Category Archives: Security

“The way it should be everywhere”: Catasauqua Ride-share Anti-racism

Anti-racism is a very real thing. It’s an important aspect of living a healthy life, like exercising regularly and eating healthy. Perhaps most interesting today is whether “driverless” cars (artificial intelligence) will be anti-racist.

Here’s a perfect example reported in The Morning Call, when a ride-share driver asks people to stop treating him like a hero for just doing the right thing.

“I appreciate it, truly,” he wrote. “But this is the way it should be everywhere, every time. I shouldn’t be “the guy” who did it or said it… we should all be that person. Speak up if you’re uncomfortable with [racism] because it makes [racists] uncomfortable, as they should be.”

The ride-share driver was called a “f—- n-lover” and threatened with physical violence after he objected to blatant racism from two passengers trying to hire him in Catasauqua, Pennsylvania, as the Philly Voice recalls.

“Oh, you’re like, a white guy,” the woman said.

“What’s that?” Bode said.

“Are you … are you … a white guy?” the woman replied.

“Excuse me?” Bode answered, shocked by the question.

“You’re like, a normal guy — like, you speak English?” the woman said, then apologized and patted Bode on the shoulder.

“No, you can get out of the car,” Bode said. “I’m going to cancel the ride. That’s inappropriate. It’s completely inappropriate. If somebody was not white sitting in this seat, what would be the difference?”

“Are you serious?” the woman asked.

At that point in the video, Bode began explaining to another man, just outside the car, what had happened and why he was canceling the ride. Bode informed the man and woman that the conversation was being captured on video.

“You’re a f***ing asshole. You’re a piece of s***,” the man said. “I should punch you in the f***ing face.”

“You’re going to threaten me? Assault?” Bode said. “You guys are racist f***s.”

“And you’re a f***ing asshole,” the man said. “F***ing N***** lover.”

Source: Philly Voice

The small town of Catasauqua (north of Allentown, population 6,509 and 90% white) has confirmed the woman in the video is Jackie Harford — owner of Fossil’s Last Stand at 429 Race St — and her companion is her boyfriend.

Source: Google Maps

The town’s sad history is that takes its name from the Lenape Native Americans who were then forcibly removed under the genocidal policies of President Andrew Jackson, so the land could be exploited in massive wealth generation schemes.

…by the early 1900s, Catasauqua had the highest concentration of millionaires per capita of any community in the nation.

The history of naming “Race St” is unclear but after this event perhaps it should be renamed Anti-Racism Street? Driverless cars need to be instructed clearly to continue this one man’s noble stand against local traditions of racism.

International condemnation has included the business page on Yelp being inundated with attempts at anti-racist imagery and commentary.

Are masks required or do customers need to bring their own white hood?

Source: Yelp

.

Is “hacking from home” the new air force dropping bombs?

A group called the Disposable Heroes of Hiphoprisy wrote in their 1992 song The Winter Of The Long Hot Summer a rather scathing rhyme about how an air force plays into industrial “proxy” war:

The pilots said their bombs lit Baghdad
Like a Christmas tree
It was the Christian thing to do you see
They didn’t mention any casualties
No distinction between the real
And the proxy
Only football analogies
We saw the bomb hole
We watched the Super Bowl

If bombing from the sky was the proxy violence of the industrial revolution, shouldn’t we look at hacking from home as the logical next evolution of conflict for the information age? Sure beats trying to engineer smart bombs to make the difficult leap into intelligence.

The Washington Post has profiled one such group calling itself partisans. It was formed in late 2020 and has grown to 30 civilians allegedly in Belarus.

…Cyber Partisans are more akin to a digital resistance movement than a “cyber proxy” like the Ukrainian government-backed “IT Army.” The group does not appear to be acting as an intermediary for another government’s interests, and has a history of independent operations against the government of Belarus. With an extensive online presence, the Cyber Partisans also differ from other nongovernmental hacking efforts supporting the Ukrainian resistance during the war, such as Anonymous or Squad303. Though many Cyber Partisan claims remain unverifiable, the available evidence suggests that this is a small group of closely linked individuals with a strong connection to Belarus. […] “Thousands of Russian troops didn’t receive food, didn’t receive fuel, and didn’t receive equipment on time,” noted Franak Viacorka, spokesman for Belarus’ opposition leader.

