Category Archives: Security

Insurrection is more common than we realize, and how to stop this madness

Insurrection

noun

an act or instance of rising in revolt, rebellion, or resistance against civil authority or an established government.

https://www.dictionary.com/browse/insurrection?s=t

We’ve had 3 insurrections in the past 12 months. Version 1.0 was done by some in public health who thought they actually suspend the Constitution. Version 2.0 was a combination of Antifa, anarchists and right wing provocateurs, and version 3.0 was extreme right wing pro-Trumpers on January 6th.

Insurrection seems quite common – is it stoppable? I think so but it requires a government that truly listens, bases decisions on evidence and logic, explains clearly and is transparent.

Unfortunately, seems unlikely we will see that soon.

Continue reading Insurrection is more common than we realize, and how to stop this madness

Sad: Chuck Yeager, the first man to break the sound barrier, dead at 97

He was awesome:

Chuck Yeager, the historic test pilot portrayed in the movie “The Right Stuff,” is dead at the age of 97, according to a tweet posted on his account late Monday.

Source: Chuck Yeager, the first man to break the sound barrier, dead at 97 | Fox News

Another 97 year old, Col. Richard Bushong, WWII B-17 pilot and USAF veteran is still going strong at the Pima Air and Space Museum. Met him once and so want to get back to talk to him again! Bought his book took!

Store shelves going empty again

Across the food and grocery industry, the holidays are starting to resemble the panic of the pandemic spring, when the supply chain was stressed and businesses were teetering.

Source: Food industry braces for new coronavirus wave – POLITICO

Two weeks ago I did a curb side pickup order from a local store, as recommended by our State’s public health department to minimize contact. One third of the items on my order list turned out to be out of stock. And they were ordinary items – not toilet paper!

Computer security failures in the news

On Monday, Public Health Wales disclosed that it accidentally leaked the personal data of 18,105 Welsh residents who tested positive for COVID-19, and that data was visible for 20 hours on a public server on Aug. 30 and viewed up to 56 times, the agency said.

The data belonged to every resident of Wales who tested positive for COVID-19 between Feb. 27 and Aug. 30. It included people’s initials, date of birth, gender and general location, but not specific information on who they are. Still, for a subset of 1,926 people who live in supported housing or nursing homes, the data included the names of those locations.

Source: Data on 18,105 coronavirus patients leaks after staffer clicks wrong button – CNET

And, a bug in Biden’s campaign app enabled anyone to access voter history and other data on millions of voters.

Far too many organizations collect far too much information, and then retain it online for far too long. The result is “All your secrets belong to us”.

Having pulled official credit reports on myself and my wife, we were surprised to find the high number of errors in the records. For example, credit reporting agencies had us living at addresses we had never lived at. In one case, they intertwined data from a woman with a similar name to my wife. Through what we found in our own credit file, I was able to cleverly identify the woman, her actual home address and her employer!

Over time, the quality of data retained – for too long – in online databases goes down and there is seldom anyway to know what erroneous data has been stored about yourself, nor is there away to seek a correction.

 

Why I have repeatedly stated there is no such thing as “anonymized location data”

In the data drawn from apps, each cellphone is typically represented by an alphanumeric identifier that isn’t linked to the name of the cellphone’s owner. But the movement patterns of a phone over time can allow analysts to deduce its ownership—for example, where the phone is located during the evenings and overnight is likely where the phone-owner lives.

Source: U.S. Government Contractor Embedded Software in Apps to Track Phones – WSJ

Let’s just mandate it: “NSA Warns Cellphone Location Data Could Pose National-Security Threat”

The National Security Agency issued new guidance on Tuesday for military and intelligence-community personnel, warning about the risks of cellphone location tracking through apps, wireless networks and Bluetooth technology.

The detailed warning from one of the nation’s top intelligence agencies is an acknowledgment that Silicon Valley’s practice of collecting and selling cellphone location information for advertising and marketing purposes poses a serious national-security risk to many inside the government….

