The Chumph is a Soft Touch For Hackers

Oh PLEAZZZE keep using that private phone Mr. Chumph!

Put a target on your back, why don’t you?

Better start listening to your security folks.

 

Another of Trump’s White’s Only House Cabal is a Nazi

The old adage about knowing someone by who they surround themselves with as friends certainly applies here. The racist, neo-Nazi Trump surround himself in the Whites Only House with fellow racists and neo-Nazis.

Another Trump sucker…Another Nazi

Top Trump adviser Sebastian Gorka is a ‘sworn member’ of Nazi-linked group: report

Controversial Trump counter-terrorism aide Sebastian Gorka is facing fresh scrutiny for his ties to far-right political organizations in Hungary.

Forward.com reports that Hungarian group Vitézi Rend, a far-right organization that the United States State Department claims was “under the direction of the Nazi Government of Germany” during World War II, is claiming that Gorka is one of its “sworn members” who took a “life-long oath of loyalty.”

What makes this particularly interesting, notes Forward, is that Gorka’s immigration status in the United States could be jeopardized if he failed to disclose his relationship with the group.

“The State Department’s Foreign Affairs Manual specifies that members of the Vitézi Rend ‘are presumed to be inadmissible’ to the country under the Immigration and Nationality Act,” the website writes.

Gorka’s ties to Vitézi Rend were first revealed earlier this year when a photograph emerged of him wearing one of the group’s medals.

Gorka, who is of Hungarian descent and was born in the United Kingdom, did not respond to Forward’s request for comment, although he has denied in the past that he has any ties to neo-Nazis or anti-Semitic organizations.

 

DeRay McKeeson Phone Hacked By Trumpazoid

Despite efforts by BLM members to up their security, hacking social media accounts by miscreants is still relatively easy, due to intrinsic faults in the platform software.

If you want to be secure on Social Media, you need to change passwords and PINs frequently, and for someone with a high media profile, probably daily. Utilizing some VPN technologies provide security, however those that use DES or WPK Encryption are basically useless against a sophisticated or professional level hacker.

Someone hijacked DeRay Mckesson’s Twitter account in a sneaky and preventable way

It’s called pretexting and it’s easy to do, but it’s also easy to prevent.

By now you’ve probably heard that the Twitter account belonging to #BlackLivesMatter activist DeRay Mckesson was hijacked on Friday. The tweet sent from Mckesson’s account that endorsed Donald Trump for president was probably a giveaway.

It wasn’t a hacking attack in the strictest sense: Twitter’s systems apparently weren’t compromised, and Mckesson even had two-factor authentication turned on. Instead, the attackers hijacked his mobile phone, using a weakness in how account information is managed by wireless providers.

Having first obtained the last four digits of Mckesson’s Social Security number, the hackers called Verizon’s billing department and impersonated him. They then redirected his service to a phone they had handy so that calls and texts going to his number were directed instead to their phone.

From there they used Twitter’s password reset feature — which relies on authorization codes sent via text messages to a phone — and locked Mckesson out of his account.

The technique of pretending to be someone and tricking a wireless provider into handing over control of a customer account is an old one. It’s called pretexting: The attacker pretends to be a customer having a problem, and convinces a service rep that the request they’re making is legitimate.

It’s illegal. When the technique was used by a set of private investigators hired by the chairman of Hewlett-Packard a little more than a decade ago it caused a huge corporate scandal. One person charged served time in federal prison, while others received probation.

So how do you avoid experiencing the same headache Mckesson had on Friday? According to the Federal Trade Commission, it comes down to eliminating your Social Security number as a way to identify yourself to your carrier. Without that, hackers would have no way to access your phone and therefore no way to get ahold of your two-factor authentication code.

The details on how to set this up vary with your wireless carrier:

• AT&T calls its feature “extra security.” It means that before you can talk to a service rep you have to provide a passcode. You can read more about it here.

• Verizon allows customers to set their own personal identifying number to access their accounts. You can do this by calling Verizon or going to a Verizon store.

• T-Mobile does the same thing Verizon does, but calls it a “customer care password.” Again, call in or visit a T-Mobile store.

• Sprint asks customers to set a PIN number to access their accounts.

