Posts

Minority Report: A Look at Timing of WannaCry and Trump’s Spillage

CAVEAT: Note well these two points before continuing —

1) Check the byline; this is Rayne, NOT Marcy; we may have very different opinions on matters in this post.

2) This post is SPECULATIVE. If you want an open-and-shut case backed by unimpeachable evidence this is not it. Because it addresses issues which may be classified, there may never be publicly-available evidence.

Moving on…

Like this past week’s post on ‘The Curious Timing of Flynn Events and Travel Ban EO‘, I noticed some odd timing and circumstances. Event timing often triggers my suspicions and the unfolding of the WannaCry ransomware attack did just that. WannaCry didn’t unfold in a vacuum, either.

Timeline (Italics: Trump spillage)

13-AUG-2016 — Shadow Brokers dumped first Equation Group/NSA tools online

XX-XXX-201X — Date TBD — NSA warned Microsoft about ETERNALBLUE, the exploit which Microsoft identified as MS17-010. It is not clear from report if this warning occurred before/after Trump’s inauguration.

XX-FEB-2017 — Computer security firm Avast Software Inc. said the first variant of WannaCry was initially seen in February.

14-MAR-2017 — Microsoft released a patch for vulnerability MS17-010.

14-APR-2017 — Easter weekend — Shadow Brokers dumps Equation Group/NSA tools on the internet for the fifth time, including ETERNALBLUE.

(Oddly, no one noted the convenience to Christian countries celebrating a long holiday weekend; convenient, too, that both western and eastern Orthodox Christian sects observed Easter on the same date this year.)

10-MAY-2017White House meeting between Trump, Foreign Minister Sergei Lavrov, and Ambassador Sergey Kislyak. No US media present; Russian media outlet TASS’ Washington bureau chief and a photographer were, however.

12-MAY-2017 — ~8:00 a.m. CET — Avast noticed increased activity in WannaCry detections.

[graphic: Countries with greatest WannaCry infection by 15-MAY-2017; image via Avast Software, Inc.]

12-MAY-2017 — 3:24 a.m. EDT/8:24 a.m. BST London/9:24 a.m. CET Madrid/10:24 a.m. MSK Moscow — early reports indicated telecommunications company Telefonica had been attacked by malware. Later reports by Spanish government said, “the attacks did not disrupt the provision of services or network operations…” Telefonica said the attack was “limited to some computers on an internal network and had not affected clients or services.”

12-MAY-2017 — 10:00 a.m. CET — WannaCry “escalated into a massive spreading,” according to Avast.

12-MAY-2017 — timing TBD — Portugal Telecom affected as was UK’s National Health Service (NHS). “(N)o services were impacted,” according to Portugal Telecom’s spokesperson. A Russian telecom firm was affected as well, along with the Russian interior ministry.

12-MAY-2017 — ~6:23 p.m. BST — Infosec technologist MalwareTechBlog ‘sinkholes’ a URL to which WannaCry points during execution. The infection stops spreading after the underlying domain is registered.

13-MAY-2017 — Infosec specialist MalwareTechBlog posts a tick-tock and explainer outlining his approach to shutting down WannaCry the previous evening

15-MAY-2017 — ~5:00 p.m. EDT — Washington Post reported Trump disclosed classified “code worded” intelligence to Lavrov and Kislyak during his meeting the previous Wednesday.

16-MAY-2017 — National Security Adviser H. R. McMaster said “I wanted to make clear to everybody that the president in no way compromised any sources or methods in the course of this conversation” with Lavrov and Kislyak. But McMaster did not say information apart from sources or methods had been passed on; he did share that “‘the president wasn’t even aware of where this information came from’ and had not been briefed on the source.”

The information Trump passed on spontaneously with the Russian officials was related to laptop bomb threats originating from a specific city inside ISIS-held territory. The city was not named by media though it was mentioned by Trump.

16-MAY-2017 — Media outlets reported Israel was the ally whose classified intelligence was shared by Trump.

Attack attribution

You’ll recall I was a skeptic about North Korea as the source of the Sony hack. There could be classified information cinching the link, but I don’t have access to it. I remain skeptical since Sony Group’s entities leaked like sieves for years.

I’m now skeptical about the identity of the hacker(s) behind WannaCry ransomware this past week.

At first it looked like Russia given Cyrillic character content within the malware. But this map didn’t make any sense. Why would a Russian hacker damage their own country most heavily?

[graphic: WannaCry distribution; image via BBC]

The accusations have changed over time. North Korea has been blamed as well as the Lazarus Group. Convenient, given the missile test this past week which appeared focused on rattling Russia while President Putin was attending a conference in China. And some of the details could be attributed to North Korea.

But why did the ransomware first spread in Spain through telecom Telefonica? Why did it spread to the UK so quickly?

This didn’t add up if North Korea is the origin.

Later reports said the first infections happened in western Asia; the affected countries still don’t make sense if North Korea is the perpetrator, and/or China was their main target.

Malware capability

Given the timing of the ransomware’s launch and the other events also unfolding concurrently — events we only learned about last evening — here’s what I want to know:

Can vulnerability MS17-010, on which WannaCry was based, be used as a remote switch?

