...23456...102030...


The Trump administration reportedly quashed an intelligence report that showed Russia is helping him win the 2020 election – MSN Money

Reuters Russian President Vladimir Putin in a meeting with President Donald Trump. Reuters

Last year, President Donald Trump's administration tried to pressure intelligence agencies to delete part of a classified report that found Russia was trying to help him win the 2020 election, according to an investigation by The New York Times Magazine.

The report, known as a National Intelligence Estimate, was compiled by the Office of the Director of National Intelligence (ODNI) in July 2019 and made several "key judgments" about matters of national security. "Key Judgement 2" in the report concluded that Russia aimed to interfere in the 2020 election to help Trump, unnamed national security sources told Times reporter Robert Draper.

Trump was reportedly unhappy with that finding. He has repeatedly denied the assertion that Russia tried to help his campaign in 2016 despite reports from the FBI, CIA, NSA, Justice Department, and Republican-led Senate Intelligence Committee that supported that conclusion. Russian President Vladimir Putin has similarly denied interfering in the 2016 election, but has also said he wanted Trump to win.

When the ODNI was finalizing last year's report, Trump administration staffers requested that it remove language in "Key Judgement 2" that detailed Russia's attempts to help Trump in 2020, former director of national intelligence Dan Coats told the Times.

"I can affirm that one of my staffers who was aware of the controversy requested that I modify that assessment," Coats said. "But I said, 'No, we need to stick to what the analysts have said.'"

Shortly after that exchange, Coats was surprised to learn that Trump was forcing him into early retirement. He was first made aware of the news when Trump tweeted that Coats' last day as DNI would be August 15 months before Coats planned to retire.

After Coats' departure, the National Intelligence Estimate was published with softer language describing Russia's potential motivation for interfering in the 2020 election. Instead of directly concluding that Russia wanted Trump to win in 2020, the report was updated to state that "Russian leaders probably assess that chances to improve relations with the US will diminish under a different US president."

The changes were made, according to an email reviewed by the Times, following edits by Beth Sanner, an ODNI official who presents President Donald Trump's daily national intelligence briefings.

The episode is part of a broader conflict between Trump and US intelligence communities, Draper reported. After a yearslong FBI probe into possible ties between the Trump campaign and Russia, Trump's Republican allies in Congress are now pushing an investigation into whether the FBI overstepped its authority.

See the rest here:

The Trump administration reportedly quashed an intelligence report that showed Russia is helping him win the 2020 election - MSN Money

Posted in NSA

There Will Be Blowback – Forbes

Caption from US State Dept. "Announcement"

The publication of the Expansion of the Clean Network to Safeguard Americas Assets coming from the Secretary of States office yesterday is an example of posturing and saber rattling that will result in zero impact on intellectual property theft, potentially massive wasted expenditure, and more government encroachment on free markets. It will not end well.

Do not let anyone forget that the new era of digital mercantilism was kicked off in 2013 due to the activities of the National Security Agency. Thanks to Edward Snowden we learned that the NSA, for years, had been tapping undersea cables, forcing major US companies like Apple, Microsoft, Yahoo, Youtube, Skype and AOL (See PRISM slides.) to secretly funnel data to them, tapping communications in major telecom hubs, and developing exploits for HP, Dell, Cisco, Fortinet, Juniper, and Huawei gear.

The reaction from around the world was swift. Trust in US technology products was degraded. The EU reacted strongly with condemnations coming from world leaders whose cell phones had been compromised by the NSA. The EU passed GDPR in part as a reaction. The EU is also attempting to build an alternative cloud platform, Gaia X., to counter the dominance of AWS, Azure, and Google for modern computing infrastructure, despite forcing all of those platforms to build data centers in Europe to keep data in Europe (and, incidentally, give law enforcement and intelligence agencies their own jurisdiction to control and possibly monitor data.)

There has always been an effort on the part of governments to gain control of the means of production, apart from a short period post-Adam Smith, and pre-WWII, when capitalism had a brief moment in the sun. In those days governments were happy to tax output but did not create Soviet style command economies and industrial policies. During the late 90s there were some that thought the internet would free us from national boundaries and restrictions on trade. Any manufacturer of any good could launch a website with a shopping cart and sell anywhere in the world. If the product was digital, like a blog post, ebook, or video, it could be transferred over the internet free of taxes, import duties, or censorship. Those days and that dream are long gone.

Mercantilism according to the Wikipedia entry is:

Mercantilism is an economic policy that is designed to maximize the exports and minimize the imports for an economy. It promotes imperialism, tariffs and subsidies on traded goods to achieve that goal.

Each new administration in the US tries its hand at protecting US industry sectors, from wheat, to sugar, to textiles, to manufacturing. This turns into votes for the politicians and gives the manufactures the ability to raise prices without investing in efficiency and quality.

There is one industrial sector that the US dominatestechnology. Cisco, Juniper, Arista, and others completely own the market for networking gear while engaging in healthy competition with each other. The positions of Google, Apple, Microsoft, Facebook, and Amazon, are demonstrated by their market caps. With a few exceptions software is dominated by US tech companies.

Keep in mind that practically all technology hardware is produced in China for American companies. There is no need for an industrial policy to protect these companies and massive harm could come from anti-China posturing.

The Stick it to China memo has five bullet points and I am just going to assume there are no plans behind them:

-Clean Carriers. This bullet point seeks to bar Chinese telecom providers from the US. Would it be a bad thing if they did move into the US? What if a Chinese carrier delivered 10 gig internet for $10 a month? Sign me up. I dont trust any carrier and everyone should protect themselves from the monitoring of your activity that they engage in by using end-to-end encryption and proxies.

-Clean Store: To remove un-trusted applications from U.S. mobile app stores. This is transparently a policy to back Trumps tweets about TikTok and would be a massive encroachment on Apple and Googles ability to continue to dominate the market for apps.

-Clean Apps: To prevent untrusted PRC smartphone manufacturers from pre-installing or otherwise making available for download trusted apps on their apps store. Leaving aside the internal contradiction, this is aimed squarely at Huawei which sells some of the lowest cost smart phones in the world. I dont trust any app from any store and neither should you.

-Clean Cloud: This section is meant to bar US organization from storing data in Chinese cloud providers, specifically calling out Alibaba, Baidu, and Tencent. That could be disastrous for companies that sell into the single biggest market in the world, China. Once again, never trust any cloud provider. Encrypt all of your data all of the time.

-Clean Cable. To ensure the undersea cables connecting our country to the global internet are not subverted for intelligence gathering by the PRC. We know this is done all the time by the NSA to everyones undersea cables. Other countries do this too. It is completely impossible to protect tens of thousands of miles of cables that lie deep in the ocean. The simple solution to undersea tapping of cables is, you guessed it, encrypt all the data all the time.

Thankfully this ridiculous posturing by the State Department will be short lived. On January 20, 2021, a new Secretary of State will be sworn in and we will return to sane policies. But we must push back whenever we can against the rise of digital mercantilism.

Continued here:

There Will Be Blowback - Forbes

Posted in NSA

What and how are you thinking? Anything is possible – Martins Ferry Times Leader

I just finished an interview for the First Light Show airing nationally on Westwood One next week. We talked about how and why we need to bring manufacturing back to the USA creating high wage jobs. Our Region is advantaged because of our proximity to markets, abundant natural gas and natural gas liquids. It was a great opportunity to tell our story to the nation. Shale Crescent USAs thought leadership made this possible.

Dr. Clay Marsh, West Virginia Covid-19 Czar said something profound this week I havent heard anyone in the medical community say directly. We are entering a new time period of learning to live with the virus. I might not have the quote exactly but my understanding is, Covid-19 isnt going away anytime soon even though we are working on vaccines and possible cures. If the virus isnt going away we need to live our lives in a way that protects us and others as we move to normal activities.

Going back to lockdown isnt the answer. We may find extended lockdown was deadlier than the virus because of depression, stress, increased suicide, domestic abuse, substance abuse and deaths from other diseases like cancer, high blood pressure and heart disease that went untreated. One doctor said he has only diagnosed about 1/3 of the cancer cases he normally does. Cancer doesnt take vacations. People chose not to go to the doctor out of fear.

When I had cancer over 30 years ago, my wife pushed me to see a doctor and made the appointment. It was serious enough for me to have surgery the next day. Fortunately, the cancer was found early. My type of cancer spreads quickly. A delay could have been deadly. How many cancer cases have spread into something incurable during Covid-19?

Industries like trucking, healthcare, petrochemicals and others learn to successfully deal with risks every day. Driving to the store, church or the beach is a risk most of us are willing to take. In industry following common sense rules like wearing PPE or seatbelts lowers the risk. Wearing a mask, social distancing and washing our hands does the same for us when dealing with Covid-19. The question isnt if we can get back to business, school or athletics it is, How can we? This question assumes we can, will and must.

We know how we can bring manufacturing back to the USA. I got a new crown from my dentist this week. It was made in the USA out of ceramic and zirconium on a 3D printer instead of by hand in China. My dentist said it wont crack or chip. We are using high tech computerized 3D printing capabilities to make critical healthcare PPE, essential medical equipment, products like Covid-19 tests and parts we are currently getting overseas. Small and medium manufacturing companies in our Region have the ability to change quickly and adopt new technology or change product lines quicker than large companies. This helps to keep current jobs and bring in new manufacturing jobs which are really important now.

