Tuesday Morning: Changing the Tenor

/17 Comments/in , , , /by

Once in a while, I indulge in the musical equivalent of eating chocolate instead of a wholesome meal. I’ll listen to my favorite tenors on a continuous loop for an afternoon. I have a weakspot for Luciano Pavarotti and Franco Correlli, though the latter isn’t one of the Three Tenors.

Speaking of which, this video features a really bizarre event: the Three Tenors performing at Los Angeles’ Dodgers Stadium in 1994. Poppy and Barbara Bush are there in the audience, too. What a supremely odd venue! And yet these guys did a bang up job in such a huge, open space. Pavarotti’s Nessun Dorma at ~1:05 is my favorite cut, but it’s all fun.

Now let’s change the tenor…

Former Microsoft CEO Bill Gates sides with FBI against Apple
Gates isn’t the best salesman for this job, promoting compelled software. Given Gates’ role as technology adviser to Microsoft’s current CEO Satya Nadella, how persistently invasive Windows 10 is, and Microsoft software’s leaky history, Gates comes off as a soldato for USDOJ. Do read the article; it’s as if Gates was so intent on touting USDOJ’s line that he didn’t bother to read any details about USDOJ’s demands on Apple.

UPDATE — 10:25 AM EST — Poor Bill, so misunderstood, now backpedaling on his position about Apple’s compliance. This, from a Fortune 100 technology adviser…~shaking my head~

Gates talks out of the other side of his face on climate change
Unsurprisingly, Bill Gates also looks less than credible when he pleads with students for an ‘energy miracle’ to tackle climate change. This is shameless: first, guilt-tripping minors in high school, second for the blatant hypocrisy. The Bill and Melinda Gates Foundation continues to hold investments in ExxonMobil, BP, and Shell because of their yields. Not exactly a commitment to alternative energy there. How’s that investment strategy working for you now, Gates?

Fossil fuel-based industries: wall-to-wall bad news
Speaking of crappy investments in dirty hydrocarbons, conditions are just plain ugly.

Office of Personnel Management’s CIO steps down
Donna K. Seymour stepped down from her role, the second OPM management team member to leave after the massive hack of U.S. government personnel records. She was scheduled to appear before Congress this week; that hearing has now been canceled by House Oversight and Government Reform Committee chair Jason Chaffetz. Huh. That’s convenient. Wonder if she would have said something that reflected badly on a previous GOP administration? This bit from the linked article is just…well…

FBI Director James Comey called the hacks an “enormous breach,” saying his own data were stolen. U.S. authorities blamed China, which strongly denied the accusation before it said in December that it had arrested several “criminal” Chinese hackers connected to the breach.

Wow, I wonder what China could do if they had access to every U.S. government employees’ iPhone? Anybody asked Comey what kind of phone he carries?

That’s a wrap. I’m off to listen to something sung in a sweet tenor voice.

Share this entry

Monday Morning: Let’s Mambo

/9 Comments/in , /by

When your Monday begins to drag — and you know it will at some point — put on a little mambo.

Especially Perez Prado‘s Mambo Number 5 and Mambo Number 8. They’ll spice up your day, get it back on track. There are some more recent covers and mashups of Prado’s mambos, but they just aren’t the same as the originals.

Be careful where you play this stuff; it’ll make your mother or grandmother move in ways you may not want to watch.

Let’s cha-cha-cha…

“Damn it Jim, what the hell is the matter with you?”*
FBI-Comey_TakeADeepBreath_21FEB2016
FBI was still trying to dig itself out of a hole on Saturday evening, resorting to damage control mode yesterday. Note, though, Director James Comey’s statement at Lawfare and subsequent coverage at the Los Angeles Times don’t mention at all the screwed up handling of San Bernardino shooter Syed Farook’s iPhone. Take that deep breath, then save it to cool your soup, eh?

So I’m following the map that leads to you
Nope, not Maroon 5, but Facebook’s Connectivity Lab, building a map of the network it claims will help it understand how best to reach populations with poor to no internet. A map, to people not on the map? Creepy, like a stalker ex-boyfriend with global reach. Can’t wait for the conditions by which the U.S. government claims it needs access to that.

