Educational CyberPlayGround: NetHappenings News Letter 11-7-19

EDUCATIONAL CYBERPLAYGROUND
Reference Directory of K-12 public, private, and charter schools in all 50 states. Find Teaching Resources for Teachers, Music, Literacy, Internet, Technology, Arts and Linguistics for students, teachers, parents, and policy makers.

K12PlayGround.com
IT IS ALL ABOUT THE PROCESS
working together, problem solving, team building, imagination, creativity and failure, which carries into art, math, writing, science, reading, social studies, and all other parts of the curricula. Help students gain enduring skills and knowledge for current and future challenges.

NEWS

Credibility, not information, is the real currency!
Newspapers are still considered by most as credible. American Newspapers still decide what is a real story by covering it, which is makes it important and real.
“On the Internet, nobody knows you’re a dog.” is an adage and meme about Internet anonymity which began as a cartoon caption written by Peter Steiner and published by The New Yorker on July 5, 1993.
The Internet democratized access to the production and dissemination of information and simultaneously destroyed the economics of high-quality journalism while leaving in place the culture and custom of credibility and truth.

Boeing’s poor information security posture threatens passenger safety, national security, researcher says
Boeing test development networks are publicly exposed to the internet, Kubecka said, and at least one of Boeing’s email servers is infected with multiple strains of malware. Kubecka believes that the infected email servers are being used to exfiltrate sensitive intellectual property including code used in both civilian passenger aircraft as well as aircraft Boeing sells to the US military.
Kubecka, a well-respected security researcher, critical infrastructure expert, and Air Force veteran, tells CSO she has struggled to report what she calls blatant, easily fixable security issues for more than six months. She also alleges that Boeing, through back channels at DEF CON, threatened her with legal action and a public relations smear campaign to prevent her from going public. Kubecka declined to identify who made the threats, when and where they were made, or how they might be associated with Boeing.
“If I saw a broken door on an aircraft, I would not get in trouble for reporting to the FAA that the plane flew,” Kubecka tells CSO. “But as a security researcher, it’s legally fraught to report security vulnerabilities.”
https://www.csoonline.com/article/3451585/boeings-poor-information-security-posture-threatens-passenger-safety-national-security-researcher-s.html

Former Twitter employees charged with spying for Saudi Arabia by digging into the accounts of kingdom critics.  The arrest of one of the former Twitter employees, Ahmad Abouammo, a U.S. citizen who is alleged to have spied on the accounts of three users — including one whose posts discussed the inner workings of the Saudi leadership — on behalf of the government in Riyadh.
The Justice Department has charged two former Twitter employees with spying for Saudi Arabia by accessing the company’s information on dissidents who use the platform, marking the first time federal prosecutors have publicly accused the kingdom of running agents in the United States. One of those implicated in the scheme, according to court papers, is an associate of Saudi Crown Prince Mohammad bin Salman, who the CIA has concluded likely ordered the assassination of journalist Jamal Khashoggi in Istanbul last year.

In Trump’s Twitter Feed: Conspiracy-Mongers, Racists and Spies
“…The New York Times examined Mr. Trump’s interactions with Twitter since he took office, reviewing each of his more than 11,000 tweets and the hundreds of accounts he has retweeted, tracking the ways he is exposed to information and replicating what he is likely to see on the platform. The result, including new data analysis and previously unreported details, offers the most comprehensive view yet of a virtual world in which the president spends significant time mingling with extremists, impostors and spies.
https://www.nytimes.com/interactive/2019/11/02/us/politics/trump-twitter-disinformation.html

Dark Web: 8chan returns with new name 8kun
8kun  warning says ‘Any content that violates the laws of the United States of America will be deleted and the poster will be banned.’” Launched in 2013 by Fredrick Brennan as an alternative to 4chan, 8chan had been linked to harassment campaigns, racism, misogyny, neo-Nazism, pedophilia and mass shootings. It was also a hub for believers of far-right conspiracy theory QAnon, which claims that a secret cabal of “Satan-worshiping pedophiles” rules the world and that only Donald Trump can stop them.
https://mashable.com/article/8chan-8kun-rebrand-return

https://www.vice.com/en_us/article/a359dz/8chan-is-back-with-a-new-name-and-qanon-is-already-posting

Putin’s Top Spy: We’re Teaming Up With D.C. on Cybersecurity
By Amy Knight The Daily Beast 11.04.19
Behind-the-scenes cooperation with U.S. agencies, particularly on cybercrime and terrorism, is a theme the Kremlin likes to push onto center stage. Trump likes it, too.
https://www.thedailybeast.com/putins-top-spy-russian-fsb-chief-alexander-bortnikov-were-teaming-up-with-dc-on-cybersecurity

The Pentagon is under assault every hour of the day
Microsoft’s $10 billion contract win over cloud rival Amazon for the ultra-lucrative military contact means that an intelligence-gathering apparatus among the most important in the world is based in the woods outside Seattle. These kinds of national security responsibilities once sat almost exclusively in Washington, DC. Now in this corner of Washington state, dozens of engineers and intelligence analysts are dedicated to watching and stopping the government-sponsored hackers proliferating around the world.
https://www.technologyreview.com/s/614646/inside-the-microsoft-team-tracking-the-worlds-most-dangerous-hackers/

Following a recent conference of foreign security and law enforcement agencies, the head of Russia’s State Security Service, the FSB, made the surprising announcement that Russia and the United States have resumed cooperation on cybersecurity.
“We are maintaining working contacts by our experts and special unit heads with the Central Intelligence Agency, the Federal Bureau of Investigation and the Drug Enforcement Agency,” said Gen. Alexander Bortnikov, noting that such contacts should always occur, regardless of the foreign policy situation.
Behind-the-scenes cooperation with the Trump administration, particularly when it comes to cybercrime and terrorism, is a theme the Kremlin likes to push onto center stage every so often. And according to our sources there is indeed some consultation at a practical level, but for Washington’s intelligence professionals it’s a very delicate, very dangerous game, complicated enormously by the inclinations and prejudices of President Donald J. Trump.
In response to queries about Bortnikov’s statement, spokespersons for both the CIA and the DEA told The Daily Beast that they had no comment, and the FBI has not responded at all. […]

Cyber memo warns of new risks to White House network

An internal memo on cybersecurity, obtained by Axios, warns that “the White House is posturing itself to be electronically compromised once again.”
The state of play: That’s after at least a dozen top- or high-level officials have resigned or been pushed out of a cybersecurity mission that was established under Barack Obama to protect the White House from Russian hacking and other threats, according to conversations with several current and former officials.

