Posts

Wednesday: Chansons françaises

This Parisian artist is fascinating. Indila is extremely popular in France, mostly because of ballads like this one with multi-generational appeal. Many of her works contain lyrics in more than one language which increases the breadth of her allure. This particular song is indie/dream pop, but she also works in rap and fusion raï — the latter a form of Algerian folk music.

It’s no surprise that some of Indila’s work fuses raï with other genres. She’s of Algerian descent, though she’s said she’s also Indian, Cambodian, Egyptian and Moroccan. Indian influences her work with band TLF in Criminel, African cultures shape her collaboration with Youssoupha in Dreamin’ (the video is set in Arizona, oddly enough), and Middle East in Poussière d’empire with artist Nessbeal.

Do surf YouTube for more of her solo work when you’re in the mood for something sweet and angst-y.

Troubles continue abroad

I-spy

  • UK oversight struggles with MI5’s bulk collection (The Guardian) — Jeepers, it’s like MI5 took lessons from U.S. law enforcement on resisting oversight.
  • Canada’s intelligence agency likewise resists oversight (CTVNews) — Communications Security Establishment (CSE) won’t disclose what information has been shared with other non-Canadian entities which may result in human rights violations. CSE may not spy on Canadians anywhere, but compliance can’t be proven with censored records.
  • Not even going to bother with the Trump+Russia crap here, because it’s all over social media. Probably well-fanned smoke to hide his refusal to release tax returns.

Dick moves
These are among some of the stupidest, rudest, dickiest things in my timeline today. Perps deserve a whack along side the head. Don’t like my language? Tough rocks.

Long-listen
If you have the stomach for it, listen to this Bloomberg podcast in which Laurence Ball, Department of Economics Chair at Johns Hopkins, says the U.S. could have avoided the 2008 crash by rescuing Lehman Brothers. Hindsight is 20/20 — in this case, it’s nauseating, too. Fecking Bush administration…

Hasta pasta!

Thursday Morning: Try

Where there is a flame, someone’s bound to get burned
But just because it burns, doesn’t mean you’re gonna die
You gotta get up and try, and try, and try

— excerpt, Try by P!nk

Racier than the usual video here, but I’m trying — hence this selection. I’m fried after a late night, can’t muster much mental wattage this morning. Only one cohesive theme emerged by itself from my news feeds, though I kept trying for a second one.

Surveillance

  • Surveillance as shrug: British activists doing nothing about surveillance (OpenDemocracy) — Study shows UK activists have not taken action against state surveillance, offering a number of explanations for why. But perhaps the most obvious one not addressed is an unconscious chilling effect of surveillance combined with cognitive dissonance about the degree of instrusion by the state.
  • Surveillance as future shock: State’s ability to monitor us has exceeded our laws (Ars Technica) — No shit, really? ~sigh~ It’d be nice if this piece actually called out lawmakers for their inability to keep up and put a brake on the state’s capabilities and practices. Even educators on this topic — like Prof. Elizabeth Joh interview here — don’t appear to realize pre-crime has arrived. It’s just not yet evenly distributed.
  • Surveillance as filler: Access to private surveillance cams makes local news (KOKI) — Fox affiliate in Tulsa OK demonstrates ease with which strangers can access surveillance cam feeds — and the story is picked up by another local news affiliate in Memphis TN. Reaction appears blasé as the story doesn’t spread to national outlets.
  • Surveillance as art: Watched! Surveillance, Art and Photography (e-Flux) — The panopticon pervades our culture as it becomes the topic of our art, manifest in this exhibition. Anybody making a trip to Gothenberg, Sweden this summer? Check this show out.
  • Surveillance as social life: Fairly average 13-year-old’s life online (WaPo) — Unrelenting self-examination of one’s life as it may be observed by others — that’s what our kids and grandkids are doing to themselves and others. They’re growing up with a deeply embedded sense that watching everything and critiquing what they see is their life. What is it doing to their sense of privacy, to their understanding of human social boundaries?