Source: NSA Warns Cellphone Location Data Could Pose National-Security Threat – WSJ

In December 2019, the FAA released a Notice of Proposed Rulemaking requiring mandatory radio-based Remote Identification and tracking of all hobby radio controlled aircraft weighing more than 250 grams (about 1/2 pound). The Final Rule is expected in December of 2021. The NPRM itself eventually ends the radio control model aircraft hobby that currently exists, makes it legal to fly only certified, manufactured drones that are tracked in real time. The primary purpose is to clear the air space above your home and turn it over to AmazonGoogleUPS. The FAA asserts all rights to the airspace in your back yard, for example.

Every remote controlled aircraft would be required by Federal regulation to connect to the Internet and log its activities in an Internet cloud database, in real time. Those providing the cloud databases may offer them for free in exchange for who knows what – but the FAA itself proposed they might collect photo images and telemetry – such as WiFi and Bluetooth communications collected by the craft.

In effect, the FAA mandates a nationwide low level altitude surveillance network of potentially millions of drones collecting data in real time and logging it in data bases – that may as well be located in China.

Meanwhile, the US DoD and the US Department of the Interior banned the use of Chinese made drones over fears of their use for espionage.

While the left hand bans drones from collecting data, the right hand mandates that all drones must collect potentially invasive data on behalf of foreign organizations.

We know that U.S. firms and others are collecting massive amounts of private data through the use of apps on our smart phones. Google itself collects your location data, even when you turn location services off.

The primary business function of the Internet is surveillance to be used for many purposes.

When was the last time the media hyped a “drone sighting”? I can’t even remember.

Reports to the FAA of “drone sightings”, used by Congress and the FAA to drive forth draconian remote identification and mandated national surveillance networks using drones, with the goal of pricing drone flying out of the public’s reach – were based on bad data and media hysterics, much of which was false reporting.

  • Remember the Aeromexico flight in late 2018 that had a collapsed nose cone? The media blamed that on a drone. Six months later the official investigation found it was due to a maintenance defect on the nose cone.
  • Remember the Gatwick Airport fiasco? The only confirmed drone sightings were of the fleet of surveillance drones operated by the Sussex Police over the airport.
  • Remember the temporary Newark Airport closure due to a “drone sighting”? That drone report was from 20 miles away from the airport and may not have even been a drone at all.

Take a look at this – drone sightings have magically disappeared: Drone Sightings: The Actual Non-Hyped Numbers Analyzed (Graphs, Trends, etc.)

After awhile, when the FAA isn’t stealing Youtube content, they seem to have been busy making up fake drone reports to justify a remote ID proposal that mandates all drones be connected to the Internet cloud, in real time, and used as part of a massive national surveillance program, collecting imagery and telemetry and potentially sending it to China. Brilliant. Not like any drones would so something like that.

The FAA’s primary goal is to make hobby flying of radio control model aircraft so expensive and cumbersome as to eliminate it entirely. The reason is to clear the low altitude airspace for AmazonGoogleUPS delivery drones. The FAA asserts that it and it alone owns the airspace in your front and backyards from the ground up. Literally, the airspace below your head when you stand outside is controlled by the FAA and they intend to use it for corporate delivery and surveillance networks. (See my comments to see how that works.)

Rite Aid used facial recognition in cameras in stores serving poor customers

Claims they’ve turned it off due to “industry conversation” about such technology. The tech is kinda useless when everyone is required to wear an airway restriction device over their face:)

In the hearts of New York and metro Los Angeles, Rite Aid deployed the technology in largely lower-income, non-white neighborhoods, according to a Reuters analysis. And for more than a year, the retailer used state-of-the-art facial recognition technology from a company with links to China and its authoritarian government.

Source: Rite Aid deployed facial recognition system in hundreds of U.S. stores

Twitter is garbage: “All your data is belong to us”, to paraphrase

Twitter’s oversight over the 1,500 workers who reset accounts, review user breaches and respond to potential content violations for the service’s 186 million daily users have been a source of recurring concern, the employees said. The breadth of personal data most of those workers could access is relatively limited — including such things as Internet Protocol addresses, email addresses and phone numbers — but it’s a starting point to snoop on or even hack an account, they said.

The controls were so porous that at one point in 2017 and 2018 some contractors made a kind of game out of creating bogus help-desk inquiries that allowed them to peek into celebrity accounts, including Beyonce’s, to track the stars’ personal data including their approximate locations gleaned from their devices’ IP addresses, two of the former employees said.

Source: Twitter Hack: Broad Access to User Accounts, Security Woes – Bloomberg