Denial of service, which led to denial of service, seems a lot like bombing infrastructure like fields to stop production and distribution even though it’s far less destructive.

Speaking of government-backed action, there’s an interesting note about Russian “militarism” in another article.

…the third month of war finds Russia, not the United States, struggling under an unprecedented hacking wave that entwines government activity, political voluntarism and criminal action. Digital assailants have plundered the country’s personal financial data, defaced websites and handed decades of government emails to anti-secrecy activists abroad. One recent survey showed more passwords and other sensitive data from Russia were dumped onto the open Web in March than information from any other country. The published documents include a cache from a regional office of media regulator Roskomnadzor that revealed the topics its analysts were most concerned about on social media — including antimilitarism…

To be fair the United States is not officially at war, so it makes for an illogical target unless being brazenly drawn in (e.g. Pearl Harbor, which technically would be a destructive kinetic attack not cyber). Russia, however, made itself into such an ugly militant aggressor it’s obvious why it became such a very large target of hacking.

The fact that Russia centers its social media strategy on stopping antimilitarism says a lot. Their incompetence at militarism is impossible to ignore, attracting all forms of resistance. They clearly are losing on every front but most notably hackers around the world easily slice and dice their way through a creaky old and corrupt dictatorship.

All that being said, the NSA says it doesn’t like competition.

“I will tell you that the idea of the civil vigilantes joining in a nation-state attack is unwise, right? I really think it is,” the NSA’s Rob Joyce said May 4 at a Vanderbilt University security summit. “As you pointed out, it’s illegal. But it’s also unhelpful, because one of the things we talked about is we’re trying to get Russia to take account for the ransomware attacks and hacks that come out of Russia and emanate.”

Here we go.

First, just being illegal isn’t the high bar some people want it to be. Laws change because sometimes they’re bad laws. In fact, the act of doing something and showing the logic of it can be the impetus to make it legal.

Second, whataboutism is a logical fallacy even in reverse. The world can still get Russia to account for hacks even if the rest of the world engaged in hacks. It’s also a nuanced question of power balance and authorization, such as saying the police can drive a speeding car to arrest someone for driving a speeding car.

Let me just go even further on this point and say Joyce is the NSA, and NOT the State Department, yet for some reason he tries to jump ship.

“This certainly isn’t going to make the State Department discussions with Russia of ‘you need to hold your people accountable’ any easier,” Joyce said Wednesday.

Thank you for your concern, yet it may be entirely misplaced. Joyce may as well be arguing “we shouldn’t advance nuclear weapons because it isn’t going to make discussions with Russia about nuclear weapons any easier.”

Nonsense.

And it only gets worse in that article when a certain CEO adds his voice to Joyce’s.

Kevin Mandia, CEO of American cybersecurity firm Mandiant, at the same summit said random individuals swaying relationships between countries and dictating foreign policy could be dangerous. “You can’t have the private sector influencing the doctrine between nations,” he said. “You don’t have us fighting on air, land and sea without being deputized or part of a force and with an agenda and a mission plan.”

That seems quite the opposite of a narrative he tried to spin back in October 2021.

The CEO of US cybersecurity firm Mandiant said today that he believes the next big advancement in cybersecurity will be the ability of governments and private companies to work together in a “coordinated national and global response” to incidents — not unlike how he said his firm worked with the government in response to the SolarWinds hack. […] Speaking at the Mandiant 2021 Cyber Defense Summit, the executive disclosed for the first time that he called the NSA right before Thanksgiving last year…

To put it together, Mandia is warning you can’t have the private sector influencing doctrine between nations, right after he boasted about jumping on the phone with the government to tell them he’s already engaged in a fight with another nation… as a civilian.