 

Why Black Folks Need Encryption

The battle between Apple Computer and the FBI is not just about the encrypted messages on one iPhone. What it is really about is expanding the legal ability of the Federal Government to spy on it’s citizens.  This has been an ongoing battle largely behind the scenes between tech developers and Government agencies such as NIST and the NSA. Indeed in 1988 the Government forced standards groups to make TCP/IP the telecom standard upon which the Internet is based, and rejected the OSI standard in large part because the OSI Standard included encryption that was difficult to break, and features which allowed the development of advanced security technologies at the “transmission” level, whereas TCP had none, and was easily compromised by government spooks, who had been using and testing the vulnerabilities of the protocol stack for years. The Internet is not secure, and by design – can never be secured, which is why the Government defense and intelligence agencies use a custom variation of TCP/IP which incorporates capabilities to enhance secure communication.

There are roughly 7 major Commercial Off The Shelf encryption systems in use today. In order to sell those in the US, NSA requires that security “backdoors” be built in such that the systems may be easily compromised by the NSA, and we would assume law enforcement agencies. This requirement does not cover, and has not covered to this point encryption systems on devices which store information internally in flash memory or disk drives. As such manufacturers and equipment owners have been free to encrypt an secure their data by any means they deem appropriate.

There is no such thing as unbreakable encryption. Even that used by the most secret agencies in the Government isn’t unbreakable. What it is is a system which is difficult enough to break that only another government or massive corporation has access to the computer horsepower and scientists to do so – which costs lots and lots of money. So it is actually a race to develop new, more complex systems as the previous system is broken. And I can tell you from personal experience that two guys in a garage that against odds come up with something new and radical which might give those systems heartburn – are in for a visit by the guys in black suits shortly after letting the world know you’ve developed it.

Now – most of what you see on TV about the technology is bullshit. You are not breaking into a unknown secured local network just in time for the hero to do his thing with your trusty laptop. There is no such thing as a 100% secure network, if it has any connection at all to the Internet. The Internet of Things (IoT) which is a hot-button meme right now in the industry isn’t going to happen, because the security in wireless systems is so poor (on purpose and by design).

So…If you are using commercial off the shelf products like cell phones and computers – you can’t stop them from listening in. What you can do is make it difficult enough that unless somebody like the NSA comes after you, you have security. Which is exactly what Apple did.

“Black People Need Encryption,” No Matter What Happens in the Apple-FBI Feud

Here’s why civil rights activists are siding with the tech giant.

Last night, the FBI, saying that it may be able to crack an iPhone without Apple’s help, convinced a federal judge to delay the trial over its encryption dispute with the tech company. In February, you may recall, US magistrate judge Sheri Pym ruledthat Apple had to help the FBI access data from a phone used by one of the San Bernadino shooters. Apple refused, arguing that it would have to invent software that amounts to a master key for iPhones—software that doesn’t exist for the explicit reason that it would put the privacy of millions of iPhone users at risk. The FBI now has two weeks to determine whether its new method is viable. If it is, the whole trial could be moot.

That would be a mixed blessing for racial justice activists, some of them affiliated with Black Lives Matter, who recently wrote to Judge Pym and laid out some reasons she should rule against the FBI. Theletter—one of dozens sent by Apple supporters—cited the FBI’s history of spying on civil rights organizers and shared some of the signatories’ personal experiences with government overreach.

“One need only look to the days of J. Edgar Hoover and wiretapping of Rev. Martin Luther King, Jr. to recognize the FBI has not always respected the right to privacy for groups it did not agree with,” they wrote. (Targeted surveillance of civil rights leaders was also a focus of a recent PBS documentary on the Black Panther Party.) Nor is this sort of thing ancient history, they argued: “Many of us, as civil rights advocates, have become targets of government surveillance for no reason beyond our advocacy or provision of social services for the underrepresented.”

Black Lives Matter organizers have good reason to be concerned. Last summer, I reported that a Baltimore cyber-security firm had identified prominent Ferguson organizer (and Baltimore mayoral candidate) Deray McKesson as a “threat actor” who needed “continuous monitoring” to ensure public safety. The firm—Zero Fox—briefed members of an FBI intelligence partnership program about the data it had collected on Freddie Gray protest organizers. It later passed the information along to Baltimore city officials.