KGB Manuals Notes on Exposure of the Enemy’s Set-Ups
Top Secret: Exposure of the Enemy’s Set-ups [Dangles] in the Process of Development of Persons of Interest to Intelligence 1971
http://www.interpretermag.com/notes-on-exposure-of-the-enemys-set-ups/

Facebook will allow UK election candidates to run false ads. “A controversial policy allowing politicians to run false ads on Facebook will extend to the United Kingdom as the country prepares to vote in a historic December election, Facebook confirmed to CNN Business.”
https://www.cnn.com/2019/11/01/tech/facebook-false-ads-uk/index.html

Why Facebook Should Sit Out The 2020 Election.
American democracy is in deep trouble, social media companies have violated our trust too many times to count and, at least in the US, there’s no way to regulate digital election ads — or to even ask the Federal Elections Commission, which has been effectively shut down under Republican control, to offer guidance. Without oversight, there’s no civically responsible way to allow digital ad buys. From my experience as a political strategist for Democratic candidates and advocacy groups, I believe Facebook should adopt the same policy.
https://www.buzzfeednews.com/article/melissaryan1/facebook-political-ads-2020-election-dorsey-zuckerberg

The US government is looking into the popular social media app TikTok for possible security risks. TikTok, which is owned by Chinese company ByteDance, has become incredibly popular with teenagers in the US and around the world for its short-form videos.
https://www.cnet.com/news/us-launches-a-national-security-review-of-tiktok-report/#ftag=CAD590a51e

Why worry about the KGB when ISPs do a fantastic job lying to Congress
ISPs lied to Congress to spread confusion about encrypted DNS, Mozilla says. “Mozilla is urging Congress to reject the broadband industry’s lobbying campaign against encrypted DNS in Firefox and Chrome. The Internet providers’ fight against this privacy feature raises questions about how they use broadband customers’ Web-browsing data, Mozilla wrote in a letter sent [yesterday] to the chairs and ranking members of three House of Representatives committees.”
https://arstechnica.com/tech-policy/2019/11/isps-lied-to-congress-to-spread-confusion-about-encrypted-dns-mozilla-says/

0-Day Alert! #Google is warning Windows, Mac, #Linux users to update their #Chrome browser (to 78.0.3904.87) immediately due to a security vulnerability.

#Google is trying to kill web URLs and this has nothing to do with security
a chrome extension tries to restore the URLs to searches
https://chrome.google.com/webstore/detail/remove-breadcrumbs/banhponphmmpnpogmfaahcgkgbgkcoka?hl=en

PRIVACY

NordVPN users’ passwords exposed in mass credential-stuffing attacks
https://arstechnica.com/information-technology/2019/11/nordvpn-users-passwords-exposed-in-mass-credential-stuffing-attacks/

BRAVE Browser
Chrome, Firefox, DuckDuckGo, and Opera’s “private” browsing mode is not truly private. Brave was created with a built-in ad-blocker to give you the fastest internet browsing experience, while providing the deepest level of privacy and security protection. Brave also lets you control who profits from your data with blockchain-based tokens. Faster, Safer, Ad-Free Browsing.

 

This Is How the U.S. Military’s Massive Facial Recognition System Works
The presentation also sheds light on how military, state, and local law enforcement biometrics systems are linked. According to Krizay’s presentation, ABIS is connected to the FBI’s biometric database, which is in turn connected to databases used by state and local law enforcement. Ultimately, that means that the U.S. military can readily search against biometric data of U.S. citizens and cataloged non-citizens. The DFBA is also currently working to connect its data to the Department of Homeland Security’s biometric database. The network will ultimately amount to a global surveillance system. In his notes, Krizay outlines a potential scenario in which data from a suspect in Detroit would be run against data collected from “some mountaintop in Asia.”
The documents, which are embedded in full below, were obtained through a Freedom of Information Act request. These documents were presented earlier this year at a closed-door defense biometrics conference known as the Identity Management Symposium…
https://onezero.medium.com/exclusive-this-is-how-the-u-s-militarys-massive-facial-recognition-system-works-bb764291b96d

“After more than half a year of work, check out our latest paper Light Commands: Laser-Based Audio Injection on Voice-Controllable Systems.
https://twitter.com/sara_rampazzi/status/1191415126630354944

GDPR matchup: The California Consumer Privacy Act 2018
https://iapp.org/news/a/gdpr-matchup-california-consumer-privacy-act/

Road to Adequacy: Can California Apply Under the GDPR?
https://www.lawfareblog.com/road-adequacy-can-california-apply-under-gdpr

FTC Brings First Case Against Developers of “Stalking” Apps
https://www.ftc.gov/news-events/press-releases/2019/10/ftc-brings-first-case-against-developers-stalking-apps

Instagram is shutting down a creepy app that lets you stalk loved ones. A new app is looking to revive one of the creepiest Instagram features and encouraging people to spy on their significant others through social media. Critics said the apps offerings make it resemble stalkerware.
https://www.cnet.com/news/instagram-is-shutting-down-a-creepy-app-that-lets-you-stalk-loved-ones/

Amazon, Apple, And Google Are Distributing Products From Companies Building China’s Surveillance State
https://www.buzzfeednews.com/article/rosalindadams/apple-amazon-google-apps-blacklist-china-xinjiang

WHERE ARE THE ETHICS AT THESE COMPANIES????