If Mandia is not an example of a random individual swaying relationships and influencing policy doctrine I don’t know what is. His company was founded on the idea that a government could use a proxy in the private sector to do security work of government, right?

I will never forget officials in the U.S. government telling me how legislation was written very specifically to release millions of dollars to Kevin Mandia, who hired former government staff if you see what I’m saying about why he/they don’t want “random” people competing with them in the market.

Mandia and the NSA sound like they’re heavily invested in what Eisenhower warned us to avoid — a Military-Industrial-Congressional Complex — if we’re interested in achieving cyber peace.

Perhaps the most telling aspect of the debate of who should hack and from where is this anecdote:

The IT army is reminiscent of volunteers who physically traveled to Ukraine and took up arms, despite enormous risks and warnings from officials. But hacking from home — or at least not from the bombarded and besieged locales of Ukraine — offers a sense of safety the frontlines do not.

Sniper rifles offer sense of safety. Airplanes offers sense of safety. Artillery (e.g. the longbow) offers sense of safety. Drones offer a sense of safety… the list of low risk high impact conflict models goes on and on. The question shouldn’t be how unsafe is the hacker at home, but how different is it from any other celebrated advance in battlefield technology.

One gets the sense that the NSA and Mandia as a proxy see themselves as vaulted innovators that somehow are distinct and unique, without really understanding that they’re focused on the wrong metrics.

Invention is easily overrated, and implementation is often underrated.

Hacking from home seems as logical for an implementation as shooting arrows from the woods was in the 1400s (before defensive hardened steel was deployed), let alone planes dropping bombs.

In any case I’d like to see far more feel-good reporting about hackers at home. I mean it seems only fair considering how other civilian volunteers are being depicted.

For about a month now, U.S. Marine veteran Sean Schofield has been sending dispatches back to Cullman, Alabama, from a place few would volunteer to go.

Since late March, he’s been one of more than 6,000 foreign volunteers from the U.S., Australia, the UK and other western countries who’ve left their civilian lives behind and traveled to Ukraine, aiding military personnel and civilian supporters in mounting a sovereign defense against Russian invasion.

It’s like if you can run a fast 100 meter dash through a hail of bullets you’re some kind of hometown hero, but if you can type a few commands on a keyboard to stop those bullets you’re an anti-social vigilante.

Small Talk and Small Arms Winning Ukraine War

Russia clearly miscalculated. It thought heavy armor and heavy handed propaganda (e.g. saying Ukraine doesn’t even exist) was some kind of abuse-based recipe for easy dictatorship.

It’s displaying the importance of learning the ages-old lessons of small talk and small arms.

First, consider small talk theory.

…everyone can forge mind-to-mind connections through creative, lesser-known small talk strategies and techniques from the field of linguistics to create more meaningful “small talk” that leads to rewarding “big talk.” Approach small talk by forging a mind-to-mind connection with stories that:

  • Bond you with others over a professional, social, or personal cause (pinpoint a shared value such as empathy, integrity, and honesty and then build a story around it).
  • Illustrate a skill, method, or process important for personal growth (stories make things easier to remember just as with Isaac Newton and the apple).
  • Highlight how to overcome a shared challenge (think of powerful decision-making moments in your life that have the potential to inspire your counterpart to make similar decisions in their lives).

Second, I’ve written before about a history of small arms economics.

Wealth Makes People Less Generous

Does anyone still believe the odd mythology of Ronald Reagan’s racist “trickle” economics? The latest science of behavior has been the more you earn the less you give.

…wealth and happiness are not positively correlated, according to the Harvard Business Review. One reason, for instance, is that wealth appears to make people less generous. In a study by researchers at the University of California, Berkeley, participants playing a game of Monopoly grew progressively meaner as their wealth grew, by talking down to their poorer competitors and assuming more dominant positions. Most egregiously, they also consumed a larger portion of a bowl of pretzels meant to be shared equally. Similarly, another study found that when participants were given $10 and told they could contribute some or all of it to another person, the wealthier subjects contributed about 44% less. In the real world, researchers have discovered that rich people give proportionally less of their income to philanthropic causes.

