Category Archives: Security

Ant Study Proves Social Network Pathogen-Trigger Response is Natural

The title is a mouthful, I know. If someone has a better suggestion I’m all ears. In the meantime, a new study reveals researchers have been busily infecting ants and tracking their response:

Social animals could potentially further reduce epidemic risk by altering their social networks in the presence of pathogens, yet there is currently no evidence for such pathogen-triggered responses. We tested this hypothesis experimentally in the ant Lasius niger using a combination of automated tracking, controlled pathogen exposure, transmission quantification, and temporally explicit simulations. Pathogen exposure induced behavioral changes in both exposed ants and their nestmates, which helped contain the disease by reinforcing key transmission-inhibitory properties of the colony’s contact network.

It’s an interesting point to bring up among managers in the U.S. who argue that workers should be commended for never, ever taking sick leave, or any leave for that matter.

The United States is one of the few industrialized countries without statutory national mandates for paid leave.

The Americans who deny sick leave not only create a national security risk, they also are taking an unnatural position. Fortunately lawmakers have been slowly working towards recognizing the security benefits of granting leave.

San Francisco first passed a law in 2007 granting one hour paid sick leave for every 30 hours worked. That concept has been adopted in five states, 26 cities, a county, and even Washington D.C…then New York City passed a paid sick leave law in 2013.

You never will guess what happened next:

It’s sick the way some health care providers are among the most egregious violators of the city’s paid sick leave law this year. Montefiore Medical Center was forced to pay $114,997…

Sad but true. The mounting fines were just evidence of how badly a law was needed to change some people’s opinions about sick leave.

In even more positive news, President Obama called in 2015 for seven paid sick leave days for all workers in America. His economic arguments were sound advice for improving security of the nation:

When 43 million private-sector workers are without any paid sick leave, too many workers are unable to take the time they need to recover from an illness. Many workers will go to work sick, putting their coworkers and customers at risk of illness. And even if workers have access to paid sick leave for themselves, they may not be able to use it to care for sick children. This forces many parents to choose between taking an unpaid day off work—losing much needed income and potentially threatening his or her job—and sending a child who should be home in bed to school.

Just as importantly, a body of research shows that offering paid sick days and paid family leave can benefit employers by reducing turnover and increasing productivity. Paid sick days would help reduce lost productivity due to the spread of illness in the workplace. And these policies can benefit our economy by fostering a more productive workforce.

Unfortunately his leadership wasn’t enough to overcome the unnatural desire of Congress to block sick leave. Some argued businesses are too weak to survive a law that helps them survive weakness. Yeah, Congress can be really dumb. That meant the issue, although gaining national leadership recognition, reverted back to local level where it repeatedly has proven itself a sound idea.

After evidence poured in (as many sanely predicted) that a sick leave law has no negative economic effects only positive ones, even New Jersey just adopted it statewide in 2018

New Jersey Governor Phil Murphy has signed into law the New Jersey Paid Sick Leave Act, which will provide eligible employees with paid leave for their own medical needs, those of a family member, or other covered reasons. The Act will take effect on October 29, 2018.

This is great news, and all the other states should follow suit if Congress is too weak to be able to get its thinking together at the federal level.

Tragic stories of pathogens in the news today only drive home the point of leave time improving everyone’s safety and productivity:

The number of sick people is increasing every day. Twenty-five people have been to the hospital for medical support. Staff serving the shelters have also been sick. The outbreak has been identified and confirmed by the Butte County public health laboratory to be the Norovirus which is highly contagious. Norovirus spreads through touching surfaces contaminated with the virus, close contact with someone who is infected, or eating contaminated food or drink.

[…] Please follow these recommended steps to prevent further spread: Stay home if there is any sign of illness…

America should do it because network pathogen-response is natural. I can only hope the next President proposes an Anti-pathogen National Trigger (ANT) Act to grant paid sick leave nation-wide. It would bring everyone together on a topic that naturally separates them.

Hyena Study Shows How Social Support Networks Give Females Dominance

The dispersal habits of the male hyena means the females are dominant, leveraging support networks more effectively:

A new study on wild spotted hyaenas shows that in this social carnivore, females dominate males because they can rely on greater social support than males, not because they are stronger or more competitive in any other individual attribute. The main reason for females having, on average, more social support than males is that males are more likely to disperse and that dispersal disrupts social bonds.