The Smart Girl’s Guide to Privacy: Practical Tips for Staying Safe Online: Violet Blue: 9781593276485: Amazon.com: Books

Chapter 2 https://nostarch.com/download/Smart%20Girls%20Guide%20to%20Privacy_Chapter2.pdf

Former Trend Micro employee enabled scam calls by stealing customers’ personal data
https://www.cyberscoop.com/trend-micro-customer-data-stolen-scam/

Spanish companies’ networks shut down as result of ransomware
https://arstechnica.com/information-technology/2019/11/spanish-companies-networks-shut-down-as-result-of-ransomware/

Paradise Ransomware Decryptor Gets Your Files Back for Free
Emsisoft has released a decryptor for the Paradise Ransomware that allows victims going back as far as 2017 to decrypt their files without paying a ransom.
https://www.bleepingcomputer.com/news/security/paradise-ransomware-decryptor-gets-your-files-back-for-free/

Once you have an encrypted and unencrypted file pair, download Emsisoft’s Paradise Ransomware decryptor and execute it.
https://www.emsisoft.com/ransomware-decryption-tools/paradise

HEALTH

Healthcare data breaches will cost industry $4 billion by year’s end, and 2020 is poised to be worse
https://www.healthcarefinancenews.com/news/healthcare-data-breaches-will-cost-industry-4-billion-years-end-and-2020-poised-be-worse

‘Volume Control’ Author David Owen Says Ambient Noise Threatens Our Hearing
https://www.npr.org/sections/health-shots/2019/11/05/776242285/from-lawn-mowers-to-rock-concerts-our-deafening-world-is-hurting-our-ears

BANKSTERS

ETHICS BE DAMNED

2/25/19 Commerce Secretary Ross Flouts Government Ethics Rules.

Fake Billionaire Wilbur Ross Ignores the Law and Lies About His Stock Holdings

Kremlin connections to investments in Facebook and Twitter are the results of a capitalist “free market” fetish.

Paradise Papers reveal Companies controlled by the Russian government quietly invested in several major Silicon Valley startups, including Facebook.

11/5/17 Paradise Papers reveals a vast financial network—beyond the reach of most governments—maintained by the world’s wealthiest people. They include commerce secretary Wilbur Ross, Queen Elizabeth of the UK, and a close advisor to Canadian prime minister Justin Trudeau. Here’s a guide to the major revelations in the Paradise Papers
https://qz.com/1120731/paradise-papers-a-guide-to-the-major-revelations/

Wilbur Ross’s business ties to Putin’s inner circle
US commerce secretary Wilbur Ross maintains a stake in a shipping company that is closely linked to the family of Russian president Vladimir Putin. According to the Paradise Papers, Ross owns between $2 million and $10 million in shipping company Navigator. The second-biggest client of Navigator is Russian gas company Sibur. Kirill Shamalov, who is Putin’s son-in-law, has been deputy chairman of Sibur’s board and until April owned more than a fifth of the company. (He has since reduced his ownership share.) @SecretaryRoss conceals business dealings with Vladimir Putin’s son-in-law. 

“The Paradise Papers showed Ross failed to disclose financial interest in Navigator Gas, a shipping company that transports petrochemicals for Russian gas and petrochemicals company Sibur. Sibur is subject to sanctions for its close ties to Putin’s son-in-law Kirill Shamalov.” https://qz.com/1120731/paradise-papers-a-guide-to-the-major-revelations/

Ross shorted Russian-linked shipping company ahead of Paradise Papers
https://www.icij.org/investigations/paradise-papers/ross-shorted-russian-linked-shipping-company-ahead-paradise-papers/

also …. Former Co-Chair of (Russian Laundromat) Bank of Cyprus
REMINDER- Paul Manafort & Rick Gates allegedly laundered money through bank accounts in Cyprus. @SecretaryRoss & @DeutscheBank former chairman Josef Ackermann served on the board of Bank of Cyprus.

Donald Trump’s commerce secretary, Wilbur Ross, is doing business with Vladimir Putin’s son-in-law through a shipping venture in Russia.

Leaked documents and public filings show Ross holds a stake in a shipping company, Navigator, through a chain of offshore investments. Navigator operates a lucrative partnership with Sibur, a Russian gas company part-owned by Kirill Shamalov, the husband of Putin’s daughter Katerina Tikhonova.
https://www.theguardian.com/news/2017/nov/05/trump-commerce-secretary-wilbur-ross-business-links-putin-family-paradise-papers

2017

WALL STREET

Wall Street’s Liquidity Crisis: It’s Not Getting Better
https://wallstreetonparade.com/2019/11/wall-streets-liquidity-crisis-its-not-getting-better/
By Pam Martens and Russ Martens: November 7, 2019 ~
Deutsche Bank Headquarters in Frankfurt, Germany
This morning, Wall Street’s money spigot arm of the Federal Reserve, the New York Fed, paid out $35 billion in 14-day term loans to Wall Street’s trading houses. The problem was, this morning the banks wanted $41.15 billion or $6.15 billion or $6.15 billion more than the Fed was offering. That’s a very clear sign that liquidity remains tight on Wall Street and we have yet to enter the pivotal year-end period when banks try to dress up their books by dumping or parking their most toxic positions. Between the term loan and the overnight loan, the New York Fed paid out $115 billion this morning to unnamed securities firms on Wall Street. (The Fed won’t say who is doing all of this borrowing and Congress can’t summon the willpower to hold a hearing.) 
https://wallstreetonparade.com/2019/11/wall-streets-liquidity-crisis-its-not-getting-better/

Dangerous Liaisons: New York Fed and JPMorgan’s Incestuous Relationship By Pam Martens and Russ Martens
The Federal Reserve Bank of New York (New York Fed) is just one of the 12 regional Federal Reserve banks around the country. But it has amassed enormous powers for itself since the Federal Reserve was created in 1913. Three of those powers dwarf all others: the ability to create money electronically at the push of a button; the accepted right to meddle in the markets; and the supervision of some of the largest bank holding companies in America.
After Wall Street blew itself up under the indulging and incompetent supervision of the New York Fed in 2008 and it was exposed that the Fed had secretly created $29 trillion in electronic money to bail out zombie banks – most of that funneled out by the New York Fed – most rational folks would have assumed that Congress would have stripped it of supervisory and money-printing powers for bailouts. Insanely, that did not happen and here we are today with the same deeply-conflicted New York Fed creating its own money to dole out $690 billion a week in super-cheap loans to unnamed securities firms while buying up $60 billion a month in the debt of the United States. (The Fed doesn’t want you to call the $60 billion a month QE4 because that would strongly suggest that this is just Stage II of the continuing 2008 bailout of Wall Street and that QE-Infinity is coming.)
https://wallstreetonparade.com/2019/11/dangerous-liaisons-new-york-fed-and-jpmorgans-incestuous-relationship/

 

LOOKING FORWARD TO THANKSGIVING EVERYONE!