An obvious way people are made happier is when they have the trust to build connections and be more social (even misery enjoys company).

That nugget of wisdom is perhaps why it’s important to flag when a small group of people attempt to get rich by building deceptive and isolating social platforms. The Germans had a specific phrase for a small group promising freedom to others while locking them up instead: “Arbeit Macht Frei”.

Abuse of trust via digital platforms is akin to people attempting to grab power by fomenting a coup as a social exercise, as I’ve presented and written about here for at least a decade now.

Think about someone completely isolated, angry and miserable (due to wealth accumulation) using high-speed unregulated technology communications with others by convincing them to join a political movement to destroy the government. It’s like discussing a suicide cult, as they would be destroying the very thing that enables them to be happy in the first place (the stability to start and join a political movement).

“Giving” is said to be another route to happiness, but as I’ve written here before it doesn’t necessarily absolve a person of unethical enrichment schemes. Therefore…

While trusted social networks are the route to being happy, wealth feeds isolationism.

While trusted social networks can enable generosity and giving, an even bigger route to being happy, wealth feeds selfishness.

The selfish isolationism of wealth also has persistence over generations. For example the KKK platform of “America First” has manifested through American history as an implicit caste system of wealth generation, as described by the Journal of the National Archives in 1977.

The richest one percent owned forty-four percent of Milwaukee’s wealth and the poorest one-third owned nothing, while in Wisconsin as a whole almost one-half the adult males owned no property whatever… [due to] ‘extreme inequality in the distribution of wealth in 1860.'”

The Civil War started by the South was to build wealth by destroying social networks (a slaveocracy cruelly ripping apart families and friends) and being so selfish as to give nothing to society (an implicit caste system, such as tipping culture).

Is it any wonder Ronald Reagan’s racist “trickle” platform of wealth accumulation was so dangerously popular in the South where he started his presidential campaign.

The campaign tones of 1980 have been decidedly shrill. And today, Carter continued to perform in that voice. Referring to previous Reagan campaign comments, the president said: “You’ve seen in this campaign the stirrings of hate and the rebirth of code words like ‘states’ rights’ in a speech in Mississippi; in a campaign reference to the Ku Klux Klan relating to the South. That is a message that creates a cloud on the political horizon. Hatred has no place in this country.” In a recent appearance at the Nashoba County Fair in Mississippi — the country where three white civil rights workers from the North were murdered in the 1960s — Reagan indeed said he favored “states’ rights.” The phrase was a code word for resistance to desegregation in the 1960s.

Carter was right. Reagan employed racist code words to promote isolationism and selfishness where only white men rule — an unhappy “America First” slaveocracy. Does anyone still think highly of Reagan? It’s like asking who on earth likes General Lee.

Coming back to today, the NYT latest opinion piece again warns that “The Rich Are Not Who We Think They Are“.

Tesla Safety Negligence Finally Goes to Court: “Sore Thumb” of American Roads

Quality of Tesla vehicles has been notoriously bad for years, and has been trending worse, which should be little surprise given how poorly it treats human life (from its workers and its customers to anyone in or around their product).

Now top experts in automobile safety, who finally are getting some attention, aren’t mincing words about the sad danger a Tesla poses to everyone on the road.

“Tesla sticks out like a sore thumb,” said David Friedman, who was deputy and acting administrator of NHTSA from 2013 to 2015. “And it has for years.” [Heidi King, a deputy and acting administrator of NHTSA during the Trump administration added] “I really dislike a lot of what Tesla has done, and at the top of the list in bright, bold letters, is Elon Musk’s habit of making false public claims… visionary exaggerations about a consumer product can be very, very dangerous.”

Liar, liar Elon Musk’s customers are literally dying in fires.

One of the reasons Musk has become an obvious “sore thumb” of safety is explained by his bully mindset of doing harm: to do wrongs until someone can afford to stop him in court.

“In the US, things are legal by default,” Musk said.

A public automobile company showing intent to commit crimes unless someone can catch them is the worst possible CEO statement.

