Tuesday Morning: Toivo’s Tango

Did you know the tango evolved into a Finnish subgenre? Me neither, and I’m part Finn on my mother’s side of the family. Both my grandmother and great-grandmother spoke Finn at home after their immigration to the U.S., but apparently never passed the language or Finnish music on to my mother and her siblings. The Finnish tango became so popular a festival — the Tangomarkkinat — was established to celebrate it.

The tango makes its way back again, nearly 9000 miles from its origin to Finland, in this music video. The performer featured here is a very popular Argentine tango singer, Martin Alvarado, singing in Spanish a popular Finnish tango, Liljankukka, written by Toivo Kärki. If you search for the same song and songwriter in YouTube, you’ll trip across even more Finnish tango.

Let’s dance…

Police raid in Belgium today
There were more arrests in Belgium today in connection to Paris attack in November. Not many details yet in the outlets I follow, suggesting information is close to the vest; there was more information very early, which has now moved off feeds, also suggesting tight control of related news. A raid in the southern Brussels suburb of Uccle resulted in the arrest of three persons now being questioned. This raid follows the arrest last Friday of Mohamed Abrini, who has now admitted he is the man seen in security camera video as the ‘man in the hat’ observed just before the bombing of the Brussels’ airport. Thus far, intelligence gathered from suspects and locations indicates a second attack had been planned, attacking the Euro 2016 football championship. Worth noting the media has now been reporting only the given name and a family name first initial for some of those arrested recently.

Up All Night growing, annoying some Parisians
This Occupy movement subset called ‘Up All Night’ or ‘Night Rising’ (Nuit debout) has been rallying during evening hours, protesting austerity-driven labor reforms, France’s continued state of emergency after November’s terrorist attacks, and more. The number of protesters has grown over the last 12 days they have taken to the streets, driven in part by the Panama Papers leak. The crowd has annoyed those navigating the area around the Place de la Republique where the Nuit debout gather. (More here on video.)

Upset over Burr-Feinstein draft bill on encryption continues
The Consumer Technology Association (CTA) issued a statement last night conveying their displeasure with this proposed bill which would mandate compliance with law enforcement access to encrypted digital content. The CTA’s 2200 members include Apple, Google, Microsoft, and any consumer electronic technology manufacturer featured at the annual Consumer Electronics Show each year. This formal statement follows a wave of negative feedback from technology and privacy experts since the draft bill was revealed late last week.

Odds and ends

  • Cellebrite makes the news again, this time for a ‘textalyzer’ (Ars Technica) — Huh. What a coincidence that an Israeli company attributed with the cracking of the San Bernardino shooter’s iPhone 5c is now commercializing a device for law enforcement to use on drivers’ cellphones. Do read this piece.
  • DARPA still fighting for relevance with its Squad X initiative (Reuters) — Not a single mention of exoskeletons, but enough digital technology to make soldiers glow in the dark on the battlefield.
  • Microsoft’s director of research calls some of us chickenshit because AI is peachy, really (The Guardian) — Uh-huh. This, from the same company that released that racist, sexist POS AI bot Tay not once but twice. And we should all just trust this stuff in our automobiles and in the military. Ri-ight.
  • Farmers watching more than commodities market and the weather (Fortune) — Chinese IP rustlers are sneaking commercially-developed plant materials back to PRC. Hope the Chinese realize just how likely American farmers are to use firearms against trespassers.
  • CDC’s deputy director on Zika: “Everything we look at with this virus seems to be a bit scarier than we initially thought” (Reuters) — I swear multiple news outlets including WaPo have changed the heds on stories which originally quoted this statement. Zika’s observed destruction of brain cells during research is really distressing; so is Zika’s link to Guillain-Barre syndrome in addition to birth defects including microcephaly. In spite of the genuine and deep concern at CDC over this virus’ potential impact on the U.S., the CDC is forced to dig in sofa cushions for loose change to research and fight this infectious agent. Absolutely ridiculous, like we learned nothing from our experience here with West Nile Virus.

That’s it, off to mix up my tango with a whiskey foxtrot. See you tomorrow morning!

Tuesday Morning: Été Frappé

[graphic: Map of Belgian attacks 22MAR2016 for Le Monde via Eric Beziat]

[graphic: Map of Belgian attacks 22MAR2016 for Le Monde via Eric Beziat]

Whatever I was going to write today has been beaten into submission by current events.

Woke up to news about alleged terror attacks in Belgium — social media was a mess, a deluge of information with little organization. Best I can tell from French language news outlets including Le Monde, the first attack was at 8:00 a.m. local time at the Zaventem Airport just outside Brussels. The second attack occurred at the metro station Maelbeek at 9:11 a.m. Both attacks appeared use bombs, unlike the Paris attack this past year — two at the airport, one at the metro. Reports indicate 15 deaths and 55 seriously injured so far.

A third explosion reported in the city at a different location in the city of Brussels has been attributed to the controlled detonation of a suspicious package after the second attack.