Yuck. I could just barf after that last one. We are jacking our kids into this monster without pause. That’s enough for today.

Friday Morning: Mi Ritmo

Oye como va
Mi ritmo
Bueno pa gozar
Mulata

— excerpt, Oye Como Va by Tito Puente

This Latin jazz song was on the very first album I owned — Santana’s Abraxas. I have no idea what possessed my father to select this way back in 1971 because he’s not musically inclined. I prefer to think he was persuaded by the music store staff to buy it for me rather than think the cover art did it for him. To this day I don’t dare ask; I’d rather live with my illusion.

Perhaps he simply liked Oye Como Va by Tito Puente and decided I needed it. Maybe that’s what he wanted to listen to when I played the album over and over again, ad nauseam. The song is still easy to listen to even when played by a septuagenarian, isn’t it? Though Puente probably still felt the same way about this song in his last live performance as he did when he first recorded it in 1963.

The personal irony I’m certain my father never considered: the last line is a reference to a mixed race “mulatto” woman. That’s me.

Vamos, amigos!

Wheels

  • South Korea frustrated by Volkswagen’s response to Dieselgate (Yonhap) — Hard to tell how many VW passenger diesel cars with the emissions controls defeat tech have been sold in South Korea to date. Last year’s sales of 35,700 suggest VW needs to exert itself a little more than offer to recall a total 125,000 cars.

Technology Trends

  • Breakthrough in memory technology could change computing dramatically (IBM via YouTube) — I’m still trying to wrap my head around this; could be the simplicity of the underlying science seems so obvious I can’t understand why it wasn’t discovered sooner. Using polycrystalline rather than amorphous material, more data can be stored and in a manner which is stable and not prone to loss when electricity is cut. This technology could replace DRAM at flash memory prices. Imagine how quickly systems could begin processing if they could avoid seeking programs and data.
  • Google’s annual I/O event chary on enterprise computing (ComputerWorld) — Wonder if Google executives’ expressed intent to focus on the enterprise is a veiled threat directed at Oracle? The I/O annual conference didn’t have enough enterprise applications to satisfy the curious; is Google holding back? Or are there pending acquisitions to fill this stated intent, ones not yet ready for publication? I wouldn’t be surprised to see Google launch something on par with Salesforce or Zoho very soon. Google Drive components already compete with or are integrated with some of those Zoho offers in its small business offering.
  • Android’s coming to Chromebooks — finally! (Google Blog) — I’ve put off buying another laptop until this happened, guess I’ll look at the first three models on which developers will focus their development. The applications available for Android phones have been mind-boggling in number; it’d be nice to have the same diversity of selection for laptops. And then maybe desktops in the not-too-distant future? That would really make a dent in enterprise computing.

Cybersec

  • Security camera not password protected? Police may be able to tap it (Engadget) — Love the subhead: “Don’t worry, it’s supposed to be for a good cause.” Just add the invisible snark tag. Purdue University researchers found surveillance cameras could be tapped to allow law enforcement to monitor a crime scene. I don’t know about you but this sounds like a backdoor, not a convenient vulnerability. If the police can use it soon, who might already be using it?
  • Qualcomm mobile chip flaw leaves 60% of Android devices exposed (Threatpost) — Not good, especially since this boo-boo may affect both oldest and newest Android versions. But a malicious app is required to take advantage of this flaw, unlike the Stagefright exploit. Android has already issued a patch; the problem is getting it to all affected devices.
  • LinkedIn’s 2012 breach yielded info on more than 100 million accounts (Motherboard) — Only 6.5 million accounts were initially breached — but that’s only the first batch published online. The actual haul from 2012 was at least 117 million accounts, now for sale for a mere five bitcoins or $2200. Are you a LinkedIn user? Time to check Have I Been Pwned? to see if your account is among those in the breach.