“Things” are not simply legal by default.

To put it another way, in the US cannibalism is legal by default. So is Elon Musk’s next business idea going to be grinding the rising number of his dead customers into hamburger? Something technically legal DOES NOT mean you won’t be convicted of a related crime.

“We essentially have the Wild West on our roads right now,” Jennifer Homendy, the chair of the NTSB, said in an interview. She describes Tesla’s deployment of features marketed as Autopilot and Full Self-Driving as artificial-intelligence experiments using untrained operators of 5,000-pound vehicles. “It is a disaster waiting to happen.”

The Wild West killed a LOT of innocent people, especially because of men like Stanford when you think about it. I mean Silas Soule was a very notable exception who became more like the American rule but only much later.

But I digress. Tesla is not a disaster just waiting, it already happened!

Let’s play spot the disaster. Here are the death rate stats for electric cars.

Source: tesladeaths.com

I warned very loudly about the disaster we are now in for at least six years prior. My 2016 keynote presentation about Tesla death at BSidesLV was literally called “Great Disasters of Machine Learning“.

Elon Musk long ago signaled disaster as his business model and I saw it right away after the first road death was reported April 2, 2013.

Tesla was leaving Laguna Beach and veered into oncoming traffic

Veering across lines into oncoming traffic is not “legal by default” yet it seems that Tesla must believe it to be a profitable business model for America, given their vehicles have become notorious for doing exactly that.

April 8, 2022 (nearly TEN YEARS later) we see repetitive failures in safety.

Little remains of a Tesla and its driver in 2022 after it veered yet again into oncoming traffic

Things may change, however, given that a court is finally going to help Tesla owners see just how many unsafe “things are legal by default”.

A US federal judge’s ruling paves the way for a trial in July, the first time Tesla will face a jury in litigation over a car crash. The electric car-maker faces a flurry of lawsuits over a spate of accidents… Barrett Riley, 18, was at the wheel of his father’s Model S when he lost control and veered into a concrete wall of a house in Fort Lauderdale. The car was engulfed in flames. Riley and his friend in the passenger seat were both killed. The father, James Riley, alleged in a lawsuit that Tesla was negligent for removing a speed-limiting device from the car after his wife had asked for it to be installed. The after-market device was designed to cap the car’s speed at 85mph. The family also argued that Barrett could have survived the impact of the crash but lost his life because of the intense fire, which the suit attributes to a defective design in the battery.

Defaults give an interesting framing for this court case.

Why was the default top speed so far above any legal limit? The family tried to set a safe mode by requesting Tesla enable their built-in speed limiter (“loaner” mode with an 85 mph max). Allegedly Tesla later removed the setting to override parents’ explicit request, which led directly to the predictable death of their child.

Tesla’s argument for why they intentionally disobeyed parents was… because they could. A toddler-level mentality of safety, if not a conspiratorial one. When parties A and B come to a service provider with conflicting requests, Tesla very clearly took sides: serving the (reckless abandon) one and not the (safer, wiser, legal) other.

Two footnotes also may be worth adding.

First, this Tesla also operated with two un-repaired recalls at the time of its crash; unrelated to the cause of death yet it still gives evidence of Tesla being not on top of safety.

Second, the car continuously re-ignited into fire. It was on fire when police arrived. It then caught on fire again when it was put on a tow truck. It then caught on fire again when it was put on a second tow truck. And it then caught on fire again when it was unloaded from the second tow truck. That’s significantly worserush to market” thinking than even the Pinto disaster.

The lawsuits brought by injured people and their survivors uncovered how the company rushed the Pinto through production and onto the market. […] Ford officials decided to manufacture the car even though Ford owned the patent on a much safer gas tank. Did anyone go to Mr. Iacocca and tell him the gas tank was unsafe? “Hell no,” replied an engineer who worked on the Pinto. “That person would have been fired. Safety wasn’t a popular subject around Ford in those days. With Lee it was taboo.” As Lee Iacocca was then fond of saying, “Safety doesn’t sell.”

Does anyone really want to buy a sore thumb?