Radioactive materials gone walkabout in Iraq now found
This is a strange story. Not the part about a testing device containing radioactive Ir-192 used by a Turkish oil pipeline inspection services company that went missing in November but not reported by media until last week, or the part where the device turned up this weekend, dumped by a gas station. Nor even the odd description of the discovery:

“A passer-by found the radioactive device dumped in Zubair and immediately informed security forces,” the chief of security panel in Basra provincial council, Jabbar al-Saidi, said.
“After initial checking I can confirm the device is intact 100 per cent and there is absolutely no concern of radiation.”

What’s strange is the coverage of this story: picked up by mostly conservative outlets, not widely covered in large news outlets. Huh. Weird. Pick out some key words from the story and do a search yourself, compare to coverage on other stories. Heck, it doesn’t even show up on Reuter’s Middle East and Africa site this morning, though they first broke the story.

Not-so-happy anniversary, Q-1 Predator drone
15 years now this death-from-the-sky has been in use. Sadly, it’s become embedded in our culture now.

All right, time to set this aside and put on my dancing shoes. ¡Vamonos! ¡Baile!

* gratuitous Star Trek quote, Dr. Leonard “Bones” McCoy to Captain James T. Kirk.

Share this entry

Friday Morning: All That Jazz

/38 Comments/in , , , /by

If you have to ask what jazz is, you’ll never know. — Louis Armstrong

It’s Friday. Don’t ask, just play.

If you thought FBI vs Apple was part of a plan to break Silicon Valley on encryption, it was
This will be the big buzz today: a secret “decision memo” reveals the government set out to access encrypted user data while putting on a good front about its relations with software companies. No information available about the source (or timing) of the memo; wouldn’t it be ironic if this secret memo had been hacked from a smartphone user’s data?

The Atlantic looks at the government’s attempt to force Apple to write code for their purposes as conscription. The secret memo bolsters this argument.

Looks like Apple may also claim the government is compelling speech. They’ve pulled out the big guns by hiring lawyers Ted Olson and Theodore Boutrous to work on this case.

Whiny telcos upset with Facebook eating their lunch with WhatsApp messaging
Like they couldn’t have seen this coming? Telcos in parts of the world like Central America and Europe have long charged uncompetitive rates for poor messaging service. Enter Facebook, which snapped up WhatsApp and integrated the messaging app in its social media platform. Facebook members now have a free messaging platform that works almost globally. The telcos are now upset that Facebook has eaten their text messaging profits. ¡Qué lástima! Though I admit I wonder if part if this grousing is really a front for governments who don’t like WhatsApp’s threat to intelligence access via telcos’ messaging services.

Citigroup’s Corbat gets a 27% pay increase
Too Big to Fail pays very well, for a very few. For Citigroup’s CEO Michael Corbat, it pays roughly $16.5 million this past year, up from $13 million the previous year. Corbat’s raise rewards him for Citibank’s improved fortunes, based in part on cutting less profitable businesses — like exiting retail banking in Argentina and Brazil.

Mercedes sued for not-so-clean diesel emissions
In a slightly different situation than with automaker VW, Daimler’s Mercedes is accused of selling diesel powered vehicles that do not meet emissions standards at low temperatures. The lawsuit was filed yesterday in New Jersey by a vehicle owner in Illinois, based on information published in Der Spiegel and the results of a study conducted by independent testing agency TNO for the Dutch Ministry of Infrastructure and the Environment. The problem at the heart of the suit:

“…the device in Mercedes’s diesel models turns off pollution controls at temperatures below 50 degrees Fahrenheit (10 Celsius), allowing the autos to violate emissions standards, according to the complaint.”

Mercedes did not disclose to buyers that its BlueTec technology, a system relying on use of urea-based NOX reduction, emitted NOX levels well above emissions standards at low temperatures. I would not be surprised to see more cases soon against Daimler and its Mercedes brand as BlueTec technology has been used in both passenger vehicles and commercial trucks for most of the last ten years.

