Global Cyber-warfare in process

This latest report, Vast Spy System Loots Computers in 103 Countries, from the NYT, provides an update on the progress of the next world war: a war that will focus on information.

Note that the information targeted includes email communications: the researchers documented systematic searching and pilfering of email contents. Note that the use of the stolen communications are applied to counteract other information or shape decision-making of allies or enemies.

Consider this:

“… after an e-mail invitation was sent by the Dalai Lama’s office to a foreign diplomat, the Chinese government made a call to the diplomat discouraging a visit. And a woman working for a group making Internet contacts between Tibetan exiles and Chinese citizens was stopped by Chinese intelligence officers on her way back to Tibet, shown transcripts of her online conversations and warned to stop her political activities.” [NYT, same article noted above]

It is interesting to see that the reporter and several persons quoted in the article, noting that this particular operation apparently originated in China, “cautioned against concluding that China’s government was involved.”

Who is kidding whom, here?

Is Google becoming the virtual Borg?

I perceive a growing resemblance between the Google franchise and that intriguing construct of the Star Trek TV and film archive, the BORG.

You know the Borg, the group of cyborgs (or entities with natural and machine originated features and components) originally introduced in the Star Trek TV series. Now commonly used as a metaphor for any large group or organization that dominates its environment and appears impervious to change, negotiation, or destruction.

A primary process of the Borg is its absorption, or assimilation, of any potentially valuable attribute or feature found in other creatures into its collective assets. The source creatures are also added to the Borg and enhanced with attributes and capabilities acquired from others; thus, the assimilated creatures become part of the collective and are controlled and directed for the good of the whole.

A significant focus of the Borg is the use of information technology to support real-time communications and data processing as it sucks up data from the environments of its millions of drone creatures and sensors and, conversely, communicates instructions and directions back to them; this process of collective intelligence enables the parts to act as a coordinated whole.

John Markoff’s article ( 29-Nov-2008 ) in The New York Times online, “You’re Leaving a Digital Trail. What About Privacy?” has distinct references to the growing use of information technologies that resemble a world of virtual Borgs, of which Google is the industry leader.  He notes that,

… a vast sea of digital information [is] being recorded by an ever thicker web of sensors, from phones to GPS units to the tags in office ID badges, that capture our movements and interactions. Coupled with information already gathered from sources like Web surfing and credit cards … [forms] the basis for an emerging field called collective intelligence. [italics are mine]

Markoff goes on to state:

“GOOGLE and its vast farm of more than a million search engine servers spread around the globe remain the best example of the power and wealth-building potential of collective intelligence.

Google recently developed a process that would identify flu outbreaks based on its data collections. Markoff’s article introduces an activist support organization called MobileActive which plans to utilize collective intelligence to direct individual activists to action in support of their causes. Will Google’s command of their hoard of data allow them to communicate and direct us drones to act as Google wants?  Can we trust Google to always act for the collective good? Is what is good for Google good for us?

Maine lobster market derailed by bank failures in Iceland

This is a true story: the Maine lobster industry is reeling from a collapse in demand, and subsequent collapse in the market prices, for the deep-sea crustacean.  While supplies are adequate, Canadian seafood processors, who usually grab a significant portion of each day’s catch, have stopped ordering and buying lobsters because their credit lines with Icelandic banks have been frozen (no North Atlantic pun intended).

The crisis in Maine is tied directly to the collapse of Icelandic banks which were key lenders to processors in Canada, according to Dane Somers, executive director of the Maine Lobster Promotion Council. Without ready credit from those banks, Canadian processors don’t have the cash to purchase lobster from Maine, Somers said. [Bangor Daily News]

Lobsters were at $4.99/lb at Augusta Seafood earlier this week.  Lobsters off the boat are barely fetching $2.0/lb at some ports. For the typical consumer, lobsters at $4.99/lb. is a tremendous difference from the $12-13 per pound rates earlier in the summer and should make lobster lovers rejoice.

However, lobstermen and women can’t make any money at these low prices.  Fewer and fewer boats will be departing for the lobster fisheries in the coming weeks; supplies will constrict quickly and prices will rise. The length of this crisis could determine how many lobster boats stay in the business.

Not entirely innocent, are we?

While government leaders debate a Wall St. bail-out and everyone else decries the greedy bankers, some of the basis of this “crisis” can be discovered by looking in the mirror: see Hanson’s article in RCP.

Financial meltdown: What to do now?

I like this article from NYT (Taking control of your financial risks) for advice on what people should be doing during the current financial market turmoil.

To summarize:

• if you are not close to retirement: you have to stay in the stock/bond markets; maintaining a high percentage of your retirement holdings in cash or near-cash (i.e., money-market fund accounts) is too risky …
• if you are close to retirement, you still need to keep your portfolio in stocks/bonds; if you are nervous about the future of capitalism or the markets near term performance, adjust your stock/bond – cash mix only slightly; don’t go whole hog into cash
• if you are in retirement, focus on controlling what you can: your spending habits. Cut down on those expenses in support of your kids or grandchildren; stop eating out; cut back on some of the luxuries of your retirement years (if you have any)

Hacking Palin’s email account

The news yesterday that VP candidate Palin’s email account at yahoo was hacked got my attention quickly.  I was curious not about the information that was obtained (it was mundane) or the target (who cares?) but how someone got the data.  How does someone hack into a major email service provider?