Inland Northwest’s thriving turkey population is an invasive nuisance or a conservation success – or both

Thanksgiving Turkey Recipe from the First Nation American Indians and every state.
The 1621 feast between the Pilgrims and the Indians was not the first official Thanksgiving.

POTLATCH – The Tradition of Giving / Sharing a Meal

Roasted Pumpkin Soup with Fresh Tarragon and the best Brined Turkey

                   .--.
    {\             / q {\
    { `\           \ (-(~`
   { '.{`\          \ \ )
   {'-{ ' \  '-. \ \
   {._{'.' \/       '.) \
   {_.{.   {`            |
   {._{ ' {   ;'-=-.     |
    {-.{.' {  ';-=-.`    /
     {._.{.;    '-=-   .'
      {_.-' `'.__  _,-'
            |||`
              .='==,

#Privacy, #Facebook Coin, Uber, PayPal, Visa to Back Facebook’s GlobalCoin Cryptocurrency

#Privacy, #Facebook Coin, Uber, PayPal, Visa to Back #Facebook’s GlobalCoin Cryptocurrency

Starting with Facebook can’t get into China and 2015 Facebook Announces a Payments Feature for Its Messenger App

2019 #WeChat has become the centerpiece of digital life in China

where people use it to order movie tickets, subway passes, food delivery and rides. If Facebook succeeds in turning its own messaging services into a platform for everything, it could ultimately threaten established services such as Snapchat, Yelp, Venmo, eBay and even Apple and Amazon.

IN CHINA THERE IS NO PRIVACY!

IN AMERICA THERE IS NONE! THANKS TO THE DEMOCRAT$ AND THE REPUBLICAN$

  1. Cambridge Analytica and Facebook: The Scandal and the Fallout So Far Revelations that digital consultants to the Trump campaign misused the data of millions of Facebook users set off a furor on both sides of the Atlantic. https://www.businessinsider.com/cambridge-analytica-trump-firm-facebook-data-50-million-users-2018-3/
  2. Are you ready? Here is all the #data Facebook and Google have on you
    https://www.theguardian.com/commentisfree/2018/mar/28/all-the-data-facebook-google-has-on-you-privacy
  3. #Trump linked firm Cambridge Analytica collected personal information from 50 million Facebook users without permission https://www.businessinsider.com/cambridge-analytica-trump-firm-facebook-data-50-million-users-2018-3/
  4. Comparing #Obama Cambridge Analytica https://www.politifact.com/truth-o-meter/statements/2018/mar/22/meghan-mccain/comparing-facebook-data-use-obama-cambridge-analyt/

Facebook can’t get into China and wants to be WhatsApp China’s top app.

#Tencent-owned WeChat is China’s most popular messaging app and has a mobile payments feature known as #WeChat Pay. #Facebook Coin, which would be pegged to the U.S. dollar and allow users to transfer money through Facebook-owned messaging application WhatsApp, according to Bloomberg.

Facebook wants to be America’s version of China’s WeChat

and started developing its own digital currency to make it easier for users to send money to their messaging contacts. Facebook didn’t offer many details on its digital currency endeavors but said a “new small team” was looking for ways to make use of the type of technology powering bitcoins and other cryptocurrencies.

Facebook has reportedly lined up Uber, PayPal, Visa and others to invest $10 million each in the consortium governing its secretive crypto project.
https://www.coindesk.com/report-uber-paypal-visa-to-back-facebooks-globalcoin-cryptocurrency

Tencent, is more than just a messaging app. It’s what some analysts dub a “super-app” because it offers everything from mobile payments to the ability to book flights and even play games — all without leaving the app. ‘WeChat of the West’
https://www.cnbc.com/2019/03/13/facebook-wants-to-copy-wechat-pay-with-facebook-coin-payments.html

The reason why FB wants these partners. To turn every single account holder into a new banking account. Personal and business at the same time. Very centralized indeed. Multiple privacy concerns and contracts. Personal data is at risk.
Facts: 1. Facebook is issuing its own ‘cryptocurrency’
2. Evan Cheng is Facebooks’s Director of Blockchain engineering

One of Facebook’s most senior engineers just became Director of Engineering, Blockchain


3. Evan Cheng is advisor of #chainlink
4. Facebook will need an oracle for the purpose they’re looking for.

Facebook Gave Data Access to Chinese Firm Flagged by U.S. Intelligence

“https://www.nytimes.com/interactive/2018/06/03/technology/facebook-device-partners-users-friends-data.html

Sarah Jamie Lewis ‏@SarahJamieLewis
Can’t wait for a cryptocurrency with the ethics of Uber, the censorship resistance of Paypal, and the centralization of Visa, all tied together under the proven privacy of Facebook. I’ve always said the thing that cryptocurrency was missing was consortiums of corporations fully invested in the existing financial sector. Who, seriously, looked around the room and said, “shit, we really need to invite PayPal”
Do you trust 2/3 of paypal, visa, uber and facebook <insert other corps here> not to collude to publish contradictory checkpoints? What does byzantine consensus even mean in that scenario? “Facebook won’t control the coin” it will just develop the coin and then assemble the initial members of the consortium after which point the power will be distributed to the consortium members, that Facebook picked, and who are all large corporations.

See, decentralized. “Facebook won’t directly control the coin, nor will the individual members of the consortium — known as the Libra Association. Some of the members could serve as “nodes” along the system that verify transactions and maintain records of them, creating a brand-new payments network, according to people familiar with the setup.”
In the future, Paypal will verify your transaction behind the scenes as you pay for your Uber seamlessly using your phone, just top up your Facebook Libre account with Visa or Mastercard. So much innovation.

