Random Thoughts – Randocity!

The design failure of SE Linux?

Posted in botch, data security, software by commorancy on August 20, 2023

numerous padlocks on metal bridge railing

Buckle up, folks. Let’s embark on a wild and whimsical journey into the quirky world of SE Linux. Oh yes, we’re diving deep into the mysterious realm of this oh-so-important “security” thingamajig, which may sound a bit dull, but trust us, it’s secretly fascinating. Grab your virtual popcorn and Starbucks, sit back, and let’s unravel this enigmatic Linux subsystem together! Let’s explore.

What is SE Linux?

SE Linux stands for Security Enhanced Linux (SEL); a catch phrase more or less. Developers love giving their add-ons names like SE Linux. In reality, what does SE Linux actually do? The name doesn’t really say. It does say it has something to do with security, but short of digging deep into documentation, you really have no idea what SE Linux really is.

Let me start by saying that SE Linux makes Linux incompatible with standard written applications. Why? Security Enhanced Linux attempts to lock down the internals of Linux, but it does so in a way that breaks nearly every single regular application ever written. In essence, enabling SE Linux is sure to break all of your third party apps.

Why does SE Linux break the apps? Because SE Linux is given complete control to restrict access of components down to the function() call level and down to a content serving level. What that means is that a function call like execve() could receive “access denied” if a program were to attempt to use it with SE Linux enabled… yes, even if the program is operating as “root” user. Even serving up HTTP content over a path that shouldn’t have HTTP content could be denied.

Because the “root” user has always had unbridled access to EVERYTHING in an operating system, allowing SE Linux to constrain the “root” user’s access to no more than a regular user automatically breaks the idea of what Linux is.

SE Linux Modes

Before getting too deep into the weeds, someone is likely to point out that there are two modes to SE Linux when operating: 1) Permissive and 2) Enforcing. Unfortunately, the “Permissive” mode isn’t as permissive as one would hope and it’s a more-or-less useless operating mode intended strictly for testing purposes. Even enabling “Permissive” can still break applications simply because “Permissive” isn’t exactly the same has having SE Linux disabled entirely.

Crossing GuardWhen SE Linux is entirely disabled, this is (and was) the natural state of Linux (and UNIX) since the day UNIX was first introduced. The problem is, SE Linux was designed by the NSA (National Security Agency) as patches to Linux and, more specifically, to Linux’s kernel. The NSA isn’t really a software developer. As such, this agency has shoe-horned into Linux a system that not only fundamentally breaks UNIX, it fundamentally changes Linux and UNIX into something other than UNIX.

UNIX was founded on the principal that it should work in a very specific way, a way that enhances computing. Unfortunately, SE Linux has shoehorned its way into the operating system as a watchdog system that’s sole purpose is to get in the way of computing; to be that crossing guard who throws up a STOP sign and prevents you from crossing… even if you’re a firetruck on the way to a fire.

Linux Security

Linux has always been a relatively secure operating system, so long as you maintain good password quality, close down unnecessary and unneeded services, regularly maintain security patches and utilize best practices when installing new software. Combining all of these proactive management best practices with a solid firewall, it’s relatively unheard of for a Linux system to be broken into, let alone exploited with malicious code. Nearly all deployed malicious code found on Linux servers is due to hackers having gained root access to the server and then manually having installed it.

Yet, the NSA felt that it was necessary to effectively break Linux to introduce a “new” watchdog system that watches every system call being used on the operating system. More than just watching it, it must interfere with some of these calls, preventing them from occurring.

This doesn’t just break Linux, it guts Linux into oblivion. It’s no wonder then why the vast majority of sites (and managers) running Linux, disable SE Linux as first thing before deploying a new server. Who wants to have to deal with broken software?

Third Party Software

You would think third party software manufacturers would have embraced SE Linux due to its alleged extra security. Instead, you’d have thought wrong. Most manufacturers still don’t embrace SE Linux due to its hodge-podge nature. It doesn’t help that most systems administrators and systems managers also don’t understand SE Linux or its internals… but that’s not the real problem.

The real problem is the developers. Developers build their software on laptops and other convenient computers running Linux, but they disable SE Linux so that it doesn’t get in their way when writing code. Writing and testing code is difficult enough without having to debug SE Linux when code failures begin. By disabling SE Linux, developers take that annoyance out of the equation. Rightly so. Why have a subsystem enabled that’s sole purpose is to get in your way?

The problem is, without developing code WITH SE Linux running, that throws the problem onto the systems administrators and/or systems engineers to solve after-the-fact. The developer is all, “Here you go” (handing the system engineer the finished software), leaving the systems engineer the problem of attempting to get the software working with SE Linux enabled. Most times, that ask is impossible. A systems engineer doesn’t have access to the source code. So, they can’t guide the developer to rewrite or redo portions of the code to make it compatible with SE Linux.

What that ultimately means is that SE Linux gets disabled on production servers simply to deploy that developer’s code. Without every developer both enabling and understanding SE Linux on their development servers and, most importantly, using it during software development, there is no way a systems administrator or systems engineer can make it work with SE Linux after-the-fact. Software is either designed to work properly within the constraints of SE Linux or it is not.

This is the fundamental problem with the compatibility level of SE Linux. This is also a primary design failure of SE Linux by the NSA, that and SEL’s failure to actually secure the server. In other words, new subsystems must remain fully backward compatible to what has come before. If it can’t remain backwards compatible, then it ultimately won’t be used… and that’s actually where we are.

DOD and SE Linux

To be certified by the Department of Defense (DOD) per Security Technical Implementation Guide (STIG) compliance, a UNIX system must enable SE Linux as ‘Enforcing’ (the strongest level offered). For those companies who wish to do business with the government, or more specifically with the Department of Defense, STIG compliance is a must. By extension, STIG compliance does mean enabling SE Linux (in among a whole slew of additional DOD security requirements).

Businesses must then make a choice. Seek to do business with the US Government or not. If you’re running Linux operating systems as part of whatever service you intend to offer to the US Government, you must comply with the requirements defined in the Defense Information Systems Agency’s (DISA’s) STIGs (which, as stated above, includes enabling SE Linux… and all that falls out of that).

Are there ways around SE Linux’s Incompatibility?

Yes, but it’s not always easy or fast. Heads up. This is the dull part. So as not to dive too deep into the sysadmin weeds as to why, here’s a comprehensive RedHat guide of SE Linux’s incompatibility (and how to get around it all). However, we will still need to dive deep enough to get this article’s point across.

For example, customizing an HTTP configuration as so (a normal thing to do for Apache HTTP), yet this customization would yield the following problems when SE Linux is enabled:

The http package is installed and the Apache HTTP server is configured to 
listen on TCP port 3131 and to use the /var/test_www/ directory instead of 
the default /var/www directory or the default port of 80.

# systemctl start httpd
# systemctl status httpd
...
httpd[14523]: (13)Permission denied: AH00072: make_sock: could not bind 
to address [::]:3131
...
systemd[1]: Failed to start The Apache HTTP Server.

With SE Linux disabled on a Linux system, Apache’s HTTP server would happily start up just fine. With SE Linux enabled and set to ‘Enforcing‘, starting httpd with the above modified config, you’ll see “Permission Denied” at the point when httpd attempts to bind to port 3131.

It gets worse. To modify SE Linux to allow httpd to listen on port 3131, you have to execute the following SE Linux permission modification command:

semanage port -a -t http_port_t -p tcp 3131

That’s just the beginning. Even after executing this semanage command… then restarting HTTP, the change in directory yields the following error when attempting to retrieve content:

# wget localhost:3131/index.html
...
HTTP request sent, awaiting response... 403 Forbidden

Why 403 Forbidden? Well duh…

# sealert -l "*"
...
SELinux is preventing httpd from getattr access on the 
file /var/test_www/html/index.html.
...

SE Linux has prevented access to the getattr() function for /var/test_www/html/index.html. This again requires manually reconfiguring SE Linux to allow this new directory location for httpd. Though, we must understand why SE Linux doesn’t like this path and file.

# matchpathcon /var/www/html /var/test_www/html
/var/www/html       system_u:object_r:httpd_sys_content_t:s0
/var/test_www/html  system_u:object_r:var_t:s0

The SE Linux command matchpathcon (so intuitively named here) determines that the content type used in /var/www/html (the standard default location) isn’t the same as what’s defined for /var/test_www/html. Thus, SE Linux won’t allow HTML content to be served from that customized directory when HTML content is not defined. Can we say, “minutiae?” I knew that you could.

That means redefining the content type for /var/test_www/html to allow serving httpd_sys_content_t type. To do that, a system admin would need to execute the following:

# semanage fcontext -a -e /var/www /var/test_www

BUT, that command executed just above doesn’t actually do it recursively for all files and dirs within /var/test_www. Oh, no no no. Now you have to run yet another command to force recursion to set all sub-directories and files to allow for httpd_sys_content_t type of data. You do that with…

# restorecon -Rv /var/
...
Relabeled /var/test_www/html from unconfined_u:object_r:var_t:s0 to
unconfined_u:object_r:httpd_sys_content_t:s0
Relabeled /var/test_www/html/index.html from unconfined_u:object_r:var_t:s0 to
unconfined_u:object_r:httpd_sys_content_t:s0

A systems administrator can spend all of the above time to do all of this additional reconfiguration work each and every time a new web directory is needed…. OR, a systems administrator can disable SE Linux and avoid all of this work.

Janitorial Work

Even if you don’t understand a word of what was said just above, it’s easy to see that it’s an absolute mess. Not only does SE Linux require a systems administrator to configure all of this extra junk, it requires a systems administrator to understand all of the above NEW commands needed to manage SE Linux AND have a firm grasp of all of these commands’ nuances and quirks. Even missing one tiny thing can cause the whole application to break or fail to work in unexplained ways.

For example, the 403 Forbidden error could have led an inexperienced systems admin down a rabbit hole simply because they don’t know that SE Linux is enabled as ‘Enforcing’. Such inexperience might not allow putting two-and-two together to understand that SE Linux is actually the culprit.

It’s easy to see why many, many businesses running Linux make it a policy to instantly disable SE Linux. If your company is not doing business with the government, there’s no need to make your systems administrators do all of this extra work when they could be performing other more critical tasks.

On the flip side, if your business is currently negotiating with the DOD for a contract, then you better get your systems administrators trained up quick on SE Linux. More than this, you better run an audit to determine which software your business uses to determine if this software is easily made compatible with SE Linux. Hint: it probably isn’t easy.

DOD Exceptions?

Does the DOD allow for exceptions? Yes, but limited and likely only for a limited time. Meaning, if you can’t enable SE Linux right away due to software limitations, you’ll need to document exactly why. Even then, your team better have a plan to get SE Linux implemented soon or else your contract might dry up. It only takes another vendor to step up that IS fully compliant with DISA STIGS for your company to lose its contract.

Does SE Linux improve security?

This is actually a very good question. The short answer is, no. SE Linux requires a system administrator to drastically increase workload to manage application permissions. However, SE Linux also forces an administrator to explicitly define permissions for each application down to incredible minutia. Once that long-tailed convoluted configuration is complete, the application then works again like it always has (i.e., without SE Linux).

Here’s the key! Because most exploits rely on standard app functionality to work, SE Linux would happily allow an exploit to occur simply via performing that application’s normal functions. The only exception would be is if the systems administrator explicitly disallowed use of specific system function calls. However, if an application uses that function call even once during normal operation, having the system administrator disallow that call could cause the application to fail in very unexpected ways, possibly even leading to an OS cascade failure / core dump.

Further, SE Linux is effectively an enhanced permissions system, but it does nothing to watchdog an application’s behaviors to ensure that the application itself is functioning correctly or normally.

What this further means is that a system administrator would need to become a software developer to read through and understand the entire application’s source code to know when or if an application uses a specific function call that the administrator wishes to deny. While many systems administrators can be programmers, not all of them are. More than this, many systems administrators who can code are barely more than novices. Were a systems administrator actually a software developer in disguise, then why would they remain a systems administrator by trade? Thus, most systems administrators know enough to read some code (i.e., novice), but not enough to actually write complex code.

Let’s take this one step further. Putting a system administrator in the position of unilaterally denying access to specific function calls is not what systems administrators are tasked to do. That’s defining policy. That’s not an SA’s job. Expecting an SA to take on this type of job turns an SA into a security manager or policy manager, not a systems administrator. Systems administration is exactly how those two words sound: administration of systems. Meaning, management of systems, making sure those systems operate fine, occasionally install software and/or operating systems, manage configurations of systems and debug it all when it doesn’t work correctly. Systems administrators are even tasked with winding down old hardware and systems to dispose of them.

Systems administrators don’t make policy, but will enforce policy as defined by managers… so long as that policy makes sense and doesn’t interfere with the operation of the network, server or application. However, not all systems administrators are knowledgeable enough to foresee if any specific policy change might end in bad results.

Policy Implementation

Here’s a situation that can get systems administrators into hot water easily. Managers all congregate and decide to implement a new policy that execve() cannot be called from within any application. The policy is handed to a systems administrator to implement. The SA is relatively new and doesn’t understand either the systems fully or the software operating on those systems. The SA does understand SE Linux enough to implement the change as requested and, thus, does so.

Within an hour (or less), the company’s primary paid application is down, the servers are behaving erratically, memory is spiking and the systems are actually crashing and rebooting. Effectively, the business’s servers are down.

Here’s a situation where the company’s executives made an unwise and untested decision and forced implementation down onto a person with very little experience. The person happily obliged thinking the managers already knew it would work. Why would these managers expect a new SA to jump through many hoops testing all of this? The SA would assume that if the request landed on his/her desk, it must already be tested.

Yet, it wasn’t. Here’s the rub. Because the SA did the actual work to implement the change to the systems, the SA will be held responsible for the outage (possibly up to and including termination). Ideas from managers never get blamed. The people who get blamed are the systems administrators who “should have known better” and, specifically, the person who actually “pulled the trigger” by performing the configuration change.

Enabling SE Linux as ‘Enforcing’ is the same situation. If you ask your SA team to implement this change without performing any testing, then expect your business to go down. Almost no applications are properly configured to handle SE Linux set to ‘Enforcing’ prior to enabling it.