Lynnda and I attended Influence 2020 the annual National Speakers Association (NSA) Conference last weekend. It was virtual. NSA is an ethnically and physically diverse association of professional speakers, trainers, coaches, business thought leaders and entertainers. NSA members were hurt by Covid-19 when meetings cancelled. I have a friend with a very successful business who lost 6 months of income in a week when meetings went away.

In addition to the mainstage presentations at Influence, we attended small virtual breakout sessions with the most successful people in the business. These individuals have seven figure businesses. They also have staffs and overhead a business like mine does not have. One individual lost over $1 Million in business almost immediately when meetings and live events began to cancel. I wanted to see how they were thinking in challenging times. These successful people responded honestly and openly to our questions. Their mindsets were surprisingly consistent. The approach they have to this pandemic is something I believe we can all learn from. Here are some thoughts;

The biggest challenge we have living with Covid-19 is our thinking, Hall of Fame Speaker Willie Jolley told us. When we change our thinking, we change our life. The late speaker and radio personality, Earl Nightingale said, We become what we think about. Willie added, Our thinking and attitude are formed by the people we spend time with and the things we read.

One thing all of these successful people did was to give first without any expectation of receiving anything. They knew everyone was hurting in some way. They began by calling their customers and offering to help at no charge. Some had weekly Zoom sessions where they brainstormed solutions or just listened.

Successful people are experts and thought leaders in their space. They are trusted advisors who share their expertise. These individuals challenge people to think. They get paid for their ability to think and to go beyond the obvious. They believe certainty is an illusion. They dont panic in a crisis. They lead.

They know how to refocus and evolve. When the old way is doesnt work find a new way. Their businesses are growing again. Successful people are;

Positive thinkers

Readers

Givers, who give first without expecting something in return

See opportunity even in a crisis. They believe there is always opportunity if we look.

Dont blame. They know that is a waste of time.

Experts in their space and thought leaders.

Exceptional communicators

We are each capable of all of these qualities, if we change our thinking and believe we are capable. How are you thinking? Anything is possible.

Greg Kozera, gkozera@shalecrescentusa.com is the director of marketing and sales for Shale Crescent USA. He is a professional engineer with a masters in environmental engineering who has over 40 years experience in the energy industry. He is the author of four books and numerous published articles.

Today's breaking news and more in your inbox

See more here:

What and how are you thinking? Anything is possible - Martins Ferry Times Leader

Posted in NSA

TikTok and National Security: The Need for a Comprehensive U.S. Privacy Law – Security Boulevard

Last week, President Donald Trump threatened to ban the popular social media platform TikTok, whose corporate owner is a Chinese company with alleged ties to the Chinese Communist Party. Trumps stated grounds for seeking to ban the popular application was that the app threatens U.S. national security. But exactly how?

I must confess Im not a regular user of TikTok, but my adult children are. TikTok, which has several billion subscribers, allows users to create and share short videospeople impersonating president Trump, dog and cat videos, etc.ranging from the benign to the puerile. So how is it that the application threatens national security?

The short answer is dataor more significantly, data privacy. Or, even more significantly, the unenforceability of data privacy policies.

Tik Tok, like almost every other social media and internet application, collects data on massive numbers of subscribers. It knows who they are, what they like, what they dislike, what they post and what they view. It also knows where they are when they are using the app (and often when they are not), what their IP address is, what kind of browser or phone they are using and a host of other details. Its customers are its product.

Like every other social media platform, TikTok has a privacy policy that purports to set out what data the company may collect, with whom it may share the data and how it can use the data. Nothing in the Tik Tok privacy policy says it can share, give or analyze subscribers data for the benefit of the Chinese Communist Party. It doesnt say, We may give any and all of your information to our Chinese Army overlords, who may use this to target you and your family as an American imperialist pig-dog It doesnt say, By using TikTok you agree that the Chinese Communist Party can know your sexual orientation and may use this and other knowledge to blackmail you should you ever pose a threat to the great leader But then again, nothing in the privacy policy says that TikTok cant. At least not explicitly.

As a result, a number of privacy class action lawsuits alleging that TikTok violates the federal Childrens Online Privacy Protection Act (COPPA) have been recently consolidated into one single class action suit in the Northern District of California. The lawsuits allege that TikTok sends users data (including those of minors) to China. TikTok says that its servers are in the U.S., but also notes that the company can transfer data to Beijing, if it so chooses, without breaking any laws. As TikToks responsive pleading in the class action case noted, [t]he Apps privacy policy also fully discloses that user data will be shared with TikToks corporate affiliates and third-party business partners and service providers, as is standard with free social networking apps that have a business model based on advertising.

In fact, TikToks privacy policy is similar to those of Facebook, Twitter, WeChat and other social media outlets or short content providers. It provides general platitudes about only sharing data with business partners and only to help provide services and enhancements and to customize content and to infer information about you Like other providers, TikTok says, We may disclose your information to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims, or government inquiries, and to protect and defend the rights, interests, safety, and security of TikTok Inc., the Platform, our affiliates, users, or the public. We may also share your information to enforce any terms applicable to the Platform, to exercise or defend any legal claims, and comply with any applicable law.

Again, on the surface, its pretty anodyne stuff. So why the national security tag? I mean, does information about dogs in pajamas really threaten to bring down the worlds longest-lasting democracy?

The short answer has little to do with the fact that TikToks parent company is Chinese-owned and has more to do with the power of informationparticularly personal information. Information about peoples likes and dislikes, members of their family, facial recognition, travel, location, politics, finances, sexual orientation, friends, education, employment, search history and intimate connections are the kinds of things that used to take months or years for spies to collect and cultivate. Now its a few mouse clicks away. It is rife with potential for misuse and abuse. In fact, its often impossible to tell the difference between appropriate and inappropriate use of such data. Lets face it, you are being surveilledmaybe by Facebook, maybe by Proctor & Gamble, maybe by the Coca-Cola Co., maybe by the Chinese Communist Party. And you are making it very easy to be surveilled. You post on Facebook, you share on LinkedIn and you tweet. And, if you are below a certain age, you use TikTok.

What distinguishes TikTok, at least in the opinion of the U.S. government, is not the information the company collects, stores, processes or shares. Its not the aggregation, analysis and slicing and dicing of that information. Its not the intimate profiling and use of the analyzed data or even the sharing of that data. And, its not that there is not something called a privacy policy that governs the collection and use of that data.

Its that because TikToks parent corporation is Chinese, we dont believe the company will adhere to its privacy policy, and, if it doesnt, we have no effective remedy. Therefore, we have to assume (well, we say we have to assume) that everything collected and shared by TikTok is simultaneously shared with the Chinese Ministry of State Security (MSS). Just as Europeans may assume that everything collected or stored by U.S. companies or cloud providers is simultaneously shared with the NSA. It doesnt matter whether it is true or not; it is perceived to be true, and that makes it a national security concern. Same for Huawei and ZTEthe U.S. government assumes that these entities are agents of the Chinese Communist Party acting on behalf of their government overlords. In fact, it was a perception that the NSA can compel U.S. companies to produce dataparticularly mass data about non-US personsthat lead an EU court in July to rule that the U.S./EU commercial data-sharing agreement known as Privacy Shield was unenforceable.

Using data as a weapon is nothing new. Scraping and analyzing data can help intelligence agencies profile and target people for recruitment or intimidation. LinkedIn and Indeed can be used to gather information about people with high-level security clearances. Facebook and Twitter and other social media can be the source for massive facial recognition programs such as Clearview AI. Under current U.S. law, most of this data is entitled to little if any legal protection, provided that the anodyne and amorphous privacy policies can be said to provide some modicum of notice to the data subjects that their data is being collected and that it might be used. It is that issue that needs to be addressed: a firm and unshakable commitment to protect the privacy of social media information. With openness and completeness.

Frankly, reading TikToks privacy policy, I have NO CLUE whatsoever what it does with subscribers information, with whom it shares that information and for what purpose, and I read privacy policies for a living. The best I can say is the company collects a lot of data and shares it with anyone that helps with TikToks business model. And at least that part is true whether it is owned by ByteDance or Microsoft.

Recent Articles By Author

Go here to see the original:

TikTok and National Security: The Need for a Comprehensive U.S. Privacy Law - Security Boulevard

Posted in NSA

Buhari to overhaul the nation’s security apparatus, says NSA – TheCable

President Muhammadu Buhari is planning a complete re-engineering of the nations security apparatus, according to Babagana Monguno, national security adviser.

Monguno broke the news to state house correspondents after a security briefing on Tuesday.

The president, according to Monguno, told service chiefs at the briefing that their effort is not good enough.

Monguno said since the issues are operational, Bashir Magashi, minister of defence, is working on something and will likely give a new direction to the security agencies in the days to come.

He said Buhari told the service chiefs that Nigerians have lost confidence in the security sector but he is determined to restore that confidence.

