Posts

Monday Morning: The Urge to Merge

/6 Comments/in , /by

In my eyes, indisposed
In disguises no one knows
Hides the face, lies the snake
The sun in my disgrace

— excerpt, Black Hole Sun by Soundgarden

Looks like this week is all about mergers. Enjoy this simulation on replay several times while listening to Soundgarden’s Black Hole Sun while we dig in.

Roll Call

  • Yahoo’s vulnerability brings all the nasty suitors to the yard (MarketWatch) — If Daily Mail wins, Yahoo will be one massive tabloid, and Tumblr will become a cesspool. Bidding’s open until next Monday; what other potential buyers may emerge this week?
  • Big names in hotels to join after shareholders approve Marriott offer for Starwood Hotels (UPI) — The vote came last Friday after Chinese insurance holding group Anbang withdrew from bidding.
  • Merger of beer producers SABMiller and A-B InBev still in holding pattern (Milwaukee Business Journal) — The deal is languishing for approval by South Africa’s Competition Commission. Part of SABMiller was once South African Brewing.
  • UK balks at Hutchins and Telefonica tie up (Reuters) — Cousins across the pond better watch out; this proposed merger, even if shot down by regulators, portends another telecom marriage ahead. With UK’s Competition and Markets Authority recommending a spin-off of either Three Mobile or O2 mobile network business in order to approve the deal, a divestment of one of these may happen anyhow.

The Yahoo and Hutchins-Telefonica deals bear scrutiny for their potential for mass surveillance depending on how the proposals play out. Yahoo could end up operating under UK laws, and some part(s) of either Hutchins or Telefonica could end up with a non-UK or non-EU partner.

All of these proposed mergers were in the works before the Panama Papers were released; none them appear to be motivated solely by tax reduction, but instead by economies of scale and weak market conditions. It’d be nice if executives of all companies raking in profits realized that failing to pay their hourly workers well has a direct impact on overall market demand. Their businesses could retain autonomy instead of spending time and money on M&A they could spend on employees’ wages.

Speaking of Panama Papers: revelations still shaping policy and politics

  • U.S. Treasury still working on tax rules to reduce tax avoidance and evasion by offshoring (Bloomberg) — Many large holding company structures use intra-group loans to move money out of the U.S. The new rules which may limit these moves may affect not only U.S. corporations but foreign corporations with subsidiaries in the U.S.
  • UK’s PM David Cameron facing heat about tax avoidance strategies used by his family (Scotsman) — Strategies included a tax-free gift of 200,000 pounds to Cameron from his mother. He is supposed to appear before Parliament for questioning.
  • Mossack Fonseca still getting hacked due to poor security response (The Register) — At what point do we ask if MossFon is really just a honeypot, given continued insufficient security?

Just for fun: Rockets!
If you didn’t watch SpaceX’s Falcon 9 launch on Friday, you really ought to make some time to do so for entertainment purposes. The first stage of the rocket returned successfully for reused, nailing a landing on a drone ship — a DRONE SHIP AT SEA. I missed the fact the landing pad was a drone vessel when I watched the first attempts. It’s a really narrow thing, landing on a speck of a pad in the ocean which is pushed around a bit by ocean currents in spite of the drone ship’s programming and/or remote control. (I would love to know who named the drone ship, ‘Of Course I Still Love You’ and why…)

What’s similarly remarkable is the SpaceX team — their excitement is off the map, rather like watching a K-12 FIRST LEGO robotics competition than an aeronautics business at work. Note in the video the team’s reaction just seconds (about 27:30) to the first stage return landing; it’s as if they KNEW they had it nailed before it happened. Wouldn’t you love to know just how they knew?

Also for grins: compare SpaceX’s landing on Friday (start at 23:48 into video) to competitor Blue Origin’s recent rocket return. Blue Origin is owned by Amazon’s Jeff Bezos; the return is so smooth and slick, but it’s in the west Texas desert where potential disruption of the landing has been minimized. Important to keep in mind that SpaceX actually delivered a payload after reaching orbit, where Blue Origin is still limited to sub-orbit elevation.