Heading down the SE Linux Road

If a company wishes to implement SE Linux as ‘Enforcing’, then you best test, test, test and then test some more. You can’t just turn SEL on like a light and expect it all to work just as it had. Making this decision means testing. More than this, it means ensuring all systems administrators are not only familiar with SE Linux itself (and its commands), but also are familiar with all applications installed and running on the company’s servers.

Once SEL is enabled, the applications are likely to begin failing unless the systems administrators have already configured those specific applications under SEL before.

What have we learned?

Let’s explore all that we’ve learned about SE Linux.

  1. SE Linux is a deep dive permissions system add-on for Linux. It primarily enhances security through obscurity. We already know that security through obscurity doesn’t work.
  2. SE Linux is fraught with peril. Unless systems administrators are properly trained to both understand SEL and how to configure apps under SEL, enabling SEL can lead to problems.
  3. SE Linux doesn’t improve security because once apps are configured under SEL, they are just as vulnerable to being exploited as if SEL were not enabled.
  4. SE Linux increases workload for systems administrators because not only do they need to do their normal Linux administration jobs, they must also deep dive into SE Linux a lot to make sure it is and remains correctly configured and functional.
  5. SE Linux is an overall hassle to manage.
  6. SE Linux is not required unless you’re attempting to win a contract with the United States Department of Defense.

Overall, the design behind SE Linux seemed to have noble intentions. Unfortunately, SE Linux is actually much the same as requiring someone to spend time hanging padlocks off of a chain-link fence as illustrated in this article’s opening. Unfortunately, those padlocks don’t serve to protect that fence. The fence is still doing all of the protection work.

However, these padlocks symbolize the exact way that SE Linux attempts to protect an operating system. The operating system is the chain link fence… and the OS does all of the protection. The padlocks (SEL) only serve to clutter up that fence, but don’t actually do much of anything to improve security.

↩︎

Tagged with: , , , , , ,

leave a comment

President Biden’s Classified Documents

Posted in government, presidential administration by commorancy on January 15, 2023

architecture usa statue face

Biden is currently the sitting President of the United States. Let’s make this perfectly clear right from the go. Does a President of the United States have legitimate access to be in possession of classified documents? Yes, but let’s explore.

Republican Agenda

Ever since the Department of Justice (DOJ) has begun investigating Donald Trump for a number of alleged wrongdoings, the Republicans have treated Biden as if he is in the wrong. While the DOJ does operate as part of the Federal Government, it is an autonomous entity not under direct control of the White House. While the White House, or more specifically President Joe Biden, can agree or disagree with the DOJ’s handling of matters, his opinion is not relevant to that department’s investigations.

Let me even clarify the heading of this section. The ‘Republican Agenda’ specifically refers to the MAGA Republican agenda, a small sect of the overall Republican party that is extreme in all aspects and is willing to take their agendas to extremes. These specific Republicans are unwilling to compromise, hold firm on conspiratorial ideals, wish for the government to topple and are doing their level best to instigate a civil war. This began under Donald Trump. Like the other MAGA Republicans, Trump also holds unrealistic and extreme points of view; points of view that are dangerous to Democracy and, frankly, to the rest of the world.

These MAGA extremist points of view may ultimately be the undoing of not only American Democracy, but unravel America itself. Meaning, the United States Government may be on the verge of disappearing if MAGA get their way… and with it, not just America, but the economies around the rest of the world. In other words, America’s economy is so intertwined with the rest of the world economies, if America falls, so will many other countries, likely including China and Russia. MAGA Republicans are playing with fire.

Mainstream Media

Unfortunately, mainstream media is helping this MAGA agenda along by pushing stories that further these MAGA narratives; narratives that only serve to undermine Democracy, but also undermines all of the foundational democratic institutional glue of the United States Democracy including the judicial system, the executive branch and the legislative branch. There is no branch of the US government that is not currently under internal siege by these MAGA extremists.

Mainstream media is making this situation worse by perpetuating and perpetrating fraudulent stories on the unsuspecting public (Democrat, Republican or Independent).

Stupidity Runs Rampant

One thing that’s become abundantly clear is that stupidity is running rampant throughout far too many MAGA Republicans. Yes, even from people who’ve been elected to government positions. These people have demonstrated they are severely under-educated and do not possess the cognitive or critical thinking skills to understand fact from fiction from fabrication. These are people who that when told something by someone even slightly trustworthy (to them), they believe every single word as though it were written as gospel in the Bible.

Mainstream media is taking full and complete advantage of this fact and are now writing not only extreme propaganda articles, they’re writing the absolute worst form of tabloid garbage. Case in point. Dailymail writes this entirely propagandistic article: THIRD batch of files found at Joe Biden’s Delaware home.

By ‘files’, this article means “classified documents.”

Presidential Power and Classified Documents

As the duties and powers confer to the duly elected President of the United States, that elected individual is given absolute clearance over the documents presented to him and created by him. This means that as President and while remaining the sitting President, that President inherits all clearance levels needed to perform and execute his or her duties as President of the United States.

This clearance level includes possession of and creation of classified documents at any level needed to perform those duties.

It also means that wherever the President chooses to work, classified documents are likely to be present, either previously created by someone else or, indeed, created BY the President of the United States himself as part of his job responsibilities. Having this clearance level is entirely part of being President of the United States.

Possession of Classified Documents as a Crime

To circle back around to that insanely stupid Dailymail article, it attempts to insinuate that Biden somehow should not be in possession of said documents. The President needs to be in possession of whatever classified documents allow him to perform and execute his responsibility as President of the United States. There is no crime here. Biden is not a criminal for being in possession of such classified documents.

Let’s liken this situation to Donald Trump. After Biden was sworn into office as President of the United States, Donald Trump became an Ex-President or if you prefer, a former president. As a former president, each former President gives up their role as sitting President including giving up access to various classified top secret documents.

Donald Trump was found to have been in possession of said documents at his Mar-A-Lago residence. However, the stark difference between Biden and Trump is that Biden is STILL the sitting President of the United States and still possesses the rights to own, hold, read and manage classified documents. Ex-President Trump, on the other hand, no longer holds the right to own, hold, read or manage such classified documents.

Questions without Answers

The question surrounding Trump is whether the documents were duly and properly declassified prior to those documents landing at Mar-A-Lago. As an Ex-President, Trump no longer holds the power to declassify such documents after leaving office. Biden, as President of the United States, still holds the power to declassify any document he chooses.

Thus, any such rousting by the Dailymail to make it appear as if Biden is somehow in the wrong or has performed a crime, there’s a simple Presidential fix. Biden, as President of the United States, can immediately and instantly declassify any and all such documents in question, leaving the people trying to make Biden look bad standing firmly with egg plastered on their faces. The President can nullify any such alleged criminal situations.

Biden being in possession of classified documents is not only NOT a crime for Biden, it’s actually part of his responsibility as President of the United States. As I said, stupidity reigns supreme with the MAGA Republicans.

Smart or Not?

The question comes down to NOT whether Biden’s possession of such documents was (or is) illegal, but whether it was a smart idea to leave them in his Delaware home. That’s the only situation that has any problems for the Government. Biden firmly has every right to BE in possession of those documents. The problem is only if those classified documents remain in the home unsecured when Biden is not actively there.

No, it’s probably not the smartest of ideas to leave such documents unattended. So long as there is sufficient security at the home to protect that home from intruders, and one would hope that as a sitting President, his home would be not only duly protected by active armed security forces, it would be outfit with an active security system. Even then, so long as the documents were placed into a properly secured safe or other such similar and nearly impenetrable storage unit, then the documents are considered properly secured even at his Delaware residence.

If someone who accessed Biden’s premises managed to gain access to such documents and read them, the illegal activity is actually on the people who found and read the documents. It is illegal for those people searching for them to be reading those documents, not Biden. Meaning, it is THEY who should be arrested for reading Biden’s classified documents.

Biden’s Desk

It gets worse. Any document that Biden writes while sitting at his desk could be considered instantly classified from the moment the pen hits paper. This means that finding a piece of paper with writing sitting on top of any desk, surface or object within Biden’s home could always be considered classified at some level. That means that anyone reading such documents without any clearance level granted could be considered having committed a crime. Not Biden, mind you, but the reader.

If there’s a crime having been committed here, it’s the people who infiltrated Biden’s home to find such classified documents. That means that the United States has a major security problem on its hands around Biden’s home.

If people (likely MAGA Republicans) are so easily able to penetrate the President’s residence to find such documents, security is no where near where it should be for that residence. This is clearly both a crime called breaking and entering and possibly even stalking.

Biden’s Security

Someone on Biden’s security team needs to quickly ferret out who gained access to the Biden Delaware home and how they managed to gain that access. This is a question no one is asking. However, this is a serious security breach at the top levels of government. No one should have access to Biden’s home with the exception of the Biden family and the Presidential security detail. All others should not be allowed onto the premises unless under escort by said security and only when a member of the Biden family is present. Otherwise, the Biden house should be firmly and completely secured and barred from entry except for Biden family members only. In other words, “Houston, we have a problem.”

Apples to Oranges

Let me get to the heart of why this all matters. Someone or several someones in the MAGA Republican party is simply trying to craft an illusion that appears like Trump’s classified document situation. This crafted situation is intended to make it seem like there’s something hypocritical going on. Except, there isn’t.

The only way the same situation between Trump and Biden can unfold is only after Biden leaves office as President. Only then can Biden be held accountable for holding onto classified documents at a personal residence.

While Biden remains a sitting President of the United States, he is a duly sworn officer of the United States Government and remains in power with all of the duties, responsibilities and, yes, clearances needed to perform that job.

On the other hand, Trump lost those powers, duties and clearances the moment he left office as President. For this reason alone, there is absolutely no comparison here.

Trump’s legal woes over classified documents remain. Donald Trump has no right, power or clearance to hold onto such still classified documents at his Mar-A-Lago residence. Biden, on the other hand, still holds every right, power and clearance to BE in possession of such classified documents wherever he chooses to work.

What Trump has done may be found to be illegal. What Biden has done (and continues to do) is perform his duties as sitting President of the United States. Until Biden leaves office, no crime has been committed involving classified documents. Dailymail, your article is a red herring and it’s damaging America.

Mainstream Media Stirring the Pot

Such articles by the likes of Dailymail only seek to stir the pot of dissent. They use people’s stupidity against them by making it seem like someone is in the wrong when clearly they are not. Thus, it only comes down to the editors and producers of said articles earnestly trying to undermine Democracy by making something appear as illegal when it clearly is not.

What Trump has done may very well be illegal and that remains to be seen by the investigations the DOJ is performing. Biden has done nothing yet illegal, but it might not be the brightest of ideas leaving such documents lying around in the open. Joe Biden, buy a proper document safe.

However, the question remains, how did someone gain access to Biden’s Delaware home to find such documents? No one should be allowed on the premises without Biden’s or his Secret Service detail’s authorization.

Something around Biden’s situation is clearly amiss, but it has nothing to do with classified documents. No one is investigating this.

Dailymail Comments

Reading some of the entirely misguided and, dare I say, stupid comments I’ve read on that Dailymail site, it’s clear that stupidity reigns supreme among MAGA conservatives. It’s like MAGA Republicans check their brains at the door when they walk into a room. They want to find anything and everything to attempt to discredit and, ultimately, impeach Biden. They are even willing to attempt to turn Biden’s daily and standard Presidential duties into a criminal activity.

While impeachment (using whatever junk they can fabricate) may be possible with the House now under Republican control, there is absolutely no way the Democrat controlled Senate will ever vote to convict and remove Biden from office. The MAGA Republicans know this, but they’re still trying quite hard and stupidly to discredit Biden. The only thing the MAGA Republicans are doing is making sure they never ever get elected again.

That’s the reason for such lame and stupid arguments as in this insipid Dailymail article allegedly finding classified documents at Biden’s residence. I’d honestly be more surprised if there WEREN’T classified documents found at Biden’s residences.

Planted Documents

Some have also supposed that the documents were planted by Republicans. While anything’s possible with MAGA extremists, they wouldn’t need to plant classified documents at Biden’s residence. Biden has been actively working at this residence and it makes perfect sense that some classified documents might remain there.

The question isn’t whether the documents were planted or even why the documents are there, but how someone managed to infiltrate Biden’s residence to find them? Why was someone snooping about Biden’s property? How did they get in? Why were they reading said classified documents of a sitting President without permission? These are bigger, more important security questions that need to be addressed… especially by Biden’s Secret Service Detail.

Vice President Documents

To close this article, you’ll notice that I didn’t mention the fact that these documents were from Biden’s time as Vice President until just now. Why is this fact not important? It’s not important because very likely there’s no way to establish exactly when the documents landed at Biden’s Delaware home. The presumption is that these documents landed at his home prior to Biden becoming President. We can’t know this.

Unless strict chain of custody for ALL classified documents is maintained, including exact dates when said documents changed hands, there is very likely no way to verify the exact date any specific document ended up at Biden’s home. Additionally, as President, Biden might need access to classified documents back from his a time as Vice President to handle matters occurring today. For this reason, he could have requested those documents and brought them to his home WHILE PRESIDENT… which is perfectly legal.

Finally, I’ll also point out that while the DOJ is investigating these documents found at his residence, they will likely exonerate Biden over all of the above points. I also hope that someone at the DOJ is smart enough to point out the security flaws and weaknesses with people snooping around Biden’s home in search of such documents… which honestly discloses the much, MUCH bigger problem here.

Let’s Suppose

Even if it’s possible to establish the documents were kept at the Biden residence prior to Biden becoming President, the fact that he is NOW President of the United States overrides that problem. The fact that he has clearance NOW overrides his possession of them when he wasn’t president and wasn’t vice president. Let’s take this one step further. The only way this information can truly be used against Biden is at an impeachment hearing.

The DOJ cannot easily (or possibly at all) bring criminal charges against a sitting President of the United States for activity prior to his being in office. The US Constitution is crystal clear on how to remove a President from office and that is strictly through impeachment and conviction via the House and Senate. That same constitution is entirely silent on bringing criminal charges against a sitting president and, up to this point, so has the Supreme Court remained silent on this point.