The president is angry over the declining security situation. At the last meeting, he mentioned it, Monguno said.

What he said today is virtually a reaffirmation of what he said the first time. Yes Mr President said you are doing your best, as far as Im concerned, but theres still a lot more to be done. Im more concerned about the promise we made to the larger Nigerian society and I am ordering an immediate re-engineering of the entire security apparatus.

This is something that I believe will be done in a very short time, but I just want us to keep hope alive.I know how everybody feels, I know how Nigerians feel, definitely the president is not oblivious of the fact that securing the nation is a primary responsibility of government and I believe in his sincerity, but again, since hes not an octopus, since hes not a spirit, if he delegates to people, then the onus is on them to actually fulfil the legitimate expectations of the larger Nigerian society.

There have been complaints over the widespread insecurity in the country, with many asking the president to fire the service chiefs.

On Monday, governors said they were planning to meet with the president over the rising insecurity in the country.

They also said the attack on the convoy of Babagana Zulum, their Borno counterpart, is an indication that the country is not safe.

Boko Haram insurgents had opened fire on the convoy of the Borno governor in Kukawa local government area last week.

Read more:

Buhari to overhaul the nation's security apparatus, says NSA - TheCable

Posted in NSA

Trump quashed report section showing Russia is helping him win 2020 – Business Insider – Business Insider

Last year, President Donald Trump's administration tried to pressure intelligence agencies to delete part of a classified report that found Russia was trying to help him win the 2020 election, according to an investigation by The New York Times Magazine.

The report, known as a National Intelligence Estimate, was compiled by the Office of the Director of National Intelligence (ODNI) in July 2019 and made several "key judgments" about matters of national security. "Key Judgement 2" in the report concluded that Russia aimed to interfere in the 2020 election to help Trump, unnamed national security sources told Times reporter Robert Draper.

Trump was reportedly unhappy with that finding. He has repeatedly denied the assertion that Russia tried to help his campaign in 2016 despite reports from the FBI, CIA, NSA, Justice Department, and Republican-led Senate Intelligence Committee that supported that conclusion. Russian President Vladimir Putin has similarly denied interfering in the 2016 election, but has also said he wanted Trump to win.

When the ODNI was finalizing last year's report, Trump administration staffers requested that it remove language in "Key Judgement 2" that detailed Russia's attempts to help Trump in 2020, former director of national intelligence Dan Coats told the Times.

"I can affirm that one of my staffers who was aware of the controversy requested that I modify that assessment," Coats said. "But I said, 'No, we need to stick to what the analysts have said.'"

Shortly after that exchange, Coats was surprised to learn that Trump was forcing him into early retirement. He was first made aware of the news when Trump tweeted that Coats' last day as DNI would be August 15 months before Coats planned to retire.

After Coats' departure, the National Intelligence Estimate was published with softer language describing Russia's potential motivation for interfering in the 2020 election. Instead of directly concluding that Russia wanted Trump to win in 2020, the report was updated to state that "Russian leaders probably assess that chances to improve relations with the US will diminish under a different US president."

The changes were made, according to an email reviewed by the Times, following edits by Beth Sanner, an ODNI official who presents President Donald Trump's daily national intelligence briefings.

The episode is part of a broader conflict between Trump and US intelligence communities, Draper reported. After a yearslong FBI probe into possible ties between the Trump campaign and Russia, Trump's Republican allies in Congress are now pushing an investigation into whether the FBI overstepped its authority.

Link:

Trump quashed report section showing Russia is helping him win 2020 - Business Insider - Business Insider

Posted in NSA

NSA Sheep 2020 to be a virtual sheep show – South West Farmer

The National Sheep Association is holding NSA Sheep 2020 virtually this year.

A summer of celebration was planned for the National Sheep Association (NSA) in 2020 to celebrate 40 years at its home on the Three Counties Showground, near Malvern, Worcestershire, however due to the ongoing Covid-19 outbreak, the event has been put on ice until larger gatherings are once again permitted.

Nevertheless, in recognition of the desire of NSAs members and supporters to partake in ongoing development, NSA has decided to proceed with aspects of the NSA Sheep event that people know and enjoy, with a series of two day virtual events starting this August.

Chief executive Phil Stocker said: Of course, all at NSA were incredibly disappointed to cancel our flagship event this summer. But as work progresses on bringing a new, exciting, virtual event to our members our team at head office as well as the extended NSA organisation is excited to see how our members and others will engage with our series of virtual events.

The Virtual celebration of sheep farming will give sheep farmers the opportunity to log in to a new NSA website for the series of events. They are invited to take part in online seminars and workshops, browse interactive videos from trade and breed society stands, enter competitions and more.

Read next: South West Ram Sale to go ahead despite coronavirus

Each event is themed to allow a focus to be made that is relevant to the season and the tasks that sheep farmers might be undertaking or policy that could be affecting them at that time.

The series will start with the first event titled Breeding the best on Wednesday, August 12 and Thursday, August 13, a theme that will allow NSA affiliated breed societies the chance to share information at a time when many farmers will be considering their plans for the upcoming breeding season.

Advice and guidance will also be delivered by a packed webinar timetable. Webinars will be open to everyone to join, with free registration for each webinar available in advance and on the two days of the events.

The opportunity to view new products and demonstrations is an event highlight and this will still be available with trade stand exhibitors delivering information through their own dedicated area of the website.

Those with a competitive nature will be able to get involved in a series of competitions that can be entered before and during the event that will give visitors to the site a chance to win an array of excellent prizes.

Competitions will include a fleece competition managed by long standing NSA supporters, British Wool, a photography competition, carcase competition, sponsored by meat processors Mutchmeats, and breed society stand contests.

To join in visit nsavirtualevent.org.uk.

The rest is here:

NSA Sheep 2020 to be a virtual sheep show - South West Farmer

Posted in NSA

All you need to hijack a Mac is an old Office document and a .zip file – TechRadar

A sequence of interconnected bugs could allow hackers to hijack devices running on macOS using little more than an infected Office document and a .zip file, an expert has warned.

The vulnerability was identified by ex-NSA researcher Patrick Wardle, now working for security firm Jamf, who found that even fully-patched macOS Catalina systems were at risk.

The exploit uses a rigged Office document, saved in an archaic format (.slk), to trick the target machine into allowing Office to activate macros without consent and without notifying the user.

The attack then takes advantage of two further vulnerabilities in order to seize control of the machine. By including a dollar sign at the start of the filename, a hacker can break free of the restrictive Office sandbox, while compressing the file within a .zip folder bypasses macOS controls that prevent downloaded items from accessing user files.

Apples macOS has long enjoyed a stellar reputation from a security and data privacy perspective, but Apple devices are by no means unhackable. This misconception, Wardle suggests, could lead both users and security personnel to underestimate the potential threat level.

In the world of Windows, macro-based Office attacks are well understood (and frankly are rather old news). However, on macOS, though such attacks are growing in popularity and are quite en vogue, they have received far less attention from the research and security community, he wrote in a recent blog post.

Triggered by simply opening a malicious (macro-laced) Office document, no alerts, prompts, nor other user interactions were required in order to persistently infect even a fully-patched macOS Catalina system.

The researcher did concede that the attack requires the target individual to log in and out of their device twice, with a further step in the process fulfilled with each login. However, this does not necessarily make the attack any less feasible for criminals, who are content to play the long game.

According to Wardle, Apple did not respond to his disclosure. Microsoft, for its part, has conducted an investigation into the issue and verified the researchers findings.

[The company has] determined that any application, even when sandboxed, is vulnerable to misuse of these APIs. We are in regular discussion with Apple to identify solutions to these issues and support as needed, said a Microsoft spokesperson.

The vulnerabilities have now been patched with the latest versions of Office for Mac. Users are therefore advised to update their Office software and operating system as soon as possible, to shield against attack.

Via VICE

Read the original post:

All you need to hijack a Mac is an old Office document and a .zip file - TechRadar

Posted in NSA

Silicon Valley’s Vast Data Collection Should Worry You More Than TikTok – Jacobin magazine

If a world historical crisis being mismanaged by a far-right leader werent bad enough, it now seems the government is coming for your beloved social media apps.

Trumps latest gambit to distract from his monumental mismanagement of the pandemic response is a threat to ban the social media app TikTok, a video sharing service with 800 million users across several continents, many of them teens and young adults.

But Trumps threat is more than the desperate flailing of a leader whose reelection chances are rapidly sinking. It marks the culmination of a rising, bipartisan drumbeat of hostility toward the app, both in the United States and globally.

There are three principal objections to TikTok: the vast amounts of its users personal data that it vacuums up, its potential reach into the homes and minds of the unsuspecting public, and the threat of censorship. All are intimately connected to TikToks ownership by ByteDance, a Chinese company headquartered in Beijing. They are therefore also tangled up in the growing swell of anti-Chinese sentiment here and abroad.

Although theres no hard evidence, there is more than a good chance that the data TikTok collects is, at the very least, accessible by the Chinese government. As this ProtonMail report points out, not only does TikToks privacy policy assert the right to share information with members of its corporate group, which would include its parent company, but ByteDances CEO has already promised to further deepen cooperation with official party media, on top of the ideological censorship it has already engaged in on behalf of the Chinese Communist Party (CCP). Whats more, a 2017 law lets the Chinese government force companies to secretly hand over data, including data on foreign citizens.