With that our week’s been launched — let’s go!

Thursday Morning: Two Too Good

/5 Comments/in , /by

I would post this video every week if I could get away with it. It’s a favorite in my household where three of us play string instruments. I’ve blown out speakers cranking these guys up as far as I can (shhh…don’t tell the dude in charge of speaker maintenance here).

You’ll note this post is pushed down the page as Marcy’s last two posts about #AppleVsFBI (here and here) have been picked up by several news outlets. Let’s let new readers have the rail for a bit.

NC and GA state legislatures wreaking bigoted havoc
Regressive bills allowing open practice of anti-LGBT bigotry have been working their way through states’ legislatures in the wake of Burwell v. Hobby Lobby Stores, Inc. Indiana and Arizona are two examples where bills using a template based on the federal Religious Freedom Restoration Act (RFRA) have been passed. Arizona’s governor Jan Brewer made an unusually rational move and vetoed the bill. Indiana did not, and many organizations protested until an amendment was passed modifying SB 101‘s worst component.

Georgia’s legislature passed their own spin on RFRA, The Free Exercise Protection Act; the bill is now in the hands of Gov. Nathan Deal, who has until the first week of May to sign it into law. The state has an emerging film and TV production industry, home to popular shows like AMC’s The Walking Dead. Disney and its subsidiary Marvel yesterday announced they would yank production out of Georgia if Gov. Deal signed the bill. AMC followed suit and announced it too would pull out of Georgia. Other corporations with business interests in GA, like The Dow Chemical Company, are also unhappy. How many more companies will it take before Deal wises up and vetoes the bill or demands amendment?

Sadly, North Carolina’s GOP-led legislature rushed through a bill yesterday with a slightly different spin — like a proof-of-concept for the rest of the states where RFRA bills have been unable to gain traction while avoiding the potential for boycotting leveraged against the governor. Anti-transgender fear-mongering was used to force HB2-Public Facilities Privacy & Security Act through while avoiding “religious freedom” as a promotional feature. It was signed into law yesterday by NC’s jackass governor, Pat McCrory, who tweeted,

Ordinance defied common sense, allowing men to use women’s bathroom/locker room for instance. That’s why I signed bipartisan bill to stop it.

I signed bipartisan legislation to stop the breach of basic privacy and etiquette, ensure privacy in bathrooms and locker rooms.

Except that HB2 not only overturns local ordinances protecting LGBT persons, it prevents transpersons from using the facilities appropriate to their transgender, and it allows businesses to post notices they will not serve groups. Welcome back, Jim Fucking Crow.

The bill was not truly bipartisan, either. Although 14 idiotic state house Democrats voted for the bill, the entire Democratic state senate caucus walked out in protest rather than vote on the bill at all. Methinks NC Dem Party discipline needs a little work, and state house members need a little less bigotry.

Speaking of which, DNC was typically ineffectual, offering a bunch of jargon instead of straight talk about NC’s discrimination. Are there any groups at all the DNC under its current leadership will really extend any effort except for corporations?

The speed at which the bill passed through NC’s legislature during an “emergency” session — because making sure the body parts align with the identity on the bathroom door is an emergency! — may have prevented the state’s largest employers from responding appropriately. Let’s see if NC’s largest employers, including University of North Carolina, Time Warner Cable, Duke Energy, Bank of America, Wells Fargo, Merrill Lynch, and the many sci-tech companies of Research Triangle, will wise up and demand an end to the ignorance and bigotry of Public Facilities Privacy & Security Act.

Finished digging out here after a late season snow storm, now serving up a hot dish brunch casserole made with a mess of oddments.