Political Stunt

This update is from Feb 4th, 2023. I’d like to point that in the same form as Republicans always like to call out against the Democrats, the Republicans are now guilty of doing exactly the same thing TO the Democrats. This whole situation is born out of a Republican agenda to discredit the Democrats. The point in “lawyers” “finding” documents at Biden’s home is strictly for the purposes of trying to weaken any DOJ case against Donald Trump.

The point here is that Donald Trump wants leverage when a DOJ lawsuit is finally brought against him (DJT). Trump can now point to Biden as an example of “the same classified document situation” and then ask why Biden is not being brought to justice over having similar documents at his house.

Let’s summarize the primary differences here:

  1. One is president, one is not…
    • Biden is the sitting President of the United States.
    • Donald Trump is NOT president.
  2. When exactly the documents arrived at the dwellings in question…
    • It cannot be established when Biden’s documents arrived at Biden’s Delaware home (i.e., before or after his presidency).
    • Donald Trump’s documents definitely arrived at Mar-A-Lago AFTER Trump left the White House and was, thus, no longer President and no longer held clearances high enough to possess some of those supposedly (de)classified documents.
  3. Level of Classified Documents…
    • Biden’s documents were from a time when Biden was Vice President. It has not been established the level of classified documents involved, but likely were NOT the highest levels of top secret.
    • Allegedly, some of Trump’s classified documents involved documents so Top Secret, they could not be declassified by a sitting President under any circumstances.

These three basic points are what the Department of Justice must establish against both Biden and Trump. However, Biden is still the sitting President. Even if the DOJ were to find criminal actions  allegedly involving Biden, his being President overrules that criminal action. It is unlikely Biden can have any criminal actions brought against him while he is sitting President of the United States.

The only action afforded against a sitting President is those powers given to Congress to impeach (House) and convict (Senate) the President. Even then, these powers are political in nature, performed by politicians, not judicial actions performed by a justice or jury. In other words, there is no other actions available to the government against a sitting President.

The DOJ could hold its legal actions against Biden until Biden is no longer President. As long as Biden remains President, he is shielded from criminal actions by the DOJ. That doesn’t preclude individuals from suing Joe Biden in civil court, but the best that can be extracted from such civil actions is money. Civil proceedings are never criminal actions and cannot produce criminal consequences.

Difference between Biden and Trump

As for Donald Trump, his classified document case is fairly clear cut in most regards. The only real questions that must be answered around Donald Trump’s case is, “Were the documents actually declassified?” It is on the DOJ to establish whether or not some or all of the documents were declassified. If all of the documents were declassified, then there’s no case against Trump. If the DOJ had established this by now, then the DOJ would have already dismissed its case. It has not.

Further, it is also on the DOJ to prove that if some of documents couldn’t be declassified by a sitting President, then there is now a clear violation by Donald Trump in retaining those documents after becoming an ex-President.

Once the DOJ has established that Donald Trump had classified documents in his possession and that those documents were not declassified (and at what level), then it is on the DOJ to establish the level of crime that Donald Trump committed while by being in possession of said documents. After this point, it is, once again, on the DOJ to further ascertain if foreign nationals visited Mar-A-Lago (via registration at Mar-A-Lago and/or flight records and/or cab records and or rental car records) and determine if those visiting foreign nationals might have had access to said documents in Donald Trump’s possession.

Being in possession of classified documents is a separate crime (possession) from allowing foreign nationals access and, more importantly, to view and read such classified documents (espionage / treason).

The Department of Justice has a long road of research ahead for all of the above.

With Biden, possession of such classified documents isn’t currently a crime. Even then, the only way to try and convict Biden is through impeachment. With Trump, there is absolutely nothing shielding Trump against such criminal legal actions. Trump can try to point at Biden as an example, but Biden’s Presidential shield is pretty impenetrable. Trump has no such shield at all against DOJ actions. Even as much as Trump wishes to use Biden as a punching bag, it’s not going to work in the long run.

Once the DOJ chooses to bring criminal action against Trump, there’s nothing Trump can say, do or point fingers at that will reduce his liabilities… no, not even Biden’s having documents at his Delaware home.

Political Stunt Conclusion

And yes, the entire reason for Trump to use Biden as a “classified documents” punching bag is strictly a political stunt. It hasn’t even been established if the documents were planted at Biden’s residence strictly to facilitate this political stunt. Knowing Trump’s callous disregard for, well, just about any law in existence, there’s absolutely know way to know if Trump orchestrated this whole shenanigan against Biden. If I were working in the Government, I’d definitely begin an investigation over the lawyers who allegedly found these documents at Biden’s residence to find out what connections they may have to Trump…. see six degrees of separation.

Note: Randocity prefers using Reuters and the AP as sources whenever possible. These two news organizations have regularly proven to be mostly unbiased when reporting, unlike all major TV “cable news” networks.

Have a thought or idea to discuss? Please leave a comment below. If you like reading Randocity, please click the follow button in your mobile app or web browser.

↩︎

Tagged with: , , , , , , ,

leave a comment

Rant Time: Is Apple protecting our devices better than Google?

Posted in Apple, botch, business, Google, mobile devices, security by commorancy on August 20, 2020

While many people believe that Google’s App store is a far inferior store to Apple’s app store, there is also a misplaced belief that Apple’s store offers more propriety than Google’s Play store. We need to understand more about both ecosystems to better understand the answer to this article’s question. Let’s explore.

App Protection

Certainly, iOS appears to be more resilient to malware on the surface, but is it? Google’s Android also appears way more prone to malware on its surface, but is it? We need to understand more about both of these operating systems and each OS’s overall ecosystems.

Let’s understand better how and why Apple has garnered its appearance of propriety, with “appearance” being the operative word. The first reason that Apple appears to have a better system in place is primarily because iOS doesn’t allow side loading of apps. What is side loading? Side loading is the ability for the user to load apps outside of the Android app store, for example using a USB cable or, more importantly, by downloading an ‘APK‘ file directly to your device from any web site.

While there are means and methods of side loading apps on iOS, it can only be done through Apple’s developer toolkit. You cannot perform this process directly on a phone in the wild. You can’t even do it with iTunes. If you had even wanted to side load an app, you’d have to jump through some fairly complicated hoops to make that happen on iOS. Because of this one thing, this forces you to download ALL apps from the App store.

On Android, you can not only use the App store to download apps, but more importantly, you can side load them. Side loading an app on Android does require some security setting changes, but this change is easily done in about 3 simple steps.

Does side-loading account for all of Google’s malware?

No, it doesn’t. After all, there are many who likely haven’t changed the necessary side-loading parameters and have still been hit by malware. So then, how did the malware get onto their phone? Likely, through the App store directly.

One App Store

Here we come to the second reason why propriety seems to prevail at Apple. With Apple, there is one and only one app store. With Google, there are many, too many. Google not only runs Google Play, but there are many other App stores including:

  • Amazon
  • Samsung Galaxy Apps
  • Aptoid
  • Sony Apps
  • Huawei App Store
  • F-Droid
  • GetJar
  • AppBrain
  • SlideMe
  • 1Mobile
  • Opera Mobile Store
  • Appolicious
  • NexVa
  • Kongregate
  • Appland
  • Itch.io

These stores are all independently owned and operated. This is not a complete Android app store list, but it gives you an example of how many different app stores are available for Android. This is significantly different from Apple’s iOS, which only supports one app store and that store is operated by Apple and Apple alone.

There is no such thing as a third party app store for iOS. It simply doesn’t exist.

Multiple App Stores

Because of Google’s insane choice to allow many app stores to operate simultaneously by different companies, Android users are at the mercy of each of those app store’s propriety. The difficulty is, there’s no rhyme or reason or protection afforded by many of these app stores, let alone Google Play. The secondary problem is that some of these app stores come preloaded as the primary download store on some Android devices.

Clearly, Google branded devices come shipped with Google Play set up. Amazon devices some shipped to use the Amazon app store. However, no-named brand Android devices likely come shipped with one of the above non-Google stores installed. In fact, it could even be set up to a store not in the above list… a store operated by the manufacturer of the device.

Careful with that App

The difficulty with multiple app stores is one of, you guessed it, propriety. What I mean by using this specific word ‘propriety’ is the app store’s ability to police its content for completeness, functionality and, yes, malware. In short, propriety is a company’s ability to protect its download users from malware or dangerous software.

The difficulty is that while Google might have enough money to throw at App vetting to ensure higher quality apps reach its stores, not every store in that list has the money to afford that level of commitment.

What this means for consumers is, when you use a random app store, you take your chances with malware. Multiple stores combined with side loading is nearly the sole reason why Android gets a bad rap for malware. These two things are something Apple doesn’t do in its ecosystem. For Android, it’s worse still. As a consumer of a device, you don’t really know which app store is the default on your device. Most app store manufacturers properly label their apps, but cheaper devices made by random Chinese manufacturers tend to play games with naming and might name their app store app Goggle Play or Gooogle Play or even simply Play Store. There are many ways that manufacturers of cheap phone devices can trick you into thinking that you’re getting your apps from Google’s store… when, in fact, you’re not.

Not only are there too many app stores that can provide questionable apps, Android has been licensed by so many random Chinese manufacturers (okay, so perhaps licensed isn’t necessarily the correct word here… it’s more like, ripped off). Anyway, if you buy into any of these super cheap Chinese phone brands, you have no idea where your apps are really coming from. Although, because it’s Android, you should be able to load Google’s Play store (the real thing) and use those apps instead… with should being the operative word. The device manufacturer could have instituted a block to prevent the use of the Google Play store.

However, replacing a crap store with Google Play typically takes effort on the part of the consumer… that and knowledge that they must take this step. Most consumers are oblivious to this aspect of their phone’s use and naturally assume the included app store is looking out for their phone’s well-being and their own best interest. You should never assume this, not even with Apple devices.

Apple’s App Store

Here we circle back around to Apple. We are beginning to see why Android is in the state that it’s in, but how much better is Apple’s ecosystem of devices?

A lot of people believe that because there’s only one iOS app store and because Apple is the sole operator of that store that this somehow makes Apple devices safer to use.

Security through Obscurity

This is a phrase tossed around in the security communities. What it means is that because a platform is more obscure (more exclusive and closed), that that somehow makes the platform safer to use. Security through obscurity works maybe 10% of the time. Maybe. The other 90% of the time it’s less about obscurity and more about best practices.

For example, you should never load random apps from any store. It doesn’t matter if it’s Android or Apple. If you don’t know anything about the developer, you shouldn’t trust them. Why?

App Store Approval Process

Apple’s app store approves apps for release into the store based on specific usability criteria. For example, that the developer is not including terms-of-service restricted content or features. Restricted content being whatever Apple or Google or that specific app store deems off limits within an application.

The developer must verbally or on a written form affirm that their app does not contain such restricted content when submitting it for approval. Even then, Apple may or may not be able to verify such an affirmation. Basically, developers can lie and say their app doesn’t do something that it does, in fact, do. Apple and/or Google may not be able to see the app doing it until that specific set of code in the app is triggered. In other words, the app may appear totally genuine enough to pass Apple’s and Google’s store submission criteria.

We have seen some apps which have been released into the app store as a result of such affirmations only to be pulled from the store when it is found that the developer lied about what was affirmed and stated to have not been included in the app. Apple doesn’t take kindly to lying about app features, particularly when you can see the app doing things it shouldn’t be doing.

Apple is relatively quick on removals of offending content from its app store. Google Play and other Android stores may not be quite so nimble in this process. In fact, many of the third party stores may not even police their apps at all. Once it’s in the their store, it may be there more-or-less permanently. Apple is much more active and selective with maintaining that their apps are upholding developer agreements. However, there is a limit to even Apple’s propriety.

Epic Games

This is a recent fight between Apple and Epic Games. Epic Games apparently decided to change the way it utilized in-game purchases, which has since culminated in Apple rescinding Epic Games’s license to use Apple’s developer tools. Both Apple and Google have since removed Fortnite from their respective app stores citing violation of the store’s terms.

In-app payments require that developers hand over a portion of their profits to Apple and Google. However, there are ways of circumventing that by including outside payment systems in apps. I don’t know exactly what was included by Fortnite that triggered this specific problem, but apparently Epic wasn’t satisfied by Apple’s greedy in-app payment system and decided to take a stand.

Some may think this is about consumer protection. It’s not. It’s about Apple profiteering protection. Apple cites its terms that apply equally to all developers, but in fact, this specific condition is intended to maintain Apple’s profits. Yes, it does apply to all developers (well, almost all developers… see Amazon below), but it is also a condition that is unfavorable to developers and extremely favorable to Apple’s bottom line.

Ramifications

Apple picked a fight with the wrong company in this “epic” (ahem) fight. Epic Games also happens to be the developer of the Unreal game engine. This is a very widely used game engine throughout the gaming industry. It’s probably one of THE most commonly used engines, particularly on gaming consoles.

Without access to Apple’s iOS developer tools, this engine is effectively dead on iOS (and MacOS) devices. Worse, developers who rely on Unreal to drive their own iOS games may soon find that they have to find another game engine. These Unreal engine users may wake up to find their Unreal-based game removed from Apple’s app store as a side effect of Epic Games’s removal.

If Unreal can’t be supported, then neither can the games that utilize this engine. This Epic Games fight has deep reaching ramifications for not only Apple, but also impacts every iOS device owner and every developer that uses Unreal to drive their game. If that game you love was built around Unreal, you may find that app no longer available in just a few weeks.

If you have the app downloaded onto your device, you can still use it. Bought a new Apple device? Well, don’t expect to cloud download that app again if it’s been removed. You’ll need to rely on iTunes backup and restore instead of Apple’s cloud storage… which relies on downloading the app again from the app store. If it’s been removed, the app will be unavailable. Only backing up and restoring through iTunes will recover apps you presently have on your phone device and which are no longer in Apple’s app store. Didn’t do this? Oh, well. That app is gone.

Apple’s Ramifications

Apple’s once burgeoning gaming section may soon become a ghost town. Maybe this is an exaggeration, but maybe not? Let me explain. The loss of the Unreal engine from the iOS platform is a huge blow to iOS game developers worldwide. It means game developers must either now build their own engine instead (to avoid such engine removals in the future) or rely on another gaming engine that supports iOS (at the peril of it being removed in the future).