Think about the kind and size of laptops still running Windows XP and Windows 8, the operating systems Microsoft had not patched for the Server Message Block 1.0 (SMBv1) vulnerability. They’re not the slim devices on which Windows 10 runs; they’re heavier, more often have hard disk drives (HDDs) and bulkier batteries. I won’t go into details, but these older technologies could be replaced by trimmer technologies, leaving ample room inside the laptop case — room that would allow an older laptop to host other resources.

Let’s assume SMBv1 could be used to push software; this isn’t much of an assumption since this is what WannaCry does. Let’s assume the software looks for specific criteria and takes action or shuts down depending on what it finds. And again, it’s not much of an assumption based on WannaCry and the tool set Shadow Brokers have released to date.

Let’s assume that the software pushed via SMBv1 finds the right criteria in place and triggers a detonation.

Yes. A trigger. Not unlike Stuxnet in a way, though Stuxnet only injected randomness into a system. Nowhere near as complicated as WannaCry, either.

Imagine an old bulky laptop running Windows XP, kitted out internally as an IED, triggered by a malware worm. Imagine several in a cluster on the same local network.

Is this a realistic possibility? I suspect it is based on U.S. insistence that a thinly-justified laptop ban on airplanes is necessary.

Revisit timing

Now you may grasp why the timing of events this past week gave me pause, combined with the details of location and technology.

The intelligence Trump spilled to Lavrov and Kislyak had been linked to the nebulous laptop threat we’ve heard so much about for months — predating the inauguration. Some outlets have said the threat was “tablets and laptops” or “electronic devices” carried by passengers onto planes, but this may have been cover for a more specific threat. (It’s possible the MS17-010 has other counterparts not yet known to public so non-laptop threats can’t be ruled out entirely.)

The nature of the threat may also offer hints at why an ally’s assets were embedded in a particular location. I’ll leave it to you to figure this out on your own; this post has already spelled out enough possibilities.

Trump spilled, the operation must be rolled up, but the roll up also must include closing backdoors along the way to prevent damage if the threat has been set in motion by Trump’s ham-handed spillage.

Which for me raises these questions:

1) Was Shadow Brokers the force behind WannaCry — not just some hacker(s) — and not just the leaking of the underlying vulnerability?

2) Was WannaCry launched in order to force telecoms and enterprise networks, device owners, and Microsoft to patch this particular vulnerability immediately due to a classified ‘clear and present danger’?

3) Was WannaCry launched to prevent unpatched MS17-010 from being used to distribute either a malware-as-trigger, or to retaliate against Russia — or both? The map above shows a disproportionate level of impact suggesting Russia was a potential target if secondary to the operation’s aim. Or perhaps Russia screwed itself with the intelligence entities behind Shadow Brokers, resulting in a lack of advance notice before WannaCry was unleashed?

4) Was WannaCry launched a month after the Shadow Brokers’ dump because there were other increasing threats to the covert operation to stop the threat?

5) Are Shadow Brokers really SHADOW BROKERS – a program of discrete roll-up operations? Is Equation Group really EQUATION GROUP – a program of discrete cyber defense operations united by a pile of cyber tools? Are their interactions more like red and blue teams?

6) Is China’s response to WannaCry — implying it was North Korea but avoiding directly blaming them — really cover for the operation which serves their own (and Microsoft’s) interests?

The pittance WannaCry’s progenitor raised in ransom so far and the difficulty in liquidating the proceeds suggests the ransomware wasn’t done for the money. Who or what could produce a snappy looking ransomware project and not really give a rat’s butt about the ransom?

While Microsoft complains about the NSA’s vulnerability hording, they don’t have much to complain about. WannaCry will force many users off older unsupported operating systems like XP, Win 7 and 8, and Windows Server 2003 in a way nothing else has done to date.

[graphic: 5-year chart, MSFT performance via Google Finance]

Mother’s Day ‘gift’?

I confess I wrestled with writing this; I don’t want to set in motion even more ridiculous security measures that don’t work simply because a software company couldn’t see their software product had an inherent risk, and at least one government felt the value of that risk as a tool was worth hiding for years. It’s against what I believe in — less security apparatus and surveillance, more common sense. But if a middle-aged suburban mom in flyover country can line up all these ducks and figure out how it works, I could’t just let it go, either.

Especially when I figured out the technical methodology behind a credible threat on Mother’s Day. Don’t disrespect the moms.

Three Things: Day 6, Bombs Away, Get Carter 2

As long as my schedule permits I’ll continue to post Three Things each day at least through next Tuesday. Here we go…

Day 6: Countdown to Tax Day deadline continues
There’s a clear trend in interest about Trump’s tax returns since the election with a spike reflecting two pages leaked from Trump’s 2005 return on Rachel Maddow’s show last month. Stretching out the Google Trends period to five years and a seasonal bump can be seen each year. This year’s seasonal bump is completely distorted by discussion of Trump’s returns.

59 Tomahawk missiles launched at Syria and a GBU-43/B MOAB dropped on Afghanistan aren’t going to change this picture. Where are your tax returns, Trump?

Bombs away
Speaking of missiles and bombs, I sure hope somebody is watching transactions related to military industrial complex stocks. The image here includes just three companies, one of which is Raytheon, the maker of Tomahawk missiles in which  Trump may or may not own shares. How convenient for shareholders of record last Friday the stock went ex dividend this Monday after a spike in price late last week when 59 missiles were aimed just off a Syrian runway.