Roxana Nasoi @roxanasoi

Ever wondered how PayPal shares your Data? And to who?
Let’s go with the major funnels:
1. PayPal shares your data with Auditors. Internal and external, due to its nature.
2. PayPal shares your data with Customer Services. In the process of handling claims, customer services need access to your account history – so basically they need your historical data information. In case of disputes, they can access the last 30 to 90 days. Maybe even more?
3. PayPal shares your data with Fraud agencies and AML services. You will discover that after $1k to $2k, you need to KYC in order to continue using your account. If you use PayPal for business purposes, but your account is a personal one, you can end up with funds frozen.
4. Next is Financial Products. All those business and personal finance tools you see inside your PayPal dashboard can’t be used without your financial data. To add more, new products are created based on user data patterns. Unknown the extent of external financial products.
5. Don’t forget about your data being shared with Commercial Partnerships. Don’t worry, banks do the same. Apps do the same. Nothing new here.
6. PayPal uses your data for Marketing and PR. Need another example? Try Facebook, Google (Gmail) etc. Data sells, and we can’t really talk about performance and customer experience without backing claims with data reports.
7. PayPal (along with 95% of systems) shares your data with Operational Services.
8. Group Enterprises also have access to your data. Blame it on group dynamics if you want to or on contracts you’ll never have a say in.
9. Commercial Partners (to no surprise) can access your data, as well through a service called PayPal for Partners (Merchants use it).
10. Legal. From disputes to payment protection to lawsuits, to internal or partner legal firms – yes, they can access the data. Or have access to it in some form.
11. Other services and agencies. At some point they argued that government agencies cannot claim access to a user’s data. However, this is an overstatement. Under the premise of fraud, Gov agencies can and will get access. Based on historical examples, we know it’s possible.
This is probably the main reason why we do need crypto. A coded architecture that makes it incorruptible.
“Code is Law”.
Bitcoin has managed to provide a clear first example of incorruptibility, where growth and maturity of one system does not change the core.

Your City, Your State, Your K12 Public School all attacked using NSA weapon.

Your City, Your State, Your K12 Public School all attacked using NSA weapon.

In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc
By Nicole Perlroth and Scott Shane
May 25, 2019

In Pennsylvania School Districts Stockpiling Huge budget surplus accounts, while still raising property taxes every year

WannaCry? Hundreds of US schools still haven’t patched servers
A dive into vulnerability data shows even big districts’ servers still offering up SMB v. 1.

I think patching your software and making backups will protect you better than blaming the Gov’t
or
… than blaming the government who weaponized an unknown flaw in software and made sure not to tell the software vendor, in order to prevent a patch which customers could install, you mean?
or
Microsoft was warned, and the patch came out a month before Shadow Brokers dumped it.

If you’re wondering why ransomware continues to be such a problem for state and local governments and other public institutions, all you have to do to get an answer is poke around the Internet a little. Publicly accessible security-scan data shows that many public organizations have failed to do more than put a bandage over long-standing system vulnerabilities that, if successfully exploited, could bring their operations to a standstill.

While the method by which RobbinHood ransomware infected the network of Baltimore City two weeks ago is still unknown, insiders within city government have pointed to the incomplete efforts by the Office of Information Technology to get a handle on the city’s tangle of software, aging servers, and wide-flung network infrastructure. Baltimore isn’t even the only city to have been hit by ransomware in the last month—Lynn, Massachusetts, and Cartersville, Georgia, both had electronic payment systems taken offline by ransomware this month. Greenville, North Carolina, was struck by the same RobbinHood ransomware affecting Baltimore in April.

But cities aren’t the only highly vulnerable targets to be found by would-be attackers. There are hundreds of thousands of Internet-connected Windows systems in the United States that still appear to be vulnerable to an exploit of Microsoft Windows’ Server Message Block version 1 (SMB v. 1) file sharing protocol, despite repeated public warnings to patch systems following the worldwide outbreak of the WannaCry cryptographic malware two years ago. And based on data from the Shodan search engine and other public sources, hundreds of them—if not thousands—are servers in use at US public school systems. Even in cases where Microsoft’s patch of SMB v. 1 has been applied, the protocol remains a potential security problem—one that some organizations can’t completely close because some vendors still require the protocol for applications such as networked copiers and scanners.

While conducting research as a follow-up to our coverage of Baltimore City’s ongoing ransomware attack, Ars discovered that neighboring Baltimore County’s public school system had eight publicly accessible servers that still were running in configurations that indicated they were vulnerable to EternalBlue, the Equation Group exploit exposed by Shadow Brokers in April 2017 and then used as part of the WannaCry malware a month later. The exploit is now packaged as part of multiple malware kits, according to security researchers.

https://arstechnica.com/information-technology/2019/05/two-years-after-wannacry-us-schools-still-vulnerable-to-eternalblue/

SEE

Where are the State AG’s in protecting the citizens from malware that “gets away” from the NSA? The weaponized software created by the NSA…. when employees who have been taught everything by the NSA leave their jobs and take what they know with them then form companies and sell their “knowledge /skills / know how” learned on the job by working for America to enemies.

https://krebsonsecurity.com/2017/12/former-nsa-employee-pleads-guilty-to-taking-classified-data/


02
Dec 17

Former NSA Employee Pleads Guilty to Taking Classified Data

A former employee for the National Security Agency pleaded guilty on Friday to taking classified data to his home computer in Maryland. According to published reports, U.S. intelligence officials believe the data was then stolen from his computer by hackers working for the Russian government.

Nghia Hoang Pho, 67, of Ellicott City, Maryland, pleaded guilty today to “willful retention of national defense information.” The U.S. Justice Department says that beginning in April 2006 Pho was employed as a developer for the NSA’s Tailored Access Operations (TAO) unit, which develops specialized hacking tools to gather intelligence data from foreign targets and information systems.

According to Pho’s plea agreement, between 2010 and March 2015 he removed and retained highly sensitive classified “documents and writings that contained national defense information, including information classified as Top Secret.”

Pho is the third NSA worker to be charged in the past two years with mishandling classified data. His plea is the latest — and perhaps final — chapter in the NSA’s hunt for those responsible for leaking NSA hacking tools that have been published online over the past year by a shadowy group calling itself The Shadow Brokers.

https://thehill.com/policy/national-security/436950-former-cia-nsa-employees-sue-agencies-over-alleged-censorship

Ex-NSA employees criticize Mike Rogers’ role with Israeli venture firm

In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc By Nicole Perlroth and Scott Shane May 25, 2019

For nearly three weeks, Baltimore has struggled with a cyberattack by digital extortionists that has frozen thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services.