  • Diebold buys German competitor Wincor Nixdorf (Bloomberg) — wonder how this industry shakes out as mobile payment systems become more popular and more widely accepted.
  • Speaking of mobile payment systems: Apple Pay expected to expand to apps and websites before Christmas shopping season (FastCompany) — expected to take a bite out of PayPal’s market share, but if transactions are conducted online, this could eat into other payment processing systems. Need the importance of encryption be pointed out yet again, too?
  • Apple’s new, smaller iPhone SE available for pre-orders today (BusinessInsider) — also iPad Pro. Already hearing strong interest from a lot of women about the smaller phone; they’ve been unhappy with the increasing size of iPhones.
  • Nielsen TV ratings data will begin tracking streaming equipment brands (FastCompany) — their data will be based on 40,000 households, though. Apparently sales of streaming equipment like Apple TV, Chromecast, Roku aren’t granular enough for firms acquiring content consumption data. Wonder how long before Nielsen itself is replaced by network sniffing?
  • Related? Funny how Iran is the focus of the first, but not mentioned in the second:
  • AI-written novel survives first round in Japanese literature contest (DigitalTrends) — and you thought it was just the news that was generated by robots.

That’s a wrap, catch you tomorrow morning!

Wednesday Morning: Wicked Weary World

/42 Comments/in , , /by

Let’s have a brunch-time salute to Belgium, which produced this fine young artist Loic Nottet. Too bad there’s not much well-produced content in YouTube yet by this youngster. He has incredible upper range reach with great potential because of the power behind his voice. Hope to hear more by him soon; he’s a sweet antidote to bitter wickedness.

All in the family
Hope you’ve read Marcy’s piece already this morning on the relevance of nuclear family units to terrorism. In addition to suicide bombers El Bakraoui brothers Marcy mentioned, it’s worth examining the other links between the November 13 attacks in Paris and the attacks in Belgium yesterday. Note the familial relationships and their first-degree network:

Brahim Abdelslam — older brother of Salah, blew himself up in Paris during the November 15 attacks. (Dead)
Salah Abdelslam — captured last Friday March 18, has admitted he ‘had planned to target Brussels.’ His location was flagged by an unusual number of pizzas delivered to an apartment where power and water had been shut off. (In custody)

Abaid Aberkan — characterized as a relation of the Abdelslams, carried Brahim’s casket at the funeral last week. (NOT a terror suspect Edit: Le Monde indicates Aberkan was arrested during Friday’s raid, but name spelled ‘Abid.’) (In custody)
Aberkan’s mother — renter/owner of Molenbeek apartment in which Salah was hiding when captured last week. (NOT a terror suspect)

Mohamed Belkaid — killed in a raid last Tuesday at an apartment in Forest district; Salah fled the apartment. (Dead)

Mohamed Abrini — A childhood friend and neighbor of Salah, his younger brother Suleymane died fighting in an Islamist militia under the direction of Abdelhamid Abaaoud. Abaaoud, the leader of the Paris attacks, died on November 18 during a police raid. Abrini had traveled with both of the Abdelslam brothers the week before the attacks in Paris. He is now on the run and sought in relation to yesterday’s attack. (Suspect)

Najim Laachraoui — traveled with Salah and Belkaid last September, under the name Soufiane Kayal. His DNA was found in three different locations: on explosives in Paris, and at two other hide-outs used by attackers. He is now sought in relation to yesterday’s attack. (Suspect)

Though we’ll hear arguments for increased internet surveillance, it’s easy to see that traditional police work could identify a terrorist network of family and friends in the same way members of an organized crime syndicate centered around a family are revealed. (Sources for the above: The Guardian and The Australian)

Other stuff going on…

  • ‘Flash Crash’ trader to be extradited to the U.S., rule British judges (France24)
  • Sextortionist Michael Ford, who ran a criminal enterprise from his work computer while employed at U.S. embassy, sentenced to four years and nine months in prison (Ars Technica) — BoingBoing notes the hypocrisy of a government demanding backdoors while failing to note such a massive misuse of its own network.
  • Another hospital held hostage by ransomware, this time in Kentucky (Krebs on Security) — STOP OPENING LINKS IN EMAIL at work, for starters. Isolating email systems from all other networked operations would be better.
  • 24 car models by 19 automakers vulnerable to keyless entry hack (WIRED–mind the ad-block hate) — Mostly foreign models affected due to the radio frequency used.