Climate Crises

  • Record high temp of 51C (124F) recorded in India (The Register) — Drought continues as well; article notes, “Back in India, relief from the heat is expected when the annual monsoon hits. The cooling rains generally arrive in mid-June.” Except that with a monster El Nino underway, the amount of rain and cooling will depart from average.
  • Polymath Eleanor Saitta considers climate change and comes to some grim, mortal conclusions (Storify by @AnthonyBriggs) — If you’re a policymaker, you’d better worry about dealing effectively with climate refugees and deaths in the millions. Maybe billions. Refugees from Syria will look like a minuscule blip. If you’re not terrified, you should be.

Looks like it’s going to be a lovely late spring weekend here — hope you’re going to have a nice one, too. See you Monday!

Info Security Firms and Their Antivirus Software Monitored (Hacked?) by NSA, GCHQ

[NSA slide indicated info sec AV firms targeted for surveillance]

[NSA slide indicated info sec AV firms targeted for surveillance]

Let’s call this post a work in progress. I’m still reading through a pile of reporting from different outlets to see if it’s all the same information but rebranded, or if there’s a particular insight one outlet picked up, missed by the rest. Here are a few I’ve been working on today:

7:03 am – Popular Security Software Came Under Relentless NSA and GCHQ Attacks (The Intercept)

7:12 am – US and British Spies Targeted Antivirus Companies (WIRED)

9:48 am – Spies are cracking into antivirus software, Snowden files reveal (The Hill)

12:18 pm – GCHQ has legal immunity to reverse-engineer Kaspersky antivirus, crypto (Ars Technica-UK)

12:57 pm*  – US, UK Intel agencies worked to subvert antivirus tools to aid hacking [Updated] (Ars Technica)(*unclear if this is original post time or time update posted))

~3:00 pm – NSA Has Reverse-Engineered Popular Consumer Anti-Virus Software In Order To Track Users (TechCrunch)
(post time is approximate as site only indicates rounded time since posting)

The question I don’t think anyone can answer yet is whether the hack of Kaspersky Lab using Duqu 2.0 was part of the effort by NSA or GCHQ, versus another nation-state. I would not be surprised if the cover over this operation was as thin as letting the blame fall on another entity. We’ve seen this tissue paper-thin cover before with Stuxnet.

For the general public, it’s important to note two things:

— Which firms were not targeted (that we know of);

— Understand the use of viruses and other malware that already threaten and damage civilian computing systems only creates a bigger future threat to civilian systems.

Once a repurposed and re-engineered exploit has been discovered, the changes to it are quickly shared, whether to those with good intentions or criminal intent. Simply put, criminals are benefiting from our tax dollars used to help develop their future attacks against us.

There’s a gross insufficiency of words to describe the level of shallow thinking and foresight employed in protecting our interests.

And unfortunately, the private sector cannot move fast enough to get out in front of this massive snowball of shite rolling towards it and us.

EDIT — 5:55 pm EDT —

And yes, I heard about the Polish airline LOT getting hit with a DDoS, grounding their flights. If as the airline’s spokesman is correct and LOT has recent, state-of-the-art systems, this is only the first such attack.

But if I were to hear about electrical problems on airlines over the next 24-48 hours, I wouldn’t automatically attribute it to hacking. We’re experiencing effects of a large solar storm which may have caused/will cause problems over the last few hours for GPS, communications, electricals systems, especially in North America.

EDIT — 1:15 am EDT 23JUN2015 —

At 2:48 pm local time Christchurch, New Zealand’s radar system experienced a “fault” — whatever that means. The entire radar system for the country was down, grounding all commercial flights. The system was back up at 4:10 pm local time, but no explanation has yet been offered as to the cause of the outage. There were remarks in both social media and in news reports indicating this is not the first such outage; however, it’s not clear when the last fault was, or what the cause may have been at that time.

It’s worth pointing out the solar storm strengthened over the course of the last seven hours since the last edit to this post. Aurora had been seen before dawn in the southern hemisphere, and from northern Europe to the U.S. Tuesday evening into Wednesday morning. It’s possible the storm affected the radar system — but other causes like malware, hacking, equipment and human failure are also possibilities.