But here is what frustrated city employees and residents do not know: A key component of the malware that cybercriminals used in the attack was developed at taxpayer expense a short drive down the Baltimore-Washington Parkway at the National Security Agency, according to security experts briefed on the case.

Since 2017, when the N.S.A. lost control of the tool, EternalBlue, it has been picked up by state hackers in North Korea, Russia and, more recently, China, to cut a path of destruction around the world, leaving billions of dollars in damage. But over the past year, the cyberweapon has boomeranged back and is now showing up in the N.S.A.’s own backyard.

It is not just in Baltimore. Security experts say EternalBlue attacks have reached a high, and cybercriminals are zeroing in on vulnerable American towns and cities, from Pennsylvania to Texas, paralyzing local governments and driving up costs.

The N.S.A. connection to the attacks on American cities has not been previously reported, in part because the agency has refused to discuss or even acknowledge the loss of its cyberweapon, dumped online in April 2017 by a still-unidentified group calling itself the Shadow Brokers. Years later, the agency and the Federal Bureau of Investigation still do not know whether the Shadow Brokers are foreign spies or disgruntled insiders.

< – >

WHERE ARE THE CLASS ACTION SUITS?

WHY DOESN’T THE STATE HOLD THE DEFENSE DEPARTMENT ACCOUNTABLE FOR THE DAMAGE DONE TO THEIR CITIZENS?

Breaking news. Patch yourself for the CVEs exploited by NSA tools on the loose. This includes major cities!

ETERNALBLUE was initially nicknamed EternalBluescreen —NSA never seriously considered alerting Microsoft about discovering the vulnerability (before Shadow Brokers happened), and —“held on it” (“used it,” presumably) for more than five years
https://www.nytimes.com/2019/05/25/us/nsa-hacking-tool-baltimore.html


NEW: Baltimore was hit with an NSA hacking tool that is being used to hijack U.S. cities. ⁦⁩ and I spent months looking into the origins of EternalBlue, a stolen NSA weapon that is popping up in more and more attacks across the country.

The NSA spent more than a year searching for the flaw in Microsoft’s software and writing the code to exploit it.

NSA TAO operators jokingly referred to it as “EternalBluescreen” because it often crashed computer systems, a risk they might tip off targets. It took months to hone. Once it became a reliable espionage tool, it netted some of the NSA’s best counter-terrorism intelligence, and there was never any serious consideration that NSA would turn over the underlying flaw to Microsoft for patching.

The NSA kept it for 5+ years until unidentified hackers threatened to publish it.

In April 2017, the group, which calls itself the ShadowBrokers, dumped it online, where it has been picked up by North Korea, Russia, Iran and, just this week, China in attacks that have cut a path of destruction around the globe. But in the last year, it has boomeranged back to the NSA’s own backyard, hitting Baltimore, Allentown, San Antonio and countless other cities in attacks that have paralyzed municipal operations and alarmed government officials, who privately say the NSA needs to account. The NSA refuses to discuss the incidents or even acknowledge that the dumped tools were part of its cyber arsenal, but in an unusually candid interview, NSA former director Mike Rogers, who oversaw the agency during the leak, deflected blame. “If Toyota makes pickup trucks and someone takes a pickup truck, welds an explosive device onto the front, crashes it through a perimeter and into a crowd of people, is that Toyota’s responsibility?

“The N.S.A. wrote an exploit that was never designed to do what was done.”

Microsoft rejects that analogy: “These exploits are developed and kept secret by governments for the express purpose of using them as weapons or espionage tools. They’re inherently dangerous. When someone takes that, they’re not strapping a bomb to it. It’s already a bomb.”

EternalBlue is being packaged as part of many malware attacks as one possible lateral movement tool. Making a bomb is very much responsibility of the creator.

NSA toyota analogy was not correct. Exploit is like a bomb its a different matter who detonate it and where. NSA is very much responsible for their malicious espionage tools.

https://twitter.com/waveslide/status/1132442317372219392

EternalBlue was leaked 2 years ago. MS patched BEFORE it hit the wild. Some industry gossip the NSA knew they’d lost control and gave MS a heads-up. THIS PATCH HAS BEEN OUT FOR TWO YEARS! If it hits your network now, you deserve it. Usually, it’s a component of a malware package.

China has also been able to intercept an NSA tool as it attacked their networks. They stopped it, copied it, modified it, and sent it back to us and all of our allies.


‏ @bitsdigits
No, it wasn’t the NSA hacking tool that did this. It was basic exemptions to the #Baltimore #CIO policies that didn’t address patch management deficiencies that did this. Has anyone looked at what .gov requirements are
https://home.dotgov.gov/registration/requirements/

In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc

https://www.nytimes.com/2019/05/25/us/nsa-hacking-tool-baltimore.html

For nearly three weeks, Baltimore has struggled with a cyberattack by digital extortionists that has frozen thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services.

But here is what frustrated city employees and residents do not know: A key component of the malware that cybercriminals used in the attack was developed at taxpayer expense a short drive down the Baltimore-Washington Parkway at the National Security Agency, according to security experts briefed on the case.

Since 2017, when the N.S.A. lost control of the tool, EternalBlue, it has been picked up by state hackers in North Korea, Russia and, more recently, China, to cut a path of destruction around the world, leaving billions of dollars in damage. But over the past year, the cyberweapon has boomeranged back and is now showing up in the N.S.A.’s own backyard.

It is not just in Baltimore. Security experts say EternalBlue attacks have reached a high, and cybercriminals are zeroing in on vulnerable American towns and cities, from Pennsylvania to Texas, paralyzing local governments and driving up costs.

The N.S.A. connection to the attacks on American cities has not been previously reported, in part because the agency has refused to discuss or even acknowledge the loss of its cyberweapon, dumped online in April 2017 by a still-unidentified group calling itself the Shadow Brokers. Years later, the agency and the Federal Bureau of Investigation still do not know whether the Shadow Brokers are foreign spies or disgruntled insiders.

< – >

https://www.nytimes.com/2019/05/25/us/nsa-hacking-tool-baltimore.html

In Pennsylvania School Districts Stockpiling Huge budget surplus accounts, while still raising property taxes every year

3 Facebook “companies” with 17 open GDPR investigations.

Quite something. Commissioner Dixon written testimony cites 3 Facebook “companies” represent half of the large tech platforms with a whopping 17 open GDPR investigations.

