednesday it had thwarted an Iranian murder plot in Denmark against three members of the Arab
Struggle Movement for the Liberation of Ahvaz, an organization connected to those who carried
out a terrorist attack during a
military parade in the Iranian city of Ahvaz on September 22, killing 25 people.
Earlier this year, Israel claimed it had accomplished a vast cyber-heist, stealing an
archive that Israel claimed documented Tehran's continuing nuclear weapons program. Israeli
Prime Minister Benjamin Netanyahu presented those claims to the UN in September.
"What Iran hides, Israel will find," Netanyahu declared in his UN speech at the
time.
What kind of sick people put viruses in nuclear power stations? The same kind that
shoot kids with sniper rifles while their citizens watch and cheer, I guess. Straight up
criminal rogue regime...
John Mason
Who else could it be but one of the dirty 4, US, UK, France or Israel who have been
involved in creating global chaos.
"... Apple is a shit proprietary company that has somehow convinced people around the world that their product is as important as eating, and costs you as much to have an iPhone as it costs you to buy food each month. Oh but it has a camera and these really cool weather apps that cuss at you, and my selfie stick is made for the iPhone 7, but they will be coming out with an iPhone 8 soon. I sure hope my selfie stick works with it! ..."
Today, March 23rd 2017, WikiLeaks releases Vault 7 "Dark Matter", which contains
documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the
infection persists even if the operating system is re-installed) developed by the CIA's
Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain
'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of
EFI/UEFI and firmware malware.
Among others, these documents reveal the "Sonic Screwdriver" project which, as explained by
the CIA, is a "mechanism for executing code on peripheral devices while a Mac laptop or desktop
is booting" allowing an attacker to boot its attack software for example from a USB stick "even
when a firmware password is enabled". The CIA's "Sonic Screwdriver" infector is stored on the
modified firmware of an Apple Thunderbolt-to-Ethernet adapter.
"DarkSeaSkies" is "an implant that persists in the EFI firmware of an Apple MacBook Air
computer" and consists of "DarkMatter", "SeaPea" and "NightSkies", respectively EFI,
kernel-space and user-space implants.
Documents on the "Triton" MacOSX malware, its infector "Dark Mallet" and its EFI-persistent
version "DerStake" are also included in this release. While the DerStake1.4 manual released
today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on
and update these systems and is working on the production of DerStarke2.0.
Also included in this release is the manual for the CIA's "NightSkies 1.2" a
"beacon/loader/implant tool" for the Apple iPhone. Noteworthy is that NightSkies had reached
1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones.
i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.
While CIA assets are sometimes used to physically infect systems in the custody of a target
it is likely that many CIA physical access attacks have infected the targeted organization's
supply chain including by interdicting mail orders and other shipments (opening, infecting, and
resending) leaving the United States or otherwise
... "Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be
physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone
supply chain of its targets since at least 2008."
... time to ditch those CiApple devices ... now you know why the Canadian Blackberry was
killed off the US market ... they wouldn't play the US alphabet agencies' surveillance game
...
I knew it was a publicity hoax when Apple didn't want to allow the
feds access to the phone that was used by the killers in the San Bernadillo Massacre. Like
Apple really cares about giving your info to the feds...
Apple is a shit proprietary company that has somehow convinced people around the world that
their product is as important as eating, and costs you as much to have an iPhone as it costs
you to buy food each month. Oh but it has a camera and these really cool weather apps that cuss
at you, and my selfie stick is made for the iPhone 7, but they will be coming out with an
iPhone 8 soon. I sure hope my selfie stick works with it!
"Hi, my name is Lisa and I am in like 7th grade. Other kids in my class only have the iPhone
5, but I have the new iPhone 7. I go to school with such pathetic loooserrs. Everyone in my
school is jealous of me and my new iPhone 7, cause it shows that my parents really care about
me, because, you know, they spent a lot of money on me for this phone so it must show they
like, really care, right?
And the other kids in school chant my name as I walk down the halls
because they're like so jealous of how much my parents love me. They are jealous because I'm
like really rich, really cool, and my parents really love me too."
In a honest country where the rule of law applies to all, USA prisons
would be filled with CIA and NSA operatives. Instead, we live in a banana republic, without the
bananas.
Who's your money on? Bloomberg's sources? Apple? Amazon? Super Micro?
####
Hit the comments. Quite a few very good points made, namely 'Why now?' (its da Chinese!)
as it supposed occurred some years ago, the US breaks this kind of story when it knows it
will shortly be fingered for doing the same (the US did a demo SCADA attack for the media
before the STUXNET story broke), if it was done it would have only been on select machines
etc. etc.
There was a headlining (which of course I cannot find now*) saying that the US is calling
on the UK, EU & Japan should get together and take on China economically. Why does the
might US need help? It's quite an admission. This is at the same time that the US is
targeting EU companies that do business with Russia and also telling Brussels that they do
not agree with its very modest proposals for WTO reform.** There's no balance. They're all
over the place, no to mention their spokespersons going tonto and shooting off their mouths
so casually (US NATO Amb).
The more you look at all the current revelations, who they are made by, the way they are
all being fed to the press and the demands now being made, it looks more and more that the
Euro-Atfantacists are making another concerted and desperate campaign to retain some sort of
influence. The UK is leaving the EU. Even if it rejoins, it won't be a 'special partner'. The
fact that the USA-insane Netherlands and the UK are running their stories together shows us
that the target is the rest of Europe, just as outgoing Pres of the EU J-C Juncker has said
that Europe's best interests are with a security treaty with Russia. BTW, Finland's Stubb is
putting himself forward to replace Juncker
"... There has been an ongoing campaign on the part of the US, to get out the idea that China, Russia, North Korea, and Iran have massive armies of hackers that are constantly looking to steal American secrets. The absurdity of the US' claims is pretty obvious. As I pointed out in my book The Myth of Homeland Security ..."
"... "The Great US/China Cyberwar of 2010" is one cyberwar that didn't happen, but was presaged with a run-up of lots of claims that the Chinese were hacking all over the place. I'm perfectly willing to accept the possibility that there was Chinese hacking activity, but in the industry there was no indication of an additional level of attack or significance. ..."