In the time gap between the two attacks, one might suppose many law enforcement and military would have gone to the airport to respond to the first attack. Was there synchronization by planned schedule, or was there coordination by communication?

However, communications may have been difficult as telecom networks were quickly flooded. How soon were the telecom networks overloaded? Or were the networks throttled for observation? We may not ever know.

It’s worth reexamining what Marcy wrote about the communications found after Paris attack (here and here). It may be relevant if the same practices were used by the attackers in Brussels.

Important to note that Paris terror attack suspect Salah Abdeslam was arrested March 18 in a raid in Brussels. He is believed to have transported several of the attackers to the Stade de France just before the November 13 attack. Abdeslam may have been one of several suspects who fled from another earlier raid during which another suspect was killed.

Still working on the order issued late yesterday vacating today’s planned hearing on #AppleVsFBI. The order is here.

UPDATE — 9:30 a.m. EST — Marcy will be posting in a bit about the #AppleVsFBI hearing that wasn’t.

Another interesting story that broke in France today: French Supreme Court affirmed a previous lower court decision which ruled legal the wiretapping of former president Nicolas Sarkozy. Sarkozy has been under investigation for various forms of influence peddling since 2010, including receipt of campaign funds from Libya’s Muammar Gaddafi in 2007.

UPDATE — 1:00 p.m. EST/5:00 p.m. London/6:00 p.m. Brussels, Paris —

Now into the post-emergency recovery stage — all manner of political functionaries and talking heads have offered their two bits on this morning’s attacks. Three days of mourning have been declared in Belgium. Pictures of the alleged bombers at the airport taken by security video camera have now been published. The airport attackers detonated their weapons in the pre-security check-in area. 34 deaths have now been reported as a result of the attacks for which ISIS has now claimed responsibility. Across the Channel, the UK remains on alert for multiple attacks after last week’s raid in Brussels; UK travelers have been discouraged from traveling to Brussels.

Timeline (via Agence France-Presse)

22 mars Peu après 09h00/22 March Shortly after 9:00 a.m.
Explosion dans la station de métro Maelbeek.
Explosion in the Maelbeek metro station.

22 mars 08h00/22 March 8:00 a.m.
Deux explosions a l’aeroport. Possible kamikaze.
Two explosions at the airport. Possible suicide bomber.

21 mars/21 March
[Suspect] Najim Laachraoui, dont l’ADN a été retrouvé sur des explosifs, identifié et activement recherché.
Najim Laachraoui, whose DNA was found on explosives, identified and actively sought.

18 mars/18 March
Salah Abdeslam arête à Molenbeek.
Abdeslam Salah arrested in Molenbeek.

15 mars/15 March
Fusillade, quartier Forest – Mohammed Belkaid, lié aux auteurs de attentats de Paris du 13 novembre est tué. Empreintes de Salah Abdeslam retrouvées.
Shooting, Forest district – Mohamed Belkaid, linked to Paris attack planners of November 13, killed. Footprints of Salah Abdeslam found.

Reagan? No, Regin — Yet Another [GCHQ] Intelligence Malware

Recently, computer security firm Symantec reported discovery of another intelligence-gathering malware, dubbing  it “Regin.”

What’s particularly interesting about this malware is its targets:

  • It infected computers in Afghanistan, Austria, Belgium, India, Iran, Ireland, Mexico, Pakistan, Russia, Saudia Arabia;
  • At 48% of total infections, the largest group of targets were private individuals and small businesses.

Please do read Symantec’s blog post and its technical paper on Regin to understand how it works as well as its targets. Many news outlets either do not understand malware and cybersecurity, or they get facts wrong whenever major malware attacks are reported. Symantec’s revelation about Regin is no different in this respect. offers a particularly exceptional example distorting Symantec’s report, claiming “Ireland is one of the countries worst hit globally by a dangerous new computer virus that spies on governments and companies, according to a leading technology firm.”

If by “worst hit,” they mean among the top four countries targeted by this malware? Sure. But only 9% of the infections affected Irish-based computers, versus 28% of infections aimed at Russian machines, and 24% affecting Saudi machines. The’s piece reads like clickbait hyperbole, or fearmongering, take your pick.

What wasn’t addressed by the and numerous other outlets, including those covering the tech sector are some fundamental questions:

  • What assets or activities might the targeted countries have in common that would make them targets of a single intelligence operation organized by one or more nation-states?
  • What are so many private individuals and small businesses targeted by this malware, in contrast to other malware-based intelligence-collection operations seen to date?

The Guardian came closest to examining these issues, having interviewed researchers at computer security firm F-Secure to ask the origins of the malware. As of 24-NOV-2014, the firm’s Mikko Hypponen speculated that the US, UK, and/or Israel were behind Regin’s development and deployment.

As of the video embedded above, Hypponen firmly says the UK’s intelligence entity GCHQ is behind Regin, in particular the malware’s invasion of a Belgian telecom network (see video at 07:20). Read more