Better luck tomorrow, gang. See you in the morning.

Friday Morning: F for Free and Favorite

/28 Comments/in , , /by

Congratulations! You made it to another Friday! The end of the week means jazz here, until I run out of genres. This Friday I’m not covering a genre, though. I’m pointing you to one of the most surprising and utterly awesome gifts jazz lovers and historians could get.

1,000 hours of free jazz, ready to download.

Holy mackerel! I almost fainted when @OpenCulture tweeted last week about David W. Niven’s collection shared with the public at Archive.org. Just as amazing is Niven’s commentary, providing context we would never otherwise have about each piece.

I’ll embed some Louis Armstrong at the bottom of this post to get your weekend started. Mark this collection as one of my favorite things ever.

Malware discovered, targeting non-jailbroken Apple iOS devices in China
This is the second China-specific malware that researchers at Palo Alto Networks have found this year. Gee, why China?

UK’s Labour Party wankers want ‘Snoopers’ Charter’ because Snowden
Just the wankers, mind you, though it’s hard to tell which MPs were the wankers as Labour and SNP sat on their hands during the vote for the Investigatory Powers Bill (IPB), not wanting to appear obstructive. Fondly called the ‘Snoopers’ Charter,’ the bill replaces Regulation of Investigatory Powers Act (RIPA) and passed in the House of Commons on its second reading. The bill allows the UK government to amass all Internet Connection Records (ICRs) for a year’s time, including telecommunications connections. Restrictions on which government entities have access to these records and for what purpose is muddy at best, and the cost of collecting and storing these records will be borne by the network service providers who in turn will need to raise their rates. Sane people understand the IPB as passed is atrocious. The bill would not have passed the second reading at all had all of Labour and the SNP voted against it, but a number of wankers argue Edward Snowden is reason enough to dragnet the entire UK’s internet activity — which makes no sense whatsoever, based on the bill’s current formulation. The ‘Snoopers’ Charter’ now enters the Committee Stage, where it’s hoped somebody catches a cluestick and puts the brakes on this current iteration of government panopticon.

U.S. National Highway Traffic Safety Administration and FBI warn about automobile hacking
Hmm. A little late to the party after at least four different vulnerabilities were revealed over the last year, but better late than never. Rather annoying the public needs to be on guard against automakers’ naiveté/stupidity/hubris.

Google’s parent Alphabet selling its robot division Boston Dynamics
Remember the creepy four-legged robot ‘Big Dog’? It and its developer are up for grabs. Google (before it became Alphabet) bought Boston Dynamics in 2013, but now finds the firm doesn’t fit its strategy. Worth noting differences in reaction to the news:

The tone of the MIT Review piece — technology’s coolness is sufficient rationale for its creation and existence — offers interesting insight, explaining how awful technology ends up commercialized in spite of its lack of fitness.

Let’s call it a week and get on with our weekend. Have a good one!

Wednesday Morning: Place Your Bets

/13 Comments/in , /by

About 11:00 a.m. EST today President Obama will announce his nominee to the Supreme Court to fill Antonin Scalia’s seat on the bench.

Apart from Sri Srinivasan, widely mentioned as the likely nominee, who is a possible candidate? Share your guess and then place your bets on Most-Likely Nominee and offer odds on a recess appointment.

Heads up: Your browsing could put you at risk of ransomware
I suppose the news that really big and popular sites were afflicted by ransomware within the last week explains why I had yet another Adobe-brand update pushed at me. Sites affected included The New York Times, the BBC, MSN, and AOL, along with others running a compromised ad network serving ransomware.

PSA: Make sure all your data files are backed up off your PC, and have access to software to rebuild your machine, in case your device is held for ransom.

#AppleVsFBI: Apple filing in California yesterday
Funny how different the characterizations of the 26-page filing. Here’s two:

  • The Guardian (emphasis mine):

    Apple’s lawyers tried to lower the temperature in the company’s fight with the US government on Tuesday, telling a federal judge that America’s Justice Department is well-meaning but wrong in its privacy standoff with the iPhone maker.