"... One thing that did ..."
"... US ideology is that "we don't start wars" -- it's always looking for an excuse to go to war under the rubric of self-defense, so I see these sorts of claims as justification in advance for unilateral action. I also see it as a sign of weakness; if the US were truly the superpower it claims it is, it would simply accept its imperial mantle and stop bothering to try to justify anything. I'm afraid we may be getting close to that point. ..."
"... My assumption has always been that the US is projecting its own actions on other nations. At the time when the US was talking the loudest about Chinese cyberwar, the US and Israel had launched STUXNET against the Iranian enrichment plant at Natanz, and the breeder reactor at Bushehr (which happens to be just outside of a large city; the attack took some of its control systems and backup generators offline). Attacks on nuclear power facilities are a war crime under international humanitarian law, which framework the US is signatory to but has not committed to actually follow. This sort of activity happens at the same time that the US distributes talking-points to the media about the danger of Russian hackers crashing the US power grid. I don't think we can psychoanalyze an entire government and I think psychoanalysis is mostly nonsense -- but it's tempting to accuse the US of "projection." ..."
"... All of this stuff happens against the backdrop of Klein, Binney, Snowden, and the Vault 7 revelations, as well as solid attribution identifying the NSA as "equation group" and linking the code-tree of NSA-developed malware to STUXNET, FLAME, and DUQU. ..."
"... the US has even admitted to deploying STUXNET -- Obama bragged about it. When Snowden's revelations outlined how the NSA had eavesdropped on Angela Merkel's cellphone, the Germans expressed shock and Barack Obama remarkably truthfully said "that's how these things are done" and blew the whole thing off by saying that the NSA wasn't eavesdropping on Merkel any more. [ bbc ] ..."
"... It's hard to keep score because everything is pretty vague, but it sounds like the US has been dramatically out-spending and out-acting the other nations that it accuses of being prepared for cyberwar. ..."
"... it's hard not to see the US is prepared for cyberwar, when both the NSA and the CIA leak massive collections of advanced tools. ..."
"... My observation is that the NSA and CIA have been horribly sloppy and have clearly spent a gigantic amount of money preparing to compromise both foreign and domestic systems -- that's bad enough. With friends like the NSA and CIA, who needs Russians and Chinese? ..."
"... The Russian and Chinese efforts are relatively tiny compared to the massive efforts the US expends tens of billions of dollars on. The US spends about $50bn on its intelligence agencies, while the entire Russian Department of Defense budget is about $90bn (China is around $139bn) -- maybe the Russians and Chinese have such a small footprint because they are much smaller operations? ..."
"... That brings us to the recent kerfuffle about taps on the Supermicro motherboards. That's not unbelievable at all -- not in a world where we discover that Intel has built a parallel management CPU into every CPU since 2008, and that there is solid indications that other processors have similar backdoors. ..."
"... There are probably so many backdoors in our systems that it's a miracle it works at all. ..."
"... So, with respect to "propaganda" I would say that the US intelligence community has been consistently pushing a propaganda agenda against the US government, and the citizens in order to justify its actions and defend its budget. ..."
"... What little I've been able to find out the new Trump™ cybersecurity plan is that it doesn't involve any defense, just massive retribution against (perceived) foes. ..."
"... Funny how those obsessed with "false flag" operations work so hard to invite more of same. ..."
Bob Moore asks me to comment on an article about propaganda and security/intelligence. [
article ] This is going to be a mixture of opinion and references to facts; I'll try to be
clear which is which.
Yesterday several NATO countries ran a concerted propaganda campaign against Russia. The
context for it was a NATO summit in which the U.S. presses for an intensified cyberwar
against NATO's preferred enemy.
On the same day another coordinated campaign targeted China. It is aimed against China's
development of computer chip manufacturing further up the value chain. Related to this is
U.S. pressure on Taiwan, a leading chip manufacturer, to cut its ties with its big
motherland.
It is true that the US periodically makes a big push regarding "messaging" about hacking.
Whether or not it constitutes a "propaganda campaign" depends on how we choose to interpret
things and the labels we attach to them -- "propaganda campaign" has a lot of negative
connotations and one person's "outreach effort" is an other's "propaganda." An
ultra-nationalist or an authoritarian submissive who takes the government's word for anything
would call it "outreach."
There has been an ongoing campaign on the part of the US, to get out the idea that
China, Russia, North Korea, and Iran have massive armies of hackers that are constantly looking
to steal American secrets. The absurdity of the US' claims is pretty obvious. As I pointed out
in my book The Myth of Homeland Security (2004) [
wc ] claims such as that the Chinese had "40,000 highly trained hackers" are flat-out
absurd and ignore the reality of hacking; that's four army corps. Hackers don't engage in
"human wave" attacks.
"The Great US/China Cyberwar of 2010" is one cyberwar that didn't happen, but was
presaged with a run-up of lots of claims that the Chinese were hacking all over the place. I'm
perfectly willing to accept the possibility that there was Chinese hacking activity, but in the
industry there was no indication of an additional level of attack or significance.
One thing that did happen in 2010 around the same time as the nonexistent
cyberwar was China and Russia proposed trilateral talks with the US to attempt to define
appropriate limits on state-sponsored hacking. The US flatly rejected the proposal, but there
was virtually no coverage of that in the US media at the time. The UN also called for a
cyberwar treaty framework, and the effort was killed by the US. [ wired ] What's
fascinating and incomprehensible to me is that, whenever the US feels that its ability to claim
pre-emptive cyberwar is challenged, it responds with a wave of claims about Chinese (or Russian
or North Korean) cyberwar aggression.
John Negroponte, former director of US intelligence, said intelligence agencies in the
major powers would be the first to "express reservations" about such an accord.
US ideology is that "we don't start wars" -- it's always looking for an excuse to go to
war under the rubric of self-defense, so I see these sorts of claims as justification in
advance for unilateral action. I also see it as a sign of weakness; if the US were truly the
superpower it claims it is, it would simply accept its imperial mantle and stop bothering to
try to justify anything. I'm afraid we may be getting close to that point.