Considering both Russia and Syria knew in advance the US was deploying missiles, one would be foolish not to wonder if any one with vested interest in NYSE:RTN or competitors might also have known in advance to buy before the 01:40 UTC launch with a sell order for Monday’s open. For those of you mentally checking off time zones of key cities and major stock markets:

Damascus Fri 07-APR-2017 4:40:00 am EEST UTC+3 hours
Washington DC Thu 06-APR-2017 9:40:00 pm EDT UTC-4 hours
Moscow Fri 07-APR-2017 4:40:00 am MSK UTC+3 hours
Tokyo Fri 07-APR-2017 10:40:00 am JST UTC+9 hours
Shanghai Fri 07-APR-2017 9:40:00 am CST UTC+8 hours
Corresponding UTC(GMT) Fri 07-APR-2017 01:40:00

Get Carter 2
I’d much rather talk about a second installment of the 1971 movie featuring Michael Caine but no, it’s all about Carter Page and his less-than-stellar ability to prevaricate about his dealings with Russians. While quizzed by ABC’s George Stephanopolous about the chances sanctions were discussed by Page and Russians during the 2016 campaign season, Carter replied, “Something may have come up in a conversation…”

Uh-huh. Imagine somebody at the FBI cutting to a taped conversation or two at that point. Page insists he didn’t ask or offer about the sanctions, but he’s wholly unconvincing. It’s no wonder at all known Russian spies in the Buryakov case were skeptical about Page, a.k.a. ‘Male-1’. Whatever Page claims there was enough there to pass the threshold requirements for a FISA warrant.

Why is Page talking to media now anyhow? Is he somebody’s canary-in-the-coal-mine? Definitely not a FISA warrant canary.

That’s Three Things. By the way: about 22 percent of taxpayers wait until the last two weeks before the deadline to file. Tick-tock — only a handful of hours until Day 5 before deadline.

(p.s. treat this like an open thread)

Of Spies and Casinos

[photo: liebeslakritze via Flickr]

Many have forgotten the case of Russian spies arrested in the U.S.

Not the ten from the Illegals Program sleeper cell spy ring rounded up in 2010, whose integration into the U.S. formed the backbone of the cable drama, The Americans.

No, the ones in New York City who attempted to recruit college students and collect economic intelligence.

Three in total were arrested a year ago January — Evgeny Buryakov, Igor Sporyshev and Victor Podobnyy — the latter two shipped out as they were here under diplomatic visas while the first was prosecuted and jailed.

The story is rather interesting though it didn’t garner much attention outside New York. The spies were tasked with not only recruiting but gathering intelligence in the financial sector about market destabilization and the status of development and investment in alternative energy.

Buryakov, who was not under diplomatic protection, wasn’t the sharpest pencil in the box. He was a little put out at having a less than glamorous gig, and he was rather imprudent. He was recorded easily, and his words used as evidence against him.

One interesting bit was thinly fleshed out in the USDOJ’s complaint.

Buryakov toured casinos in Atlantic City.

But which casinos?

In July 2014, a confidential contact working on behalf of the FBI, “posed as the representative of a wealthy investor looking to work with Bank-1 [the Russian bank for which Buryakov posed as an employee] to develop casinos in Russia,” and approached Buryakov about casino development in Russia. A tour of Atlantic City casinos was taken in August.

Combing through the complaint looking for the colleges from which they attempted to recruit revealed no mention of Trump University.

But the casinos visited aren’t clear. The Trump Plaza (closed September 2014) or the Trump Taj Mahal (closed October 2016) can’t be ruled out as sites visited by Buryakov — the Plaza closed only a few weeks later.

The skepticism with which they viewed the casino gambit was amusing (excerpt from complaint, p. 23-24):

It was a trap, just as suspected; did the confidential source not give off the right vibe, or were the Russians skeptical of any investment in casinos developed in Russia? Trump, after all, didn’t get his Trump Towers Moscow off the ground even after his 2013 trip for the Miss World Pageant. Did the skepticism worry the FBI they might lose their targets? Or did the FBI finally have enough of toying with these guys and decide it was time to drop the hammer? Was some other trigger which forced the FBI to wrap up this investigation?

A few other points worth noting:

• “Others known and unknown” were also involved in spying or supporting spies but were not included in the warrant according to the complaint (ex: CC-1 and CC-2 in complaint). Who were they and where are they now? Has the FBI continued to watch them? Were any of them among the Russians who were escorted out of the U.S. after former president Obama announced new sanctions this past December?

• “And then Putin even tried to justify that they weren’t even tasked to work, they were sleeper cells in case of martial law,” Victor Podobnyy remarked in a conversation about the Illegals Program sleeper cells. What did he mean by, “in case of martial law”? Is this a continuing concern with regard to any remaining undetected sleeper cells?

• A “leading Russian state-owned news organization” was mentioned in the complaint, “used for intelligence gathering purposes.” Which news outlet was this? How did this news organization figure into advanced methods used by this operation? It would be interesting to know if this was RT (formerly Russia Today) given Michael Flynn’s and Jill Stein’s attendance at an RT event in December 2015.

• The spies used an office in Manhattan for conveying information to their superiors. How was this done apart from phone calls; what technology and networks if any were involved?