  • Forensic scientist Jonathan Ździarski: “Here, Apple is saying, ‘If it pleases the court, tell the FBI to go fuck themselves.'”

Zika virus: even uglier than expected

Stray cats, rounded up…

  • DARPA appeals to Maker/DIY/geek-nerd types, asks them to weaponize everyday devices (IEEE Spectrum) — I find this incredibly creepy; why is DARPA doing this, if the point is to prevent harm to the public from consumer products? Why not FTC/FCC/DOE instead of the military? And what happens to the feckless DIYer who accidentally hurts someone in the course of trying this stuff at home? Will DARPA indemnify them? Or are these informal adjuncts supposed to assume liability though they are doing military and law enforcement research? And what about the participants — will their identities be “harvested” for unspecified use in the future? So much stupid.
  • US transport secretary Anthony Foxx says, “It’s not a surprise that at some point there would be a crash of any technology that’s on the road,” (The Guardian) — in regards to the recent crash of a Google self-driving car with a bus. If it’s not a surprise, why are these on the road so soon? Don’t argue humans crash; these driverless vehicles are supposed to be BETTER than humans, and the public’s roadways shouldn’t be corporate laboratories.
  • PA man charged with phishing celeb women to gain access to their personal photos and videos (The Guardian) — Oddly, he’s not charged with distribution of the celebs’ pics in what became known as ‘The Fappening.’ A perfect example of the kind of crime which would be made easier and more widespread if Apple’s security was weakened — and law enforcement struggles with tackling it now.

That’s a wrap, for now, furballs all cleaned out of the holding bins. See you tomorrow morning!

Tuesday Morning: Some Kind of Freak

/17 Comments/in , , , /by

Today’s the intersection of my Gwen Stefani jag and International Women’s Day 2016. Need some more estrogen-powered music to celebrate IWD? Try this list — note and compare Lesley Gore’s You Don’t Own Me and Nancy Sinatra’s These Boots Are Made for Walking against more recent tunes like No Doubt’s Just A Girl.

Let’s roll…

Volkswagen shocked, SHOCKED! the EPA went public on the diesel emissions standards cheat
But by the time the EPA made public statements regarding VW, the German automaker had already known about the International Council on Clean Transportation’s research results for a year and had yet to reveal to shareholders the risk of prosecution and penalties. VW’s leadership hoped for a mild and quiet slap on the hands and enough time for a technical solution before the EPA’s disclosure:

“In the past, even in the case of so-called ‘defeat device’ infringements, a settlement was reached with other carmakers involving a manageable fine without the breach being made public,” VW argued. “And in this case, the employees of Volkswagen of America had the impression on the basis of constructive talks with the EPA that the diesel issue would not be made public unilaterally but that negotiations would continue.”

Hope somebody is looking at insider trading for any sign that VW executives were unloading stock in the period between September 2014 when ICCT’s results were published, and when the EPA went public in 2015. Wonder what penalties there are under German/EU laws for this?

USDOJ appealed last week’s ruling in Brooklyn iPhone 5S case
At the heart of this appeal is Apple’s past cooperative actions when federal law enforcement asked for assistance in unlocking iPhones. Apple, however, said past acquiescence is not consent. USDOJ has now asked for review of Judge Orenstein’s ruling.

Apple co-founder Steve Wozniak appeared on Conan, sided unsurprisingly with Apple
Woz admitted to having tried his hand at writing viruses for Mac, but the entire premise terrified him, compelling him to destroyed his efforts. Video of his appearance included at this link.

France to punish phonemakers for encryption, while UK’s GCHQ says it should get around encryption
A narrow body of water, a different language, and a recent terrorist attack make for very different reactions to encrypted communications. France’s Parliament voted yesterday to punish phonemakers which do not cooperate with law enforcement on unencrypting data; the bill is not yet law, subject to further parliamentary process. Meanwhile, Britain’s spy chief said he hopes methods can be developed to get around encryption without building backdoors.