My assumption has always been that the US is projecting its own actions on other
nations. At the time when the US was talking the loudest about Chinese cyberwar, the US and
Israel had launched STUXNET against the Iranian enrichment plant at Natanz, and the breeder
reactor at Bushehr (which happens to be just outside of a large city; the attack took some of
its control systems and backup generators offline). Attacks on nuclear power facilities are a
war crime under international humanitarian law, which framework the US is signatory to but has
not committed to actually follow. This sort of activity happens at the same time that the US
distributes talking-points to the media about the danger of Russian hackers crashing the US
power grid. I don't think we can psychoanalyze an entire government and I think psychoanalysis
is mostly nonsense -- but it's tempting to accuse the US of "projection."
The anti-Russian campaign is about alleged Russian spying, hacking and influence
operations. Britain and the Netherland took the lead. Britain accused Russia's military
intelligence service (GRU) of spying attempts against the Organisation for the Prohibition of
Chemical Weapons (OPCW) in The Hague and Switzerland, of spying attempts against the British
Foreign Office, of influence campaigns related to European and the U.S. elections, and of
hacking the international doping agency WADA. British media willingly
helped to exaggerate the claims: [ ]
The Netherland [sic] for its part released
a flurry
of information about the alleged spying attempts against the OPCW in The Hague. It claims
that four GRU agents traveled to The Hague on official Russian diplomatic passports to sniff
out the WiFi network of the OPCW. (WiFi networks are notoriously easy to hack. If the OPCW is
indeed using such it should not be trusted with any security relevant issues.) The Russian
officials were allegedly very secretive, even cleaning out their own hotel trash, while they,
at the same, time carried laptops with private data and even taxi receipts showing their
travel from a GRU headquarter in Moscow to the airport. Like in the Skripal/Novichok saga the
Russian spies are, at the same time, portrayed as supervillains and hapless amateurs. Real
spies are neither.
There's a lot there, and I think the interpretation is a bit over-wrought, but it's mostly
accurate. The US and the UK (and other NATO allies, as necessary) clearly coordinate when it
comes to talking points. Claims of Chinese cyberwar in the US press will be followed by claims
in the UK and Australian press, as well. My suspicion is that this is not the US Government and
UK Government coordinating a story -- it's the intelligence agencies doing it. My
opinion is that the intelligence services are fairly close to a "deep state" -- the
CIA and NSA are completely out of control and the CIA has gone far toward building its own
military, while the NSA has implemented completely unrestricted surveillance worldwide.
All of this stuff happens against the backdrop of Klein, Binney, Snowden, and the Vault
7 revelations, as well as solid attribution identifying the NSA as "equation group" and linking
the code-tree of NSA-developed malware to STUXNET, FLAME, and DUQU. While the attribution
that "Fancy Bear is the GRU" has been made and is probably fairly solid, the attribution of NSA
malware and CIA malware is rock solid; the US has even admitted to deploying STUXNET --
Obama bragged about it. When Snowden's revelations outlined how the NSA had eavesdropped on
Angela Merkel's cellphone, the Germans expressed shock and Barack Obama remarkably truthfully
said "that's how these things are done" and blew the whole thing off by saying that the NSA
wasn't eavesdropping on Merkel any more. [ bbc ]
It's hard to keep score because everything is pretty vague, but it sounds like the US
has been dramatically out-spending and out-acting the other nations that it accuses of being
prepared for cyberwar. I tend to be extremely skeptical of US claims because: bomber gap,
missile gap, gulf of Tonkin, Iraq WMD, Afghanistan, Libya and every other aggressive attack by
the US which was blamed on its target. The reason I assume the US is the most aggressive actor
in cyberspace is because the US has done a terrible job of protecting its tool-sets and
operational security: it's hard not to see the US is prepared for cyberwar, when both the
NSA and the CIA leak massive collections of advanced tools.
Meanwhile, where are the leaks of Russian and Chinese tools? They have been few and far
between, if there have been any at all. Does this mean that the Russians and Chinese have
amazingly superior tradecraft, if not tools? I don't know. My observation is that the NSA
and CIA have been horribly sloppy and have clearly spent a gigantic amount of money preparing
to compromise both foreign and domestic systems -- that's bad enough. With friends like the NSA
and CIA, who needs Russians and Chinese?
The article does not have great depth to its understanding of the situation, I'm afraid. So
it comes off as a bit heavy on the recent news while ignoring the long-term trends. For
example:
The allegations of Chinese supply chain attacks are of course just as hypocritical as the
allegations against Russia. The very first know case of computer related supply chain
manipulation goes
back to 1982 :
A CIA operation to sabotage Soviet industry by duping Moscow into stealing booby-trapped
software was spectacularly successful when it triggered a huge explosion in a Siberian gas
pipeline, it emerged yesterday.
I wrote a piece about the "Farewell Dossier" in 2004. [ mjr
] Re-reading it, it comes off as skeptical but waffly. I think that it's self-promotion by the
CIA and exaggerates considerably ("look how clever we are!") at a time when the CIA was
suffering an attention and credibility deficit after its shitshow performance under George
Tenet. But the first known cases of computer related supply chain manipulation go back to the
70s and 80s -- the NSA even compromised Crypto AG's Hagelin M-209 system (a mechanical
ciphering machine) in order to read global communications encrypted with that product. You can
imagine Crypto AG's surprise when the Iranian secret police arrested one of their sales reps
for selling backdoor'd crypto -- the NSA had never told them about the backdoor, naturally. The
CIA was also on record for producing Xerox machines destined for the USSR, which had recorders
built into them So, while the article is portraying the historical sweep of NSA dirty tricks,
they're only looking at the recent ones. Remember: the NSA also weakened the elliptic curve
crypto library in RSA's Bsafe implementation, paying RSADSI $13 million to accept their tweaked
code.
Why haven't we been hearing about the Chinese and Russians doing that sort of thing? There
are four options:
The Russians and Chinese are doing it, they're just so darned good nobody has
caught them until just recently.
The Russians and Chinese simply resort to using existing tools developed by the
hacking/cybercrime community and rely on great operational security rather than fancy
tools.