Department of Homeland Security emails, meanwhile, have indicated that Homeland tracked the movements of protesters and attendees of a black cultural event in Washington, DC, last spring. Emails from New York City’s Metropolitan Transit Authority and the Metro-North Railroad showed that undercover police officers monitored the activities of known organizers at Grand Central Station police brutality protests. The monitoring was part of a joint surveillance effort by MTA counter-terrorism agents and NYPD intelligence officers. (There are also well-documentedinstances of authorities spying on Occupy Wall Street activists.)

In December 2014, Chicago activists, citing a leaked police radio transmission—alleged that city police used a surveillance device called a Stingray to intercept their texts and phone calls during protests over the death of Eric Garner. The device, designed by military and space technology giant Harris Corporation, forces all cell phones within a given radius to connect to it, reroutes communications through the Stingray, and allows officers to read texts and listen to phone calls—as well as track a phone’s location. (According to theACLU, at least 63 law enforcement agencies in 21 states use Stingrays in police work—frequently without a warrant—and that’s probably an underestimate, since departments must signagreements saying they will not disclose their use of the device.)

In addition to the official reports, several prominent Black Lives organizers in Baltimore, New York City, and Ferguson, Missouri, shared anecdotes of being followed and/or harassed by law enforcement even when they weren’t protesting. One activist told me how a National Guard humvee had tailed her home one day in 2014 during the Ferguson unrest, matching her diversions turn for turn. Another organizer was greeted by dozens of officers during a benign trip to a Ferguson-area Wal-Mart, despite having never made public where she was going.

In light of the history and their own personal experiences, many activists have been taking extra precautions. “We know that lawful democratic activism is being monitored illegally without a warrant,” says Malkia Cyril, director of the Center for Media Justice in Oakland and a signatory on the Apple-FBI letter. “In response, we are using encrypted technologies so that we can exercise our democratic First and Fourth Amendment rights.” Asked whether she believes the FBI’s promises to use any software Apple creates to break into the San Bernadino phone only, Cyril responds: “Absolutely not.”

“I don’t think it’s any secret that activists are using encryption methods,” says Lawrence Grandpre, an organizer with Leaders of a Beautiful Struggle in Baltimore. Grandpre says he and others used an encrypted texting app to communicate during the Freddie Gray protests. He declined to name the app, but said it assigns a PIN to each phone that has been approved to access messages sent within a particular group of people. If an unapproved device tries to receive a message, the app notifies the sender and blocks the message from being sent. Grandpre says he received these notifications during the Freddie Gray protests: “Multiple times we couldn’t send text messages because the program said there’s a possibility of interception.”

Cyril says “all of the activists I know” use a texting and call-encryption app calledSignal to communicate, and that the implication of a court verdict in favor of the FBI would be increased surveillance of the civil rights community. “It’s unprecedented for a tech company—for any company—to be compelled in this way,” Cyril says….

 

 

Arline Security Incident in Flight to NYC

This one is strange. I am a frequent flyer, and I can’t imagine anyone wanting to spend a moment longer than necessary in one of those tiny on-board bathrooms on a commercial airliner. They aren’t designed to be comfortable intentionally – to encourage passengers to spend as little time as possible – instead of taking a magazine to read half the flight preventing other passengers from having access.

So if 3 passengers lock themselves in, and refuse to come out – there’s a problem. a BIG problem. And with airplane food being confined to a bag of chips and a stale cookie anymore…

It wasn’t something they ate.

Definitely no room for a Jacuzzi...

Military jets safely escort flight to NYC

Two fighter jets escorted a New York-bound American Airlines flight from Los Angeles after three passengers locked themselves in the bathroom Sunday, the 10th anniversary of the Sept. 11 attacks, officials said.

A law enforcement official said it wasn’t thought to be terrorism, and American Airlines spokesman Tim Smith said, “In our eyes, it’s a big nothing.”

The North American Aerospace Defense Command scrambled two F-16 jets to shadow Flight 34 until it landed safely at New York’s Kennedy Airport at 4:10 p.m. Sunday, the Transportation Security Administration said in a statement.

The nature of the incident was unclear, but the passengers locked themselves in the bathroom and were still inside when the plane landed, the law enforcement official said. The official was not authorized to speak publicly and spoke to The Associated Press on condition of anonymity.

Law enforcement met the flight and will interview passengers, the TSA statement said. The FBI responded to the airport.