On our mind: SKYNET
We haven’t forgotten the issue of U.S. military killing innocents *Oops!* from the sky based on metadata. Worth reading:

A “machine learning algorithm”? Imagine this in self-driving cars, hijacked via backdoors by hackers and governments. The ethics behind this technology must be widely debated in public now, before it moves beyond its already-abused role in drone-based warfare.

Should be an entertaining Friday; watch for government spokespersons to indulge in a lot of fancy-footwork jazz today.

Share this entry

Thursday Morning: Number 49

/38 Comments/in , , /by

Name day of Saint Simon (Simeon), and Greek name day for Leon and Agapitos, it’s also the 49th day of the year, only 317 more to go. Make the best of it, especially if your name is Simon, Leon, or Agapitos.

Hollywood hospital paid ransom — $17K in bitcoin, not millions
See the official statement linked in this updated report. Speed and efficiency drove the payment. Given the difference between the original amount reported and the amount paid in ransom, one might wonder if there was a chaining of devices, or if many less important devices will be bricked.

Laser pointed at Pope Francis’ plane over Mexico
Someone pointed a laser at the Pope’s flight just before it landed in Mexico City yesterday, one of the highest profile incidences of “lasering” to date. The incident follows an international flight forced back to Heathrow on Monday after one of its pilots suffered eye injury from a laser. Thousands of laserings happen every year; it’s illegal in the U.S. and the U.K. both, but the U.S. issues much stiffer penalties including fines of $10,000 and prison time. If Mexico doesn’t already treat lasering firmly, it should after this embarrassing and threatening incident.

Air strike on Doctors Without Borders/Médecins Sans Frontières’ Syrian hospital spurs call for investigation
It’s absolutely ridiculous how many MSF medical facilities have been hit air strikes over the last year, the latest west of Aleppo in Syria. MSF has now called for an independent investigation into this latest attack which killed nine medical personnel and more than a dozen patients. This particular strike is blamed on the Syrian government-led coalition, but Russia and the U.S. have also been blamed for attacks on MSF facilities this year, including the hospital in Kunduz, Afghanistan last October. You’d think somebody had it out for MSF specifically.

Is China rousing over Korean peninsula escalation?
Tension spawned by North Korea’s recent nuclear test, missile and satellite launches, as well as South Korea’s pull back from Kaesong industrial complex and U.S. F-22 flyovers have increased rhetoric in media.

Just as it is in the U.S., it’s important to note the origin and politics of media outlets covering China. GBtimes, for example, covers Chinese stories, but from Finland. ~head scratching~

All Apple, all the time
A huge number of stories published over the last 24 hours about Judge Sym’s order to Apple regarding unlocking capability on San Bernardino shooter Syed Farook’s iPhone.

I wonder if this is really a Third Amendment case, given the lack of daylight between the FBI and the U.S. military by way of Joint Terrorism Task Force involvement, and the case at hand in which a non-U.S. citizen’s illegal activities (Farook’s wife Tashfeen Malik) may have triggered related military counterterrorism response. Has the U.S. government, by demanding Apple create code to permit unlocking the shooter’s iPhone, insisted on taking private resources for government use? But I’m not a lawyer. What do I know?

That’s it for now. Thursday, February 18th is also “Teen Missed the Bus Day”; ‘Agapitos’ he is not at the moment. Kid’s going to owe me some time helping with the next morning post.

Share this entry

Wednesday Morning: Quelle couleur est-ce?

/20 Comments/in , /by

I think vestigially there’s a synesthete in me, but not like a real one who immediately knows what colour Wednesday is. — A. S. Byatt

A lot of people will ask what day it is today, but few will ask what color.

Ed Walker put up a great post late last evening, one that deserves more oxygen. Do check it out.

Hospital held hostage for millions by ransomware
Hey Hollywood! A hospital in your backyard has been “infected” with ransomware, their enterprise system tied up until administration coughs up $3.6 million.* Didn’t see that coming, huh? Law enforcement is involved, though if they haven’t managed to resolve other smaller ransomware attacks, they won’t solve this before it critically affects patients’ care.