Its this that led Congress to ban federal employees from carrying the app on their phones, leading to headlines asking if its spying on you for China and posing a risk to US national security, and to secretary of state Mike Pompeo warning that it puts your private information in the hands of the Chinese Communist Party.

India banned the app in June, charging that its mining and profiling by elements hostile to national security and defense of India requires emergency measures (though, significantly, TikTok was one of a suite of Chinese mobile apps banned by India, a ban that only came following a June border skirmish between the two countries).

In Australia, poised to launch a probe into the app, the MP who chairs the countrys Committee on Intelligence and Security suggested its potential data collection could be used to manipulate the countrys politics in the years and decades ahead.

Theyre our future leaders, he said about the apps largely teenage user base. Theyre our future political, economic, cultural and military leaders and we need to protect their information long term.

In US political discourse, where the largely media-manufactured idea that Russian bots and fake news swung the election is unassailable, some fear China will use the data it hoovers up to interfere in elections a Chinese Cambridge Analytica data bomb waiting to explode, in other words.

Others warn that TikToks willingness to censor at Beijings request poses a threat to free speech beyond Chinas borders, given the global nature of the app. In this case, nobody in the world would be able to access the content on TikTok once removed, writes Lawfares Justin Sherman. The takedowns would be global.

All of this is made worse by the Chinese governments increasingly repressive, borderline genocidal nature, making its control of information and private data all the more perilous. Its these worries that have united everyone from the hard right, to China hawks more generally, to even some progressives.

And none of this is unreasonable. We should be worried about private companies and governments potentially collecting data on millions of unsuspecting people and censoring content they dont like. But those based in China represent just a sliver of that threat.

The fact is that everything people fear TikTok and the Chinese government are doing or someday will do is already being done by a host of other tech giants and governments. The only difference is, they happen to be situated in Western countries.

The mass collection of personal data? As commentators note (even those critical of the app), Tik Tok doesnt appear to do anything over and above the prying data grabs typical of all social media platforms. Several experts told Wired the apps data collection is in the same ballpark as other apps. Even ProtonMail, which does argue TikToks collection is more extreme than other social media platforms, suggests others are little better. How much user data does TikTok collect? it asks. As with just about every social media platform, the answer is: a lot.

This is nothing to be sanguine about. From your web browser, to your email, to your various social media accounts, to your phone, to its most innocuous-seeming apps, your lives are being constantly tracked, documented, and packaged, often for advertisers and corporations. If youve shelled out for any of the newfangled smart products, youre having data about your most intimate life harvested.

It was only two years ago we found out Facebook allowed, through its lax data protections, one single app to harvest the data of 87 million users, including their work history and political vies, even though only 270,000 downloaded the app.

This is the same company that once secretly experimented with its users moods and emotions. Worse, its becoming increasingly clear that, whatever steps we take to protect our privacy, we likely cant stop companies from collecting our private information.

Collaborating with government? That too is hardly a Chinese innovation. Despite some significant resistance to the US governments snooping, the big US-based tech companies have become what one cybersecurity expert dubs surveillance intermediaries, continuing to hand over data at the request of the US government.

Thanks to the Snowden leaks, we know the NSA hoards data including photos, videos, emails, and more from a whos who of Silicon Valley since 2007, swimming in so much of our personal information that even its analysts complain it makes their jobs harder.

Despite initially eliciting fiery outrage, that programwhose first target was a pro-democracy critic of Fijis authoritarian leader has been reauthorized with little objection. And even without the cooperation of tech firms, the UK government taps undersea cables to scoop up phone calls and internet activity, which it then shares with its Five Eyes partners, which of course includes the United States.

The blurred line between government and business that TikToks critics point to likewise isnt unique to China. Silicon Valley has a close relationship with one of the United Statess two ruling parties, hiring alumni of the last Democratic administration while funneling many millions of dollars to the partys candidates.

In fact, this election is seeing a handful of tech billionaires throwing millions of dollars at creating data infrastructure and partisan news sites aimed at electing the partys 2020 presidential nominee.

Lastly, while a reluctance to censor may have once distinguished Western tech firms from their Chinese counterparts, the panic that followed the elections that brought us Brexit and Trump has all but neutralized that distinction.

Under increasing pressure from the liberal end of the Washington spectrum, tech companies have become increasingly censorious, working with outfits like the NATO-aligned and corporate-funded Atlantic Council and even the Israeli government to purge content those bodies deem inappropriate.

In one particularly egregious example, Facebook, egged on by CNN, suspended a left-wing news outlet from its platform for two crimes: not disclosing its funding from Russian state media, something Facebook had never required until then; and, even more menacingly, for being critical of Western government policies, or as the report put it, being generally critical of US foreign policy and the mainstream American media, which CNN suggested made it tantamount to Kremlin propaganda.

Unsurprisingly, this liberal-led push for censorship has also backfired, with Facebook hiring conservative fact-checkers who promptly censored content according to their own right-wing biases.

Whether youre an American citizen or a foreigner worried about how shadowy governments and unaccountable corporations might misuse the data of leaders current and future, its not clear why you should only be worried about those in China.

Indeed, given the Five Eyes member countries extensive history of meddling in other countries and given the massive amounts of money US tech firms spend to influence their own countrys politics this should be a worry at least as pressing as China, especially given the larger number of US-based social media platforms that we use without a care in the world on a daily basis.

TikToks critics might point to the increasingly scary behavior of Chinas government as to why Chinese control of information is particularly alarming. Theyre right about the behavior, but they curiously ignore the fact that the United States itself is currently governed by a far-right demagogue with his own concentration camps and authoritarian repression, and that the party behind him, which aligns entirely with his politics, reliably cycles into power at least once every eight years.

This is what the era of mass surveillance and nationalist neoliberalism has produced. Seven years ago, the vast scope of public-private spying was a global scandal. Now, weve so normalized mass surveillance that the only time were allowed to worry about it is if the people doing it live in whatever the worlds current evil empire happens to be.

The answer isnt to dismiss the potential menace of Chinas surveillance programs, or to cheerlead for a rival set of tech oligarchs who simply happen to live in California and speak English.

We should broaden the concerns and criticisms of TikTok and its relationship to China to tech firms more generally, and push for an across-the-board guarantee of online privacy and free speech for all of the worlds people, whether theyre more worried about being tracked and manipulated by people in the United States or China.

What might that look like? Perhaps it would involve negotiating a set of rules for surveillance and data collection that all governments and the tech firms associated with them would have to play by.

The trouble is, just as US opposition has hindered everything from a cluster bomb ban and the International Criminal Court to a multilateral agreement on space militarization, it would be difficult to get the US government to agree to so much as curtail a set of tools it pioneered and enjoys significant geopolitical advantage from. And thats before we got to the vehement opposition that would come from tech firms themselves.

Still, as ambitious as it is, even simply shifting the conversation to such an idea would, at the very least, be more productive than the current solutions. As is, were left with a rival video sharing platform, Triller, trying to capitalize on TikToks troubles by promising a form of patriotic capitalism, and Microsoft, now looking to buy the app, pledging to keep all its data in the United States ripe and ready for the NSA and other Western government agencies to then ladle up, patriotically of course.

Silicon Valley and the NSA would love us to think that its who does the spying, not the spying itself, thats the real problem. We shouldnt let them get away with the impression a mere seven years is all it takes for us to lose our sense of outrage.

View post:

Silicon Valley's Vast Data Collection Should Worry You More Than TikTok - Jacobin magazine

Posted in NSA

T-Mobile Is The First Carrier Globally To Launch Nationwide Standalone (SA) 5G – Forbes

T-Mobile Nationwide 5G

Many carriers around the world raced last year to be the first to launch 5G; those networks were built upon the foundation of 4G networks in a type of 5G mode called non-standalone (NSA). This means that the device needs to have both 4G and 5G signals to work because to save time and money, it leverages 4G core infrastructure. NSA 5G is what I like to call the half-step to full 5G because it is absolutely 5G, but it cannot deliver on the low latency, and improved throughput promises that 5G offers without going standalone or SA 5G. Standalone 5G basically means that the 5G network from end to end is independent of 4G and has its core, which is designed to meet the 3GPPs set requirements for 5G New Radio (NR) Release 15.Lets examine SA 5G further.

Why is standalone (SA) 5G so important?

Many, if not most carriers around the world today, have NSA 5G networks, but they are racing to put the infrastructure in place to be able to launch SA 5G networks. The reason for this is multi-faceted and explains why T-Mobile and other carriers are in a race to deploy it for more than just chest-thumping. Moving to Standalone (SA) 5G first and foremost is designed to reduce network latency because if you build a 5G network with a proper 5G core and Radio Access Network (RAN), you significantly reduce latency. By substantially decreasing latency, you enable new use cases outside of regular smartphones and tablets. Lowering latency improves reliability and responsiveness so that you can start to allow more use cases like XR or autonomous driving, which are both very latency-sensitive.