Apple is effectively “Cutting off its nose to spite its face”. In other words, Apple has most likely done more long term damage to its own brand and products than it has done in short term damage to Epic Games. Sure, Epic’s loss of Fortnite on iOS is a big loss to Epic, but Apple’s loss of the Unreal engine is a much, much bigger problem for Apple.

If developers can no longer turn to the Unreal engine for use on iOS, then that means fewer games will be developed for iOS… at a time when iOS doesn’t need this gaming speed bump. Fewer games developed means fewer game apps in the app store. Fewer game apps means less revenue for Apple. Basically, Apple’s loss of revenue from cutting off developer access to the Unreal engine will come back to bite Apple hard in the ass.

Apple relies on that in-app revenue for its continued operation of the App store. If that revenue dries up, well so too will iOS devices while also undercutting MacOS notebook sales. It’s not just about Fortnite here. It’s about every iOS game using Unreal that also uses in-app payments legitimately. People won’t buy into a mobile platform when they can no longer find and play their favorite games, particularly if those games are on other platforms. The loss of the Unreal game engine is a big deal to Apple. Considering Apple’s paltry 10-13% mobile device market share as of 2019 (and shrinking), killing off development tools that bring revenue to the platform should be a big deal to Apple, one would think.

However, there are still other game engines that developers can use, such as Unity, BuildBox and AppGameKit. With the loss of the Unreal engine, of which many, many games are built on consoles, that means straight ports of well recognized and popular console games to iOS will become almost impossible. Very few console developers choose Unity and none use BuildBox or AppGameKit.

If Apple was hoping to pull over the bigger console titles onto iOS, they’ve just lost that opportunity by kicking Epic Games off of their platform. No console developer will spend several years porting their Unreal based game to Unity or one of the other game development kits. Without Unreal on iOS, the much larger money making console games will forever be locked out of iOS, simply because of Apple’s stupidity.

Instead of trying to work through a compromise with Epic Games over this issue, they simply pulled the plug. They’ve “thrown the baby out with the bathwater”. They’ve as I said above, “Cut off their nose to spite their face.”

Apple’s Stupidity

This is a huge blow to iOS devices and to consumers alike. Within the next year or so without Epic Games support on iOS, Apple’s gaming community is likely to dry up. Games like Fortnite can no longer come to exist on Apple’s platform because of the loss of the Unreal engine.

There is a bigger danger to using a third party game engines for iOS games. If you, as a developer, settle on a third party game engine and that engine developer has a fight with Apple thus causing their developer licenses to be rescinded, just like Epic Games, you could see your game pulled from the store or, more importantly, obsolete by the next yearly iOS release. This whole Epic fight has some serious ramifications to the gaming industry.

I guarantee that with Epic Games being pulled from the Apple platform and if this is allowed to stand going forward, Apple’s usefulness as a gaming platform will greatly diminish. Not instantly, but definitely over time. It will definitely erode confidence in iOS and MacOS as a gaming platform.

Lest you think I’m being overly dramatic, I suggest you look at this very long Wikipedia page and see the list of games produced using Unreal for consoles, specifically Unreal Engine 4. Every single one of these games had the potential of making their way to iOS or even MacOS. This hope is now lost. The loss of the Unreal engine on Apple’s ecosystem is a loss to the entirety of Apple’s devices.

If Apple had designs of getting into gaming, they summarily lost that hope in one fell swoop. What’s worse is that other game developers may follow suit and voluntarily pull their engines from Apple’s devices as well, leaving only the smallest and crappiest of game development engines available for iOS devices… firmly dragging Apple’s devices back into the stone age for gaming. The best you can hope are the silly finger swipe games that leave you bored in less than 15 minutes.

Sure, Bethesda, Ubisoft and Activision may continue to maintain their proprietary engines on iOS and MacOS for their specific games, but up-and-coming and existing Unreal console developers alike have lost any iOS portability inroads they might have seen on the horizon.

Though, I suppose this situation is a win for Sony’s PlayStation and Microsoft’s Xbox consoles… and consoles in general.

Epic Games Ramifications

I would be remiss without discussing the ramifications to Epic Games, also. Certainly, Epic Games has lost a huge platform for both Fortnite and the Unreal engine … well, two with the additional loss of Google’s Play store. Though, I don’t think that Google has yet rescinded Epic’s developer license for Android. As a result, would-be game developers considering which engine to choose will not choose Unreal if they have eyes on iOS, MacOS or possibly Android (depending on how far Google takes this). For game developers who’ve already chosen Unreal, it’s probably too late to undo that choice. Game developers in the planning stages can reconsider which engine to choose.

Epic Games Unreal engine may not fall out of favor with the game development community. It was formerly an engine developers could rely on, more specifically for a wide range of platform support. With the loss of iOS and Android, that leaves a big hole for the Unreal engine, and Epic Games. That’s basically the loss of every mobile platform! Epic Games chose this battle by not wanting to follow Apple’s greedy rules.

Honestly, I don’t blame Epic. Amazon fought with Apple over these very same rules a long while back. Amazon chose to remove all ability to buy anything via their apps. Though, the Amazon app seems to have regained its ability to purchase junk, but I’ve no idea how they’ve worked this with Apple. Epic should cite Amazon app’s ability to purchase products using a third party payment processor. If Amazon can do this, Epic should be able to as well. It seems that even Apple isn’t following its own “all developers are equal” rules.

Tim Sweeney, Epic Games CEO, should call out this incongruity in Apple’s “equal” application its app store terms and conditions. If Epic Games is violating Apple’s purchasing rules, then so is Amazon… and so is any other company who is able to offer purchases using their own third party payment processor.

However, that doesn’t leave Epic Games without problems. Without iOS and Android for not only Fortnite, that leaves a huge revenue stream hole for Epic Games. That’s the downside for Epic. That and the loss of being able to license the Unreal engine to would-be iOS and potentially, depending on how far Google takes this, Android developers.

TikTok and WeChat

Beyond Epic, there are other problems brewing at Apple. The problem with Apple’s app store is that it will accept and publish apps from any developer from any part of the world. Yes, even communist bloc countries like China and Russia.

What does this mean for you as a consumer? It could mean spying, malware and theft of your data. Apps like WeChat and TikTok originated in China. These are apps that were intentionally designed and released by Chinese people who live in China and who have no ties to the U.S. and who don’t care about data privacy, your data or anything else about you. They don’t even have to follow United States laws. They want your money and they’ll do whatever they can to get it. They don’t care if they have to step on your toes (or turn on your camera and microphone at inappropriate times) to do it.

Apple has been entirely remiss in this area of vetting apps. Can we trust apps developed and produced entirely in China or Russia? Yet, Apple has published these apps to the App store and still allows them to remain in the store. But… Epic Games, a U.S. based game developer, can’t keep their app in the store because of silly in-app purchases? It’s perfectly okay to allow apps to spy and steal data for communist bloc countries, but it’s not okay for a U.S. developer to want to use a third-party payment processor. Yeah, Apple’s priorities are entirely effed up.

Apple’s values at this point are entirely suspect. What Apple has done to Epic is retaliation. It has nothing to do with propriety or consumer safety. It has to do with ensuring Apple’s revenue remains intact. If it were about consumer safety, Apple would have not only re-reviewed WeChat and TikTok for appropriateness the moment the President called them out, they would have been removed from the store.

This is where we learn Apple is not about propriety, it’s about making money. Losing the ability to make money from Fortnite (and by extension the Unreal engine) is way bigger of a deal than allowing Tencent and ByteDance to use their respective apps to potentially spy on U.S. consumers.

Here’s where consumers get lost in the mire and murk of it all. Apple’s silly hide-everything-from-everyone ideals allow this sort of behavior from developers to fester. Developers get to hide behind Apple’s veil of secrecy and “wall of friendliness” so that apps like WeChat and TikTok can flourish without consumers being the wiser.

Yet, here we are. Chinese and Russian apps are infiltrating Apple’s store with careless abandon, some of these are taking the Internet by storm, like TikTok. ByteDance rolled the big one with TikTok and now they can roll out spying measures if they wish, assuming they haven’t already.

I look on anything coming out of China as suspect. Most products coming out of China are third rate products that fall apart as soon as you sneeze on them. Many are counterfeit or are a stolen designs from an original product created outside of China. Clearly, China’s ability to innovate is limited. Instead, Chinese engineers must reverse engineer an existing design that originated outside of China only then to build their thing based on that existing design. Copying is said to be the highest form of flattery, but in this case it’s intellectual property theft.

With products that don’t need the Internet, such as a toaster oven or a microwave or a fridge, other than their possibility of falling apart or harming you physically, they can’t steal personal data or spy on you. Like physically harming you with junk appliances from China, downloading apps from an app store can be equally harming to you. They can steal keyboard input, turn on microphones and cameras at inappropriate times, grab your photos… they can even monitor which apps you use and watch your movement around the city via GPS on your phone. There’s so much data they can collect about you, including the contacts in your phone book.

By installing one of these communist bloc apps, there’s literally a mountain of data they can learn about you from your device. Spying? That’s literally an understatement.

Apple has given the communist bloc countries carte blanche access to U.S. owned devices through iOS. Google has done the same with Android. Worse, both Apple and Google are doing absolutely NOTHING about this. Treason by U.S. companies? That’s an understatement. They not only allow these apps to be published, they’re endorsing them… and some of Apple’s and Google’s own developers may even be using these apps personally. Talk about inception.

Spying

Spying was formerly thought to be about covert operatives running around gathering intel with crude and rudimentary devices in black garb. Today, it can be done in broad daylight using every person’s very own cell phone right in their hand.

Need access to listen in on a conversation at a specific GPS point… I can just hear someone say, “Let’s see which of our apps are on devices close to that location.” Yeah, this is a real thing. Simply enable the microphone and possibly even the outward camera and BOOM, you’ve got access to immediate intel relayed instantly back to you in real-time.

Yeah, that’s the danger of social apps like TikTok and WeChat. They can be used to eavesdrop on anyone anywhere. You only need to give access to the camera and microphone and boom, they’ve got access anywhere the app owners wish.

Apple can thwart this possibility potentially, but only if they add some heavy restrictions for when and how these devices may be used. Like, for example, these devices can only be enabled when the app is the front most active app and the screen is on (i.e., the user is accessing the screen). Even then, access to these devices should always require positive confirmation to use them every single time. Without positive confirmation, these devices cannot be enabled remotely.

Otherwise, spying is already here. Nefarious apps can listen in on what you are doing without your knowledge. They may even be able to switch on the camera and stream video data back to whomever. Yeah, bad news here.

Malware

Many people think malware means software that intends to cause malicious harm to your device. It doesn’t only mean that. Malware covers a lot of territory including spyware, malicious software, ransomware and many, many other types.

Any type of software designed to subvert your device for someone else’s use is considered malware. Don’t limit your thoughts to only software that intends to erase or destroy data. It doesn’t end there. It begins there. It ends with any software of malicious intent, including any software that is designed to spy on you, steal your data, copy data from your device or attempt to get you to do things that might compromise not only your phone, but also your personal finances.

However, the days of overt malware are firmly over. Now we’re seeing a new wave of software that makes itself appear legitimate by offering seeming legitimate services, but which have malware belying that happy-go-lucky façade. It’s the software version of social engineering. They trick you in believing you’re getting a real legitimate app, but underneath, these apps are doing things they shouldn’t be doing.

This is a new wave of bad news rolled into one app. No one can know the ultimate intentions of an app producer. Hopefully and trustingly, we put our faith into the developers hands to “do the right thing”, to be upstanding and give us an app that does only what it claims.

Unfortunately, we’ve moved into an era that’s now firmly gone beyond this. If you’re getting an app from a U.S. developer, you can pretty much be assured that what the app says that it does, it actually does do… and nothing beyond that. That’s a given because U.S. companies must follow U.S. laws. With apps coming from China or Russia or Cuba or Vietnam or even North Korea (don’t kid yourselves here), you have no idea what their ultimate motives for producing that app are. Worse, they are not required to follow United States laws. Yeah, and that’s the problem in a nutshell.

Apple and Google’s trusting nature

These communist countries not only see the dollar potential wrapped up in these apps, but they also see the spying potential above the dollars. Not only can they divert U.S. dollars outside of the country to fund who-knows-what, they can steal your data and spy on you, too.

Why? Because Apple and Google are far too trusting and let them do it. They believe that developers will be good neighbors and not do untrustworthy things. Apple and Google are both trapped into believing that everyone will follow United States laws. Naïve! Unfortunately, that trusting nature is now being used against both Apple and Google… though, Google more than Apple by these communist countries. Google devices way outpace Apple’s devices in market share. In 2019, Apple’s devices made up just ~13% of the market, where Google’s Android devices made up a whopping 87%! Together, Apple and Google make up close to 100% of the market, with the small remaining percent running other mobile operating systems (yes, there are a few).

For Google’s saturation reason, it’s no wonder why malware authors are targeting Google over Apple. It’s a simple matter of low-hanging fruit. Google’s fractured stores and litany of device problems has led to where we are. Malware authors can have a field day with Google’s devices because they can take advantage of these tinier stores with much reduced release restrictions. It’s easy, then, for small indie developers to release malware onto Android… far too easy. It’s much more difficult to do this same thing on Apple devices. That is, until you realize exactly how developers are outwitting Apple’s far-too-trusting nature.

Once not-so-upstanding developers understand they can disguise malware underneath a legitimate service, they can then push that service out to app stores (with Apple’s blessing) and get people to use it, in similar form to TikTok. In fact, perhaps the app was even released without the malware to have the appearance of propriety (and to pass Apple’s initial scrutiny). Then, after enough momentum has been reached, the app developer can then slowly release updates containing bits of malware at a time. As far as I know, Apple doesn’t put the same level of scrutiny into app updates as it puts into new app listings. Apple’s hands off approach to updates means the author can slip bad features into updates under Apple’s and our noses and none will be the wiser.

Security Considerations

You always have to really think 🤔 about what apps you have installed and why you’ve installed them. More than that, you need to find out who specifically is developing your apps and where they are in the world. You might be surprised to find that the author doesn’t live in the country where you reside. If the author isn’t in your country of residence, they don’t have to follow your country’s laws for, well, anything.