The Russian and Chinese efforts are relatively tiny compared to the massive efforts
the US expends tens of billions of dollars on. The US spends about $50bn on its intelligence
agencies, while the entire Russian Department of Defense budget is about $90bn (China is
around $139bn) -- maybe the Russians and Chinese have such a small footprint because they are
much smaller operations?
Something else.
That brings us to the recent kerfuffle about taps on the Supermicro motherboards. That's
not unbelievable at all -- not in a world where we discover that Intel has built a parallel
management CPU into every CPU since 2008, and that there is solid indications that other
processors have similar backdoors.
Was the Intel IME a "backdoor" or just "a bad idea"? Well, that's tricky. Let me put my
tinfoil hat on: making a backdoor look like a sloppily developed product feature would be the
competent way to write a backdoor. Making it as sneaky as the backdoor in the Via is
unnecessary -- incompetence is eminently believable.
&
(kaspersky)
I believe all of these stories (including the Supermicro) are the tip of a great big, ugly
iceberg. The intelligence community has long known that software-only solutions are too
mutable, and are easy to decompile and figure out. They have wanted to be in the BIOS of
systems -- on the motherboard -- for a long time. If you go back to 2014, we have disclosures
about the NSA malware that hides in hard drive BIOS: [
vice ] [
vice ] That appears to have been in progress around 2000/2001.
Of note, the group recovered two modules belonging to EquationDrug and GrayFish that were
used to reprogram hard drives to give the attackers persistent control over a target machine.
These modules can target practically every hard drive manufacturer and brand on the market,
including Seagate, Western Digital, Samsung, Toshiba, Corsair, Hitachi and more. Such attacks
have traditionally been difficult to pull off, given the risk in modifying hard drive
software, which may explain why Kaspersky could only identify a handful of very specific
targets against which the attack was used, where the risk was worth the reward.
But
Equation Group's malware platforms have other tricks, too. GrayFish, for example, also has
the ability to install itself into computer's boot record -- software that loads even
before the operating system itself -- and stores all of its data inside a portion of
the operating system called the registry, where configuration data is normally stored.
EquationDrug was designed for use on older Windows operating systems, and "some of the
plugins were designed originally for use on Windows 95/98/ME" -- versions of Windows so old
that they offer a good indication of the Equation Group's age.
This is not a very good example of how to establish a "malware gap" since it just makes the
NSA look like they are incapable of keeping a secret. If you want an idea how bad it is,
Kaspersky labs' analysis of the NSA's toolchain is a good example of how to do attribution
correctly. Unfortunately for the US agenda, that solid attribution points toward Fort Meade in
Maryland. [kaspersky]
Let me be clear: I think we are fucked every which way from the start. With backdoors in the
BIOS, backdoors on the CPU, and wireless cellular-spectrum backdoors, there are probably
backdoors in the GPUs and the physical network controllers, as well. Maybe the backdoors in the
GPU come from the GRU and maybe the backdoors in the hard drives come from NSA, but who cares?
The upshot is that all of our systems are so heinously compromised that they can only be
considered marginally reliable. It is, literally, not your computer: it's theirs. They'll let
you use it so long as your information is interesting to them.
Do I believe the Chinese are capable of doing such a thing? Of course. Is the GRU? Probably.
Mossad? Sure. NSA? Well-documented attribution points toward NSA. Your computer is a free-fire
zone. It has been since the mid 1990s, when the NSA was told "no" on the Clipper chip and
decided to come up with its own Plan B, C, D, and E. Then, the CIA came up with theirs. Etc.
There are probably so many backdoors in our systems that it's a miracle it works at
all.
From my 2012 RSA conference lecture "Cyberwar, you're doing it wrong."
The problem is that playing in this space is the purview of governments. Nobody in the
cybercrime or hacking world need tools like these. The intelligence operatives have huge
budgets, compared to a typical company's security budget, and it's unreasonable to expect any
business to invest such a level of effort on defending itself. So what should companies do?
They should do exactly what they are doing: expect the government to deal with it; that's what
governments are for. The problem with that strategy is that their government isn't on their
side, either! It's Hobbes' playground.
In case you think I am engaging in hyperbole, I assure you I am not. If you want another
example of the lengths (and willingness to bypass the law) "they" are willing to go, consider
'stingrays' that are in operation in every major US city and outside of every interesting hotel
and high tech park. Those devices are not passive -- they actively inject themselves into the
call set-up between your phone and your carrier -- your data goes through the stingray, or it
doesn't go at all. If there are multiple stingrays, then your latency goes through the roof.
"They" don't care. Are the stingrays NSA, FBI, CIA, Mossad, GRU, or PLA? Probably a bit of all
of the above depending on where and when.
Whenever the US gets caught with its pants down around its ankles, it blames the Chinese or
the Russians because they have done a good job of building the idea that the most serious
hackers on the planet at the Chinese. I don't believe that we're seeing complex propaganda
campaigns that are tied to specific incidents -- I think we see ongoing organic
propaganda campaigns that all serve the same end: protect the agencies, protect their budgets,
justify their existence, and downplay their incompetence.
So, with respect to "propaganda" I would say that the US intelligence community has been
consistently pushing a propaganda agenda against the US government, and the citizens in order
to justify its actions and defend its budget.
The government also engages in propaganda, and is influenced by the intelligence
community's propaganda as well. And the propaganda campaigns work because everyone
involved assumes, "well, given what the NSA has been able to do, I should assume the Chinese
can do likewise." That's a perfectly reasonable assumption and I think it's probably true that
the Chinese have capabilities. The situation is what Chuck Spinney calls "A self-licking ice
cream cone" -- it's a justifying structure that makes participation in endless aggression seem
like a sensible thing to do. And, when there's inevitably a disaster, it's going to be like a
cyber-9/11 and will serve as a justification for even more unrestrained aggression.
Want to see what it looks like? A thousand thanks to Commentariat member [redacted] for this
link. If you don't like video, there's an article here. [ toms ]
Is this an NSA backdoor, or normal incompetence? Is Intel Management Engine an NSA-inspired
backdoor, or did some system engineers at Intel think that was a good idea? There are other
scary indications of embedded compromise: the CIA's Vault7 archive included code that appeared
to be intended to embed in the firmware of "smart" flatscreen TVs. That would make every LG
flat panel in every hotel room, a listening device just waiting to be turned on.
