Nethappenings: Insurrectionists, Elites, Security 1-25-2021

INSURECTIONISTS

Organizers of Trump Rally Had Been on Campaign’s Payroll https://www.bloomberg.com/news/articles/2021-01-22/trump-campaign-paid-organizers-of-pre-riot-rally-2-7-million

Capitol rioter charged with threatening to ‘assassinate’ New York congresswoman Alexandria Ocasio-Cortez
Garret Miller Did it and said Trump told him to do it —  just like all the rest of the “soldiers” that did what Hitler told them to do it too. they were only following orders.

“Fight for Trump”: Video Evidence of Incitement at the Capitol

ELITES

Birx wears $1000.00 dollar Hermes scarves,
Biden wears a Rolex. So What!
Republicans call them “Elites”
Republicans who say Elite  are not talking about RICH PEOPLE when they use that word because they LOVE RICH PEOPLE and they only want to be rich people, what Republicans are talking about is “SMART” people they hate smart, educated people!! ELITE = SMART

Birx says there was no “full-time team” working on COVID response in Trump White House

SECURITY

Departing Trump lifts Global Magnitsky Sanctions against Dan Gertler 5 days before leaving office. These sanctions were one of the big success stories of the Global Magnitsky Act and lifting them a big setback for anti corruption campaigners.

Two men were arrested on Friday in Amsterdam for selling data from the Dutch government’s COVID-19 databases on private groups on Telegram, Snapchat and Wickr

HIPAA explained: definition, compliance, and violations
This landmark law imposes stringent privacy and security mandates on health care providers—and most of their IT vendors.

Chris Vickery

Break the feedback loop. You can’t stop the messaging from getting “in”, but you can strictly criminalize the act of measuring and reporting back the resulting effect that messaging has in your citizens as individuals and as a whole. Be transparent and emphatic about this. Sending “media metrics” and other measurement reports to foreign entities absolutely is, at this current point in time, *treason*. You need to make this clear. Incident response is not a profitable industry because responding to security incidents generates no easily discernible business profit. – Chris Vikery

—  If your face is your password, every selfie you post is like giving away the md5 hash of your master passphrase.

I am getting more and more concerned about biometrics being used for authentication because credentials are still being stolen left, right and center. I can replace a user id and password, not so much a biometric. At minimum, facial recognition authentication systems should require an additional typed passphrase to act as a salt for the face image “hash”. Otherwise there is no real security gain in the end. You’re just teaching people to blindly trust flawed systems. The security provided by aspect #2 is decreased with every picture of you posted to the internet. Facial recognition is inherently flawed as an authentication method and is degrading daily in reliability. Peak facial has passed. #1 is roughly equal to relying on security through obscurity- meaning that it’s only a matter of time and technical knowledge before the capability to send such an attempt is had by widespread bad actor populations. Which means the only thing preventing a bad guy from authenticating as you with facial recognition is two things:
1. Can they send “attempted numbers” to the authentication system as if coming from your cam?
2. Can they guess a close-enough-resemblance number to trick the system? Think about it. Facial recognition systems turn an image into a number and then decide if that number is a close enough resemblance to the number it has been told to trust.

That’s it! No magic. That’s (basically) all there is to it.

“Remember to change faces regularly…”
At minimum, facial recognition authentication systems should require an additional typed passphrase to act as a salt …