In addition to lower latency, SA 5G also offers network slicing, which the carriers like T-Mobile are incredibly excited about given the monetization opportunity. Network slicing allows the carriers to virtually allocate certain pieces of their network to be optimized for specific use cases to deliver the best possible experience for that use case using the least amount of the network. This means that carriers can make the most of their networks while also offering new services for new use cases, maximizing the value of their investment in spectrum and new infrastructure. Last but certainly not least, 5G SA allows carriers to avoid needing to have a 4G signal and thus rely on 5G network coverage. This doesnt seem like a big deal at first until you realize that carriers like T-Mobile are deploying 5G at 600MHz, which means that T-Mobile can send the signal exceptionally far, as far as 60 miles. However, if T-Mobile is dependent on a 2100, 1900 MHz or 1700 MHz 4G signal for 5G with NSA, then the coverage is limited to the range of the higher frequency signal, which may only travel a few miles far shorter distance than 600 MHz. By dropping the requirement to have a 4G signal to deliver 5G, coverage can improve by quite a significant margin.

T-Mobiles Global First Standalone Nationwide 5G Network

While I am not aware of ANY standalone networks available today in any capacity, T-Mobiles is the first and only one with nationwide coverage, regardless of the size of the country. That said, the United States of America is quite a vast country, and to do so in the USA is impressive on its own, let alone having it be the first in the world. T-Mobiles SA 5G network is built upon the foundation of the companys 600 MHz 5G rollout which started last year with NSA but also leverages the companys 2.5 GHz mid-band and 28 GHz mmWave signal. T-Mobile gained the 2.5 GHz mid-band frequency with the acquisition of Sprint, which has roughly 160-200 MHz of that spectrum nationwide, which is more than most of its competitors, in all bands below 6GHz. T-Mobile calls the combination of high-band (mmWave), mid-band (2.5 GHz), and low-band (600 MHz) spectrum its spectrum layer cake. This strategy allows T-Mobile to have the best possible 5G coverage while also having the best possible speeds in the areas where it is needed most. Fellow analyst Will Townsend and I wrote about this in a previous article, and if interested, you can find it here. I believe that long term, all carriers will deploy this strategy, but it really depends on spectrum availability and capital expenditure capabilities. AT&T and Verizon started with mmWave and are struggling to catch up with T-Mobile on coverage due to the company starting with 600 MHz, which inherently has much better coverage but lower speeds.

How T-Mobile built an SA 5G network

To build its 5G SA network, T-Mobile partnered with Cisco and Nokia for the network core and Ericsson and Nokia for the 5G radio. This is a common thing that carriers do for supply chain leverage, with different markets having different infrastructure but following the same standards, so there are no concerns around compatibility. To help test and validate this standalone 5G network, T-Mobile worked with OnePlus, Qualcomm, and Samsung. Most consumers will not have to do anything to use T-Mobiles SA 5G network. All the 5G devices that T-Mobile currently sells today and has ever sold are compatible with the new 5G network. This is because to support 5G in 600 MHz, T-Mobiles devices had to use a Qualcomm Snapdragon X55 modem, which also happens to have SA 5G support already. In theory, other alternative chip vendors support SA 5G like Huawei and MediaTek, but neither have any devices on T-Mobile.

T-Mobile 5G and Verizon 5G

T-Mobiles impressive SA 5G results

While I have not had a chance to thoroughly test this network yet since it just launched today thoroughly, T-Mobile has provided us with some details about what kind of improvements the company is seeing. One example was presented during an Analyst call last week where T-Mobile showed a map of North Dakota illustrating how much more 5G coverage the state had purely by turning on NSA 5G. T-Mobile is claiming that by simply switching to NSA 5G, the company is improving 5G coverage by an additional 30% while already having by far and away from the best 5G coverage in the country. As a result, T-Mobile is claiming that its 5G network coverage area is more than two times bigger than AT&Ts and more than 10,000 times bigger than Verizons. According to Open Signal, Verizons 5G network has only 0.4% coverage, so it makes sense that T-Mobile can claim such a ridiculously high comparison number. This additional coverage means that T-Mobiles 5G network is adding 2,000 new cities and now covers 250 million potential customers in 7,500 cities across 1.3 million miles. However, T-Mobile has not stopped there; the company has also stated that by going to SA 5G, the all-important latency figure has dropped by 40%, which should put T-Mobiles latency in the teens or lower.

Breaking it down

T-Mobile started out of the gates quickly with 5G, and with this new standalone (SA) 5G network, we believe the company is broadening its 5G lead. Verizon and AT&T are scrambling to keep up with T-Mobiles coverage and lack the mid-band spectrum to compete with it there as well. Our firm analyzed the leaders in 5G spanning silicon, infrastructure, carriers, and more in a six part Forbes series last summer and concluded that T-Mobile was a leader in North America. This announcement further cements that leadership. If interested, you can find that article here.

I expect that as T-Mobile rolls out its mid-band 2.5 GHz network, which the company is currently doing at a blazing 1,000 sites per month (1,000 sites per month on 600 MHz as well), it will really start to pull away from the rest of the pack in average download speeds. T-Mobile is already reporting an average of about 300 Mbps on 2.5 GHz and expects that to reach 400 Mbps by the end of the year as more spectrum frees up.

Sure, it will take time for T-Mobile to roll out 2.5 GHz nationwide, but nobody expected T-Mobile to roll out 600 MHz this quickly either. AT&T already has nationwide 5G coverage, but it will probably take it quite some time to catch up to T-Mobile. Verizon has a plan to deploy Dynamic Spectrum Sharing (DSS) to enable 5G coverage, but that shares spectrum with 4G. That said, all three carriers are expected to deploy DSS to shore up coverage holes by the end of the year.

Nevertheless, T-Mobile have shown that it is not only the undisputed leader in 5G coverage, but that it also has the most advanced 5G network with standalone 5G, and the company is not letting off the gas pedal. T-Mobile has taken multiple leadership positions in 5G and it does not look like it will be surrendering them anytime soon.

Note: This blog includes contributions from Moor Insights & Strategy founder and President, Patrick Moorhead and Will Townsend, carrier services and carrier equipment.

Discloser: Moor Insights & Strategy, like all research and analyst firms, provides or has provided paid research, analysis, advising, or consulting to many high-tech companies in the industry, including Amazon.com, Advanced Micro Devices,Apstra,ARM Holdings, Aruba Networks, AWS, A-10 Strategies,Bitfusion,Cisco Systems, Dell, DellEMC, Dell Technologies, Diablo Technologies, Digital Optics,Dreamchain, Echelon, Ericsson, Foxconn, Frame, Fujitsu,GenZ Consortium, Glue Networks, GlobalFoundries,Google,HPInc., Hewlett Packard Enterprise, HuaweiTechnologies,IBM, Intel, Interdigital, Jabil Circuit, Konica Minolta, Lattice Semiconductor, Lenovo, Linux Foundation, MACOM (Applied Micro),MapBox,Mavenir, Mesosphere,Microsoft,National Instruments, NetApp, NOKIA, Nortek,NVIDIA, ON Semiconductor, ONUG, OpenStack Foundation, Panasas,Peraso, Pixelworks, Plume Design,Portworx, Pure Storage,Qualcomm, Rackspace, Rambus,RayvoltE-Bikes, Red Hat, Samsung Electronics, Silver Peak, SONY,Springpath, Sprint, Stratus Technologies, Symantec, Synaptics,Syniverse,TensTorrent,TobiiTechnology, Twitter, Unity Technologies, Verizon Communications,Vidyo, Wave Computing,Wellsmith, Xilinx, Zebra, which may be cited in this article.

Excerpt from:

T-Mobile Is The First Carrier Globally To Launch Nationwide Standalone (SA) 5G - Forbes

Posted in NSA

The Room Where It Happened: Former US NSA exposes the frailties of the Trump administration – The Financial Express

In one of the interviews at the fag end of his second term, former Prime Minister Manmohan Singh remarked that history would be kinder to him than contemporary media. The current US President, Donald Trump, has no such premonitions. Although all US presidents, since Gerald Ford at least, have been called more divisive than the last, in the case of Trump, it has indeed been true. For his supporters, Trump has been able to deliver on most promises. By pulling out of agreements and deals, he has shown that America need not pay for others adventurism. He has also been cracking down on immigration to assure his supporters that he stands for them. But for his opponents, his term has been characterised by rhetoric and uncertainty. One of the reasons behind the stark polarisation that the US is witnessing today are the changes in social construct that Trump has brought about. More tumultuous, however, has been the White House, which has seen numerous exits on the whims and fancies of the chair and those closest to it.

John Boltons The Room Where It Happened does not present any new facts on what transpired since Trump became President, but he does furnish details on how things happened and who the key players were influencing decisions. The former national security advisor, who was part of the Trump administration, is often trapped in displaying his grandiose stands rather than what transpired. Bolton does present an account of how he became national security adviser and the events leading to his resignation from the post. The account also details Trumps mishandling of events, as per Bolton. Most of it is somewhat superfluous, as the author avoids major events. He does, however, give insights into how Trumps relationship with world leaders has often been transactional in nature, but doesnt go beyond to explain how. The rest of the book is riddled with Americas policy and Boltons interpretation of it, as well as the failures of the Obama administration. And Trumps, of course.