We know the Chinese didn't do that particular bug but why wouldn't they do
something similar, in something else? China is the world's oldest mature culture -- they
literally wrote the book on strategy -- Americans acting as though it's a great
surprise to learn that the Chinese are not stupid, it's just the parochialism of a 250 year-old
culture looking at a 3,000 year-old culture and saying "wow, you guys haven't been asleep at
the switch after all!"
What little I've been able to find out the new
Trump™ cybersecurity plan is that it doesn't involve any defense, just massive
retribution against (perceived) foes.
Funny how those obsessed with "false flag" operations work so hard to invite more of
same.
Pierce R. Butler@#1: What little I've been able to find out the new Trump™ cybersecurity plan is that
it doesn't involve any defense, just massive retribution against (perceived) foes.
Yes. Since 2001, as far as most of us can tell, federal cybersecurity spend has been 80%
offense, 20% defense. And a lot of the offensive spend has been aimed at We, The
People.
Your mention of Operation Sundevil and Kevin Mitnick in a previous post made me think
that maybe the reason we haven't seen the kind of leaks from the Russian and Chinese
hacking operations that we've seem from the NSA is that they're running a "Kevin Mitnick
style" operation; that is, relying less on technical solutions and using instead
old-fashioned "social engineering" and other low-tech forms of espionage (like running
troll farms on social media). I mean, I've seen interviews with retired US intelligence
people since the 90s complain that since the late 1980s, the intelligence agencies have
been crippled by management in love with hi-tech "SIGINT" solutions to problems that never
deliver and neglecting old-fashioned "HUMINT" intelligence-gathering.
The thing is, Kevin Mitnick got away with a lot of what he did because people didn't
take security seriously then, and still don't. On a similar nostalgia vibe, I remember
reading an article by Keith Bostic (one of the researchers who helped in the analysis of
the Morris worm
that took down a significant chunk of the Internet back in 1988) where he did a follow-up a
year or so afterwards and some depressing number of organisations that had been hit by it
still hadn't patched the holes that had let the worm infect them in the first
place.
Cat Mara@#3: Your mention of Operation Sundevil and Kevin Mitnick in a previous post made me think
that maybe the reason we haven't seen the kind of leaks from the Russian and Chinese
hacking operations that we've seem from the NSA is that they're running a "Kevin Mitnick
style" operation; that is, relying less on technical solutions and using instead
old-fashioned "social engineering" and other low-tech forms of espionage (like running
troll farms on social media).
I think that's right, to a high degree. What if Edward Snowden was an agent provocateur
instead of a well-meaning naive kid? A tremendous amount of damage could be done, as well
as stealing the US' expensive toys. The Russians have been very good at doing exactly that
sort of operation, since WWII. The Chinese are, if anything, more subtle than the
Russians.
The Chinese attitude, as expressed to me by someone who might be a credible source is,
"why are you picking a fight with us? We don't care, you're too far away for us to threaten
you, we both have loads of our own fish to fry. To them, the US is young, hyperactive, and
stupid.
The FBI is not competent, at all, against old-school humint intelligence-gathering.
Compared to the US' cyber-toys, the old ways are probably more efficient and cost
effective. China's intelligence community is also much more team-oriented than the CIA/NSA;
they're actually a disciplined operation under the strategic control of policy-makers.
That, by the way, is why Russians and Chinese stare in amazement when Americans ask things
like "Do you think Putin knew about this?" What a stupid question! It's an autocracy; they
don't have intelligence operatives just going an deciding "it's a nice day to go to England
with some Novichok." The entire American attitude toward espionage lacks maturity.
On a similar nostalgia vibe, I remember reading an article by Keith Bostic (one of
the researchers who helped in the analysis of the Morris worm that took down a significant
chunk of the Internet back in 1988) where he did a follow-up a year or so afterwards and
some depressing number of organisations that had been hit by it still hadn't patched the
holes that had let the worm infect them in the first place.
That as an exciting time. We were downstream from University of Maryland, which got hit
pretty badly. Pete Cottrel and Chris Torek from UMD were also in on Bostic's dissection. We
were doing uucp over TCP for our email (that changed pretty soon after the worm) and our
uucp queue blew up. I cured the worm with a reboot into single-user mode and a quick 'rm
-f' in the uucp queue.
Thanks. I appreciate your measured analysis and the making explicit of the bottom line:
" agencies, protect their budgets, justify their existence, and downplay their
incompetence."
"In simplified terms, the implants on Supermicro hardware manipulated the core operating
instructions that tell the server what to do as data move across a motherboard, two people
familiar with the chips' operation say. This happened at a crucial moment, as small bits of
the operating system were being stored in the board's temporary memory en route to the
server's central processor, the CPU. The implant was placed on the board in a way that
allowed it to effectively edit this information queue, injecting its own code or altering the
order of the instructions the CPU was meant to follow. Deviously small changes could create
disastrous effects.
The illicit chips could do all this because they were connected to the baseboard
management controller, a kind of superchip that administrators use to remotely log in to
problematic servers, giving them access to the most sensitive code even on machines that have
crashed or are turned off."
"The Intel Management Engine (ME), also known as the Manageability Engine, is an
autonomous subsystem that has been incorporated in virtually all of Intel's processor
chipsets since 2008. The subsystem primarily consists of proprietary firmware running on a
separate microprocessor that performs tasks during boot-up, while the computer is running,
and while it is asleep.As long as the chipset or SoC is connected to current (via battery or
power supply), it continues to run even when the system is turned off. Intel claims the ME is
required to provide full performance. Its exact workings are largely undocumented and its
code is obfuscated using confidential huffman tables stored directly in hardware, so the
firmware does not contain the information necessary to decode its contents. Intel's main
competitor AMD has incorporated the equivalent AMD Secure Technology (formally called
Platform Security Processor) in virtually all of its post-2013 CPUs.