There’s an important bit about aeronautics, but I’ll tackle that in another post. It’s important enough to be broken out on its own.

Oh, one last thing about this case: timing.

— On January 21, 2016 UK’s public inquest announced its final conclusions into the PO-210 poisoning death of Alexander Litivinenko, attributing the murder to orders from the top of Russia’s FSB — including Vladimir Putin.

— The next day, January 22,  the UK froze the assets of the escaped henchmen accused of the poisoning while seeking their extradition.

— A sealed complaint and a request for warrants were filed in Southern District of New York for the three Russian spies on January 23, 2016.

— The arrests of the spies was reported publicly on January 26, 2016.

These events on either side of the Atlantic didn’t happen in a vacuum. The casinos’ tour and the hand-off of government documents happened nearly six months before the complaint and warrants were filed and issued. But the Litvinenko inquest conclusion and the arrests happened within a couple of days — mere hours apart.

It shouldn’t be surprising to find coordinated retaliation occurred against both the UK and the US.

Long Island Iced Tea

I love maps. They often reveal things quickly and simply in a way text cannot. Like this map I’ve pulled together showing two points recently in the news.

To the right, Groton, Connecticut, where the U.S. has a naval facility

To the left, Glen Cove, New York — the location of a waterfront compound, Killenworth Mansion, owned for decades by Russia. The site was used for electronic spying according to the Reagan administration. A second compound, Norwich House, located five miles away in Upper Brookville, was vacated in December after former president Obama issued new sanctions on Russia in response to alleged interference in U.S. 2016 presidential election.

Multiple news reports yesterday noted a Russian spy ship “loitering” approximately 30 miles south of Groton, near Long Island’s shoreline, in international waters.

But none of them mentioned the ship was approximately 60-80 miles from the site of the Russian government compounds.

Huh. What an interesting coincidence that this Russian vessel didn’t loiter near any of more than a dozen naval facilities along the east coast. Granted, Groton is home to the Naval Submarine Base New London, home to the Navy’s subs on the east coast.

But is this submarine base more interesting than any of the Navy facilities in Maryland, Virginia, Florida? Not to mention Rhode Island, South Carolina or Georgia. Nor did the spy ship hang around near the other waterfront facility located in Maryland that Russia was forced to vacate in December.

It’s almost if the Russians left something behind on Long Island and were looking for it.

Or listening for it.

UPDATE — 5:38 p.m. EST: Here’s another nifty map depicting existing and planned submarine communications cables landed in northeast US. Fun stuff! I wonder which one carries the most financial data to/from Wall Street to overseas markets…

Submarine communications cables, northeast US, 2016 (via Greg’s Cable Map at cablemap.info)

Monday: A Border Too Far

In this roundup: Turkey, pipelines, and a border not meant to be crossed.

It’s nearly the end of the final Monday of 2016’s General Election campaign season. This shit show is nearly over. Thank every greater power in the universe we made it this far through these cumulative horrors.

Speaking of horrors, this Monday’s movie short is just that — a simple horror film, complete with plenty of bloody gritty gore. Rating on it is mature, not for any adult content but for its violence. The film is about illegal immigrants who want more from life, but it plays with the concepts of alien identity and zombie-ism. Who are the illegals, the aliens, the zombies? What is the nature of the predator and their prey? Does a rational explanation for the existence of the monstrous legitimize the horror they perpetuate in any way?

The logline for this film includes an even shorter tag line: Some borders aren’t meant to be crossed. This is worth meditating on after the horrors we’ve seen this past six months. Immigrants and refugees aren’t the monsters. And women aren’t feeble creatures to be marginalized and counted out.

Should also point out this film’s production team is mostly Latin American. This is the near-future of American storytelling and film. I can’t wait for more.

Tough Turkey
The situation in Turkey is extremely challenging, requiring diplomacy a certain Cheeto-headed candidate is not up to handling and will screw up if he places his own interests ahead of that of the U.S. and the rest of the world.

  • Luxembourg’s foreign minister compares Erdoğan’s purge to Nazi Germany (Deutsche Welle) — Yeah, I can’t argue with this when a political party representing an ethnic minority and a group sharing religious dogma are targeted for removal from jobs, arrest and detention.
  • Op-Ed: Erdoğan targeting critics of all kinds (Guardian) — Yup. Media, judges, teachers, persons of Kurdish heritage or Gulenist religious bent, secularists, you name it. Power consolidation in progress. Democracy, my left foot.
  • HDP boycotts Turkish parliament after the arrest of its leaders (BBC) — Erdoğan claimed the arrested HDP leaders were in cahoot with the PKK, a Kurdish group identified as a terrorist organization. You’ll recall HDP represents much of Turkey’s Kurdish minority. But Erdoğan also said he doesn’t care if the EU calls him a dictator; he said the EU abets terrorism. Sure. Tell the cities of Paris and Brussels that one. Think Erdoğan has been taking notes from Trump.
  • U.S. and Turkish military leaders meet to work out Kurd-led ops against ISIS (Guardian) — Awkward. Turkish military officials were still tetchy about an arrangement in which Kurdish forces would act against ISIS in Raqqa, Syria, about 100 miles east of Aleppo. The People’s Protection Units (YPG) militia — the Kurdish forces — will work in concert with Arab members of Syrian Democratic Forces (SDF) coalition in Raqqa to remove ISIS. Initial blame aimed at the PKK for a car bomb after HDP members were arrested heightened existing tensions between Erdoğan loyalists and the Kurds, though ISIS later took responsibility for the deadly blast. Depending on whose take one reads, the Arab part of SDF will lead the effort versus any Kurdish forces. Turkey attacked YPG forces back in August while YPG and Turkey were both supposed to be routing ISIS.