The problem with Boltons book is that, one, it is far too influenced by his perspective rather than what transpired and, two, it doesnt go beyond the mundane details of the functioning of his office. Bolton seems conspicuously absent from the room where it all happened. He did not testify against Trump during the impeachment hearings. He, however, tries to spice up his otherwise dull account with anecdotes from Shakespeare, but given how they are used, it makes him seem more high-headed.

Bolton gives a detailed account of how he avoided landing a nondescript post at the start of the administration and recites lines from Joseph Addisons Cato: When vice prevails, and impious men bear sway, explaining the reasons for not doing so. There is some wisdom from Henry Kissinger as well.

There is a fair bit of dichotomy in the book. On one hand, Bolton criticises Trumps handling of events, while on the other, he admires the fact that the President is ready to listen to him and implement his plans. When Trump does depart from Boltons position, there is a fair bit of lashing out. One event that is well-detailed is Irans downing of an American drone. Trump did not agree with Boltons suggestion of equal retaliation. What is surprising, though, is the fact that Bolton refused the Vietnam draft and joined the National Guard, as he did not find any point in fighting a losing war, but here, he was ready to wage wars on Americas behalf with little to no regard for cost. What could otherwise have been an important note on Trumps administration is reduced to the ramblings of a disgruntled adviser.

Unfortunately, Boltons account is filled with unnecessary details and war-mongering. Even discounting for his views on war, Iran, Venezuela and Vietnam, he doesnt have much to offer. For policy enthusiasts, there is some knowledge about inner workings and Boltons style of administration, but it stops at that. What could have been a detailed analysis of backroom dealings and policy decisions falls woefully short.

Much was made about Boltons claims of exposing the administration on Ukraine, but that, too, turns out to be a disappointment. Media reports have exposed more than Bolton has in a single chapter. The media events surrounding the book created more of a flutter than the book itself. Trump or his followers wont lose sleep because of what Bolton has said. Ultimately, he hasnt said anything that people didnt know already. One of the interesting parallels in Indian politics is VP Singhs meteoric rise to power. Singh, once a part of Rajiv Gandhis cabinet, repeatedly claimed to expose the people involved in the Bofors scam. He would dramatically pull out a piece of paper from his pocket claiming it had names of those involved in the scam. The optics catapulted him to the post of prime minister. Bolton would have done better if he had only threatened to expose Trump on Ukraine, China and Russia instead of writing a book about it, which could have always come later. Why burn bridges now? If Trump does get a second term, there still may be a chance to make a comeback. In politics, there are no permanent foes or friends.

Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, calculate your tax by Income Tax Calculator, know markets Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.

Continue reading here:

The Room Where It Happened: Former US NSA exposes the frailties of the Trump administration - The Financial Express

Posted in NSA

NSA Sheep 2020 to go virtual over two days – FarmingUK

A key sheep sector event that was cancelled due to the ongoing Covid-19 crisis is now set to go virtual over two days next month.

A summer of celebration was planned for the National Sheep Association (NSA) in 2020 to celebrate 40 years at its home on the Three Counties Showground, near Malvern, Worcestershire.

However, due to the ongoing Covid-19 outbreak, the event has been put on ice until larger gatherings are once again permitted.

Nevertheless, NSA has decided to proceed with aspects of the NSA Sheep event, with a series of two day virtual events starting in August.

NSA chief executive, Phil Stocker said the organisation was 'incredibly disappointed' to cancel its flagship event this summer.

However, he said: "As work progresses on bringing a new virtual event, our team at head office as well as the extended NSA organisation is excited to see how our members and others will engage with our series of virtual events."

The Virtual celebration of sheep farming will provide farmers with the opportunity to log in to a new NSA website for the series of events.

Sheep producers will be able to join webinars and workshops, browse interactive videos from trade and breed society stands and enter competitions.

To host the events a new NSA website was launched in June, allowing exhibitors to apply to be part of the series of events and enabling visitors to pre-register to attend and also to register for the planned series of webinars.

Each event is themed to allow a focus to be made that is relevant to the season and the tasks that farmers might be undertaking or policy that could be affecting the sector.

The series will be kicked off with the first event titled Breeding the best on Wednesday 12 and Thursday 13 August,.

The theme will allow NSA affiliated breed societies the opportunity to share information at a time when many farmers will be considering their plans for the upcoming breeding season.

Advice and guidance will also be delivered by a webinar timetable, with free registration for each webinar available in advance and on the two days of the events.

The opportunity to view new products and demonstrations is an event highlight and this will still be available with trade stand exhibitors delivering information through their own dedicated area of the website.

NSA sheep event organiser, Helen Roberts said: "The NSA Sheep Event is seen as a business to business event, offering sheep farmers the opportunity to visit a show that is completely focussed on sheep and shepherding.

"This will not be forgotten at our virtual event with our overall aim to provide sheep farmers with advice that can really help with development of their flocks, whether that is in the form of a webinar or through a trade stand exhibitor launching and demonstrating a new innovative product.

Visitors will be able to participate in a series of competitions that can be entered before and during the event that will give them a chance to win an array of prizes.

They will include a fleece competition managed by British Wool, a photography competition, carcase competition and breed society stand contests.

See the article here:

NSA Sheep 2020 to go virtual over two days - FarmingUK

Posted in NSA

Protect Our Power Urges Vigilance in Response to NSA and CISA Warning on Critical Infrastructure – PRNewswire

WASHINGTON, July 28, 2020 /PRNewswire/ --Electric grid advocacy group Protect Our Power today urged continued and enhanced coordination between utilities and federal agencies to urgently address threats to critical infrastructure, as highlighted by the recent advisory from the National Security Agency (NSA) and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA)

According to Jim Cunningham, Executive Director of Protect Our Power:

"The recent Cybersecurity Advisory from NSA and CISA confirms the urgency of what Protect Our Power has been advocating for several years now our electric grid faces very real threats on a daily basis, and we need to prioritize and address our known vulnerabilities in a comprehensive and unified manner.

"As this joint report highlights, this is especially true with regard to Internet-accessible Operational Technology (OT) assets, which are becoming much more prevalent across critical infrastructure sectors, including electricity, as companies and workers increase remote operations.

"Addressing grid threats will require a combination of government funding and regulatory incentives encouraging utilities to invest in cybersecurity. It is also critical that utilities and key government agencies continue to proactively share cybersecurity information so that all asset owners know about incoming attacks and effective best practices and resources to repel or mitigate those attacks. The grid is only as strong as its weakest link."

About Protect Our PowerProtect Our Poweris a not-for-profit organization designed to build a consensus among key stakeholders, decision-makers and public policy influencers to launch a coordinated and adequately funded effort to make the nation's electric grid more resilient and more resistant to all external threats. POP is singularly and uniquely positioned as a non-partisan, unbiased thought leader able to serve as a convening, moderating, action-oriented voice.

SOURCE Protect Our Power (POP)

Home

Read this article:

Protect Our Power Urges Vigilance in Response to NSA and CISA Warning on Critical Infrastructure - PRNewswire

Posted in NSA

A "Time of Heightened Tensions": Homeland Security and National Security Agency Issue Joint Cybersecurity Alert – JD Supra

On July 23, 2020, the Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency (CISA), joined by the National Security Agency (NSA), issued a cybersecurity alert to operators of critical infrastructure. This cybersecurity alert outlines a series of immediate actions companies should take to reduce the risk of operational interference resulting from cyberattack. Unlike the bulletin issued by the Department of Homeland Security in January of 2020, which warned of potential attacks by Iran in retaliation for United States killing of Major General Qasem Soleimani, the recent jointly-issued alert does not identify any specific individual or nation-state actor. Instead, the alert acknowledges, only in general terms, that this as a time of heightened tensions.

The alert identifies types of cyberattack activity recently observed, including spearphishing, utilizing commonly used ports, and use of vendor engineering software and program downloads. It then provides a detailed list of specific actions that companies should take, grouped under these broad operational areas:

In the energy space, owners of critical infrastructure assets have seen an unprecedented uptick in recent years of hacking and phishing attempts, including denial of service (DoS) attacks which are aimed at exploiting vulnerabilities in an entitys firewall. In a DoS attack, multiple systems flood the network of a targeted system with traffic, usually one or more of its web servers, and disrupt service with the goal of rendering it unavailable to its intended users. A DoS attack on a generation facility could leave the grid operator without visibility for a prolonged period into the power operations generating hundreds of megawatts of electricity. The inability to monitor and manage power availability real-time raises the possibility of outages or blackouts. The majority of the attacks are smaller in scale, primarily aimed at disrupting communications, and have not resulted in any serious disruptions to service. High-profile events in Saudi Arabia (2017), Ukraine (2015, 2016), and South Korea (2014), demonstrate, however, that such serious disruption is possible.

The joint alert underscores the continued vulnerability of critical infrastructure to cyberattack and the need for, as stated in the alert, continuous and vigilant monitoring in an effort to prevent significant disruption to the nations bulk power supply.