The Electronic Frontier Foundation (EFF) and security expert Damien Zammit accuse the ME
of being a backdoor and a privacy concern. Zammit states that the ME has full access to
memory (without the parent CPU having any knowledge); has full access to the TCP/IP stack and
can send and receive network packets independent of the operating system, thus bypassing its
firewall. Intel asserts that it "does not put back doors in its products" and that its
products do not "give Intel control or access to computing systems without the explicit
permission of the end user."
"... Plus according to Microsemi's own website, all military and aerospace qualified versions of their parts are still made in the USA. So this "researcher" used commercial parts, which depending on the price point can be made in the plant in Shanghai or in the USA at Microsemi's own will. ..."
"... The "researcher" and the person who wrote the article need to spend some time reading more before talking. ..."
"... You clearly have NOT used a FPGA or similar. First the ProASIC3 the article focuses on is the CHEAPEST product in the product line (some of that model line reach down to below a dollar each). But beyond that ... Devices are SECURED by processes, such as blowing the JTAG fuses in the device which makes them operation only, and unreadable. They are secureable, if you follow the proper processes and methods laid out by the manufacturer of the specific chip. ..."
"... Just because a "research paper" claims there is other then standard methods of JTAG built into the JTAG doesn't mean that the device doesn't secure as it should, nor does it mean this researcher who is trying to peddle his own product is anything but biased in this situation. ..."
"... You do know that the Mossad has been caught stealing and collecting American Top Secrets. ..."
"... The original article is here. [cam.ac.uk] It refers to an Actel ProAsic3 chip, which is an FPGA with internal EEPROM to store the configuration. ..."
"... With regard to reprogramming the chip remotely or by the FPGA itself via the JTAG port: A secure system is one that can't reprogram itself. ..."
"... When I was designing VMEbus computer boards for a military subcontractor many years ago, every board had a JTAG connector that required the use of another computer with a special cable plugged into the board to perform reprogramming of the FPGAs. None of this update-by-remote-control crap. ..."
"... It seems that People's Republic of China has been misidentified with Taiwan (Republic of China). ..."
"... Either the claims will be backed up by independently reproduced tests or they won't. But, given his apparent track record in this area and the obvious scrutiny this would bring, Skorobogatov must have been sure of his results before announcing this. ..."
"... Where was this undocumented feature/bug designed in? I see plenty of "I hate China" posts, it would be quite hilarious if the fedgov talked the US mfgr into adding this backdoor, then the Chinese built it as designed. Perhaps the plan all along was to blame the Chinese if they're caught. ..."
"... These are not military chips. They are FPGAs that happen to be used occasionally for military apps. Most of them are sold for other, more commercially exploitable purposes. ..."
"... The page with a link to the final paper actually does mention China. However, it's an American design from a US company. I suspect we will find the backdoor was in the original plans. It will be interesting to see however. ..."
"Today's big news is that researchers have found proof of Chinese manufacturers putting
backdoors in American chips that the military uses. This is false. While they did find a
backdoor in a popular FPGA chip, there is no evidence the Chinese put it there, or even
that it was intentionally malicious.
Furthermore, the Actel ProAsic3 FPGA chip isn't fabricated in China at all !!
1) Read the paper http://www.cl.cam.ac.uk/~sps32/Silicon_scan_draft.pdf
2) This is talking about FPGAs designed by Microsemi/Actel.
3) The article focuses on the ProAsic3 chips but says all the Microsemi/Actel chips tested
had the same backdoor including but not limited to Igloo, Fusion and Smartfusion.
4) FPGAs give JTAG access to their internals for programming and debugging but many of the
access methods are proprietary and undocumented. (security through obscurity)
5) Most FPGAs have features that attempt to prevent reverse engineering by disabling the
ability to read out critical stuff.
6) These chips have a secret passphrase (security through obscurity again) that allows you to
read out the stuff that was supposed to be protected.
7) These researchers came up with a new way of analyzing the chip (pipeline emission
analysis) to discover the secret passphrase. More conventional analysis (differential power
analysis) was not sensitive enough to reveal it.
This sounds a lot (speculation on my part) like a deliberate backdoor put in for debug
purposes, security through obscurity at it's best. It doesn't sound like something secret
added by the chip fab company, although time will tell. Just as embedded controller companies
have gotten into trouble putting hidden logins into their code thinking they're making the
right tradeoff between convenience and security, this hardware company seems to have done the
same.
Someone forgot to tell the marketing droids though and they made up a bunch of stuff about
how the h/w was super secure.
I don't think anyone fully understands JTAG, there are a lot of different versions of it
mashed together on the typical hardware IC. Regardless if its a FPGA, microcontroller or
otherwise. The so called "back door" can only be accessed through the JTAG port as well, so
unless the military installed a JTAG bridge to communicate to the outside world and left it
there, well then the "backdoor" is rather useless.
Something that can also be completely disabled by setting the right fuse inside the chip
itself to disable all JTAG connections. Something that is considered standard practice on
IC's with a JTAG port available once assembled into their final product and programmed.
Plus according to Microsemi's own website, all military and aerospace qualified versions
of their parts are still made in the USA. So this "researcher" used commercial parts, which
depending on the price point can be made in the plant in Shanghai or in the USA at
Microsemi's own will.
The "researcher" and the person who wrote the article need to spend some time reading more
before talking.
The so called "back door" can only be accessed through the JTAG port as well, so unless
the military installed a JTAG bridge to communicate to the outside world and left it there,
well then the "backdoor" is rather useless.
With pin access to the FPGA it's trivial to hook it up, no bridges or transceivers needed.
If it's a BGA then get a breakout/riser board that provides pin access. This is off-the-shelf
stuff. This means if the Chinese military gets their hands on the hardware they can reverse
engineer it. They won't have to lean very hard on the manufacturer for them to cough up every
last detail. In China you just don't say no to such requests if you know what's good for you
and your business.
Not being readable even when someone has the device in hand is exactly what these secure
FPGAs are meant to protect against!
It's not a non-issue. It's a complete failure of a product to provide any advantages
over non-secure equivalents.
You clearly have NOT used a FPGA or similar. First the ProASIC3 the article focuses on is
the CHEAPEST product in the product line (some of that model line reach down to below a
dollar each). But beyond that ... Devices are SECURED by processes, such as blowing the JTAG fuses in the device which makes
them operation only, and unreadable. They are secureable, if you follow the proper processes
and methods laid out by the manufacturer of the specific chip.