Drive-by quickies

And it’s Presidential Primary Day in Michigan, Mississippi, Idaho, Hawaii. I may avoid social media for most of the day for this reason. Hasta pasta!

Thursday Morning: Snowed In (Get It?)

/8 Comments/in , , /by

Yes, it’s a weak information security joke, but it’s all I have after shoveling out.

Michigan’s winter storm expanded and shifted last night; Marcy more than caught up on her share of snow in her neck of the woods after all.

Fortunately nothing momentous in the news except for the weather…

Carmaker Nissan’s LEAF online service w-i-d-e open to hackers
Nissan shut down its Carwings app service, which controls LEAF model’s climate control systems. Carwings allows vehicle owners to check information about their cars on a remote basis. Some LEAF owners conducted a personal audit and hacked themselves, discovering their cars were vulnerable to hacking by nearly anyone else. Hackers need only the VIN as userid and no other authentication to access the vehicle’s Carwings account. You’d think by now all automakers would have instituted two-factor authentication at a minimum on any online service.

Researcher says hardware hack of iPhone may be possible
With “considerable financial resources and acumen,” a hardware-based attack may work against iPhone’s passcode security. The researcher noted such an attempt would be very risky and could destroy any information sought in the phone. Tracing power usage could also offer another opportunity at cracking an iPhone’s passcode, but the know-how is very limited in the industry. This bit from the article is rather interesting:

IOActive’s Zonenberg, meanwhile, told Threatpost that an invasive hardware attack hack is likely also in the National Security Agency’s arsenal; the NSA has been absent from discussions since this story broke last week.

“It’s been known they have a semiconductor [fabrication] since January 2001. They can make chips. They can make software. They can break software. Chances are they can probably break hardware,” he said. “How advanced they were, I cannot begin to guess.”

The NSA has been awfully quiet about the San Bernardino shooter’s phone, haven’t they?

‘Dust Storm’: Years-long cyber attacks focused on intel gathering from Japanese energy industry
“[U]sing dynamic DNS domains and customized backdoors,” a nebulous group has focused for five years on collecting information from energy-related entities in Japan. The attacks were not limited to Japan, but attacks outside Japan by this same group led back in some way to Japanese hydrocarbon and electricity generation and distribution. ‘Dust Storm’ approaches have evolved over time, from zero-day exploits to spearfishing, and Android trojans. There’s something about this collected, focused campaign which sounds familiar — rather like the attackers who hacked Sony Pictures? And backdoors…what is it about backdoors?

ISIS threatens Facebook’s Zuckerberg and Twitter’s Dorsey
Which geniuses in U.S. government both worked on Mark Zuckerberg and Jack Dorsey about cutting off ISIS-related accounts AND encouraged revelation about this effort? Somebody has a poor grasp on opsec, or puts a higher value on propaganda than opsec.

Wonder if the same geniuses were behind this widely-reported meeting last week between Secretary of State John Kerry and Hollywood executives. Brilliant.

Case 98476302, Don’t text while walking
So many people claimed to have bumped their heads on a large statue while texting that the statue was moved. The stupid, it burns…or bumps, in this case.

House Select Intelligence Committee hearing this morning on National Security World Wide Threats.
Usual cast of characters will appear, including CIA Director John Brennan, FBI Director James Comey, National Counterterrorism Center Director Nicholas Rasmussen, NSA Director Admiral Michael Rogers, and Defense Intelligence Agency Director Lieutenant General Vincent Stewart. Catch it on C-SPAN.

Snow’s supposed to end in a couple hours, need to go nap before I break out the snow shovels again. À plus tard!

Thursday Morning: Number 49

/38 Comments/in , , /by

Name day of Saint Simon (Simeon), and Greek name day for Leon and Agapitos, it’s also the 49th day of the year, only 317 more to go. Make the best of it, especially if your name is Simon, Leon, or Agapitos.