Of course, you never know what an app author intends by writing and releasing an app. Even the money making aspect on the surface may not be the actual agenda. Hopefully, the app’s purported use case (making money) is the only reason the app exists. Unfortunately, subversion seems to be becoming more and more common in apps, particularly those that may not be developed in the same country where you reside.

For example, someone who develops an app in China doesn’t have to follow the laws of any other country than China. Meaning, if the app developer decides to include spyware, no laws will apply to that developer other than Chinese law. Even then, since they weren’t spying on Chinese citizens, they likely won’t be seen as having violated any Chinese laws… even when spying on citizens in other countries. Because the U.S. can’t apply laws to Chinese citizens, any spying that may have taken place is damage already done. The only action that can be taken is banning the app entirely from the U.S., just as Trump had wanted to do with TikTok.

Every mobile device user must remain on their toes. You can’t assume that Apple’s closed store nature will protect you from spying or data theft (all forms of malware). Apple is way too naïve for that. Instead, you must do the research yourself. Determine who develops an app you intend to install. Find out where they live in the world. If they live in a country where you do not, your local laws will not apply if the developer includes illegal activities in your place of residence. This means they can do a lot of nefarious things and never be caught at it, particularly if they live in a country like China.

If you want to safeguard your own data, don’t install apps without knowing where the author lives. No, not Android and not even on iOS devices. No, not even on… and especially not on company owned devices.

In this day and age of anyone and everyone who can design and build an app basdd anywhere in the world, we’ve firmly come to a time where our devices can be used to spy on us and those around us simply because we’ve installed a random app.

It’s now only a matter of time before government policies catch up with this technology trend and new laws begin emerging which intend to hold device owners responsible for treason when an app spies on and funnels data outside of your country of residence.

In answer to the article’s primary question. No, neither Google nor Apple is better at protecting our devices from malware. However, while the overt malware may be less common on Apple devices, Apple’s and Google’s trusting nature is now firmly subverting our devices for foreign spying activities… particularly when these apps are designed to intentionally use the camera and microphone.

↩︎

Tagged with: , , , ,

leave a comment

Security Tip: Spam, Bitcoin and Wallets

Posted in advice, banking, cryptocurrency by commorancy on April 22, 2019

BitcoinIn writing this blog, I encounter a lot of different spam comments every single day. None of this spam reaches the comment area of any blog article because of moderation and spam filtering. However, every once in a while I see a spam message that catches my eye and I feel the need to write about such traps. Let’s explore.

Today’s Spam

Today, I found this spam message and it spurred me to write this blog article:

Invest $ 5,000 in Bitcoin mining once and get $ 7,000 passive income per month

This sounds like a great deal, doesn’t it? Of course, this spam message arrived complete with a link to a website. I’ve redacted that part of this spam. The text is the most important part (or rather, the sleaziest part) and what I intend to discuss in this article.

Let’s dispel this one right away. You cannot invest $5,000 into a Bitcoin mining rig and get $7,000 a month in passive income. This is not possible. First off, Bitcoin is entirely volatile so values vary every minute. Second, you have to place your mined Bitcoin into a wallet somewhere. Third, a compute rig requires electric power, air conditioning and internet services requiring you to pay bills every month. Fourth, the maximum you could mine per month is a fraction of a Bitcoin.

Most mining rigs are lucky to make any money at all considering the electric bill cost alone. You must also pay your Internet service as Bitcoin mining requires regular check-ins with its sites to transfer the data processed during mining and download new data. Both the electric and internet bills are not at all inexpensive to own and will substantially reduce the value of any Bitcoin you might mine. There are also exchange fees to convert your Bitcoin into US Dollars (or vice versa), which will eat into the profits of your mined Bitcoin.

Mining

Bitcoin mining seems like a great thing. In reality, it is far from it. As I mentioned above, you need to not only invest in a specialty computer rig designed for Bitcoin mining, you also need to supply it with electrical power, heat dissipation (A/C or a fan) and internet service. In exchange for “mining”, you will occasionally receive tiny fractions of Bitcoin (when the bits align just right). When Bitcoin first began, the amount and frequency of Bitcoin given during mining was much higher than it is today. Worse, mining of Bitcoin will see less and less Bitcoin issued as time progresses. Why?

Bitcoin is a finite currency with a limit on the maximum number of coins ever. Once the coins are gone, the only way to get a coin is by getting it from someone who already has one. Even then, there’s a problem with that. That problem is called ‘end of life’ and, yes, even Bitcoin has an expiration date.

But… what exactly is “mining” and why is it a problem for Bitcoin? Mining is not what you think it is. This word imparts an image of men in hardhats with pickaxes. In reality, mining isn’t mining at all. It is a collective of computers designed to compute the general ledger of transactions for Bitcoin. Basically, each “mining” computer takes a small amount of potential ledger data given to it by an “authority” and then solves for the equations given. This information is handed back to the “authority”. The “authority” then compares that against all other results from other computers given the same data. If a consensus is reached, then the transaction is considered “valid” and it goes into the ledger as legitimate. This is the way the currency ferrets out legitimate transactions from someone trying to inject fake transactions.

There’s a lot more to it, but this is gist of how “mining” works. In effect, when you set up a mining computer (or rig), your computer is actually performing transaction validation for Bitcoin’s general ledger. In return for this calculation work, your computer is “paid” a very tiny fraction of Bitcoin… but not nearly enough to cover the real world money needed for the 24/7 constant computing. A Bitcoin payment is only issued during mining IF the calculation solves to a very specific (and rare) answer. And so begins Bitcoin’s dilemma…

Basically, if you take all of the fractions of Bitcoin you receive over a year’s worth of 24/7 general ledger computing, you might be lucky to break even once you take your electric and internet bills into account. However, you are more likely to lose money due to the rare incidence of solving the equation for payment.

Additionally, to store those fractions of Bitcoin from your mining activities, you’re going to need a wallet. If your wallet is stolen, well that’s a whole separate problem.

Bitcoin Logistics

Unless you’ve been living under a rock, many crypto wallets and companies that store wallets are entirely insecure. They “think” they are secure, but they’re not. They’re simply living on borrowed time. Too many wallet companies (and wallet technologies) have been hacked and have lost Bitcoin for many people. Because of the almost trivial vulnerability nature of a crypto wallet, owning Bitcoin is almost not even worth the risk. We’re not talking small amounts of Bitcoin lost. We’re talking tens of thousands of dollars “worth” of Bitcoin gone *poof* because the companies / wallets were hacked and Bitcoin emptied.

While there might be some reputable and secure wallet storage companies, you have no idea how secure they really are. Because it’s cryptocurrency, once the Bitcoin has left the wallet, there’s no way to get it back. It’s the same as if someone stole your wallet out of your pocket or purse. Once it’s gone, it’s gone.

Further, because Bitcoin’s wallet technologies are so hackable and because it holds real world value into convertible fiat currencies, like the US Dollar (and other currencies), there’s a real and solid motivation for hackers to find ways to get into and pilfer Bitcoin wallets from unsuspecting owners.

The Downsides of Bitcoin

As a miner, you’re paid in Bitcoin. Bitcoin has limited uses in the real world. There are some places that accept Bitcoin, but they’re few and far apart. Most places still only accept the local currency, such as the US Dollar in the United States. For Bitcoin to become a functional currency, it would need to be heavily adopted by stores and businesses. Instead, today most places require you to convert Bitcoin into the local currency. This is called exchanging currency and usually incurs fees for the exchange. You can’t put Bitcoin into a traditional bank. You can’t use it to pay most bills. Any business wanting to remain in business would need to convert any Bitcoin received into USD or similar. The conversion fee could be 1%, 2% or up to 10% of the transaction. There might even be a separate fixed transaction fee. These fees begin to add up.

All of this reduces the value of Bitcoin. If one Bitcoin is worth $1000 (simply used as illustration), you could lose up to $100 of converting that single Bitcoin to $1000… making it worth $900. Because Bitcoin is entirely volatile, a Bitcoin worth $1000 today could be worth $100 tomorrow. For this volatility reason and because of electric and internet bills, the idea of making $7000 in passive income in a month is not even a reality. If you could receive one Bitcoin per month via mining (hint: you can’t), you might clear $7000 (assuming one Bitcoin is worth $7000 when you go to convert). Chances are, you’re likely to get far, far less than one Bitcoin per month. More likely, you’ll get maybe 1/10th (or less) of a Bitcoin in a month’s worth of computing … barely enough to cover the cost of your electric bill… assuming you immediately cash out of your Bitcoin and use that money to pay your bills.

Insurance and Fraud

The US government insures bank and savings accounts from loss via the FDIC (Federal Deposit Insurance Corporation). No such governmental insurance programs cover Bitcoin (or any other cryptocurrency). Until or unless the US government issues its own digital currency and extends similar protections of the FDIC to banks storing those digital currencies, today’s decentralized cryptocurrencies are simply the “Wild West” of currency.

What “Wild West” means is that anyone who owns cryptocurrency is at risk of loss no matter what means is used to store your Bitcoin. Your coins are as secure as the weakest link… and the weakest link (among many) appears to be the wallet.

Cryptography and Security

Many crypto “banks” (though I hesitate to even call them a bank) claim high levels of security over your Bitcoin wallet. Unfortunately, your wallet is always at risk no matter where you store it. If it’s on a self-contained card on your person, that can be hacked. If it’s at a currency exchange service, like Coinbase, it can still be hacked (in a number of ways).

The problem with crypto “anything” is that (and this is the key bit of information that everyone needs to take away from cryptography) is that cryptography was designed and intended to offer transient “short term” security.

What I mean by “short term” is that it was designed to secure data for only as long as a transaction requires (usually a few seconds). An example is using an app on your phone to perform a transaction with your bank. Your logged-in session might last 5-10 minutes at most. Even then, a single communication might last only a few seconds. Cryptography is designed to protect your short burst transmissions. It would take a hacker well longer than that short transmission period to hack the security of your connection. By the time a hacker had gained access, your transaction is long over and you’re gone. There’s no way they could change or alter what you’re asking your bank to do (unless, of course, your device is compromised… a completely separate problem).

Bitcoin, on the other hand, is required to be secured in a wallet for months, years or potentially even decades. Cryptography is not designed for that duration of storage and protection. In fact, cryptographic algorithms become weaker every single day. As computers and phones and devices get faster and can compute more data, these algorithms lose their protections slowly. It’s like when rains erode soil on a mountain. Inevitably, with enough soil eroded, you’ll have a landslide.

With crypto, eventually the computers will become fast enough so as to be able to decrypt Bitcoin’s security in a matter of weeks, then days, then hours, then minutes and finally in real-time. Once computers are fast enough to hack through a wallet’s security in real-time, nothing can protect Bitcoin.

This is the vulnerability of Bitcoin and other cryptocurrencies. Once computers hit the threshold to instantly decrypt Bitcoin’s security (or, more likely, Bitcoin’s wallet security), then Bitcoin is all over. You can’t store something when computers can gain unauthorized access in a few minutes. This law of diminishing cryptography returns is the security fallacy of Bitcoin.

Of course, Bitcoin developers will say, “Well, we’ll upgrade the Bitcoin cryptography to last longer than the then-current processing power”. It is possible for developers to say and potentially do this. But, that could still leave YOUR wallet vulnerable. If your wallet happens to be stored in an older cryptographic format that is vulnerable, then what? You may not even know your wallet is being stored in this vulnerable way if it’s stored at an exchange like Coinbase. That could leave yours and many other’s wallets hanging out to dry. Unless the currency exchange shows you exactly the format your wallet is being stored in and exactly the strength of cryptography being used, your wallet could very well be vulnerable.

Note that even the strongest encryption available today could still contain vulnerabilities that allow it to be decrypted unintentionally.

Bitcoin Uses

Probably the only single use of Bitcoin is as part of a balanced portfolio of assets. Diversifying your portfolio among different investment strategies is the only real way to ensure your portfolio will continue to grow at a reasonable rate. This is probably one of the only reasons to legitimately invest in Bitcoin. However, you don’t need to outlay for a mining rig to do it. Some investment firms today now allow for investment into cryptocurrencies as part of its investment portfolio offerings.

Still, you’ll have to be careful with investing in cryptocurrencies because there can be hidden transaction fees and conversion fees involved. These are called “loads” in the investing world. This means that you might invest $50, but only receive $40 in Bitcoin. That $10 lost represents the “load”. If you sell out of Bitcoin, you may also receive yet another “load” and again lose some of your money in the exchange. You have to take into account these “loads” when you choose to invest in certain funds. “Load” funds are not limited to Bitcoin. These exist when investing in all sorts of funds including mutual funds and ETFs.

However, Bitcoin (and other cryptocurrencies) can be valuable as part of a balanced portfolio. Of course, Bitcoin would be considered a Risky type of investment because of its volatility. Depending on how your portfolio is balanced, you may not want to invest in something as risky as Bitcoin. Not all portfolio management companies (i.e., Schwab, E*Trade, Ameritrade, etc) may offer cryptocurrency as an investment strategy. You’ll need to check with your specific company to determine if Bitcoin is available.

End of Bitcoin

Because Bitcoin is finite in total numbers of coins, eventually computing the general ledger will no longer pay dividends. What I mean is, once the Bitcoins run out, there will be no way to pay the miners. Bitcoin currently pays miners from the remaining ever diminishing pool of Bitcoin. Once there’s no more Bitcoins in the pool, there’s no more payments to the miners. This means that Bitcoin is dead. No one is going to continue to spend their expensive electric and internet bills on computing a general ledger that offers no dividends. No general ledger computations, no transactions.

This means that eventually, miners will stop mining. Once a critical mass of general ledger computation stops, computing Bitcoin transactions may become impossible. This will be the death of Bitcoin (and any other cryptocurrencies that adopt the same mining payment model). You can’t spend a Bitcoin as liquid currency if there’s no way to validate a transaction.

Some people think that it might require Bitcoin to completely hit zero, but it doesn’t. Once the remaining pool gets small enough, the algorithm gives out ever smaller amounts of payment in return for computing. At some point, spending thousands of dollars on a rig to gain a few pennies worth of Bitcoin every month won’t be worth it. Miners will shut off their mining activities. As more and more miners realize the futility of their mining efforts, fewer and fewer will mine.