In the background behind Erdoğan’s moves to consolidate power under the Turkish presidency and the fight to eliminate ISIS from Syria and neighboring territory, there is a struggle for control of oil and gas moving through or by Turkey.

Russia lost considerable revenue after oil prices crashed in 2014. A weak ruble has helped but to replace lost revenue based on oil’s price, Russia has increased output to record levels. Increase supply only reduces price, especially when Saudi Arabia, OPEC producers, and Iran cannot agree upon and implement a production limit. If Russia will not likewise agree to production curbs, oil prices will remain low and Russia’s revenues will continue to flag.

Increasing pipelines for both oil and gas could bolster revenues, however. Russia can literally throttle supply near its end of hydrocarbon pipelines and force buyers in the EU and everywhere in between to pay higher rates — the history of Ukrainian-Russian pipeline disputes demonstrates this strategy. Bypassing Ukraine altogether would help Russia avoid both established rates and conflict there with the west. The opportunities encourage Putin to deal with Erdoğan, renormalizing relations after Turkey shot down a Russian jet last November. Russia and Turkey had met in summer of 2015 to discuss a new gas pipeline; they’ve now met again in August and in October to return to plans for funding the same pipeline.

A previous pipeline ‘war’ between Russia and the west ended in late 2014. This conflict may only have been paused, though. Between Russia’s pressure to sell more hydrocarbons to the EU, threats to pipelines from PKK-attributed terrorism and ISIS warfare near Turkey’s southwestern border, and implications that Erdoğan has been involved in ISIS’ sales of oil to the EU, Erdoğan may be willing to drop pursuit of EU membership to gain more internal control and profit from Russia’s desire for more hydrocarbon revenues. In the middle of all this mess, Erdoğan has expressed a desire to reinstate the death penalty for alleged coup plotters and dissenters — a border too far for EU membership since death penalty is not permitted by EU law.

This situation requires far more diplomatic skill than certain presidential candidates will be able to muster. Certainly not from a candidate who doesn’t know what Aleppo is, and certainly not from a candidate who thinks he is the only solution to every problem.

Cybery miscellany

That’s it for now. I’ll put up an open thread dedicated to all things election in the morning. Brace yourselves.

Tuesday: Disinfowar Dust Up

In this roundup: Disinfowar, fossil fuels’ finale, pipeline problems, and a longish short about evolving hope.

The embedded feature video here, Dust by Ember Lab, won a number of awards last year. It’s a gritty blend of real and fantasy, and the closest thing to a American feature film with an Asian lead (there were no true feature-length films with an Asian/Asian-American lead or co-lead last year). It’s a little exposition dense, but this is integral to the challenge of world-building for a sci-fi/fantasy story. I wouldn’t be a bit surprised to see this story extended into a true feature or a series.

Disinfowar
If you haven’t already read Marcy’s latest piece today, you should do so soon. We are now deep in disinfo slung by multiple parties.

The one thing that niggles at me about WikiLeaks’ involvement in this latest volley of disinfo: why didn’t WikiLeaks release the Podesta emails when they originally said they were going to do so?

Or was skanky political operative Roger Stone blowing more disinfo out his ass when he tweeted about the impending Wikileaks’ release?

And how does the concurrent “Trump pussy grab” video story interleave with the WikiLeaks’ disinformation? Let’s take a look at the timing.

Early September — WikiLeaks’ Julian Assange claims to have documents damaging to Hillary Clinton which would be released before the election.

30-SEP-2016 Friday — WikiLeaks cancels release of an info dump on Hillary Clinton due to alleged security concerns. The info dump has been framed by some as a potential ‘October surprise’.

02-OCT-2016 Sunday — 12:52 am: Roger Stone tweets [email protected] is done”.

03-OCT-2016 Monday — Unspecified time: Producer at an NBC entertainment outlet Access Hollywood remembers video of Trump with Billy Bush.

03-OCT-2016 Monday — 5:55 pm: AP publishes story, “‘Apprentice’ cast and crew say Trump was lewd and sexist.”

04-OCT-2016 Tuesday — Date of canceled WikiLeaks’ info dump.

Midweek (no date/day given) — Access Hollywood’s executive producer Rob Silverstein and team have reviewed the video. A script is prepared for airing of video, but it will not appear Friday evening before the next presidential debate on Sunday.

05-OCT-2016 Wednesday — No WikiLeaks’ info dump.

07-OCT-2016 Friday — First thing in the morning, Access Hollywood was still working on story; an NBC source said the story “wasn’t quite finalized.”

07-OCT-2016 Friday — Noon: Washington Post’s David Farenthold asks NBC for a comment on the Trump/Billy Bush tape which had been leaked to him by unnamed source(s).

07-OCT-2016 Friday — 2-4:00 pm (approximately, exact publication time to be confirmed): Washington Post runs Farenthold’s story, “Trump recorded having extremely lewd conversation about women in 2005.”