This is a pretty good (if unfortunate) example of business continuity crisis. Remember Y2K and all the hullaballoo about drills and testing for enterprise failure? We still need that kind of effort on a regular basis; how do you run your biz if all electronics go dark, for any reason?

(* US articles say $3.6M; CAN article linked says $5M. Currency difference, or an increase in the demand?)

Google found critical vulnerability in GNU C Library
CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow” Huh? What? If you read Google’s blog post about this yesterday, you were probably scratching your head. Some Googlers struggle with writing in plain English. Here’s what tech news outlets interpreted from that google-degook:

Ars Technica: “Extremely severe bug leaves dizzying number of software and devices vulnerable
BBC: “Glibc: Mega bug may hit thousands of devices
Threatpost: “Critical glibc Vulnerability Puts All Linux Machines at Risk

In a nutshell, if you’re running Linux, patch your systems, stat.

Petroleum’s still a problem

  • Iran’s not going along with Saudi-Russia-OPEC agreement on oil production limits. Iran wants to return to pre-sanction production levels before it makes any concessions.
  • Oil glut and tanked prices creates secondary challenges. Saudi’s youth now have entirely different prospects for employment now that oil cannot guarantee national wealth or careers with good pay. Will this cause political volatility in RSA? Wonder what will happen in smaller oil-producing countries like Venezuela and Ecuador?
  • Weird outliers buck trend: Indian oil producer Chennai had a strong Q3, and First American Bank more than doubled its stake in oil development firm Anadarko. Neither of these stories make sense when oil prices have and are plummeting and show no solid sign of improvement in the next year-plus.

TBTF is still too TBTF
Neel Kashkari, Minneapolis Fed Reserve president, called for the breakup of Too-Big-to-Fail banks yesterday, as they are still a risk to the economy. Didn’t see that coming from a fed president, especially Kashkari.

Biggest tech story today: Judge ordered Apple to help hack San Bernadino gunman’s phone
Apple’s been fighting government pressure on backdoors to its products. The fight intensified after federal judge Sheri Pym ordered Apple to cooperate with the FBI to unlock encryption on a county-owned phone used by San Bernadino gunman Syed Farook. Begs the question why any government agency — local, state, or federal — would ever issue a phone with encryption the government could not crack in the first place. Seems like one answer is a government- and/or business-specific encryption patch to iOS: [IF phone = government-issued, THEN unlock with government-issued key]. Same for business-issued phones. Your own personal phone, not issued by a government agency or business? No key, period.

Phew. That’s enough for a Wednesday. Hope we can coast downhill from here.

Share this entry

Tuesday Morning: I Don’t Want It Good

/18 Comments/in , /by

I don’t want it good. I want it Tuesday.
— Jack Warner

Pretty sure Mr. Warner would get it just the way he wanted it today.

Surprise: Saudis and Russia agree mutual economic destruction = bad
Expect a rocky market today after a hush-hush agreement by Saudi Arabia and Russia to hold oil production levels to January levels. The FTSE and Brent crude have already taken a hit, though why Brent’s price dropped when supply firmed/tightened makes no sense to me. Good thing I’m not a commodities broker.

Predictable outcome: Dropbox account hacked, contents posted, then teacher fired
I feel awful for this poor teacher, whose privacy was violated and his job lost after someone hacked his Dropbox account, then posted a personal sex tape on his school’s website. Unfortunately, this is another painful real-life lesson: Do NOT store content in the cloud if the content hurt you if leaked.

Shaken by a quake? There’s an app for that
UC Berkeley Seismological Lab released an Android app called MyShake. The application detects vibration fitting earth tremor profiles and reports them to the lab for diagnostics. Enough data combined with other seismic monitoring can confirm an earthquake. The Seismological Lab hopes to build a global seismic detection network which can help detect earthquakes before they begin. With enough advance notice, humans may be able to reduce damage and injury. The Lab says the app runs silently in your phone’s background and doesn’t use up the battery, but this seems like an impossibility. Only one way to find out, though, and only one way for the lab to improve the app’s performance. An iOS version is expected in the near future.