When a compute (or lack thereof) critical mass is reached, Bitcoin will be in a crisis. This is the point at which the value of Bitcoin will plummet, taking with it many “paper Bitcoin millionaires”.

If you own Bitcoin, you need to watch and listen carefully to this part of the Bitcoin world. In fact, we are likely already on the downward slope of the bell curve for Bitcoin computing. How far down the bell curve is unknown. Unfortunately, as with most investment products, many people hold on far too long and get wiped out. It’s best to sell out while you know the currency holds value. Don’t wait and hold thinking it will infinitely go up. It won’t.

Eventually, Bitcoin will die because of its finite number of coins and its heavy reliance on “mining”… which “mining” relies on offering dividends. When the dividends stop being of value, so will end the mining and, by extension, so Bitcoin will end.

↩︎

 

Tagged with: , , , , , , , , , , , ,

leave a comment

Rant Time: Bloomberg and Hacked Servers

Posted in best practices, botch, data security, reporting by commorancy on October 5, 2018

Bloomberg has just released a story claiming SuperMicro motherboards destined for large corporations may have been hacked with a tiny “spy” chip. Let’s explore.

Bloomberg’s Claims

Supposedly the reporters for Bloomberg have been working on this story for months. Here’s a situation where Bloomberg’s reporters have just enough information in hand to be dangerous. Let’s understand how this tiny chip might or might not be able to do what Bloomberg’s alarmist view claims. Thanks Bloomberg for killing the stock market today with your alarmist reporting.

Data Compromise

If all of these alleged servers have been compromised by a Chinese hardware hack, someone would have noticed data streaming out of their server to Chinese IP addresses, or at least some consistent address. Security scans of network equipment require looking through inbound and outbound data logs for data patterns. If these motherboards had been compromised, the only way for the Chinese to have gotten that data back is through the network. This means data passing through network cards, switches and routers before ever hitting the Internet.

Even if such a tiny chip were embedded in the system, many internal only servers have no direct Internet access. This means that if these servers are used solely for internal purposes, they couldn’t have transmitted their data back to China. The firewalls would prevent that.

For servers that may have had direct access to the Internet, these servers could have sent payloads, but eventually these patterns would have been detected by systems administrators, network administrators and security administrators in performing standard security checks. It might take a while to find the hacks, but they would be found just strictly because of odd outbound data being sent to locations that don’t make sense.

Bloomberg’s Fantasy

While it is definitely not out of the realm of possibility that China could tamper with and deliver compromised PCB goods to the US, it’s doubtful that this took place in the numbers that Bloomberg has reported.

Worse, Bloomberg makes the claim that this so-called hacked hardware was earmarked for specific large companies. I don’t even see how that’s possible. How would a Chinese factory know the end destination of any specific SuperMicro motherboard? As far as I know, most cloud providers like AWS and Google buy fully assembled equipment, not loose motherboards. How could SuperMicro board builders possibly know it’s going to end up in a server at AWS or Google or Apple? If SuperMicro’s motherboard products have been hacked, they would be hacked randomly and everywhere, not just at AWS or Google or whatever fantasy Bloomberg dreams up.

The Dangers of Outsourcing

As China’s technical design skills grow, so will the plausibility of receiving hacked goods from that region. Everyone takes a risk ordering any electronics from China. China has no scruples about any other country than China. China protects China, but couldn’t give a crap about any other country outside of China. This is a dangerous situation for China. Building electronics for the world requires a level of trust that must exist or China won’t get the business.

Assuming this alleged “spy chip” is genuinely found on SuperMicro motherboards, then that throws a huge damper on buying motherboards and other PCBs made in China. China’s trust level is gone. If Chinese companies are truly willing to compromise equipment at that level, they’re willing to compromise any hardware built in China including cell phones, laptops and tablets.

This means that any company considering manufacturing their main logic boards in China might want to think twice. The consequences here are as serious as it can get for China. China has seen a huge resurgence of inbound money flow into China. If Bloomberg’s notion is true, this situation severely undermines China’s ability to continue at this prosperity level.

What this means ultimately is that these tiny chips could easily be attached to the main board of an iPhone or Android phone or any mobile device. These mobile devices can easily phone home with data from mobile devices. While the SuperMicro motherboard problem might or might not be real, adding such a circuit to a phone is much more undetectable and likely to provide a wealth more data than placing it onto servers behind corporate firewalls.

Rebuttal to Bloomberg

Statements like from this next reporter is why no one should take these media outlets seriously. Let’s listen. Bloomberg’s Jordan Robertson states, “Hardware hacking is the most effective type of hacking an organization can engineer… There are no security systems that can detect that kind of manipulation.” Wrong. There are several security systems that look for unusual data patterns including most intrusion detection systems. Let’s step back for a moment.

If the point in the hardware hacking is to corrupt data, then yes, it would be hard to detect that. You’d just assume the hardware is defective and replace it. However, if the point to the hardware hack is to phone data home, then that is easily detected via various security systems and is easily blocked by firewalls.

The assumption that Jordon is making is that we’re still in the 90s with minimal security. We are no longer in the 90s. Most large organizations today have very tight security around servers. Depending on the role of the server, it might or might not have direct trusted access to secured data. That server might have to ask an internal trusted server to get the data it needs.

For detection purposes, if the server is to be used as a web server, then the majority of the data should have a 1:1 relationship. Basically, one request inbound, some amount of data sent outbound from that request. Data originating from the server without an inbound request would be suspect and could be detected. For legitimate requests, you can see these 1:1 relationships in the logs and when watching the server traffic on a intrusion detection system. For one-sided transactions sending data outbound from the server, the IDS would easily see it and could block it. If you don’t think that most large organizations don’t have an IDS even simply in watch mode, you are mistaken.

If packets of data originate from the server without any prompting, that would eventually be noticed by a dedicated security team performing regular log monitoring and regular server security scans. The security team might not be able to pinpoint the reason (i.e. a hardware hack) for unprompted outbound data, but they will be able to see it.

I have no idea how smart such tiny chip could actually be. Such a tiny chip likely would not have enough memory to store any gathered payload data. Instead, it would have to store that payload either on the operating systems disks or in RAM. If the server was cut off from the Internet as most internal servers are, that disk or RAM would eventually fill its data stores up without transfer of that data to wherever it needed to go. Again, systems administrators would notice the spike in usage of /tmp or RAM due to the chip’s inability to send its payload.

If the hacking chip simply gives remote control access to the server without delivering data at all, then that would also be detected by an IDS system. Anyone attempting to access a port that is not open will be blocked. If the chip makes an outbound connection to a server in China and leaves it open would eventually be detected. Again, a dedicated security team would see the unusual data traffic from/to the server and investigate.

If the hacking chip wants to run code, it would need to compiled it first. That implies having a compiler in that tiny chip. Doubtful. If the system builder installs a compiler, the spy chip might be able to leverage it, assuming it has any level of knowledge about the current operating system installed. That means that chip would have to know about many different versions of Linux, BSD, MacOS X, Windows and so on, then have code ready to deploy for each of these systems. Unlikely.

Standards and Protocols

Bloomberg seems to think there’s some mystery box here that allows China to have access to these servers without bounds. The point to having multi-layer security is to prevent such access. Even if the motherboards were compromised, most of these servers would end up behind multiple firewalls in combination with continuous monitoring for security. Even more than this, many companies segregate servers by type. Servers performing services that need a high degree of security have very limited ability to do anything but their one task. Even getting into these servers can be challenge even for administrators.

For web servers in a DMZ which are open to the world, capturing data here might be easier. However, even if the hacker at SuperMicro did know which company placed an order for motherboards, they wouldn’t know how those servers would ultimately be deployed and used. This means that these chips could be placed into server roles behind enough security to render their ability to spy as worthless.

It’s clear, these reporters are journalists through and through. They really have no skill at being a systems administrator, network engineer or security administrator. Perhaps it’s now time to hire technical consultants at Bloomberg who can help you guide your articles when they involve technical matters? It’s clear, there was no guidance by any technical person who could steer Jordan away from some of the ludicrous statements he’s made.

Bloomberg, hire a technical consultant the next time you chase one of these “security” stories or give it up. At this point, I’m considering Bloomberg to be nothing more a troll looking for views.

If you enjoy reading Randocity, please like, subscribe and leave a comment below.

↩︎

 

Tagged with: , , , , , , , ,

leave a comment

How to protect yourself from the Equifax breach

Posted in botch, business, security by commorancy on September 11, 2017

Every once in a while, I decide to venture into the personal financial security territory. This time, it’s for good reason. Unfortunately, here’s a topic that is fraught with peril all along the way. It also doesn’t help when financial linchpins in the industry lose incredibly sensitive data, and by extension, credibility. Let’s explore.

Target, Home Depot and Retailer Breaches

In the last few years, we’ve seen a number of data breaches including the likes of Target and Home Depot. While these breaches are severe problems for the companies, they’re less problematic for the consumer in terms of what to do. As a consumer, you have built-in protections against credit card fraud. If a thief absconds with your number, your liability is usually limited to around $50, but that also depends on the card… so read your fine print.

With the $50 you might have to pay, the inconvenience to you is asking your credit card company to issue you a new card number. This request will immediately invalidate your current card number and then you have to play the snail mail waiting game for a new card to arrive. That’s pretty much the extent of the damage with retailer like Target or Home Depot.

No one wants to go through this, but it’s at least manageable in time… and you can get back on with your life. For breaches like Equifax, this is a whole different ball game, let’s even say, a game changer. Breaching Equifax is so much more than a simple credit card inconvenience.

Credit Reporting Agencies and Breaches

With Equifax breached, this is really where the government needs to step in with some oversight and regulations. What your social security number is the the government, your credit reporting file is to your personal financial health. This breach is a dangerous game… and worse, Equifax is basically taking it lightly, like it’s no big deal. This is such a big deal, you will absolutely need to take steps to make sure your data is secure (and even then, that only goes so far).

First, I’ll discuss what this breach means to you and how it might affect you. Second, I’ll discuss what you can do to protect yourself. Let’s start with some basic information.

There are 3 primary credit reporting agencies (aka credit bureaus):

  1. TransUnion
  2. Experian
  3. Equifax

Unless you’ve never had a credit card, you probably understand what these businesses do. I’ll explain for the uninitiated. These agencies collect and report on any outstanding credit card or revolving lines of credit you currently have. If you have a mortgage, these entities know about it. If you have a credit card (or many), they know. They also know lots of other data (i.e., previous and current address), what loans you’ve had in the past, what bank accounts you have, what balances are on your outstanding lines of credit, any collections activities and the list goes on and on. It also lists your birth date, social security number and full credit card numbers and account numbers.

Based on all of your credit lines, how well you pay and so on, these companies create a FICO credit score. This score determines how low of interest rates you’ll receive on new loans. These companies are not only a bane to actually exist, but they are your lifeline if you need new credit. Even just one blemish on your record can prevent you from getting that loan you need to buy your new house or new car. Without these linchpin companies, lenders wouldn’t be able to determine if you are a good or bad credit risk. Unfortunately, with these companies, consumers are at the mercy of these companies to produce accurate data to lenders (and to protect that data from theft)… a task that Equifax failed to do.

What did Equifax lose?

Equifax lost data for 143 million record holders. While that number may seem small, the damage done to each of those 143 million record holders will eclipse the damage produced by Target and Home Depot combined. Why? Because of how these credit reporting agencies actually work.

Equifax (and pretty much all of these credit reporting agencies) have flown under the radar in what they do. If you go to a car dealer, find a car you want and fill out loan paperwork, that dealership will pull a credit report from one or more of these agencies. Your credit report will contain a score and all loans currently outstanding. It also shows how well you pay your loans, any delinquencies in the past and other financial standing metrics. This credit report will be the basis of whether you get a loan from the car dealership and what what interest rate.

Hackers had access to this data between May and July of 2017. The hack was found on July 29th, but not reported to the public until September 8th. That’s over a month that Equifax sat on this news. It’s possible that they were requested by law enforcement to hold the announcement, we just don’t really know.

What was lost?

According to the Washington Post:

Hackers had access to Social Security numbers, birth dates, addresses, driver’s license numbers, credit card numbers and other information.

According to the New York Times:

In addition to the other material, hackers were also able to retrieve names, birth dates and addresses. Credit card numbers for 209,000 consumers were stolen, while documents with personal information used in disputes for 182,000 people were also taken.

Those dispute documents being PDFs of bills, receipts and other personally identifying information. I’ve also read, but have been unable to find the corresponding article, that the hackers may not have had access directly to the credit report database itself, but only to loose documents in a specific location. However, even with that said, do you really trust Equifax at this point? I certainly don’t.

Why is this such a big deal?

Because the credit reporting agencies have played it fast and loose for far too long. They make boat loads of money off of each credit report that’s pulled. If you pay $50 as part of the loan process to pull your credit report, the dealership will keep part of that money and the rest goes to Equifax. Because many loans applications are processed every day, some credit reporting agency is making money. Making money isn’t the problem, though.

These agencies will pull a report for anyone willing to spend money. This includes people with stolen credit cards. However, that only gets thieves so far before being caught. Instead, breaking into computers at the agency allows them to not only pull credit reports for anyone who has a record, they can get access to lots of sensitive information like:

  • Social Security Numbers
  • Birth Dates
  • Addresses
  • Places of employment
  • Home Addresses
  • Credit card numbers
  • Dispute Documents
  • Etc..

Basically, the thieves may now have access to everything that makes up your identity and could steal your identity and then attempt to divert bills away from your house, create new cards, and do other things that you may not be able to see. If they managed to get access to your credit report, they can open cards out the wazoo. They can charge crap up on those cards. And, they can perform all of this without your knowledge.

Credit Monitoring

You might be thinking, I’ll set up a credit monitoring service and have the credit reporting service report when activity happens. Even that, while only somewhat effective is still subject to being breached. If the thieves have access to all of your identity information, they can request the credit reporting service to do things like, reissue passwords to a new email address and send sensitive reports to a bogus address. These thieves can even undo security setups like a credit freeze and reassign all of that information to their own address. You won’t see or even know about this unless you regularly check your credit reports.

