Educational CyberPlayground, Inc.:
NetHappenings Newsletter – Security 8-25-2020
- August 24th, 2020: Windows 95’s 25th anniversary.
- 25 Years of Microsoft Weirdness
- May of this year Microsoft fixed 17-year-old critical vulnerability in Windows DNS Server
- Fearing coronavirus, a Michigan college tracks its students with a flawed app
- 30 years of Microsoft Windows
Only the Rich will know. Valuable Reporting is behind a paywall. The rest of us will know less. And very few people are going to pay for all of it. The people who don’t will be more and more clueless.
EAT THE RICH
“While 92 million can’t afford health care, the 4 richest Americans are now worth $512.8 billion:
– Jeff Bezos: $193 billion
– Bill Gates: $122 billion
– Mark Zuckerberg: $101 billion
– Elon Musk: $96.8 billion
It’s time to tax the billionaire class and expand Medicare to all.”
Biden to ABC’s David Muir on raising taxes: ‘No new taxes’ for anyone making less than $400,000
Cyrus Vance Jr the Manhattan prosecutor agrees to shelve subpoena for Trump tax returns
Cyrus Vance Jr., the Democratic district attorney for Manhattan, had the legal right as of this Friday to enforce a New York grand jury subpoena to obtain a lengthy financial paper trail that includes Trump’s corporate and personal tax records. The 2nd Circuit will hear arguments Sept. 1. No matter what the public is never going to see them EVER!
IRS puts cryptocurrency front and center of 2020 tax return
You won’t be able to overlook the question this time: the US agency wants to know if you’ve transacted with virtual currency.
Facebook agrees to pay France €106m in back taxes for the last TEN YEARS
When you’re a large multinational company or a very high net worth individual, then taxes aren’t really an objective calculation. The tax code in most countries, despite being tens of thousands of pages of legalese, are extremely subjective. This subjective and loose language allow for innumerable loopholes and tax dodges. If you’re using these creative methods, the chances are that you’ll get audited every single year by the IRS or local equivalent. Trump famously gets audited every year. Your tax lawyers & accountants will then negotiate a tax payment with the tax office. I used the word negotiate because there is no one true formula for tax owed. It doesn’t exist, especially not for corporations.
When you add in ‘creative’ intellectual property ownership and royalty payments, then the tax office basically has no idea where money is flowing. This is why EU countries commonly lob these huge penalties. Facebook tries to pay X in tax, and the tax office says they should pay X2, and then after negotiation they pay X1.5.
Gov. Cuomo “The COVID problem in New York was a direct result of the negligence of the federal government. If this was a private situation, the state could sue the federal government for negligence. Gross negligence.”
Trump Admin Puts COVID-Wracked Meat Processor on Food Safety Panel The Brazilian meat conglomerate that presided over an alleged “work while sick” culture at a Colorado plant and deadly COVID cluster at a Nebraska facility during the early months of the pandemic will now advise the federal government on health policies.
Fearing coronavirus, a Michigan college tracks its students with a flawed app
Facebook still has no cure for virus misinformation. A study by a left-leaning human rights group found the platform has exposed people to bad info on health and vaccines 3.8 billion times — four times more often than it has shown them information from credible institutions.
A friendly reminder that the @FBI designated QAnon a domestic terrorist threat and a few thousand people are now outing themselves as potential terrorists. The best thing about white supremacists is that they are 100% predictable.
Yale administrator to returning students, is *stunning*:
A Yale administrator told students to prepare for ‘possibly deaths’ — and it shows what a predictable disaster reopening is
Yale Antitrust Scholars Resign
Because Director Advises Apple, Amazon
A leading antitrust crusader revealed she was getting paid by companies facing antitrust scrutiny by federal and state authorities, as well as her own antitrust research project. Fiona Scott Morton had failed to disclose consulting contracts with Apple and Amazon, which Morton defended by pointing to her criticisms of Facebook and Google. As author David Dayen points out in the piece, all these companies regularly conduct similar antitrust violations:
CREW Executive Director Noah Bookbinder submitted written testimony to the House Committee on Oversight and Reform on the Trump Administration’s repeated and flagrant attempts to undermine the United States Postal Service (USPS) and specifically the serious ethical issues raised by Trump-appointed Postmaster General Louis DeJoy’s service.