Go here to read the rest:

A "Time of Heightened Tensions": Homeland Security and National Security Agency Issue Joint Cybersecurity Alert - JD Supra

Posted in NSA

Amid ‘heightened tensions,’ US government issues warning to critical infrastructure providers – Utility Dive

Dive Brief:

The utility sector has become accustomed to a daily barrage of hacking and phishing attempts, but experts say the new alert from the U.S. intelligence community may signal a more concentrated threat to ICS.

"If the NSA is coming out of the shadows to speak up in a joint alert with CISA, you want to listen and take action," Evan Dornbush, CEO and founder of Point3 Security, said in a statement.

According to the alert, older operational technology that was not designed with security in mind,combined with new systems that can help hackers identify internet-connected ICS, are creating a "perfect storm" of easy access to unsecured assets and "an extensive list of exploits."

"Civilian infrastructure makes attractive targets for foreign powers attempting to do harm to U.S. interests or retaliate for perceived U.S. aggression," the alert said. While the utility sector was not specifically mentioned, the alert does reference a 2015 cyberattackin Ukraine that caused more than 200,000 people to lose power.

"Although I am not aware firsthand of any significant increase in attacks targeting utilities, the fact that the US [Computer Emergency Readiness Team]released that briefing at a strategic level, without any specific indicators of compromise, heavily implies that there is a rise in these attacks and that multiple groups are targeting industrial control systems," Bill Swearingen, a cyber strategist at IronNetCybersecurity, told Utility Dive in an email. "This is a 'trend attack'that we'll likely continue to see."

The alert's recommendations focused on the need for critical infrastructure providers to:have a resilience plan for operational technology systems; exercise an incident response plan; undertake network hardening activities; and implement a "continuous and vigilant" system monitoring program.

The advisory "is particularly interesting because it appears to be tied to ongoing campaigns targeting industrial control systems," Phil Neray, vice president of internet of things and industrial cybersecurity at security firm CyberX, said in an email.

The alert also "explicitly mentions the need for organizations to protect against sophisticated living-off-the-land tactics such as modifying the control logic in process controllers," said Neray, "which is exactly what we saw in the Triton attack."

The Triton attack is a reference to malware used in 2017 to breach the safety systems of a petrochemical plant in Saudi Arabia. More recently, there have been reports that the perpetrators of that attack have been scanning the U.S. power grid for vulnerabilities.

"Cyber campaigns are an ideal way for nation-states to apply pressure on the global stage, because they offer the advantage of plausible deniability plus the rules of engagement are undefined," Neray said.

The alert warned of attacks "at this time of heightened tensions." That could mean tensions with several nations, said Jamil Jaffer, senior vice president of strategy, partnerships and corporate development at IronNet.

"We know the Russians have sought and gained sustained access to American critical infrastructure, and we know the Iranians have tried also,"Jaffer said in an email. "Given all this, while it's not clear what specific heightened tensions the alert is referring to, certainly there are plenty of potential challenges globally at this time.

The U.S. government has alleged Russian hackers targeted COVID research facilities and also indicted Chinese nationals for a hacking campaign that includes intellectual property theft. "We are publicly naming and shaming these countries for COVID[-19] research attacks as well, and so this could be a nod to that,"Swearingen added.

CLARIFICATION: A previous version of this story did not give Jamil Jaffer's full title. He is senior vice president of strategy, partnerships and corporate development at IronNet.

See the original post:

Amid 'heightened tensions,' US government issues warning to critical infrastructure providers - Utility Dive

Posted in NSA

Garmin Hack, Glitch in Flight Navigation and an NSA Warning: The Massive Threat of WastedLocker – News18

On Thursday, July 23, Garmin started sending out a notice to its users, stating that the company was experiencing an outage. While occasional outages are fairly common in the tech space, what was happening at Garmin was hardly everyday business. ZDNet promptly reported that the company has been hit by a rather extensive ransomware attack, one which appeared to take down the companys websites, apps, internal communications, customer support services, and critically, Garmin hardware, software and databases that are used actively for aerospace and even maritime navigation. Earlier yesterday, Garmin partially confirmed the same via a global media statement.

While Garmin has seemingly played down the severity of the hack, the cyber attack is actually of massive, massive consequence. The ransomware-led outage at Garmin came on the same day as CISA-NSAs joint advisory on serious cyber attacks threatening some of the most critical, industrial IoT deployments. Almost as a show of their might and abilities, a part of Garmins affected services included their aerospace and even maritime navigation technologies. In essence, the attack could actually have been exponentially more impactful particularly if commercial aerospace was operating as per its pre-Covid-19 usual.

It also sheds light on how ransomware and related cyber crime techniques have advanced significantly, and also, how the data-led world poses a great amount of risk all summing up to suggest that Garmin was a very meticulously chosen prey, one that may have been a precursor to an impending wave of cyber attacks.

The ransomware that toyed with Garmins systems is alleged to be WastedLocker the nomenclature assigned to the malware by UK-based security firm, NCC Group. As Stefano Antenucci, cyber threat analyst at Fox-IT, a division of NCC, says, WastedLocker was discovered by cyber security professionals as recently as May this year, and is masterminded by Maksim Viktorovich Yakubets the alleged leader of notorious cyber criminal group, Evil Corp. Unlike general ransomware attacks, WastedLocker deploys a far deeper technique that capitalises on cyber security lapses to ensure that the ransom encryption takes longer, and at times also becomes impossible, for companies to fight against.

Garmin has not officially used the term ransomware as part of its statement, but its wording fairly indicates so. The company stated yesterday that it was the victim of a cyber attack that encrypted some of its systems on July 23. Perhaps more important, on this note, is this passage: We have no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen. Additionally, the functionality of Garmin products was not affected, other than the ability to access online services. Affected systems are being restored and we expect to return to normal operation over the next few days. We do not expect any material impact to our operations or financial results because of this outage. In other words all of the classic indicators of a ransomware attack.

A Garmin India spokesperson declined News18s request for an interaction on the topic.

So, why is this attack on Garmin so significant? The answer lies in Yakubets activities, Evil Corps activities of late, and how WastedLocker works.

One example of just how widespread and impactful WastedLocker can be is given by Symantecs spokesperson for its Critical Attack Discovery and Intelligence Team. According to the team, Evil Corp recently targeted a series of cyber attacks that infected the websites of a number of USA-based publications with malware. This malware then injected a further malware payload into selected visitors of the websites, which then enabled them to install WastedLocker on strategic systems. Symantec has claimed that Evil Corps series of cyber attacks have hit at least 31 organisations already, with eight of them being Fortune 500 companies. There has so far been no disclosure on which companies may have been compromised.

NCC-Fox-ITs Antenucci further states that Evil Corps modus operandi also involves affecting the backup infrastructure of companies. This increases the time for recovery for the victim, or in some cases due to unavailability of offline or offsite backups, prevents the ability to recover at all, he says. To an extent, this would explain why it has been taking Garmin long to restore its services. Garmin Connect, the user dashboard, is seemingly coming back online for users now.

flyGarmin and Garmin Pilot, which are critical commercial aviation services that require regular database updates as per USAs Federal Aviation Administration (FAA) regulation, were down for four full days, before coming back online yesterday. At a normal time in a pandemic-free world, this could have caused significant mayhem. Thankfully, FAA database data says that the airspace database update was delivered to requisite systems a week prior to the ransomware attack, although Garmin aviation hardware still went offline. A Wired report on the matter says Garmins Active Captain app, used for maritime navigation, may have also suffered from the attack.

More than just being an isolated attack, the Garmin hack shows the severity and extent to which a sophisticated malware can impact critical industrial IoT systems. Alarmingly, on July 23, the same day of the Garmin attack, the United States Cybersecurity & Infrastructure Security Agency (CISA) and NSA issued industry-wide advisories to be extra vigilant about cyber attacks on industrial IoT deployments, in the coming weeks. The attack on Garmin, hence, could have just been the tip of the proverbial iceberg.

Garmin has further claimed that it has received no indication of its user data being compromised, which also falls in line with how Evil Corp and WastedLocker work. As Antenucci says, The group has not appeared to have engaged in extensive information stealing or threatened to publish information about victims in the way that the DoppelPaymer and many other targeted ransomware operations have. We assess that the probable reason for not leaking victim information is the unwanted attention this would draw from law enforcement and the public.

While reports remain disputed as to whether Evil Corp demanded a $10 million ransom from Garmin, and if the latter paid the same, whats more alarming to note is the extent of severe risk that many of the worlds biggest companies are at. On the scale of sophistication, WastedLocker is far more impactful than the likes of WannaCry and NotPetya, which have so far been some of the worlds largest coordinated cyber attacks. The new wave, which has apparently only just begun, looks set to transcend it all.

Here is the original post:

Garmin Hack, Glitch in Flight Navigation and an NSA Warning: The Massive Threat of WastedLocker - News18

Posted in NSA

Netflix is looking to Splinter Cell for its next big video game adaptation – The Verge

Netflix and Ubisofts first project together is an animated adaptation of the gaming publishers Splinter Cell series, the company announced today.