Hollywood hospital paid ransom — $17K in bitcoin, not millions
See the official statement linked in this updated report. Speed and efficiency drove the payment. Given the difference between the original amount reported and the amount paid in ransom, one might wonder if there was a chaining of devices, or if many less important devices will be bricked.

Laser pointed at Pope Francis’ plane over Mexico
Someone pointed a laser at the Pope’s flight just before it landed in Mexico City yesterday, one of the highest profile incidences of “lasering” to date. The incident follows an international flight forced back to Heathrow on Monday after one of its pilots suffered eye injury from a laser. Thousands of laserings happen every year; it’s illegal in the U.S. and the U.K. both, but the U.S. issues much stiffer penalties including fines of $10,000 and prison time. If Mexico doesn’t already treat lasering firmly, it should after this embarrassing and threatening incident.

Air strike on Doctors Without Borders/Médecins Sans Frontières’ Syrian hospital spurs call for investigation
It’s absolutely ridiculous how many MSF medical facilities have been hit air strikes over the last year, the latest west of Aleppo in Syria. MSF has now called for an independent investigation into this latest attack which killed nine medical personnel and more than a dozen patients. This particular strike is blamed on the Syrian government-led coalition, but Russia and the U.S. have also been blamed for attacks on MSF facilities this year, including the hospital in Kunduz, Afghanistan last October. You’d think somebody had it out for MSF specifically.

Is China rousing over Korean peninsula escalation?
Tension spawned by North Korea’s recent nuclear test, missile and satellite launches, as well as South Korea’s pull back from Kaesong industrial complex and U.S. F-22 flyovers have increased rhetoric in media.

Just as it is in the U.S., it’s important to note the origin and politics of media outlets covering China. GBtimes, for example, covers Chinese stories, but from Finland. ~head scratching~

All Apple, all the time
A huge number of stories published over the last 24 hours about Judge Sym’s order to Apple regarding unlocking capability on San Bernardino shooter Syed Farook’s iPhone.

I wonder if this is really a Third Amendment case, given the lack of daylight between the FBI and the U.S. military by way of Joint Terrorism Task Force involvement, and the case at hand in which a non-U.S. citizen’s illegal activities (Farook’s wife Tashfeen Malik) may have triggered related military counterterrorism response. Has the U.S. government, by demanding Apple create code to permit unlocking the shooter’s iPhone, insisted on taking private resources for government use? But I’m not a lawyer. What do I know?

That’s it for now. Thursday, February 18th is also “Teen Missed the Bus Day”; ‘Agapitos’ he is not at the moment. Kid’s going to owe me some time helping with the next morning post.

Tuesday Morning: I Don’t Want It Good

/18 Comments/in , /by

I don’t want it good. I want it Tuesday.
— Jack Warner

Pretty sure Mr. Warner would get it just the way he wanted it today.

Surprise: Saudis and Russia agree mutual economic destruction = bad
Expect a rocky market today after a hush-hush agreement by Saudi Arabia and Russia to hold oil production levels to January levels. The FTSE and Brent crude have already taken a hit, though why Brent’s price dropped when supply firmed/tightened makes no sense to me. Good thing I’m not a commodities broker.

Predictable outcome: Dropbox account hacked, contents posted, then teacher fired
I feel awful for this poor teacher, whose privacy was violated and his job lost after someone hacked his Dropbox account, then posted a personal sex tape on his school’s website. Unfortunately, this is another painful real-life lesson: Do NOT store content in the cloud if the content hurt you if leaked.

Shaken by a quake? There’s an app for that
UC Berkeley Seismological Lab released an Android app called MyShake. The application detects vibration fitting earth tremor profiles and reports them to the lab for diagnostics. Enough data combined with other seismic monitoring can confirm an earthquake. The Seismological Lab hopes to build a global seismic detection network which can help detect earthquakes before they begin. With enough advance notice, humans may be able to reduce damage and injury. The Lab says the app runs silently in your phone’s background and doesn’t use up the battery, but this seems like an impossibility. Only one way to find out, though, and only one way for the lab to improve the app’s performance. An iOS version is expected in the near future.