#deletefacebook now

 

Hitler became Chancellor and Trump President with a minority of the vote.

Hitler became Chancellor and Trump President with a minority of the vote.

by Jonathan A. Weiss Esq.

Trump’s electoral college victory, with a loss of about 3 millions votes, occurred because of a disastrous “perfect storm.”

  1. The Electoral College itself
    In two presidential elections since 2000, including the most recent one in which Hillary Clinton won 2.8 million more votes than her opponent, the winner of the popular vote did not win the election because of the distorting effect of the outdated Electoral College.
  2. Voter suppression with suspected miscounting and Jill Stein’s run (with echoes of Nader effect in Florida – Clinton lost by approximately the same number of votes in Wisconsin that Stein received.)
  3. Russian meddling with the internet and possibly with election boards. (4) Comey’s inexcusable unprecedented announcement “reopening Clinton investigation” a few days before the election
  4. Misogyny with some failures in Clinton campaign such as not visiting “battleground” States.

Trump himself is a malignant narcissist paranoid pathological liar racist misogynist insecure bully/coward reactive ignorant idiot. Hitler did not possess all these defects. He was a madman. So is Trump.

Trump has also surrounded himself with incompetent corrupt people (who are opposed to the objectives of their departments’ goals) and nepotism.

The deep connections between his business enterprises and governments is unique.

His foreign policy antagonizes allies and embraces autocrats
(as Hitler did but only with Stalin, Mussolini, and Japan) rejecting direct territorial expansions. Hitler’s henchmen, unlike Trump’s, although saturated with evil, were mainly quite able and effective in their execution of projects. So, it would be wrong to analogize one to the other for these and possibly other reasons. On the other hand, the difference in their actions is often one of degree not nature, primarily because of the resistance of longstanding institutions, now tattered and being undermined. A few selected illustrations follow.

(1) The Creation of a “Crisis” for a Campaign and Reign.
Hitler used the Reichstag fire, which most historians think, the Nazis set to galvanize support. Trump rants and raves (from the beginning of his announcement of his run) about the “crisis” of immigrants with “caravans” of violent criminals, drug dealers, and bad people “invading” our country requiring a massive wall, expulsions without any due process hearings, widespread arrests, etc, the constant subject of slogans, chants, and “tweets”.

(2) Concentration Camps
Hitler diverted resources from his military as the war ended just to execute and incarcerate Jews, gypsies, homosexuals, etc., particularly noted, the Jews as an obsession. Trump has erected many concentration camps (many run for profit by private prison companies) on the border to keep those classified as “illegal aliens” separating babies from families. He happily continues Guantanamo. These concentration camps than those disgracefully established for the Japanese in World War II.

(3) Racism and Religious Bigotry
Hitler had his Jews. Trump, as referenced above, started his campaigns by railing against “Mexicans” and now continues against Latinos from Guatemala, Ecuador, and Nicaragua. Consider (and compare with mainland American natural disasters) his treatment of Americans in hurricane ravaged Puerto Rico.

Hitler hated Jews as a race. Undoubtedly, he would have wanted those who identify with the religion or culture to disappear in the Final Solution.

Trump has the one billion or so Muslims. He tried to ban any Muslim immigration and mainly succeeded when the retrograde Supreme Court (after granting a Christian baker the right to discriminate against homosexual’s ordering a wedding cake) allowed a ban which did not mention the adherents of Islam by name although clearly directed at them. (A 19th Century case struck down a law designed against Chinese laundries.) In a debate, among his other lies, he claimed he saw a multitude in New Jersey celebrating the toppling of the World Trade Towers. He continues unabated to demonize them.

(4) Free press and journalism
Hitler destroyed it while creating a propaganda machine. (Compare the interepenetration of Fox News and the White House). To the shame of the press corps, they allowed themselves to be separated by fences from the rest of the audience during his rallies. He ceaselessly attacks news coverage as “fake news”, advocates for defamation suits against the media, and even government action against the major network NBC because of a Saturday Night Live rerun, etc. (while the press still features his unhinged “tweets” as news rather than confining the reporting to official public acts and pronouncements).

(5) Antisemitism
It is necessary to distinguish the government of Israel and Israel; Israel and Jews. One can oppose the government and support Israel. One can oppose how Israel is constituted, attitudes, and some actions while still being a Jew. Trump embraces Netanayu as a far right leader while in his ghosted books he disparages them as beanie wearing bookkeepers. Some worry Jews might be blamed because of his inclusion of Miller and Kuchner (and converted wife) in his inner circle – though no more have been added – but the former is such a raving racist reactionary he can not be connected to any sane version of Judaism and the Kuchner’s represent just nepotism.

(6) Military Buildup
Hitler used great sums of money to build an army and, ironically Keynsian, the economy. In Trump’s budget he proposes to cut domestic programs radically while expanding the military (and continuing its presence in Yemen…and almost 70 other areas, Afganistan, Iraq, and Syria.)

(7) Demagoging and Violence
The “big lie”. best repeated often, played, and plays, a central role in both of their rhetorical appeals to audiences. Hitler, many believe, was a mesmerizing orator, His speeches were more inflammatory than his sometimes ally Mussolini. Trump leads rallies with chants, slogans (e.g. “Lock her up!”) designed to engineer mass consent from his devoted followers, inflammatory claims, and well documented many dangerous lies, etc.. It appears that the tone he has set (including the failure to condemn right wing violence) has created an atmosphere where deranged individuals (and even mobs) feel entitled to commit acts against schools, assemblies (including 0religious and public), and individuals while vigilante groups “patrol” the border. Both offer racist tropes to which Trump adds Misogyny.

(8) The Judiciary
Hitler destroyed his. With McConnel’s aiding and abetting, Trumps has done his utmost to stuff the Federal Judiciary (thus far his only main restraint) with rigid reactionaries from the Federalist Society pipeline.

Other illustrations are available ( e.g. permitting – facilitating in Trump’s case – the destruction of countryside and cities) But, sufficient unto this article is the evil therein.