This problem just barely peeks into the can of worms and doesn’t even open it fully. There are so many things the thieves can do with your identity, that by the time you figure it out, it could be far, far too late. So, don’t think that signing up for credit monitoring is enough.

Sloppy Security Seconds

In fact, it wasn’t seconds, it was almost 2 months before the breach was known to the public. A move that not only shows complete disregard for 143 million people’s financial security from a company who should be known for it, Equifax doubled down by creating a lead generation tool in their (ahem) free TrustID tool. Keep in mind that that TrustID tool is only (ahem) free for one year, after that you pay. Though, protecting against new account creation is only half the problem. The other half to which TrustID can’t help is protecting your existing accounts. Because credit reports contain every account and every account number you own, if your data was compromised (and with 143 million accounts worth of data lost, it’s very possible), you need to do so much more.

Even the Security Checking Tool (which was questionably put up on a brand new created domain???) seems to have been a sham and had its own share of SSL certificate problems leading to some browsers showing the site as a scam. Some Twitter users have entered bogus data… and, this checking tool seems to have stated this bogus data was included in the breach. The question is, does that tool even work or is it merely security theater? Yet another black eye in among many for Equifax’s handling of this data breach. To wit…

and then this tweet…

To sign up for Equifax’s TrustID premium service, you have to enter even more personally identifying data into a form of a company that has clearly demonstrated they cannot be trusted with your data. Why would anyone do this? Seriously, signing up for a service with a company who just lost a bunch of information? No, I think not. Instead, Equifax should be required to pay victims for a monitoring service with either TransUnion or Experian (where breaches have not occurred.. yet).

On top of entering even more personal information, the service requires you waive your right to lawsuits against Equifax and, instead, requires binding arbitration. Yet another reason not to sign up.

It’s not as if their credit monitoring service is really going to do you a whole lot of good here. If you really do want a credit monitoring service, I’d suggest setting it up with Experian or TransUnion instead. Then, figure out a way to get Equifax to pay you back for that service.

Can’t I reissue credit card numbers?

While you can do this, it won’t protect you fully. The level of what the thieves can potentially do with your data from Equifax goes much deeper than that. Yes, changing the numbers will help protect your existing cards from access. However, it won’t stop thieves from opening up new accounts in your name (and this is one of the biggest problems). This is why you also need to set up a credit freeze.

Because the thieves can now officially pretend to be you, they can do such things as:

  • Pretend to be you on the phone
  • Call in and request new pin codes based on key identifying information (address, SS#, phone number, etc)
  • With your old address, they can then transfer your bills to a new address
  • They can reissue credit card numbers to that new address

You’re probably thinking, “What about the security measure my bank uses? Won’t that protect me?” That depends entirely upon how convincing the thief can be over the phone. If they can answer all of your identity information and find a representative who can bypass some of the banks security steps, they can get a foot into the door. That’s all it takes for them to basically take over your credit accounts… which is one step away from potentially hijacking your bank accounts. A foot in the door is enough in many institutions to get the ball rolling towards full hijacking.

How do I protect myself?

If your data was involved in the breach (unfortunately, the tool that Equifax provides is sketchy at best), the three bare minimum things you should do are

  1. Contact one of the three credit bureaus and ask for a free 90 day fraud watch
  2. Contact all three and ask for a credit freeze on your records at each credit reporting agency
  3. Set up credit monitoring at TransUnion or Experian

The 90 day fraud watch means they will need to let you know when someone tries to do anything with your credit report. However, this watch is only good for 90 days and then expires. The good thing about requesting this watch is that you only have to do it at one bureau. All three will receive this watch request from your contact with one of them. The bad thing is, 90 days is not nearly long enough to monitor your credit. In fact, the thieves will expect the 90 day fraud watches, wait them out, then go after it hard and heavy after these begin expiring.

A freeze, on the other hand, lasts until you unfreeze. A freeze puts a pin code on your credit record and that pin is require each time a company needs to pull a copy of your credit report. This will last far, far longer than a 90 day watch and serves to stop the thieves in their tracks. To freeze your records, you will need to contact all three separately and perhaps pay a fee of $5-10 depending on where you live.

Setting up credit monitoring means you can be alerted to whenever anything changes on your credit report. But, credit monitoring won’t stop the changes from occurring. Meaning, you’ll be alerted if a new card is opened, but the monitoring service isn’t a preventative measure.

You can contact each bureau as follows to set up any of the above services, including a credit freeze (links below):

  1. Equifax or call 1-800-349-9960
  2. TransUnion or call 1-888-909-8872
  3. Experian or call 1‑888‑397‑3742

Neither a fraud watch nor a credit freeze will impact your credit score. A freeze simply prevents any business from pulling your credit report without having your pin code. Companies for which you already do financial business or have loans established can still pull reports as needed. However, any new loans will be required to have your security pin code.  You can learn all about the details of a credit freeze at this FTC.gov web site.

Unfortunately, because the breach may have been more extensive than it appears, a thief can now contact the credit bureaus over the phone, pretend to be you and have any pin codes removed and/or reissued. Then, gain control over your credit records. This is why this breach is so treacherous for consumers. You need to be on your guard, vigilant and manually monitor your credit report for at least the next 12 months regularly. This is the part no big box media site is reporting. Yes, this is a very treacherous landslide indeed that is at work. Even if you do all of the protections I mention above, thieves can still subvert your financial records for personal gain by knowing your key personally identifying information.

How do I stop the thieves?

This is the fundamental problem. You can’t, at least not easily. To truly protect yourself, the scope of changes would include all of the following:

  1. Get a new social security number
  2. Reissue all of your credit card and debit card numbers
  3. Open new bank accounts, transfer your money into the new accounts
  4. Close the old bank accounts
  5. Reissue new checks
  6. Change your telephone number
  7. Move into a new address (or obtain a P.O. Box and send your bills there)
  8. Legally change your name
  9. Change all of your passwords
  10. Change all of your email addresses
  11. Set up multifactor authentication to every financial app / site you log into that supports this feature.

Unfortunately, even doing all of the above would still mean the credit bureaus will update your credit report with all of this new data, but your prior history would remain on the report… possibly up to and including all of the old account, name and address information. It is very, very difficult to expunge anything from a credit report.

In addition to the above, I’d also suggest closing any credit lines you don’t regularly use. If it’s not there, it can’t be exploited. None of this is a magic bullet. You just have to wait it and shut the thieves down as things materialize. Being diligent in watching your credit report is the only way to ensure you nip things in the bud early.

Tidal Waves and Repercussions

It is yet unknown the extent of their breach or the extent to which each consumer may have to go to protect themselves from this deep gash in the financial industry. Not only does this gash now undermine each account holder’s personal financial well being, it undermines the credibility of the very industry holding up the world’s economy. This is some serious shit here.

If half of the US’s residents are now available to identity thieves, those organizations who help protect the small amounts of identity theft throughout a normal year cannot possibly withstand a financial tidal wave of identity theft paybacks which could seriously bankrupt many credit organizations. In fact, if this tidal wave is as big as I suspect it could become, we’re in for some seriously rough financial waters over the next 6-12 months. By the time the holidays roll around, it could be so bad, consumers cannot even buy the goods needed to support the holiday season. Meaning, this could become such a disruptive event in the US’s financial history, many businesses could tank as a side outcome of consumers not being able to properly spend money during the most critical season of the year.

This has the potential to become one of the most catastrophic financial events in US history. It could potentially become even more disruptive than the 1939 stock market crash. Yes, it has that much potential.

Since I have no reason to believe that Equifax has been totally honest about how much data has actually been lost, this is the reason for this level of alarm. I’d be totally happy if the amount of data lost was limited to what they have stated, but the reality is, nothing is ever as it seems. There’s always something deeper going on and we won’t find that out for months… possibly at the point where the economy is hit hard.

Equifax Aftermath

Because the US is so pro-business, Equifax will likely get a slap on the wrist and a warning. Instead, this company should be required to close its doors. If it is not providing adequate data security measures to protect its systems, then it needs to shut its doors and let other more capable folks handle this business. This sector is far too critical of a service and that data too risky if lost to allow flippant companies like Equifax to continue to exist in that market.

Tagged with: , , , ,

leave a comment

Rant Time: Don’t ever wipe your network settings in iOS

Posted in Apple, best practices, botch by commorancy on July 15, 2017

I’ve been recently trying to solve a problem with T-Mobile which ended up a bust because of the absolute sheer uselessness of T-Mobile staff about the iPhone and Apple Watch features. I will write a separate rant about that entire disaster, but let me lead with this rant that’s a little more critical. Let’s explore.

Apple’s iCloud

What is this thing? It’s a way to store settings and various data in Apple’s network cloud storage. This seems like a great idea until you realize what Apple keeps ganging up into this storage area. Then, you might actually think twice about using this feature.

While you might realize that Apple iCloud service will backup your photos and other data stored on your iPhone, it also stores other things you might not realize, like your WiFi network passwords, your Safari logins and passwords and various other sensitive data. What that means is that if Apple’s iCloud is ever compromised, your passwords could be completely captured by a hacker. Depending on whether Apple has stored this data encrypted strongly or not (probably not), you may end up having to change every password you have ever typed and stored on your iPhone.

Now, while that is a security problem, that’s not the problem that this article is intended to address. Let’s continue.

Apple Geniuses Are Anything But

I was recently talking to an AppleCare staffer who, when trying to solve my T-Mobile problem, requested that I wipe my network settings on my iPhone. I explicitly asked this staffer if it would also wipe my iCloud passwords. She, of anyone on this planet, should have known the answer to this question working for Apple. Unfortunately, I have very quickly learned that Apple is now hiring the lowest grunts of the grunts who simply don’t give a shit nor do they even understand the technology they are hawking. Apple, train your staff. Which leads to …

Never, Ever EVER wipe your network settings on any iOS iCloud device

No matter how much anyone begs or pleads you to do this, tell them, “NO”. And, if anyone ever tries to do this to one of your devices sharing a single iCloud login, you need to grab the device back from them PRONTO and stop them.

The answer to my question I asked Apple is that wiping network settings on your phone does, in fact, indeed wipe all of your network settings in iCloud! Why is this important? If you have multiple devices sharing your iCloud ID and settings, after wiping a single device, all of your WiFi passwords are also wiped for ALL other iCloud devices. This means that every single iCloud device suddenly and explicitly drops its WiFi connection.

This also means you will need to go back to each device and manually re-type your WiFi password into each and every device. This is the only way for the device to log back into iCloud and relearn all of its knowledge of all newly recreated settings.

This is an absolute PAIN IN THE ASS, Apple! So, if anyone ever asks you to wipe your network settings on your iPhone or iPad participating in iCloud, don’t do it! Note that even signing out of iCloud and wiping may cause the same problem once you log it back in. So, I wouldn’t even try this knowing Apple’s crappy network designs. Simply tell the person asking, “Not only no, but hell no” and have them figure out another way to resolve whatever the problem is.

So, there you have it.

Tagged with: , , , , ,

leave a comment

Pulse Club Shooting and Reopening

Posted in botch, business, entertainment by commorancy on June 18, 2016

As we all know by now (and if you haven’t, you’re probably living under a rock), the Pulse Club was a primarily gay dance night spot located in Orlando, Florida. Unfortunately, as a deadly shooting unfolded, it has now become the unwitting site of the worst mass shooting in the US so far. Should it reopen? Let’s explore.

Shooting Aftermath

After that 3 hour massacre ended in the death of the shooter, this situation now leaves more questions than answers, especially for the victim’s families and those who were injured. In fact, my heart goes out to each and every one of the victim’s families. Those people who had gathered at that club that night arrived to have fun, drink and dance. Many had done so on many previous nights. Nothing wrong in that.

Unfortunately, the shooter had other plans. He entered this night club with the intent of taking lives. After 3 hours of standoff with law enforcement, the situation ended with the death of the shooter, but not before 49 people were dead and 53 others were injured and sent to hospitals. Let’s not forget about those who were not injured, but who were there witnessing this horrific event unfold. These victims may not have physical injuries, but they now have emotional injuries that may take decades and therapy to resolve. Survivor’s guilt is a real thing. A horrible situation for any business owner to contemplate.

Club Reopening?

The manager of the club, Barbara Poma, is trying to salvage this situation with her business and has vowed to reopen this night club. Unfortunately, the Pulse Club has now become a victim in its own right with a massive stigma attached: the massacre and all of those brutal deaths. This situation never spells a good end to any business. Barbara, if you are in fact reading this, I’d strongly suggest not reopening this club at that location. However, before considering reopening, you should most definitely wait (see below). There are a number of reasons why it shouldn’t reopen in its current form:

  1. Macabre thrill seeker tourists. Your club has now (and will for a very long time) become an unwitting tourist destination for those seeking a brush with the macabre. Yes, your club will now have people seeking to stop by and talk about the massacre, the deaths, the victims with anyone who will talk about it including to your customers, your staff and you. This will eventually become distracting and annoying to your customers who are there just to party. It will drive your existing customer base away. This will not be forgotten quickly or easily.
  2. Ghost hunters. Because of the 49 deaths in your club, inevitably someone will claim they have seen or heard the ghost of one of those who died on your premise. I’m not here to argue the merit of that type of claim, but I will state that your club will become a destination for ghost hunters looking for ghosts. Again, this will be to the distraction of your paying visitors simply there to have a good time. It will also become a distraction for your bartenders and other staff. This will also drive your existing customer base away.
  3. Regulars will shy away. For those who were regulars to your club and who were there that night, they won’t be back. Your club is forever tainted as that club that had a mass shooting and now holds that stigma high and wide like a badge of honor, except there’s no honor in that. For anyone who was there that night, the memory is just too painful and few will be back to avoid reliving that memory, especially those who were trapped in there for hours.
  4. Tainted by death. The Pulse Club brand has now become the unwitting poster child for mass shootings. What I’m about to write may seem a little crass, but you might as well re-theme your club to have heart monitors, hospital beds, and nurses running around if you want to move forward with this name. This is what people will forever link to this club’s name. People will not remember it for the fun party spot. It will now be remembered for the deaths and those living victims still in the hospital. If you don’t have any intent on capitalizing on this notoriety, you should change the name and move the club to another location.
  5. Because of at least number 4, you may find that your original customer type no longer visits your club. You may find that types 1-4 make up the vast majority of those who visit your club. They are not there to have a good time, they are there to take pictures, vlog, gawk, talk to your staff and generally be a nuisance to your club. It might even lead to confrontations that you and your staff might not want to deal with. You can never know the intent of a single person requesting access into your club.