Just because a "research paper" claims there is other then standard methods of JTAG built
into the JTAG doesn't mean that the device doesn't secure as it should, nor does it mean this
researcher who is trying to peddle his own product is anything but biased in this
situation.
"Even if this case turns out to be a false alarm, allowing a nation that you repeatedly
refer to as a 'near-peer competitor' to build parts of your high-tech weaponry is
idiotic."
Not to mention the non-backdoor ones.
'Bogus electronic parts from China have infiltrated critical U.S. defense systems and
equipment, including Navy helicopters and a commonly used Air Force cargo aircraft, a new
report says.'
The US military should have a strict policy of only buying military parts from
sovereign, free, democratic countries with a long history of friendship, such as Israel,
Canada, Europe, Japan and South Korea.
Didn't the US and UK governments sell crypto equipment they knew they could break to their
'allies' during the Cold War?
Second problem.... 20 years ago the DOD had their own processor manufacturing facilities,
IC chips, etc. They were shut down in favor of commercial equipment because some idiot
decided it was better to have an easier time buying replacement parts at Radioshack than
buying quality military-grade components that could last in austere environments. (Yes,
speaking from experience). Servers and workstations used to be built from the ground up at
places like Tobyhanna Army Depot. Now, servers and workstations are bought from Dell.
Fabs are expensive. The latest generation nodes cost billions of dollars to set up and
billions more to run. If they aren't cranking chips out 24/7, they're literally costing
money. Yes, I know it's hte military, but I'm sure people have a hard time justifying $10B
every few years just to fab a few chips. One of the biggest developments in the 90s was the
development of foundries that let anyone with a few tens of millions get in the game of
producing chips rather than requiring billions in startup costs. Hence the startup of tons of
fabless companies selling chips.
OK, another option is to buy a cheap obsolete fab and make chips that way - much cheaper
to run, but we're also talking maybe 10+ year old technology, at which point the chips are
going to be slower and take more power.
Also, building your own computer from the ground up is expensive - either you buy the
designs of your servers from say, Intel, or design your own. If you buy it, it'll be
expensive and probably require your fab to be upgraded (or you get stuck with an old design -
e.g., Pentium (the original) - which Intel bought back from the DoD because the DoD had been
debugging it over the decade). If you went with the older cheaper fab, the design has to be
modified to support that technology (you cannot just take a design and run with it - you have
to adapt your chip to the foundry you use).
If you roll your own, that becomes a support nightmare because now no one knows the
system.
And on the taxpayer side - I'm sure everyone will question why you're spending billions
running a fab that's only used at 10% capacity - unless you want the DoD getting into the
foundry business with its own issues.
Or, why is the military spending so much money designing and running its own computer
architecture and support services when they could buy much cheaper machines from Dell and run
Linux on them?
Hell, even if the DoD had budget for that, some bean counter will probably do the same so
they can save money from one side and use it to buy more fighter jets or something.
30+ years ago, defense spending on electronics formed a huge part of the overall
electronics spending. These days, defense spending is but a small fraction - it's far more
lucrative to go after the consumer market than the military - they just don't have the
economic clout they once had. End result is the military is forced to buy COTS ICs, or face
stuff like a $0.50 chip costing easily $50 or more for same just because the military is a
bit-player for semiconductors
You do know that the Mossad has been caught stealing and collecting American Top Secrets.
In fact most of the nations above save perhaps Canada have at one time or another been caught
either spying on us, or performing dirty deeds cheap against America's best interest. I'd say
for the really classified stuff, like the internal security devices that monitor everything
else... homegrown only thanks, and add that any enterprising person who's looking to get paid
twice by screwing with the hardware or selling secrets to certified unfriendlies get's to
cools their heels for VERY LONG TIME.
We investigated the PA3 backdoor problem through Internet searches, software and
hardware analysis and found that this particular backdoor is not a result of any mistake or
an innocent bug, but is instead a deliberately inserted and well thought-through backdoor
that is crafted into, and part of, the PA3 security system. We analysed other
Microsemi/Actel products and found they all have the same deliberate backdoor. Those
products include, but are not limited to: Igloo, Fusion and Smartfusion.
we have found that the PA3 is used in military products such as weapons, guidance,
flight control, networking and communications. In industry it is used in nuclear power
plants, power distribution, aerospace, aviation, public transport and automotive products.
This permits a new and disturbing possibility of a large scale Stuxnet-type attack via a
network or the Internet on the silicon itself. If the key is known, commands can be
embedded into a worm to scan for JTAG, then to attack and reprogram the firmware
remotely.
emphasis mine. Key is retrieved using the backdoor. Frankly, if this is true, Microsemi/Actel should get complete ban from all government
contracts, including using their chips in any item build for use by the government.
I would not be surprised if it's a factory backdoor that's included in all their products,
but is not documented and is assumed to not be a problem because it's not documented.
With regard to reprogramming the chip remotely or by the FPGA itself via the JTAG port: A
secure system is one that can't reprogram itself.
When I was designing VMEbus computer boards
for a military subcontractor many years ago, every board had a JTAG connector that required
the use of another computer with a special cable plugged into
IDG
IDG
4. The automatic update dilemma
11. OneDrive selective sync problem
How To Get Rid Of The "Microsoft Account Problem" Notification
Thomas on May 15, 2021 at 7:36 pm
Bruce Berls on May 15, 2021 at 9:10 pm
Ravindra K. Banthia on March 7, 2021 at 11:47 am
ella on January 8, 2021 at 6:23 pm
dingus on January 5, 2021 at 3:23 pm
Albert van Leeuwen on December 23, 2020 at 3:54 am
Ron Dahl on December 18, 2020 at 9:59 am
Steve on December 18, 2020 at 7:18 am
M Reilrod on December 2, 2020 at 7:26 pm
cristobal molina on October 27, 2020 at 6:48 am
Shah Mohammad Polash on October 21, 2020 at 9:27 pm
k. bouse on October 5, 2020 at 7:29 pm
Billy Rogers on October 13, 2020 at 6:59 pm
WP on September 29, 2020 at 7:14 pm
And being "Linux-bred" as one might say, I did take the chance to disable as many of the unnecessary options in Settings as I felt necessary, and it's still turning up!