Abraham Lincoln famously said: “You can fool some the people all of the time. You can fool some of the people some of the time. But you can not fool all the people all of the time.”

The question for our time is
whether you can fool enough.

“You should never underestimate human stupidity.” Yuval Noah Harari

——————————————————–

FURTHER RESOURCES

Changes in technology, politics, and business are all transforming espionage. Intelligence agencies must adapt—or risk irrelevance.
https://foreignpolicy.com/2019/04/27/the-spycraft-revolution-espionage-technology/

TED TALKS

Why fascism is so tempting — and how your data could power it Yuval Noah Harari

Handmaidens to Authoritarism
#Mercer, #Zuckerberg, #Sandberg, #Page, #Brinn, #Dorsey

In an unmissable talk, journalist Carole Cadwalladr digs into one of the most perplexing events in recent times: the UK’s super-close 2016 vote to leave the European Union. Tracking the result to a barrage of misleading Facebook ads targeted at vulnerable Brexit swing voters — and linking the same players and tactics to the 2016 US presidential election — Cadwalladr calls out the “gods of Silicon Valley” for being on the wrong side of history and asks: Are free and fair elections a thing of the past?

MORE:

A CURRENT ACCEPTABLE PREJUDICE by Jonathan A. Weiss Esq.

9/11 CRIMINALS by Jonathan A. Weiss Esq. 

REPEAL AND REPLACE THE WAR ON DRUGS by Jonathan A. Weiss Esq.

REPARATIONS by Jonathan A. Weiss Esq.

WOMEN ENJOY MAKING LOVE by Jonathan A. Weiss Esq.

#JonathanWeiss #Hitler #Trump #Facism #PropagandaMachine #fakeNews #foxNews #whitehouse #electoral College

The Perfect Storm For All the Internet

In 1994 the Internet was allowed to become commercialized. From the perfect ivory tower of and Hippie Culture of love, honesty, and making the world a better place they powers allowed commercial activity for the first time.

Ooops the grandfathers of the internet, who along with others knew full well what “Smart thinkers” were capable of  ie: the bomb…… they let the little thing called security get away from them… so yeah the net will N E V E R be secure PERIOD!

AND since the same people don’t think regulation is of much use because (any excuse you want)  …. you know they’ve only NOW come to say out loud that those liars and thieves who were supposed to “do no evil” and would be sure to “police themselves” might in fact act like the criminals  celebrated by wall street

Imagine all those original fathers of the internet with all their IQ points,  educations, national experience and  those awards!

WHAT did they actually do to all of us? Please remind me. . . . .

2019 THE PERFECT STORM

 

Lost faith in Facebook and Instagram after data leakages, breaches and too much noise? Here’s a guide to breaking up with the social network and its photo-sharing app for good.

N.Y. Attorney General to Probe Facebook’s Collection of User Email Addresses: NYT

https://www.thedailybeast.com/new-york-attorney-general-to-probe-facebook-collection-of-users-email-contacts-nyt

 

 

K12 PlayGround Find a School Discover the right school for your child.

K12Playground.com Find a School Discover the right school for your child.

Submit or Update Your School or Organization.

Once you’ve located your school, update the information about the school such as the amenities, features or programs that make this school special.

Find and compare K12 Schools and School Districts in the USA and Territories.

FIND A #JOB: Cybersecurity talent gaps exist across the country.

Resources for High School Students Interested in Cyber Security

Summer Camps are a great introduction to cyber security.
Online Courses are the next step to growing knowledge and experience, while at the same time learn more about a potential career path.

Hackathons are the playground for testing how far you’ve come.

Many internship programs available to exact academic paths/interest. Generally speaking, cyber security degree seeking students may pursue positions at the CIA in STEM, Clandestine, Analysis, or Enterprise and Support Roles.

Must apply senior year in high school. Rigorous application process includes polygraph, mental health evaluation, financial need, background checks, high academic marks, abstinence from drugs, and more. Successful applicants will be provided a salary as well as have tuition covered up to a certain price. Successful applicants will work at the CIA in summers and continue to work for the CIA after graduation.

Meet the Terabytches: Fergus students prep for cyber security competition
‘We’re like the biggest collective knowledge in a girls’ team,’ Emily Younghans says

MOST Inexpensive Colleges With the Highest Graduation Rate

NEED A #JOB: https://www.cyberseek.org/heatmap.html

TOP CYBERSECURITY JOB TITLES
  • Cyber Security Engineer
  • Cyber Security Analyst
  • Network Engineer / Architect
  • Cyber Security Manager / Administrator
  • Systems Engineer
  • Software Developer / Engineer
  • Systems Administrator
  • Vulnerability Analyst / Penetration Tester
  • Cyber Security Consultant

11 federal agencies help start Cybersecurity Talent Initiative

11 federal agencies help start Cybersecurity Talent Initiative

EU Tells Internet Archive That Much Of Its Site Is ‘Terrorist Content’

We’ve been trying to explain for the past few months just how absolutely insane the new EU Terrorist Content Regulation will be for the internet.

Among many other bad provisions, the big one is that it would require content removal within one hour as long as any “competent authority” within the EU sends a notice of content being designated as “terrorist” content. The law is set for a vote in the EU Parliament just next week.

And as if they were attempting to show just how absolutely insane the law would be for the internet, multiple European agencies (we can debate if they’re “competent”) decided to send over 500 totally bogus takedown demands to the Internet Archive last week, claiming it was hosting terrorist propaganda content.

< – >

https://www.techdirt.com/articles/20190410/14580641973/eu-tells-internet-archive-that-much-site-is-terrorist-content.shtml

Why Mar-a-Lago is a counterintelligence nightmare

Imagine that the White House, instead of a fortress, were an opulent country club.

If you pony up a US$200,000 nonrefundable initiation fee, you can have the run of the place.

Wander the halls. Drop in any time on the West Wing, the Oval Office, the Situation Room.

Chat freely with the US President’s family and advisers, listen in on national security conversations with foreign leaders, even snap a selfie with POTUS himself.

Take it all in – actually, feel free to record it if you like.

Welcome to the Mar-a-Lago club, known in US President Donald Trump’s circles as the winter White House, in Palm Beach, Florida.

https://www.nzherald.co.nz/world/news/article.cfm?c_id=2&objectid=12221320