DeJoy is the first Postmaster General in decades to have no experience as a letter carrier, a qualification that ensured every previous Postmaster General personally understood the critical work of the agency’s core employees. DeJoy has been a willing and eager participant in Trump’s attempts to attack and discredit the USPS generally, and the safe, nonpartisan process of voting by mail. In addition to his lack of qualifications, and his furtherance of Trump’s baseless attacks on voting by mail, he holds at least $30 million of financial interests in USPS competitors and contractors. DeJoy and Trump appear to be intentionally destroying an institution that has served our nation since before the Constitution, no less during a pandemic when voters are relying on voting by mail to decrease the risk of contracting or spreading the coronavirus. We urge Congress to not allow for the destruction of an institution that is so fundamentally tied to our rights and the social fabric of our nation.
Apple says WordPress doesn’t have to add in-app purchases. “Apple’s remarks come after WordPress founding developer Matt Mullenweg tweeted Friday that Apple was going to cut off updates and bug fixes to the open-source software app unless it committed to supporting in-app purchases for WordPress’ payment plans.”
Twitter ‘Transparency Center’ shows government data requests by country. “About every six months, Twitter releases a transparency report detailing things like how many state-backed accounts it has suspended and the number of government requests for information on account holders. Today, Twitter is unveiling a centralized hub for those reports and the data they contain. The new Twitter Transparency Center is now live.”
How Police Secretly Took Over a Global Phone Network for Organized Crime
Police monitored a hundred million encrypted messages sent through Encrochat, a network used by career criminals to discuss drug deals, murders, and extortion plots.
Customs and Border Protection paid $476,000 to a location data firm called Venntel, takes location data harvested from ordinary apps installed on peoples’ phones (games, weather, etc) and sells access to the government!
The UAE and Saudi governments have gotten so much data from hacking phones with NSO’s Pegasus spyware that they don’t know what to do with it all. So, NSO has hired Israeli military veterans to help them.
Inside NSO, Israel’s billion-dollar spyware giant
MIT Technology Review ($): NSO Group is one of the most secretive private surveillance companies in the world. Maker of the Pegasus mobile spyware, NSO has embroiled itself in a number of cases involving human rights abuses and governments spying on their most vocal critics — just by supplying the spyware. @HowellONeill (https://twitter.com/HowellONeill/status/1296041134310010883) looks at NSO — and some of its victims. It’s an interesting two part long-form on different sides of the same coin. A fascinating read, with new details on how NSO chooses (and monitors) its customers. You can find part two here () .
More: MIT Technology Review | @HowellONeill (https://twitter.com/HowellONeill/status/1296041134310010883) | @jsrailton (https://twitter.com/jsrailton/status/1296115306662965248)
Joe Sullivan, Uber’s former security chief who currently serves as Cloudflare’s security head, was charged this week with attempting to conceal a massive data breach that saw hackers steal 57 million user accounts of Uber drivers and passengers. The charges are “believed to be the first against an executive stemming from a company’s response to a security incident,” reports @kateconger (https://twitter.com/kateconger) . Sullivan negotiated a $100,000 “bug bounty” payout to the hackers, which later cost him his job. The hackers were later charged by U.S. prosecutors. Uber didn’t disclose the breach until a year later in 2017, after which Uber was forced to pay $148 million to settle an investigation brought by several attorneys general.
One of the charges is “misprision of a felony,” a fairly archaic crime. The elements are Principal completed felony; Defendant had full knowledge of that fact; failed to notify authorities; and took affirmative steps to conceal the crime.
Cruise operator Carnival hit by ransomware
Cyberscoop: Remember earlier this year those cruise ships full of passengers with coronavirus? That same cruise company, Carnival, has just been hit by a data-stealing ransomware attack. Some of the company’s data was downloaded by the ransomware actors, the company confirmed in a regulatory filing. Earlier this year the company’s Princess Cruises brand admitted a data breach (https://techcrunch.com/2020/03/13/princess-cruises-coronavirus-breach/) involving names, addresses, Social Security numbers and government IDs — including passport numbers and driver license numbers — along with financial and health information.
U.S. regulator proposes scaling back personal information from trading database. “The U.S. Securities and Exchange Commission (SEC) on Friday said it would remove some personal information from a controversial trading database, bowing to pressure from the brokerage industry which has long warned the project would be vulnerable to hacks. Friday’s proposal, which is subject to a public consultation, seeks to limit the scope of sensitive information required by a massive new industry trading database, the Consolidated Audit Trail (CAT), conceived to help the regulator better police the markets.”