The jets intercepted the flight about 100 miles west of New York and shadowed it until it landed, said John Cornelio, spokesman for the North American Aerospace Defense Command. He described the measure as precautionary.

Smith said a “security concern” was brought to the airline’s attention but the plane’s captain never declared any sort of security threat and never requested law enforcement help.

He said the crew used “normal procedures” to assess the circumstances and the plane landed as planned.

New York has been in a heightened state of security after federal officials received a credible but uncorroborated tip of a car bomb plot on the anniversary in either New York or Washington.

 

So What’s the Gas Mileage on this Bad Boy, Again?

The President Obama buses are causing quite a stir. Tricked out with special paint, and some serious high-tech gadgets the Secret Service will barely even allude to, these bad boys are apparently able to get on down the road if necessary.

Drawing from what is known about “the Beast” – the Presidential Limousine, we can deduce that the Bus has some pretty serious armament, possibly including 8″ thick armor plate, to go along with the “bulletproof  glass” windows. The interesting thing is that it is designed not to show much on the outside.

One of the interesting things about the two vehicles (there is a red one and a black one) is that no markings or stickers are allowed on the vehicles.

They are now saying they are going to let the Republican Presidential candidate ride in one of these?

I hope the interior is designed to be hosed out.

$1.1 million bus used by Obama has high-tech defenses – but what are they?

The Secret Service refuses to give away many details on the design, but has said it has similar features to Obama’s regular ride, The Beast. The tricked-out Cadillac known as The Beast looks like a regular limousine, but is built more like a tank.

If the Obama Bus is similar to The Beast, it will have tank-like armor and cutting edge technology. For example, The Beast has 8-inch thick armor-plated sides, special bulletproof glass, and Kevlar-reinforced tires. The tires are mounted on specially designed rims that can continue to drive even if the tires are missing.

Like The Beast, the bus is probably airtight, and likely has an advanced fire suppression system, oxygen tanks, and is built to withstand a chemical attack.

In case of a medical emergency, bags of Obama’s blood are likely carried onboard just as they are in The Beast.

With more room than The Beast, the bus will probably have more defensive tricks up its sleeves than The Beast’s night vision cameras, shotguns, and tear-gas cannons.

The electronics and communications are no doubt state of the art, and are sure to replicate The Beast’s direct satellite phone line to the Vice President and the Pentagon.

The Secret Service used a fund for transportation and armored vehicles to buy two of these buses from the Hemphill Brothers Coach Company for a total of $2,191,960. No word on whether the company will make more, but Cadillac said they would not make The Beast for any private customers or foreign country saying the design is “very private and secretive.” Chances are these buses are two of a kind and will remain so.

While $2.2 million may sound expensive, it is expected to be cheaper than the normal leased buses over a ten year span, and a Secret Service official implied leased buses aren’t safe enough, saying, “we have not been satisfied with the level of protection offered by leased buses.”

And they aren’t just for the President. The second bus is expected to be used by the Republican presidential candidate and both will eventually be used for visiting dignitaries and future officeholders and candidates.

But until the Secret Service releases more details, the real technology inside the Obama bus will remain a mystery.

 

Don’t Touch My Internet “Junk”, Either!

“Don’t touch my junk, Bro!”

Seems even a former Playboy Bunny, now confined to a wheelchair, can’t wear little enough to get through airport security without a patdown!

The woman who wore only her bra and panties while going through security at Will Rogers World Airport is speaking out about why she did it.

Video of Tammy Banovac sitting in a wheelchair in just her underwear has made international news. She said after a bad experience with a Transportation Security Administration pat-down, she decided to strip down to her lingerie so security screeners could clearly see she was not a threat.

“The less of me that they had to pat down and check, the less invasive a search would be. And wearing a bra and panties was just about as minimal as I could get,” Banovac said.

Banovac said because of injuries she suffered, she must use a wheelchair. She said she’s been subjected to uncomfortable pat-downs because she cannot go through metal detectors.

In other news – similar to “Do Not Call” registries, Do Not Cookie may soon become a reality on the Internet…

FTC pitches do-not-track system to let consumers opt out of Web data collection

The Federal Trade Commission on Wednesday recommended creating a do-not-track system that would prevent Web sites from collecting unauthorized consumer data, part of a widely anticipated agency report on improving Internet privacy.