Volkswagen fined by Mexico over emissions — but not the defeat device
Looks like VW imported more than 45,000 vehicles into Mexico without dotting all the Is and crossing all the Ts. The automaker has been fined nearly $9 million dollars (168 million pesos) for failing to obtain mandatory emission and noise certifications. Sounds like VW needs to overhaul its management culture.

Air-gapped computers may not be safe from hacking
A team of researchers from Tel Aviv University and Technion identified a means for hacking air-gapped computers in a completely separate room in order to snag data. Their method only required an antenna, amplifiers, a software-defined radio, and a laptop to measure electromagnetic waves created by a target computer as it deciphered a specific message.

There it is: it ain’t good, but you’ve got it on a Tuesday.

Monday Morning: Fair of Face

/18 Comments/in , , /by

Eh. Not so much. I can’t think of many working folks who greet Monday morning with joy, finding it a beautiful thing. But according to old English folk tales, a Monday birthday was supposed to bring better luck.

What good luck will today bring?

Dripping blood tips off discovery of dead body and millions in currency on plane
Reads like a murder-mystery novel, right? Except that this happened Sunday in Zimbabwe at Harare International Airport. Airport staff noticed blood leaking from the plane during refueling, after which an investigation began, revealing a dead body inside the plane and millions in South African rand on board. The plane was registered to Western Global Airlines of Florida and had been flying from Germany to South Africa. What are the odds we never hear of this plane, the body, or the currency again?

Volkswagen chief knew in 2014 U.S. would investigate; Germany wants spot checks
From scandals like Watergate, the U.S. knows the coverup is often worse than the crime. Looks like Volkswagen will learn this, too. Martin Winterkorn, VW’s former CEO, knew in May 2014 that U.S. officials suspected emissions controls defeat devices in VW’s diesel passenger vehicles. BUT…this is not quite news, as the study revealing VW’s non-compliant emissions were reported in May 2014, in a public forum, where VW asked about the results. What did Winterkorn know, and when did he know it?

Germany’s Transport Minister Alexander Dobrindt said yesterday, “There will be controls on vehicles in the style of doping tests (for athletes), …Unannounced and every year.” Dude. Come on. The defeat device evaded random tests in U.S. states like California. Random spot checks will NOT ensure emissions controls work. Only random road tests capturing real world driving outputs will do that. Dobrindt said a draft proposal outlining the test measures would be submitted to the Bundestag on Thursday. Will the lower parliament get wise to this problem?

British teen arrested for the hack on FBI, DHS, CIA director’s email, more
“I am innocent until proven guilty so I have nothing to be worried about…They are trying to ruin my life,” the 16-year-old said after his arrest last week. The most recent hack the teen is accused of included the “leak” of 30,000 FBI and DHS personnel contact information. He’s accused of being a member of Crackas With Attitude (CWA); CWA has said the hacking of CIA director Brennan’s email was “so easy to hack Brennan that ‘a 5-year old’ could have done it.” Doesn’t sound like mad hacking skillz required to pose a threat to law enforcement.

UK’s Investigatory Powers Tribunal said hacking devices by intelligence doesn’t violate human rights
British Foreign Secretary Philip Hammond believes the IPT’s ruling last week is fair, but of course, he would. The case pressed by Privacy International forced the UK’s intelligence agency GCHQ to reveal the use of mass surveillance using computer network exploits (CNE). The case can’t go any further in the UK, but could be reviewed in the EU. Wonder if these same CNE were deployed to identify the 16-year-old teenager charged with hacking Brennan?

From Department of Creepy Spouses: Man + Wife’s FitBit Data + Reddit = PG
A man asked a Reddit forum about wife’s unusual FitBit data and learned she’s pregnant. I would kick this butthead to the curb so fast if he’d been my spouse. Talk about a violation of privacy, let alone a breach of intimacy between married partners. I can only imagine how this discovery will influence hackers snooping wearable devices.

Not looking like good luck today after all. Perhaps better luck tomorrow?