07-OCT-2016 Friday — 11:03 pm: WikiLeaks tweets link to “The #PodestaEmails Part 1.

09-OCT-2016 Sunday — 9:50 pm: During the second presidential debate, Wikileaks tweets, “Hillary Clinton just confirmed the authenticity of our #PodestaEmails release of her paid speeches excerpts.

10-OCT-2016 Monday — 9:36 am: WikiLeaks tweets link with “RELEASE: The #PodestaEmails part two: 2,086 new emails.

A Google Trends snapshot of key words from these two stories also tells the story. To be fair, though ‘pussy’ spiked on Friday, it’s a pretty popular internet search term (in case this had not occurred to some of our readers).

[Source: Google Trends - compare terms:'wikileaks', 'hillary', 'podesta''pussy', 'billy bush']

[Source: Google Trends – compare terms:’wikileaks'(blue), ‘hillary'(red), ‘podesta'(yellow), ‘pussy'(green), ‘billy bush'(purple) – click to expand]

Really convenient timing, no matter the validity of the content in the emails.

Wheels

  • Germany’s upper house of parliament wants combustion engine cars off the roads by 2030 (Reuters) — This is one of the most important stories so far this year: one of the largest single nation economies in the world wants to end use of gasoline- and diesel-fueled vehicles within its borders inside 18 years. How will this impact Volkswagen Group, the largest automaker in EU? At least VW now has impetus to move completely away from its failed passenger diesel engines. Political parties across the Bundesrat, the upper house, support ending sales of combustion engine vehicles. What next steps Germany will take is unclear as is the next possible response by the EC in Brussels.
  • VW’s CEO Matthias Mueller knew nothing about passenger diesel vehicle scandal (Reuters) — Might be plausible that Mueller didn’t know anything about VW and Bosch tweaking engine control units to defeat emissions standards since Mueller was the head of Porsche before VW Group appointed him to replace Martin Winterkorn. And we all know Porsche isn’t the first brand you’d seek when shopping for either passenger diesel vehicles or fuel efficiency.
  • Fiat Chrysler and Canadian union Unifor avoid a strike (Detroit Free Press) — The deal includes updates to two plants and a restructuring of workers’ wage scale while working around the impending demise of the Chrysler 200 and Dodge Dart car models. No mention of self-driving/autonomous cars in FCA’s future lineup, if any.

Pipe meets face

  • Russian facial recognition software IDs 73% of people of of million-person database (Wall Street Journal) — This application developed by startup NTechLab beat Alphabet’s facial recognition software. This gives me the fecking creeps, especially considering the countries interested in buying this software.
  • Facial recognition app failed when used at pipeline protest (Indian Country) — A Crow Creek Tribe activist found he had been ‘identified’ as a pipeline protester by facial recognition software though he had been at a family event elsewhere during the time he was alleged to participate in the protest.
  • Pipeline construction work resumes after appeals court ruling against tribes (ABC News) — In a stunningly callous move, U.S. Court of Appeals for the D.C. Circuit issued a decision Sunday evening — before Columbus Day, the observation which offends Native Americans — denying Native American tribes’ request for an injunction to stop construction of the Dakota Access Pipeline. Work on the pipeline picked up again today, though the tribes vow to continue their protests. Protesters were arrested yesterday for trespassing, including actor Shailene Woodley. Woodley may have been selected in particular because of her high media profile and because she was streaming the protest online.

Longread: Asymmetry’s role in Trump’s rise
Worth reading NYU’s Jay Rosen on media’s inability to deal with asymmetry in the U.S. political system, and how this permitted Trump’s elevation as a presidential candidate. Personally I take issue with the concept that the “GOP has become an insurgent outlier in American politics.” In a two-party system where nearly half the population identifies with either one of these parties, neither of the two parties can be insurgent or an outlier.

Instead, this asymmetry — the departure from the past equivalency of either of these two major parties — results from the application of the Overton Window over decades to move nearly half the population toward a more conservative consensus. Applied too much, too often, and nearly half the population has adopted an ideology which is incompatible with the values espoused by a critical mass of this nation before the Overton Window was applied.

And the media, like meteorologists focusing on the day’s weather — is it cloudy or sunny? rain or shine? — missed the entire shift of the political climate toward fascism. Rather like the financial crisis of 2008, for that matter, when they failed to adequately look at the big picture before the entire economy went over the cliff.

That’s a wrap. Make sure you’re registered to vote as many states have deadlines today. Check in with housebound and with college students to see if they are registered and encourage use of absentee ballots where appropriate. Absentee voting has begun in some states.

Tuesday: Tilted

I miss prosthesis and mended souls
Trample over beauty while singing their thoughts
I match them with my euphoria
When they said “Je suis plus folle que toi”


— excerpt, Tilted by Christine And The Queens

We’ve spent (and will spend) a lot of time looking at Americans this month, given the two major parties’ political conventions back to back. Yeah, we’ll look at Russia with a gimlet eye directed by media. But we could use a look away.

The artist in this video is actually Héloïse Letissier; Christine and the Queens is the stage name she and a group of transgender supporting artists use, though many of her works are solo performances. Letissier’s work isn’t confined to music alone as she also works in graphic arts. Her work frequently combines French and English lyrics with strong synthpop beat, making for wide appeal outside of France. If you like Tilted, try the mournful but earworm-y Paradis Perdus and the more hip-hoppy No Harm Is Done.