Jack Crompton on September 18, 2020 at 3:38 am
Fred Blackstone on September 27, 2020 at 4:41 pm
Marcia on September 8, 2020 at 1:49 pm
Nick on September 7, 2020 at 7:17 pm
Rob on August 17, 2020 at 11:57 am
Tony on August 20, 2020 at 8:11 am
Niamh Peters on August 11, 2020 at 7:17 am
Michael Long on August 13, 2020 at 3:55 pm
Steve Barnhill on August 22, 2020 at 11:08 am
Nancy M on April 14, 2021 at 8:47 am
English on March 30, 2021 at 10:24 am
rmhartman on August 6, 2020 at 10:54 am
David on August 24, 2020 at 5:15 pm
Michael on September 14, 2020 at 10:42 pm
Adam on October 16, 2020 at 6:37 am
John on July 30, 2020 at 10:04 am
mel jeter on August 14, 2020 at 8:01 am
3DClayman on July 28, 2020 at 1:04 pm
HelenH on July 20, 2020 at 7:58 pm
bill harshbarger on July 22, 2020 at 11:52 pm
Bill on July 18, 2020 at 5:35 am
Rdavison on August 12, 2020 at 9:14 am
anon on June 24, 2020 at 3:43 pm
Ken Wyldes on July 10, 2020 at 6:35 pm
baazack chisanga on June 23, 2020 at 10:57 am
Jean Chevalier on June 9, 2020 at 5:18 pm
Jimmy on June 9, 2020 at 5:11 pm
and streaming is actually working so please I need your help now in order for me to open a store
Derek Bell on May 29, 2020 at 6:23 am
Daniel on May 24, 2020 at 10:23 am
Donald Maase on May 16, 2020 at 1:34 pm
David N on May 15, 2020 at 8:14 pm
Gerry on May 12, 2020 at 3:18 pm
Jay on May 8, 2020 at 5:05 pm
Grant Collinsworth on April 23, 2020 at 4:54 pm
tom on July 4, 2020 at 10:08 am
A Binnion on July 6, 2020 at 8:43 am
Jan Roclawski on July 21, 2020 at 5:16 am
Reiko on April 13, 2020 at 5:21 am
Karen E on June 25, 2020 at 8:58 pm
Mark Rosenberg on March 30, 2020 at 4:48 am
neo on March 24, 2020 at 2:32 pm
Daniel on March 6, 2020 at 1:59 am
Tiny Tim on March 1, 2020 at 2:32 pm
Philip Baker on February 25, 2020 at 4:20 am
John Handley on February 20, 2020 at 2:22 pm
RichH on February 1, 2020 at 8:11 am
Jeff on January 29, 2020 at 9:09 pm
Jeff Russell on January 27, 2020 at 8:44 am
Sebastian Helm on January 27, 2020 at 4:53 am
Nigel O. on January 12, 2020 at 2:27 pm
TrevPlatt on January 12, 2020 at 3:03 am
Mike Kovacevic on October 25, 2020 at 4:18 am
Zoe on January 7, 2020 at 5:08 pm
Ron on January 7, 2020 at 11:39 am
James on January 7, 2020 at 1:25 am
Jeffers on December 30, 2019 at 1:40 pm
GNM on December 27, 2019 at 9:26 am
Michael Benton on December 19, 2019 at 4:35 am
Nathan on December 18, 2019 at 10:32 am
Michael GW on December 14, 2019 at 6:58 am
gm on December 9, 2019 at 11:36 am
Gene on December 4, 2019 at 6:14 am
Tim Farley on December 3, 2019 at 4:15 pm
Herb Carruthers on November 19, 2019 at 5:17 pm
Fabienne Wolf on November 19, 2019 at 3:07 am
David Paul on November 14, 2019 at 7:17 am
DIANA on November 13, 2019 at 8:01 am
Izzy on November 9, 2019 at 9:52 am
Gina J on October 31, 2019 at 2:51 am
Popular Articles
CategoriesArchives
Fix Windows 10 Privacy 1.1.1.2
Fix Windows 10 Privacy can disable approximately 130 rules to protect your privacy.
video.ch9.ms /sessions/teched/na/2013/ATC-B308_Russinovich.pptx Stuxnet . Discovered June 2010 after it had spread for year. Exploited 4 zero day Windows vulnerabilities. Print spooler for remote code execution. ... Written by Mark Russinovich andAaron Margosis. Full chapters on the major tools: Process Explorer. Process Monitor. Autoruns.
<img src="https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/01/run-script-file-powershell-remotesigned-windows-10_.jpg?itok=uUp-wanV" width="800" height="600" alt="">
<img src="https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/01/write-host-script-text-powershell_.jpg?itok=RV6AyLZE" width="800" height="454" alt="">
<img src="https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/01/powershell-set-executionpolicy-windows-10.jpg?itok=4_RbekrE" width="800" height="367" alt="">
<img
src="https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/01/run-script-file-powershell-remotesigned-windows-10_.jpg?itok=uUp-wanV"
width="800" height="600" alt="">
<img
src="https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/01/write-host-script-text-powershell_.jpg?itok=RV6AyLZE"
width="800" height="454" alt="">
<img
src="https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/01/notepad-ps1-save.jpg?itok=GebEhNib"
width="800" height="454" alt="">
<img
src="https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/10/create-new-sp1-file-powershell.jpg?itok=WRgzqFRQ"
width="800" height="503" alt="">
<img
src="https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/01/powershell-ise-script-windows-10_.jpg?itok=_90-6cei"
width="800" height="470" alt="">
<img
src="https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/01/save-ps1-ise-script-windows-10.jpg?itok=waXgx8z3"
width="800" height="502" alt="">
<img
src="https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/01/powershell-set-executionpolicy-windows-10.jpg?itok=4_RbekrE"
width="800" height="367" alt="">
<img
src="https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2019/01/running-script-filies-powershell-windows-10_.jpg?itok=NY6tqO2Y"
width="800" height="348" alt="">