The FTC report, aimed at helping policymakers and lawmakers craft privacy rules, also calls for Web sites to disclose more about the information they gather on users, including what has been collected, how it is used and how long it is stored. It also recommended that companies offer users more choices for opting out of data collection schemes.

Regulators and lawmakers are focusing more closely on online privacy after a spate of high-profile data breaches, including Google’s recent admission that it collected personal data from Wi-Fi networks in several countries.

FTC Chairman Jon Leibowitz said in a news conference Wednesday that the current, largely unregulated approach to Internet privacy has fallen short. That approach is favored by advertisers, social-network operators and Web search companies.

The agency’s recommendations – passed unanimously by the five-member commission – seek to balance the concerns of Web advertisers, media companies and retailers that have devised business models around tailored advertisements based on profiles of users. The agency is taking comments on its report until Jan. 31.

“The FTC wants to help ensure that the growing, changing, thriving information marketplace is built on a framework that promotes privacy, transparency, business innovation and consumer choice,” Leibowitz said. “We believe that’s what most Americans want as well.”

 

Growing Pushback Against Airport Security Measures

Dealing with Airport Security can be a royal pain in the ass. The rules are confusing, sometimes seem trite and arbitrary, and the personnel could use some sensitivity training.

Case in point –

Airport pat-downs provoking backlash

New pat-down procedures at airports have prompted a growing backlash among pilots, flight attendants, civil-liberties groups and security-weary passengers who say the touching goes too far.

In the latest escalation of the debate over the balance between security and passenger rights, privacy advocates have enlisted consumer-rights activist and four-time presidential candidate Ralph Nader, who calls the screening techniques “extremely voyeuristic and intrusive.”

The Transportation Security Administration (TSA) calls it the new reality of airport security.

The new TSA pat-down procedure is part of a general tightening of air security that includes new full-body scanners which use X-rays to see through clothing to detect suspicious objects. If a full-body machine — like those now in use at Seattle-Tacoma International Airport — shows something strange or a passenger declines to go through the machine, a TSA officer will perform a more personal search.

The examinations routinely involve the touching of breasts and genitals, invasive searches designed to find weapons and suspicious items. The searches, performed by TSA security officers of the same sex as the passenger, entail a sliding hand motion on parts of the body where a lighter touch was used before, aviation-security analysts say. The areas of the body that are being touched haven’t changed.

“It’s more than just patting you down. It’s very intrusive and very insane. I wouldn’t let anyone touch my daughter like that,” said Marc Moniz, of Poway, Calif., who is planning to accompany his daughter’s eighth-grade class from San Diego to Washington, D.C., in April. “We’re not common criminals.”

Brian Sodergren, of Ashburn, Va., who works in the health-care industry, is organizing an “opt-out” day to encourage passengers to say no to advanced imaging technology, known to industry insiders as a “virtual strip-search.” He’s planning the protest for one of the busiest travel days of the year: Nov. 24, the day before Thanksgiving.

“Many people only fly around the holidays and may not be aware of the security changes,” Sodergren said. “I think once people are made aware of what is happening, they may have reservations about the new procedures.”

An activist group has launched WeWontFly.com, a website, and says it has gotten more than 70,000 hits a day since going online just a week ago. The site asks passengers to say no to scans and pat-downs and for TSA to remove its “porno-scanners” and “gropers.”

“We’re opposed to letting TSA treat us like criminals,” said James Babb, 42, of Eagleville, Pa., who is organizing the We Won’t Fly campaign.

 

 

 

 

 

Haiti…And Telecom

Had at least 1/2 dozen folks email me this today to ask what I thought. Even popped up over at NewsOne.

This is what is left of the Teleoco Main Building and Central Office

Telecom Companies Seek To Make Haiti A Mobile Nation

The earthquake that devastated Haiti also destroyed the nation’s feeble network for phones and Internet service. Except for cellphones, the population was largely cut off from communication.

But out of the rubble, one U.S. wireless industry pioneer sees opportunity.

John Stanton, founder of Voice Stream and former chief executive of T-Mobile USA, wants the Haitian government to forget about rebuilding its copper wire communications network. Instead, he thinks Haiti should go mobile.

“Necessity is the mother of invention,” Stanton said. Read the rest of this entry »

 

My Ding-a-Ling

What’s with the Republican need to get swarthy men nekkid?