Allons-y!

Eat more cyber

Motor mayhem

  • Tesla driver ‘speeding’ before Florida crash (Reuters) — IMO, the truck driver still bears some responsibility here, failed to yield to oncoming vehicle in spite of their speed. But I don’t have all the data, can’t be certain. One thing I can be more sure of: Tesla’s ‘driving-assist software’ should NOT be perceived as autopilot. If this was true autopilot, the software would have adjusted the vehicle’s speed to meet and not exceed the posted limit.
  • U.S. District court gives prelim approval to Volkswagen’s $15B settlement (LAT) — Settlement covers consumers’ and EPA’s suit on passenger diesels with emissions cheat devices. The deal offers car owners to choose a vehicle buy-back on 2.0L passenger diesel models. VW Group’s 3.0L models are not included in this preliminary offer.
  • Volkswagen owners in EU get an apology, not a check (Politico.EU) — They are NOT happy with the disparity between the $15B initial settlement offered to US passenger diesel owners and the lip service offered to EU vehicle owners.

    “For the same car, in the U.S., you get a compensation, while in Europe you get an apology,” said Maroš Šefčovič, a Commission vice president overseeing energy and climate policy. “I don’t think it is fair.”

    Yeah, it’s not fair, and VW’s head engineer Ulrich Eichhorn is wrong when he says EU customers aren’t damaged. Baloney–the entire EU is damaged by higher NOX and other pollutants generated by these fraudulent cars. People are sick and dying because EU’s biggest automaker is poisoning the air.

Science-y schtuff

  • WHO: Antibiotic resistance a bigger threat than cancer within ~30 years (Euronews) — The rise of superbugs and inadequate research is already costing tens of thousands lives each year and beaucoup money. It will only get worse if the use of antibiotics remains excessive and research doesn’t increase.
  • Plasma technology may extend storage life of fruits (ScienceDaily) — Plasma technology — using energy applied to a gas — can zap bacteria on surface of fruit to prevent deterioration the bacteria cause. Except it’s expensive compared to simply washing fruit with known natural antibacterial agents. Like vinegar and water. Plasma tech might be best used on soft fruits like berries which don’t handle washing very well. But still, more energy required, and any heat generated might cook the fruit. ~smh~
  • Better beer through yeast (Nature) — Soon-to-be-published paper will detail 150 yeast strains’ genomes in an effort to help beermakers find the perfect yeast. What happens when they find The One, though? Will we lose our excuse for sampling widely and deeply?

Longread for your next commute
Belt magazine offers a four-part series, Walking to Cleveland by Drew Philps. It’s a travelogue of sorts, documenting Philp’s journey on foot from Dearborn to Cleveland in time for the Republican National Convention. Visit the Midwest with read.

Catch you later!

Thursday: Repetition

A little Prince to make the painful repetition a little easier to take.

By repetition I mean what’s happening in Puerto Rico compared to what has already happened in Michigan.

Some of Michigan’s most financially distressed cities were forced to accept emergency managers, supplanting the cities’ democratically elected officials. Under state law, EMs were the sole point of power and authority for administration until the cities were deemed financially viable. We all know how that turned out; in Flint’s case, ten people died from Legionnaire’s disease and roughly 8000 kids will pay for the incompetence of the emergency management scheme for the rest of their lives due to the permanent effects of lead poisoning. The incompetence is further magnified by governmental bodies’ failure to do the right thing to completion, while continuing to milk the city and state of more money to no effect.

Witness the state attorney general Bill Schuette now asking for $3.4 million to investigate what can already be easily seen in records released to date. The assessments made so far have been equally wrong — like Schuette’s office suing two consulting firms when documentation clearly shows outright stupidity in contract management or malfeasance on the part of government was the real problem. And none of Flint’s water problems would have happened had not the city been forced off Detroit’s water by the state treasurer’s office, which rejected a last-minute offer far cheaper than construction of the new Karegnondi water line. Seeing this doesn’t need millions of dollars, only ethics.

Puerto Rico — with a population smaller than Los Angeles in an area a little smaller than Connecticut — is now undergoing a similar loss of democracy for similar reasons of financial distress. The territory is $73 billion in debt caused in no small part by suffocating federal policies. The U.S. Senate just voted to supplant Puerto Rico’s elected officials’ authority with a team of managers. They had too little democracy as it was before this schema, not having the same kind of representation that the fifty states have; many of the financial limitations Puerto Rico faces have been directly related to the territory’s inability to regulate commerce.

The economic hitmen have won. Now the vultures descend.

The galling part is this approach is called PROMESA (Puerto Rico Oversight, Management, and Economic Stability Act) — a promise. Brace yourselves, Puerto Ricans, at least they’ve warned you. Que Dios tenga misericordia porque los buitres no lo hará.

Odd lots
I’ve got a bunch of stray cats and dogs here that didn’t fit under any theme so far this week. In other words, there wasn’t much repetition. Make of them what you will.

Thank goodness tomorrow is Friday and I can indulge in a little jazz. See you then.

Wednesday Morning: Quelle couleur est-ce?