What this basically says is if you reopen the club, your clientele will drastically shift from that happy-go-lucky dance place that it once was to that-place-that-had-a-mass-shooting. The above are not necessarily the reasons you want people at your club. The Pulse Club can never live its now-infamous past down. Even if you change the name of the club, paint it, redecorate it and refurnish it from top to bottom, that location won’t ever forget what happened.

Rebuilding the Pulse Club

The only way the Pulse Club can ever live again is by moving it to an entirely new location somewhere else in the city and rebranding it. You must abandon that building and let it become someone else’s problem and stigma to solve. What happened there is something that stays with that building, not with your business. If you want to get your business back the way that it was, you cannot reopen in that location. You must move your business to a new building. This is the only way to free yourself from the thrill seekers, from the macabre, from the ghost hunters and from those just morbidly curious. These people are not the reason why you opened your club and these are not the reasons you should want to continue with your club.

These are distractions that only serve to taint your establishment, chase off would-be new customers and cause your staff daily grief throwing random lookie-loos out. You need to ask yourself the hard question, is this really the reason you opened the Pulse Club?

Before you contemplate reopening the club, you need to let the legal dust settle. And, settle it will, I can guarantee that. Before making plans of spending money to renovate your club, you should reserve those funds for the upcoming legal battles that are about to ensue… and sue they will.

Lawsuits and the Future of Pulse

We haven’t seen the last of what is in store for this club. Just you wait. Some of the victims will file wrongful death suits at someone, anyone, for negligence. Where to start? The club’s owner. It’s as good a place as any.

Was the Pulse Club negligent in what happened? Well clearly, if the club’s staff had been properly enforcing at least metal detection or a pat down at the door, the guns might not have gotten into the building. Unfortunately, it now appears that this club was not enforcing any safety best practices when allowing patrons into the establishment. This could very much appear as negligent actions by the club’s owner. And, there are 53 living injured who can file lawsuits against this club. There are an additional 49 families who can also file lawsuits against this club. There are additional people like employees and those who suffered severe mental anguish at the horrific events that night who can also file lawsuits.

Unless the Pulse Club owner has engaged in specialty insurance in high amounts to cover such occurrences (probably not), she may find the Pulse Club out of business and her personal finances spent covering each and every one of those yet-to-be-filed lawsuits. It’s way too early for this club’s owner to be thinking about reopening the night club when the legal battles have barely even begun.

Clearly Barbara, as the club’s owner, you should wait out the legal battles before making plans to reopen this club. You may find that you can’t actually afford to reopen the club after the legal dust settles.

Victims

If you are a victim of this shooting, you should contemplate all of your legal options and you should do so quickly with your lawyer. If you are intent on filing a lawsuit, you should do it as fast as possible. The first to the table are usually the first to walk away with settlements. If you are one of the last, you might get nothing.

Was this club negligent by allowing a shooter with a Sig Sauer MCX rifle (every bit as deadly as an AK-47, just quieter) into this club? Clearly, the Pulse had very little in the way of security due diligence at the door. Is that considered negligent? Only a court can decide.

Tagged with: , , , , , ,

leave a comment

Yahoo: When recycling is not a good idea

Posted in botch, business, california, Yahoo by commorancy on July 17, 2013

Yahoo JailAfter Marissa Mayer’s team recently decimated Flickr with its new gaudy and garish interface and completely alienated professional photographers in the process, her team is now aiming its sights on a new, but unnecessary, problem: recycling of long expired user IDs. Yahoo had been collecting user IDs for years. That is, people sign up and use the account for a while, then let the account lapse without use for longer than 30 days.  Yahoo marks the ID as ‘abandoned’ (or similar) and then locks it out forever, until now. Some employee at Yahoo offered up the incredibly bad idea to recycle IDs. Unfortunately, this decision to recycle IDs may actually become the demise of Yahoo. Let’s explore.

Recyclables

I’m guessing that Yahoo has decided to make it look like it’s doing something good by recycling something, anything. That is, Yahoo is now letting people Wishlist long-closed user IDs that had been previously locked. Hurry, though, you only have until Aug 7, 2013 to wishlist that long forgotten ID. The trouble is, these old abandoned IDs are clearly second-hand goods. Let’s understand what exactly that means and why you really don’t want one (unless, of course, it was previously yours).

1) Obviously… Spam

Clearly, you aren’t asking for this old ID so you can jump onto that horrendous new Flickr interface or because you intend to read Yahoo News or OMG. The most obvious reason to want that ‘primo’ ID is for the email address. Unfortunately, you have no idea how that account was formerly used or what baggage might be associated with it! So, unfortunately, you will have no idea what exactly you’re getting into by re-using someone’s old ID. The person might have signed up for it just to divert tons of spam into it. Yes, this happens. That means, you could open the account and find it filled with spam in only 5-10 minutes, literally. Who’s to say someone wasn’t using it for illegal purposes and it was shut down for that purpose?

Yeah yeah.. Yahoo claims they will ‘unsubscribe’ the old ID from newsletters and so forth and these will have been ‘idle’ for at least 12 months (the first batch), but they’ve outlined no way in which they plan to accomplish this unsubscribe piece. Are they really going to hire a bunch of people to sit around clicking unsubscribe links and filling out unsubscribe forms?  I think not. It’s all song and dance with no substance. Not to mention unsubscribing legitimate email subscriptions only accounts for about half (or less) of the total email volume that ends up in an inbox.  So, don’t expect any miracles from Yahoo. If they can stop email, the best they can stop is about 40-50% at most.  All of the rest will still show up merely by you having signed into your ‘new’ account.

A new email header?

Oh yeah, Yahoo is also trying to rush through the IETF RFC process a new header called require-recipient-valid-since that takes a date as an argument.  This header basically requires marketers to know the exact acquisition date of every email address in their lists. Assuming email marketers know this date, which is a huge and incorrect assumption for Yahoo to make, when the email marketers send email containing this date, the email will supposedly end up in the correct account (or not) depending on the date.  Because of this date header, that could lead real email to go missing or spam to show up. Unfortunately, as I said, this is an incorrect assumption. Most email marketers barely know the source of their leads, let alone when they acquired it. No, this date thing simply won’t work. And even then, this header will only work with email marketers willing to follow the rules. Spammers that don’t care won’t bother.

Worse, Yahoo is planning on handing out these newly freed old accounts in mid-August. Like every email marketing firm will simply drop whatever business plans they currently have to retool their applications to support this rushed and nearly useless header. Is Yahoo really that asleep at the switch?

2) Fraud, Account and/or Identity Theft

If you happened to have owned one of these long abandoned accounts or you otherwise lost your Yahoo account long ago, you’ll want to be very careful here. You can be guaranteed that there are already people scouting for popular long dead accounts to resurrect and phish for accounts, theft and identities. These thieves know that banks and other legacy institutions keep email addresses on file until you explicitly change them. Even then, they can have issues even updating this information in their systems even when you do request the change.  So, someone who obtains a long dead account and then browses to Wells Fargo or Bank of America’s web site to request a password reset, they could abscond with your account credentials and your money assuming you still have (or ever had) any old Yahoo accounts hooked up to any financial accounts.

Yahoo claims to have ‘security’ mechanisms planned, but good luck with relying on that. I can’t even see that working. Granted, if banks fill in ‘require-recipient-valid-since’ with the appropriate acquisition date in every email they send, the banks can help prevent this issue (assuming the header works as expected).  But, that also assumes the bank has an email address acquisition date to fill in this header. That also assumes that the bank can even roll out this header change in the time allotted before Yahoo starts doling these old IDs out. The clock is ticking and Yahoo hasn’t even gotten the RFC completed.

Fraud and identity theft is a very likely outcome of recycling old Yahoo accounts. If you’re reading this article and you have ever used a now-long-closed Yahoo ID for email, I urge you to go through all of your important accounts and make sure you have deleted all references to your old Yahoo email address immediately! Otherwise, some random person could come to own your old ID and can then cycle through sites requesting password resets just to find what sites your old ID may have used.  This is the number one security threat that Yahoo can’t easily get around or easily address. Note, that a hacker who obtains an old ID only needs to get access to one of your accounts that will email your real plaintext password back to them and then they’ll work their way up to your bigger accounts.  This is one of the biggest reasons this is an incredibly bad idea from Yahoo.

I’d also suggest that for any accounts you do have (i.e., Facebook, Gmail, etc), make sure to add alternative email addresses other than your Yahoo address for password resets and other security related emails. If you can, remove all your Yahoo addresses outright even if they are live.  Use Gmail or Windows Live Mail instead (at least until they decide to go down this stupid ID recycling road).

3) Yahoo Mistakes

Ooops.. we didn’t actually intend to give away your live account. Sorry, ’bout that.

And then you’re stuck without an account. Yahoo is not publishing what accounts are under consideration specifically.  They only say that these ‘dead accounts’ have been idle longer than 12 months in the first batch. Thereafter, any account that has been not accessed for 30 days is up for reissue consideration. There is nothing to say that Yahoo won’t make a mistake and re-issue a live and active account to some random person wbo signed up on the Wishlist. I can easily see this becoming one of the biggest blunders that Yahoo makes in this process. Unless the Yahoo staff is incredibly careful with this process, it would be super easy to accidentally give some random schmo access to an active live Yahoo account by mistake.  For this reason alone, I’d consider closing out all of my Yahoo accounts except for one thing. They would recycle my account string name in 12 months (0r 30 days) and I’d be right back here in this situation again worrying about what of my other accounts were tied to this email address.

Basically, I can’t close my Yahoo account because it’s too great of a security risk.  If I leave it open, I risk Yahoo accidentally giving it away in this stupid ‘wishlist’ process.  It’s really a no-win situation. After Flickr, I have less and less trust in Yahoo and this is now leaving every Yahoo user in the lurch.  This basically means you can NEVER EVER close your active Yahoo account if you want to keep your other accounts secure.

4) Missing Email

Even if you do manage to get your hands on one of these ‘prized’ IDs, Yahoo claims to be putting technical measures into place to prevent security issues.  That could very well mean that for recycled accounts your mail delivery will be spotty, if it even works. Meaning, Yahoo may so heavily scrutinize emails heading to these recycled IDs that legitimate mail may simply never show up that’s been marked as ‘a security risk’.  So, for emails like password resets to accounts, you may find that these emails simply never show up at all.  Basically, anything that Yahoo’s email system construes as a security risk could simply just go missing. This is the most likely outcome of this recycling. Note that this problem could end up extending to every Yahoo account which could make Yahoo Mail a very problematic place for any email purposes.

Excess Baggage?

If after reading the above, you are still considering an ‘old used account’, I really can’t understand why. Taking on someone else’s old email and Yahoo baggage isn’t something I’d want to deal with (are they going to be sure to clear off all old comments and Yahoo answers for this old ID?). So, someone pops up from years past not knowing that Yahoo ID has been reissued and then you get some old boyfriend email, or someone who hated the previous owner of that ID.  Then what? So, then you’ll be left with a mess to clean up. Why would you want to deal with this excess baggage when you can get a new account that’s never been issued and not have to deal with this problem at all? However, knowing that any account you create at Yahoo would be recycled later, how could you rely on it for any kind of security?  You can’t.  So, I might suggest Gmail or Windows Live Mail (or any other free email service not recycling IDs) instead of Yahoo.

Alternatives?

Unfortunately, I don’t see any other alternatives with Yahoo at this point.  This is an incredibly stupid decision from Yahoo. I have no idea what the folks at Yahoo are even thinking. It’s not like a telephone number. You give that up and no one thinks twice that someone could use that old phone number nefariously.  Unfortunately, nearly every site now uses email addresses to know if you ‘own’ your accounts. So, password resets, pin codes, and all manner of secure information traverses through email addresses.

One thing that Yahoo may inadvertently cause from this change is for Banks and other financial institutions to rethink how they validate a user’s identity. Clearly with this change, email addresses can no longer be trusted as secure or even know that it’s owned by only one person.  This throws security surrounding email addresses into complete turmoil for any site that uses email addresses as validation.

Based on the previous paragraph, sites may start preventing use of @yahoo.com email addresses for their services. Knowing that you could lose your Yahoo account and then have it turned over to someone else 30 days later could easily lead to site compromises. To simply avoid this situation entirely, sites that rely on security may simply stop letting @yahoo.com email addresses sign up for service. So, one of the biggest benefits of using Yahoo Mail will end. I’d expect a mass exodus to Gmail or Windows Live Mail after the dust settles here. In fact, this decision may kill Yahoo Mail as any kind of a real email service. Does Marissa have any idea what the hell she’s doing?  If I were on the Yahoo board, I’d be seriously considering right about now of ousting this one.

If I were in a position at Yahoo to make this decision, I would have killed this idea before I’d ever left the conference room. That Yahoo is even contemplating making this move at this time is completely questionable. Let’s just hope that when someone’s account is compromised and/or has identity theft as a direct result of this bad Yahoo decision, that someone will sue the pants off of Yahoo.  That will at least teach other ISPs that this is not, in any way, an acceptable practice.

Risky Business

This decision has disaster written all over it. This is also a huge liability risk for Yahoo. Yes, Yahoo may have written in their Terms and Conditions that they have the right to reissue account names.  But, since they hadn’t been doing this from the beginning and they’re now choosing to do this without proper preparations, this is a huge legal risk.  It only takes a handful of users who’s accounts get compromised or who’s identities get stolen as a result of Yahoo’s new policy that this will end in courtroom dates. I can’t even fathom what benefit Yahoo derives from reissuing old IDs, but I can definitely see huge legal liabilities and black clouds looming over this now floundering company. In fact, the liabilities so outweigh the potential benefits to Yahoo, I have to completely question the purpose of this decision.  Let’s hope Yahoo is all lawyered up as I can see the court dates piling up from this very very bad decision.

Tagged with: , ,

leave a comment