It took a little surfing and digging but I got a possible true summary of what happened from a michelle malkin blog post where she may have received a communication from the hacker.  To confirm this story, one needs to understand the yahoo.com methodology for password re-setting (of which I am unfamiliar).

The hacker obtained Palin’s email address and then attempted access to the account, via the password recovery routine,

after the password recovery was reenabled, it took seriously 45 mins on wikipedia and google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, and it only has 2 zip codes (thanks online postal service!)

the second was somewhat harder, the question was “where did you meet your spouse?” did some research, and apparently she had eloped with mister palin after college, if youll look on some of the screenshits that I took and other fellow anon have so graciously put on photobucket you will see the google search for “palin eloped” or some such in one of the tabs.

I found out later though more research that they met at high school, so I did variations of that, high, high school, eventually hit on “Wasilla high” I promptly changed the password to popcorn and took a cold shower…[michelle maklin post; see above]

So, the implication is this hacker used some relatively manual brute search techniques to get the answers to Palin’s challenge questions: what is your birthday? what is your zipcode? and where did you meet your spouse?

If this is how it was done, I would conclude that yahoo does not have a limitation on the number of tries for successful challenge question answers.  The ability to bang away with any number of answer combinations seems like a weak security feature. There is also a lesson for us all in how we select challenge questions and the answers.

An overview of the Wall St.meltdown – so far

I like this posting from the NYTimes Freakonomics blog empire (9/18/08): economists Diamond and Kashyap recap how we got to the sublimation of Bear Stearns, the nationalization of the mortgage enablers Freddie and Fannie, the decapitation of Lehman Bros., the take-out of Merrill Lynch, and the socialization of AIG.

It is short on who might be next, specifically, but it is becoming more clear that the people of the US, through the government-that-we-deserve, will end up paying for this.

E-mail address matters to spamsters

Here is a fascinating paper which seems to indicate that spam hits different email addresses at different rates; i.e., addresses starting with “a” will get more spam than addresses starting with “z”.  If you want to minimize your email account’s spam propensity, start your address with a number.

Tracking the terrorists

The NYT has a long article in the Saturday/Sunday on-line edition of 21-June allegedly detailing how U.S. agents captured Khalid Shaikh Mohammed and Abu Zubaydah, among others.  The article describes the torture vs. talking interrogation options and the information collection and analysis process leading to capturing these guys; while understanding that there are few revealed sources for the article, it is educational.  I am reminded how bin Laden was communicating regularly by cell phone (and being tracked by spy agencies) until he learned how this mode was an open book to the snoopers.

The sky is falling

The latest edition of a time-honored custom has been resurrected in Hawaii; check out a story on the Geneva (Switzerland) CERN new partical accelerator in the NY Times:
Asking a Judge to Save the World, and Maybe a Whole Lot More
where two guys

… contend that scientists at the European Center for Nuclear Research, or CERN, have played down the chances that the collider could produce, among other horrors, a tiny black hole, which, they say, could eat the Earth. Or it could spit out something called a “strangelet” that would convert our planet to a shrunken dense dead lump of something called “strange matter.”

and to think this story came before April-1.

I am thinking of researching the idea that we already have been swallowed by a strangelet and although it may not seem like a dense dead lump of matter below you, it sure seems like we are living among strange matter once you consider what shows up on TV.

Spitzer got SAR-ed

U.S. financial depository institutions, in particular, are required to file a CTR (Currency Transaction Report) for a $10,000 or more deposit or withdrawal of cash by any customer. To make it even more fun (information-processing-wise), institutions must monitor for separate cash transactions occurring at different tellers, branches, or any other separate location on any banking day. For example, someone depositing (or withdrawing) $4,000 in cash at three different branches (3 x $4,000 = $12,000) over the course of a day must get a CTR. Additionally, if any customer presents over $3,000 in cash for a money order or bank check (known specifically as monetary instruments), a CTR should be completed and sent to the US Treasury division called FINCEN (Financial Crimes Enforcement Network).

The CTR filing requirements are quite specific; a more subjective requirement puts the onus on financial institutions to generate a SAR (Suspicious Activity Report) whenever there is cash activity, even under the $10,000 per day guideline, that is suspicious. Suspicious cash activity could be a customer depositing $9,999 three days in a row; even a $9,000 withdrawal or deposit without explanation should get a SAR if there is no clear reason behind the activity (this requirement is quite subjective and forcing banks to question customers on their sources and uses of cash can get problematic, especially on the teller line). Besides making tellers and customers uncomfortable, filing SARs is also a pain in the ass for tellers. With this ambiguity in the information collection requirements and problems with the quality of data collection, larger banks augment their data processing for CTR requirements (aggregating cash activity across the enterprise per day) with significant data analysis and pattern-sniffing number crunching over extended time periods.

Read the rest of this entry »

The next bust

An NPR interview on Friday last discussed the meaning of $106/barrel oil on the spot commodities markets. The interviewee suggested that the actual market price based on supply/demand is around $80/barrel; he noted there was plenty of supply and the excess in the current market price is attributable to speculation in futures contracts by large mutual and pension funds desperate for higher returns during the current “credit crunch.” The excessive betting on the future of the price of oil in the face of adequate supply and not-so-desperate demand suggests falling spot prices; the only remaining question is who bets wrong and can they handle the losses?

I further note that it is ironic that many Americans decry the excessive profits of oil companies yet a significant part of their future income is based on investments betting on an increasing price of oil and profit growth from these same oil corporations.