Volkswagen fined by Mexico over emissions — but not the defeat device
Looks like VW imported more than 45,000 vehicles into Mexico without dotting all the Is and crossing all the Ts. The automaker has been fined nearly $9 million dollars (168 million pesos) for failing to obtain mandatory emission and noise certifications. Sounds like VW needs to overhaul its management culture.

Air-gapped computers may not be safe from hacking
A team of researchers from Tel Aviv University and Technion identified a means for hacking air-gapped computers in a completely separate room in order to snag data. Their method only required an antenna, amplifiers, a software-defined radio, and a laptop to measure electromagnetic waves created by a target computer as it deciphered a specific message.

There it is: it ain’t good, but you’ve got it on a Tuesday.

Share this entry

Monday Morning: Fair of Face

/18 Comments/in , , /by

Eh. Not so much. I can’t think of many working folks who greet Monday morning with joy, finding it a beautiful thing. But according to old English folk tales, a Monday birthday was supposed to bring better luck.

What good luck will today bring?

Dripping blood tips off discovery of dead body and millions in currency on plane
Reads like a murder-mystery novel, right? Except that this happened Sunday in Zimbabwe at Harare International Airport. Airport staff noticed blood leaking from the plane during refueling, after which an investigation began, revealing a dead body inside the plane and millions in South African rand on board. The plane was registered to Western Global Airlines of Florida and had been flying from Germany to South Africa. What are the odds we never hear of this plane, the body, or the currency again?

Volkswagen chief knew in 2014 U.S. would investigate; Germany wants spot checks
From scandals like Watergate, the U.S. knows the coverup is often worse than the crime. Looks like Volkswagen will learn this, too. Martin Winterkorn, VW’s former CEO, knew in May 2014 that U.S. officials suspected emissions controls defeat devices in VW’s diesel passenger vehicles. BUT…this is not quite news, as the study revealing VW’s non-compliant emissions were reported in May 2014, in a public forum, where VW asked about the results. What did Winterkorn know, and when did he know it?

Germany’s Transport Minister Alexander Dobrindt said yesterday, “There will be controls on vehicles in the style of doping tests (for athletes), …Unannounced and every year.” Dude. Come on. The defeat device evaded random tests in U.S. states like California. Random spot checks will NOT ensure emissions controls work. Only random road tests capturing real world driving outputs will do that. Dobrindt said a draft proposal outlining the test measures would be submitted to the Bundestag on Thursday. Will the lower parliament get wise to this problem?

British teen arrested for the hack on FBI, DHS, CIA director’s email, more
“I am innocent until proven guilty so I have nothing to be worried about…They are trying to ruin my life,” the 16-year-old said after his arrest last week. The most recent hack the teen is accused of included the “leak” of 30,000 FBI and DHS personnel contact information. He’s accused of being a member of Crackas With Attitude (CWA); CWA has said the hacking of CIA director Brennan’s email was “so easy to hack Brennan that ‘a 5-year old’ could have done it.” Doesn’t sound like mad hacking skillz required to pose a threat to law enforcement.

UK’s Investigatory Powers Tribunal said hacking devices by intelligence doesn’t violate human rights
British Foreign Secretary Philip Hammond believes the IPT’s ruling last week is fair, but of course, he would. The case pressed by Privacy International forced the UK’s intelligence agency GCHQ to reveal the use of mass surveillance using computer network exploits (CNE). The case can’t go any further in the UK, but could be reviewed in the EU. Wonder if these same CNE were deployed to identify the 16-year-old teenager charged with hacking Brennan?

From Department of Creepy Spouses: Man + Wife’s FitBit Data + Reddit = PG
A man asked a Reddit forum about wife’s unusual FitBit data and learned she’s pregnant. I would kick this butthead to the curb so fast if he’d been my spouse. Talk about a violation of privacy, let alone a breach of intimacy between married partners. I can only imagine how this discovery will influence hackers snooping wearable devices.

Not looking like good luck today after all. Perhaps better luck tomorrow?