Vodpod videos no longer available.

more about “My Ding-a-Ling“, posted with vodpod

 

Reaching For Racism in Response to Terrorism

Once again, the knee jerk reaction of the right is to reach for racism instead of coming up with comprehensive answers to terrorism. In the past, this sort of right wing racism has led to to less efficient and weaker security.

Vodpod videos no longer available.

The bomber managed to evade airport security in Nigeria. Whether that is because the airport there didn’t have sophisticated (and expensive) explosives sniffing equipment, the attempted bomber had help – or he simply bribed his way in is unknown. As the son of a wealthy, well known businessman in a country where corruption is rampant – more than likely the answer is the latter.

Once he was in the supposedly “scanned” part of the system, he normally wouldn’t have had to go through security again until he reached his destination. This suggests the “trust level” of the Airport Security at the Nigerian Airport needs to be re-evaluated, and potentially passengers from that airport need to be re-screened prior to boarding another flight – just as they are when flying in from places with little or no security systems. The explosive material he was carrying, PETN is well known, and if he was screened properly would have set off every alarm in the system.

As to the ethnic profiling preferred by Republican fools – granting yet another level of white privilege in freedom from security suspicion stupidly ignores the fact that of the world’s 1 billion Muslims…

Some of them have blond hair and blue eyes.

more about “Reaching For Racism in Response to Te…“, posted with vodpod

 

Italian Leader Silvio Berlusconi Attacked

You think our Secret Service is in trouble for the Party Crashers at the State Dinner…

Italian Leader Attacked at Rally

An attacker hurled a statuette at Italian Premier Silvio Berlusconi, striking the leader in the face at the end of a rally on Sunday and leaving the stunned 73-year-old media mogul with a bloodied mouth, police said.

The 42-year-old man accused of attacking Berlusconi in Milan as he signed autographs was immediately taken into custody. The Italian leader was rushed to a hospital where he was being held overnight.

TV showed the stunned Berlusconi with blood under his nose, on his mouth and under one eye as he was lifted to his feet by aides after the attack. The leader was hustled into the back of a car, but he immediately got out, apparently to show he was not badly injured.

But Berlusconi suffered a “small fracture” of the nose, two broken teeth and an injury to the inside and outside of his lip, said Paolo Klun, chief spokesman for Milan’s San Raffaele Hospital.

“He wanted to go home right away, but he is being held as a precaution” for overnight observation, Klun said. The premier suffered “a significant bruising trauma from this blunt instrument that was hurled at him.”

Police first said it appeared the assailant had punched Berlusconi in the face while clutching a souvenir statue of Milan’s Duomo, or gargoyled cathedral, which symbolizes the city. But state TV later showed a video, somewhat blurry, of what appeared to be the attacker’s hand coming close to Berlusconi’s face while holding the statue, then letting go of the object at the last minute as it hit the premier’s face.

Yeah – they got crazy people over there, too.

In any event, in an interview with 60 Minutes, President Obama let’s his feelings be known about the breakdown in security –

 

Cyber Katrina

President Obama wants to appoint a Cyber Tsar.

There are major issues with the Internet and the proposed build-out of networks to support everything from the Power Grid to the National First Responders (Fire/Police/Rescue). The issue really revolves around the fact that the core communications technology utilized in the Internet was developed at a time where Security wasn’t a driving issue – survivability in the event of nuclear attack was.

As such, the technology is inherently insecure – and the ability to secure it is an ever steeper mountain as the number of users of the technology increases.

Most recently, Chinese Government spies cracked into the Joint Fighter program, and possibly stole the plans to one of our most advanced weapons systems. Personal information on the Internet might as well be public, as even moderately sophisticated hackers are able to defeat many of the “security” systems employed by commercial entities.

As the country moves along the path of interconnecting more and more functionality across the Internet, the risk of Cyber-terrorism rises exponentially. The ability to remotely shut down significant portions of the electric grid. The ability to shut down communications between various Law Enforcement Agencies. The ability to shut down the telephone system. All of these are capabilities gained by Cyber-Terrorists as these systems are migrated onto the Internet infrastructure.

Instead of getting harder to attack systems, when you tie them all to one technology and infrastructure – the bar is lowered.

Significantly lowered.

Be interesting if President Obama picks someone who is going to look at this with a new set of eyes – or someone who will follow the program.