I think vestigially there’s a synesthete in me, but not like a real one who immediately knows what colour Wednesday is. — A. S. Byatt

A lot of people will ask what day it is today, but few will ask what color.

Ed Walker put up a great post late last evening, one that deserves more oxygen. Do check it out.

Hospital held hostage for millions by ransomware
Hey Hollywood! A hospital in your backyard has been “infected” with ransomware, their enterprise system tied up until administration coughs up $3.6 million.* Didn’t see that coming, huh? Law enforcement is involved, though if they haven’t managed to resolve other smaller ransomware attacks, they won’t solve this before it critically affects patients’ care.

This is a pretty good (if unfortunate) example of business continuity crisis. Remember Y2K and all the hullaballoo about drills and testing for enterprise failure? We still need that kind of effort on a regular basis; how do you run your biz if all electronics go dark, for any reason?

(* US articles say $3.6M; CAN article linked says $5M. Currency difference, or an increase in the demand?)

Google found critical vulnerability in GNU C Library
CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow” Huh? What? If you read Google’s blog post about this yesterday, you were probably scratching your head. Some Googlers struggle with writing in plain English. Here’s what tech news outlets interpreted from that google-degook:

Ars Technica: “Extremely severe bug leaves dizzying number of software and devices vulnerable
BBC: “Glibc: Mega bug may hit thousands of devices
Threatpost: “Critical glibc Vulnerability Puts All Linux Machines at Risk

In a nutshell, if you’re running Linux, patch your systems, stat.

Petroleum’s still a problem

  • Iran’s not going along with Saudi-Russia-OPEC agreement on oil production limits. Iran wants to return to pre-sanction production levels before it makes any concessions.
  • Oil glut and tanked prices creates secondary challenges. Saudi’s youth now have entirely different prospects for employment now that oil cannot guarantee national wealth or careers with good pay. Will this cause political volatility in RSA? Wonder what will happen in smaller oil-producing countries like Venezuela and Ecuador?
  • Weird outliers buck trend: Indian oil producer Chennai had a strong Q3, and First American Bank more than doubled its stake in oil development firm Anadarko. Neither of these stories make sense when oil prices have and are plummeting and show no solid sign of improvement in the next year-plus.

TBTF is still too TBTF
Neel Kashkari, Minneapolis Fed Reserve president, called for the breakup of Too-Big-to-Fail banks yesterday, as they are still a risk to the economy. Didn’t see that coming from a fed president, especially Kashkari.

Biggest tech story today: Judge ordered Apple to help hack San Bernadino gunman’s phone
Apple’s been fighting government pressure on backdoors to its products. The fight intensified after federal judge Sheri Pym ordered Apple to cooperate with the FBI to unlock encryption on a county-owned phone used by San Bernadino gunman Syed Farook. Begs the question why any government agency — local, state, or federal — would ever issue a phone with encryption the government could not crack in the first place. Seems like one answer is a government- and/or business-specific encryption patch to iOS: [IF phone = government-issued, THEN unlock with government-issued key]. Same for business-issued phones. Your own personal phone, not issued by a government agency or business? No key, period.

Phew. That’s enough for a Wednesday. Hope we can coast downhill from here.

Tuesday Morning: I Don’t Want It Good

I don’t want it good. I want it Tuesday.
— Jack Warner

Pretty sure Mr. Warner would get it just the way he wanted it today.

Surprise: Saudis and Russia agree mutual economic destruction = bad
Expect a rocky market today after a hush-hush agreement by Saudi Arabia and Russia to hold oil production levels to January levels. The FTSE and Brent crude have already taken a hit, though why Brent’s price dropped when supply firmed/tightened makes no sense to me. Good thing I’m not a commodities broker.

Predictable outcome: Dropbox account hacked, contents posted, then teacher fired
I feel awful for this poor teacher, whose privacy was violated and his job lost after someone hacked his Dropbox account, then posted a personal sex tape on his school’s website. Unfortunately, this is another painful real-life lesson: Do NOT store content in the cloud if the content hurt you if leaked.

Shaken by a quake? There’s an app for that
UC Berkeley Seismological Lab released an Android app called MyShake. The application detects vibration fitting earth tremor profiles and reports them to the lab for diagnostics. Enough data combined with other seismic monitoring can confirm an earthquake. The Seismological Lab hopes to build a global seismic detection network which can help detect earthquakes before they begin. With enough advance notice, humans may be able to reduce damage and injury. The Lab says the app runs silently in your phone’s background and doesn’t use up the battery, but this seems like an impossibility. Only one way to find out, though, and only one way for the lab to improve the app’s performance. An iOS version is expected in the near future.

Volkswagen fined by Mexico over emissions — but not the defeat device
Looks like VW imported more than 45,000 vehicles into Mexico without dotting all the Is and crossing all the Ts. The automaker has been fined nearly $9 million dollars (168 million pesos) for failing to obtain mandatory emission and noise certifications. Sounds like VW needs to overhaul its management culture.

Air-gapped computers may not be safe from hacking
A team of researchers from Tel Aviv University and Technion identified a means for hacking air-gapped computers in a completely separate room in order to snag data. Their method only required an antenna, amplifiers, a software-defined radio, and a laptop to measure electromagnetic waves created by a target computer as it deciphered a specific message.

There it is: it ain’t good, but you’ve got it on a Tuesday.