Share this entry

Friday Morning: It’s Five Somewhere

/5 Comments/in , , , /by

This week has been really long. Painfully dragged out. Mid-week snowstorm probably didn’t help. But here we are, survivors with another week and yet another Presidential campaign debate under our belts.

I’ll keep it short and snappy given how much ugly we’ve been through.

Your information security is only as good as the stupidest person on staff
“Hello, FBI? I’m new here and I don’t have my code. Can you help a girl out?” No joke, that’s about all it took for one unnamed hacktivist to get inside the FBI. And yet the FBI demands backdoors into all mobile devices. I can’t even…

Meet your new immortal overlord: Your self-driving car
This first graf scares the crap out of me:

The computer algorithms that pilot self-driving cars may soon be considered the functional equivalents of human drivers. That’s the early opinion of the National Highway Traffic Safety Administration—and so begins our slow-burn acquiescence in the battle of man versus machine.

And not even for the reasons that PC World’s editor-in-chief Jon Phillips outlines in his editorial. If a governmental agency recognizes an algorithm as equal to a human, how long before humans are actually subordinate to artificial intelligence?  It’s bad enough corporations — legal constructs — have nearly the same rights as humans and can live forever. This needs to die on the vine right now — especially since Google is ramping up hiring for its line of self-driving cars.

Speaking of Google…

Busy week on Zika front

Media commentator Douglas Rushkoff interviewed on digital society

You left Facebook in 2013. How is that working out for you?

Professionally, I’m thinking it may be good for one’s career and business to be off social media altogether. Chris Anderson was wrong. “Free” doesn’t lead to anything but more free. Working for free isn’t leverage to do a talk for loads of money; now they even want you to talk for free. What am I supposed to do? Join YouTube and get three cents for every 100,000 views of my video? That is crap; that is insane! …

A worthwhile read, give it a whirl when the dust begins to settle.

Here’s hoping the weekend moves as slowly as this week did. Huli pau!

Share this entry

Thursday: Thunder Much

/10 Comments/in , /by

[image: Thor's Battle Against the Jötnar by Mårten Eskil Winge, c. 1872, via Wikimedia]

[image: Thor’s Battle Against the Jötnar by Mårten Eskil Winge, c. 1872, via Wikimedia]

It’s Thor’s Day, the Norse god of thunder’s day. This dude has a really poor selection of images available until the 20th century, and most are commercial. Doesn’t say much about his powers, does it.

Speaking of powers, mine are tapped out. I have a massive, partially-completed timeline on the Flint water crisis scheduled to post at 9:00 a.m. EST. When you see it, you’ll understand why my thunder’s depleted. I’ll throw a couple eye-catching items here for now; use this as an open thread.

In case I forget: Skål!

North Korean military chief executed for corruption
NK’s execution of Army General Ri Yong-Gil seems really oddly timed within a week of NK’s satellite launch. Makes one wonder if the launch and the execution were related. The termination is attributed to Kim Jong-Un’s continued efforts at retaining power.

Hundreds of thousands of stolen Social Security numbers used to attack IRS
Where the heck did hackers get 464,000 Social Security numbers? And how the heck did they use 101,000 of them to hammer away at the IRS to obtain e-pin number for filings? The IRS says no one’s personal taxpayer data has been compromised, nor were any filings messed up in this automated mass attack last month.

Comcast pleads with ISP customers in Atlanta
Looks like somebody’s nervous about Google Fiber coming to Atlanta, cutting into their broadband market. A pity, that, should have offered better customer service and more competitive pricing. If Comcast had already delivered these, there’d be no reason for Google to bother in that market.

Absolut-ly profitable year ahead for Pernod Ricard
Huh. I guess it makes sense, with the world in such upheaval that booze would be profitable. Pernod Ricard’s projections of one to three percent growth this year remain unchanged as the second-largest distiller in the world names a new leader for its North American business.

By Thor’s hammer…it’s tequila time somewhere. What’s the old Norse word for booze?