The streamer has ordered two seasons from the get-go, for a total of 16 episodes, according to Variety. John Wick writer Derek Kolstad is set to oversee the project. Details about the show remain under wraps, but the long-running video game franchise, based on Tom Clancys book series, follows former Navy SEAL Sam Fisher as he takes on a number of different missions for the NSA.

While a Netflix show may not be the announcement Splinter Cell fans were waiting on, it is a show of how Netflix is approaching video game IP. The Splinter Cell animated series follows a couple of big bets on gaming franchises, including Netflixs live-action adaptation of The Witcher and its animated adaptation of Castlevania. Although Netflix executives and creatives working on The Witcher have said its based on the popular series of books by author Andrzej Sapkowski, the franchise rose to prominence in large part because of the games. Both shows seem to have performed well for Netflix; Castlevania finished its third season, and The Witcher has received a prequel spinoff series.

Netflix co-CEOs Reed Hastings and Ted Sarandos were asked about mining video games for future series and movies during the companys last earnings calls. Both acknowledged that while gaming can do incredibly successful worldbuilding, it wasnt necessarily a go-to area for the company when looking into IP that can become franchises at Netflix.

I think franchise is active, successful world-building, Sarandos said. And video games obviously have a world-building aspect to them, but so do books and so do graphic novels and so do comic books and so does original IP. And really, this is a matter of how well its executed.

But Sarandos also acknowledged that when it works, regardless of where the source material is coming from, it works. In the case of The Witcher, Netflix announced in January that the show was watched by 76 million households in approximately four weeks. Those numbers, based on accounts that watched at least two minutes of the show, made it the most-watched first season of television for Netflix at the time. The success spurred a prequel series and an animated spinoff a strategy seemingly in line with Sarandos view of franchise building at Netflix.

If you do it well, people want to come back for more, Sarandos said, speaking about franchises. And you dont disappoint them. You can keep doing it. So were really thrilled about it and thrilled about doing it from a variety of sources.

Read the rest here:

Netflix is looking to Splinter Cell for its next big video game adaptation - The Verge

Posted in NSA

US real GDP to expand by 15% in Q3 TDS – FXStreet

Following the second-quarter US GDP report, which showed a contraction of 32.9%, TD Securities analysts said that they still expect the real GDP in the US to expand by 15% on a yearly basis in the third quarter.

"Monthly data showed significant improvement in May and June after a plunge in April, so that is arithmetically positive for the Q3 starting point. Meanwhile, the downtrend in jobless claims appears to have at least stalled. Claims were 1.43m in the latest week, following 1.42mn in the prior week and 1.31mn two weeks earlier."

"We believe the rise over the last two weeks has been exaggerated by the multiplicative seasonal adjustment process (nsa claims fell to 1.21mn from 1.38mn in the latest week), but the data are likely to add to concerns in markets about the potential for a double dip. Also, continuing claims rose to 17.0mn from 16.2mn in the latest week. (The nsa figure rose to 16.9mn from 16.3mn.)."

"We continue to forecast a +15% q/q AR for real GDP in Q3, although that is down from 18% two weeks ago and it assumes significant slowing on a monthly basis relative to May and June. We have +5% for Q4, but that will depend significantly on COVID developments in coming months."

Read the original:

US real GDP to expand by 15% in Q3 TDS - FXStreet

Posted in NSA

Two Rebels Against the Establishment: Oliver Stone and Edward Snowden – CounterPunch

Film director Oliver Stone is in a class by himself. He has dared to go into the political mine fields where only a few other Hollywood-based moviemakers have ventured. Perhaps, the fact that the talented Stone was a Vietnam War U.S. Army veteran (1967-68), toughened him up to take on the Establishment.

Earlier in his movie career, Stone caught a lot of flack for daring to challenge the official conspiracy version of how President John F. Kennedy was murdered in Dallas in 1963, with his intriguing film JFK. His war-related dramas, Platoon, in 1986; and, Born on the Fourth of July, (1989), opened a wide vista for Americans to reflect on the horrific hell that is war. Incidentally, the Born on the 4th of July movie also proved that Tom Cruise could act!

In his stellar career, Stone has been brave enough to also take on the Wall Street bankers in two fine movies: Wall Street (1987) and Money Never Sleeps (2010). The Wall Street wise guys are the ones whose unbridled greed brought our America the draconian Financial Collapse of 2008.

Stones memoir, Chasing the Light, has just been published. The three-time Oscar-winner, now 73 years old, recently told the New York Times, hes no longer anxious to make movies in Hollywood. He labeled Lalaland, too fragile, too sensitive and like an Alice in Wonderland tea party. (July 13, 2020.)

Stones film, Snowden came out in 2016. It is a compelling movie about a young NSA whistleblower, Edward Snowden, now age 37. I watched it again on Amazon Prime. It raised important Constitutional, national security and privacy issues which strike deep into the American psyche.

Snowden was a brilliant computer geek, whose career path led him first into the CIA and then the NSA. Later, he worked as a intelligence contractor, assigned to the NSA.

In 2013, Snowden revealed to the media, via the London-based newspaper, The Guardian; documentary-maker, Laura Poitras; and reporter, Glenn Greenwald, the massive global scope of the American surveillance state. Over the years, it had covertly devised a bulk data collection system. That disclosure scene is set early in the film inside a hotel room in Hong Kong.

Since 2013, Snowden has been residing in Russia, under an umbrella of temporary asylum, thanks to Vladimir Putin. The U.S. Justice department has a warrant out for Snowdens arrest, charging him with violating the 1917 Espionage Act, and other related criminal offenses.

Stones movie brought all of this suspense-filled drama to life. It jumped back and forth between Snowdens 2013 disclosure to the media in Hong Kong; to his short-lived life as a U.S. soldier; his hiring by the CIA/NSA; his sometimes rocky relationship with his girlfriend; to his awakening a la Saint Paul on the road to Damascus that theres something morally, legally and profoundly wrong with how his country was gathering intelligence on its citizens.

As Snowden, Joseph Gordon-Levitt gave a stellar performance, that was worthy of an Academy Award nomination. He masterfully showed him as a conservative, shy, goody-goody, cyber wizard, and supra-hacker dude, who when not playing with his Rubiks Cube, finally wakes-up to his part in the world of insidious surveillance.

By the way, the real Greenwald, on September 16, 2016, blasted the Washington Post for towering cowardice for calling for Snowdens prosecution.Ironically, the Post was one of the newspapers that first carried Snowdens whistleblowing revelations and it even won a Pulitzer Prize for its stellar reporting. Go figure!

Other government whistleblowers, such as the courageous Thomas Drake, had previously shown Snowden the way forward on this matter. Check out this video on Drake, at: (I Chose my Conscience over my Career):

The U.S. government doesnt see Snowden as a mere whistleblower. It has labeled him a traitor. It wants to burn his ass! This includes elements within the U.S. intelligence community and a majority of the U.S. Congress

Read the original post:

Two Rebels Against the Establishment: Oliver Stone and Edward Snowden - CounterPunch

Posted in NSA

Orange announces it will launch 5G later this year – Explica

The war over 5G begins to take on relevance in Spain: after Vodafone has deployed this mobile connectivity for a year, Orange has confirmed that it will not wait for the auction of frequencies after the Second Digital Dividend. The operator will distribute 5G NSA before the end of 2020.

The situation around 5G is quite curious in Spain. On the one hand we have mid-range smartphones that for just over 350 euros already incorporate the new connectivity; On the other hand, we are waiting for the main operators to start competing once the necessary frequencies for the 5G SA are released. In between Vodafone sneaked in with its 5G NSA networks. And soon it will have competition.

The frequency liberalization process has been somewhat delayed in Spain due to the incidence of confinement by the coronavirus. Even so, the Second Digital Dividend is scheduled to end in October, a process that will lead to the expected auction of frequencies to operate in the 5G SA spectrum or Stand Alone, the true high-speed, low-latency connection. While the changes are being made so that DTT leaves the frequencies free, the operators are waiting to plan their strategy around the new connectivity. And, since Vodafone has a clear advantage, the rest of the competitors must make a move.

During Oranges presentation of results, the company confirmed that will not wait for new frequencies to commercialize 5G in its rates. Specifically, the operator ensures that it will deploy 5G under the same conditions as Vodafone, in Non Stand Alone or on current 4G equipment. This ensures high download and upload speeds, but not as low latency. In addition, the difficulty of penetration into buildings is very noticeable, with the drawbacks that this implies for users.

Orange has maintained until now that it would wait for 5G SA for its deployment, but they assure that the situation is not the same as a year ago Because there is already an interest in customers and that much progress has been made in the infrastructure and the launch of compatible terminals. They will reveal all the details (including cities, rates, etc.) after the summer, but acknowledge that they will have to settle for the 5G NSA for now. As for the delay of the spectrum auction for 2021, they affirm that they are ready to launch the 5G NSA this year because they already had the 3.5 GHz band, so the delay of the Second Digital Dividend is not an obstacle . Therefore, we will have to wait until September to know all the data about the arrival of Orange 5G in Spain.

Share

Orange announces it will launch 5G later this year

Read more from the original source:

Orange announces it will launch 5G later this year - Explica

Posted in NSA


...23456...102030...