Share this entry

Wednesday Morning: Ashes to Ashes

/19 Comments/in , , /by

It’s your second morning-after this week, this one launching the countdown on Christian calendars to Easter. I’m a lapsed Catholic, but we do observe Lent in my household. My agnostic son resists, but I’ve explained this is an opportunity to be mindful about others’ experience of going without. We are privileged to choose to give up, and we consciously recognize it by Lenten observation. Some choices we make, like giving up meat and sugar, are beneficial for us, but it’s still the luxury of choice when others are forced to simply suffer without recourse.

This year we will be mindful of water. We take it for granted every time we turn on the faucet. Yet our brethren go without in nearby Flint, in spite of water’s essential nature to life. I’ll donate the money I would have spent on 46 days of meat-based meals to Flint’s United Way Water Fund and the Food Bank of Eastern Michigan, as both organizations are helping distribute water and filters to Flint residents. Last night’s Boil Water order issued because of a water main break only underlines the difficulties Flint’s residents will face until the entire water system is replaced.

Dept of Duh: Director of National Intelligence says Internet of Things can be used to spy
NO! Say it isn’t so! Like it never occurred to us that any device attached to the internet, including the growing number of WiFi-enabled household appliances, might be used to spy on us.

Volkswagen recalls cars — and not because of emissions
VW didn’t need more trouble; this time, it’s not the German car makers’ fault. 680,000 VW-branded vehicles are being recalled because of Takata-made airbags which may be defective. TAKE NOTE: Mercedes-Benz models were also recalled yesterday.

Toyota, Honda, Acura, BMW, Nissan, Subaru, GM, Ford, Chrysler, and Daimler also issued recalls over the last two years for the very same reason — defective Takata-made airbags. See this article for a running timeline of events related to the recalls as well as a list of affected vehicles (to date).

Attacking the grid? Try a squirrel first – hacking is much harder
A honeypot mimicking an energy management system demonstrated the challenge to hackers trying to crash a power grid. Dewan Chowdhury, MalCrawler’s founder, spoke at Kaspersky Lab security Analyst Summit about the knowledge set needed to attack energy systems:

“It’s extremely difficult. You’ can’t just be a NSA or FSB hacker; you need an electrical engineer on board to weaponize attacks and figure out what’s going on … When it comes to weaponization, you need a power substation engineering who knows what needs to be done and tested.”

After reading about Chowdhury’s presentation, I have two caveats. The first is the notion that an “electrical engineer” or a “power substation engineer” is required. Many non-degreed workers like electricians and technicians are familiar with computers, networks, and SCADA equipment. The second is this bit:

The groups had access to the HMI, which would allow them to manipulate the grid, but Chinese, U.S., and Russian groups, he said, stick to a gentlemen’s agreement and leave the grid alone. Middle Eastern actors, however, will try to perform control actions to sabotage the grid.

A “gentlemen’s agreement”? When do the gloves come off? When one of these actors align with a Middle Eastern actor?

Global disaster — how would you respond?
In case a mess of squirrels are deployed to take down the world’s power grids, one might need to know how to deal with the inevitable meltdown of services. Johns Hopkins Center for Civilian Biodefense Strategies modeled a global disaster in 2013 by way of a simulation game. The results were predictable:

What they discovered was that the country was ill prepared to cope. Within two weeks there would be enormous civilian casualties, a catastrophic breakdown in essential institutions, and mass civil unrest. Food supplies, electricity and transport infrastructures would all collapse.

International security scholar Dr. Nafeez Ahmed was asked how people should respond; he offered a nifty guide, outlined in six points.

But disaster isn’t always global, and current cases show our gross inability to respond to limited disasters. Flint, for example, already struggles with running water, item number three on Dr. Ahmed’s list. Conveniently, Flint doesn’t necessarily rely on government or law enforcement (item number four) because neither responded appropriately to the ongoing water crisis. What remains to be seen is whether Flint will muster long-term self-sufficiency (item number six) as government and law enforcement continue to let them down.

Speaking of Flint, I wonder how today’s Democratic Steering and Policy Committee hearing on Flint’s water crisis will go, as Michigan’s Governor Rick Snyder declined to appear.

“Don’t necessarily trust the government or law enforcement” in global disaster, indeed.

Share this entry