Some had tried to postulate that female hyenas had male attributes, which led to dominance. Yet the researchers explain quite clearly that is not the case:

“When two hyaenas squabble, the one that can rely on greater social support wins, irrespective of sex, body mass or aggressiveness,” explains Oliver Hoener, head of the Ngorongoro Hyena Project of the Leibniz-IZW. Differences in social support between two individuals correctly predicted who will be the dominant in almost all encounters and in all contexts — between natives and immigrants, members of the same and different clans, residents and intruders, and individuals of the same and opposite sex. Female dominance thus emerges from females being more likely to receive greater social support than males. “What is so fascinating is that it all works without any direct involvement of other hyaenas,” says Colin Vullioud, Hoener’s colleague at Leibniz-IZW and first author of the study. “In the end, it’s all about assertiveness and how confident a hyaena is of receiving support if needed.”

This perhaps is reflected in results of the most recent American elections. Women with social support networks won a lot of contests with a positive support platform:

There will be a record number of women in the 116th Congress, and 67 percent of Americans feel positive about that, including about 4 in 10 who are excited about it.

Whereas at the same time, the women who adopted the U.S. Regime Leader’s aggressive “I grab” platform of self-puffery and alienation did not fare as well:

The number of Republican women in the House will actually decrease next year…

Nissan Arrests Chairman

Japan has strict anti-authoritarian rules, as a relic of occupation by the US military after WWII. This has just manifested in corporate security, leading to an investigation and incarceration of Nissan’s Chairman

The chief executive revealed that a whistle-blower had passed information to Nissan’s auditors who then began a wider investigation. The evidence was then passed to Japan’s public prosecutor.

The story calls out anti-authoritarianism rules, very specifically

Facing the press alone, the chief executive added that he felt the mistake had come after allowing a concentration of power in one individual. Saikawa said the misconduct went on for “a long period” and it looked like Kelly had been allowed to take control of internal operations, as he had the direct backing of Ghosn.

I’ve written before about recent history and why Japanese resistance to authoritarianism is so interesting to study. A key turning point was the 1931 Mukden Incident, which allowed a small cabal to solidify control and foment war.

While it was clear Japanese militant leaders had used false-pretense to breach the post-WWI agreements on peace, nonaggression and disarmament they also faced little tangible resistance and they flatly refused to stand down.

Occupation of Manchuria by Japan soon expanded in threat; the stage was set for escalation into the Second Sino-Japanese War in 1937 and destabilization/expansion into the region, which eventually led to the bombing of Pearl Harbor in 1941.

Japan and Germany have essentially become time-capsules of US theories in anti-authoritarian thinking, due to the occupation and lessons forced upon them post-1945.

Meanwhile the US clearly has drifted away from the lessons it used to teach, letting the CSO of Facebook roam freely instead of going to jail after years of alleged acts of misconduct far worse than the Chairman of Nissan.

Just this week it was revealed on top of all the other breaches during the CSO tenure that Facebook engineers in 2018 were writing passwords to the URL and storing them, which is literally the worst possible management of security.

This is a rather jarring and basic security lapse for Instagram and Facebook, which hasn’t done much at all to prove to users it knows how to handle sensitive data. It certainly raises the question of other security practices…

Facebook’s CSO literally had no real security management experience other than a short attempt at Yahoo (also massively mis-mangaged and breached at record levels). He now arguably is the security industry’s face of executive fraud. How long before wanted posters go up for his arrest?

SEAL on Trial for War Crimes

The latest testimony against a US Navy SEAL, by his own team, includes this harrowing explanation of field risk management

…Gallagher [a veteran of eight deployments] repeatedly fired his weapons, even into crowds, during the platoon’s 2017 deployment.

But several SEALs relayed that the chief often missed, due in part to a poorly-maintained rifle, and they stopped short of telling Gallagher because he wasn’t striking his targets because they “thought it was one way to protect” the civilians

The SEAL chief now faces over a dozen criminal counts, including premeditated murder.

When Iraqi forces brought his team an alleged ISIS fighter for medical care in 2017, Gallagher supposedly stabbed the man to death, in front of medical team, and then posed for digital evidence to be recorded of his actions. The testimony also describes several other incidents including two where he allegedly killed civilians with his poorly-maintained rifle.

Google Exposed for Funding Pro-Slavery Candidates Calling for Lynchings

The Seth Meyers show does a pretty good job capturing the unapologetic racism of white supremacist candidates in America

A crucial bit of analysis is missing, however.

You might, like most rational people watching this video, wonder why someone saying “a public hanging, I’d be on the front row” (death penalty) suddenly can pivot to saying anti-abortion platitudes as their preferred defense against criticism. I mean on the one hand they’re saying lynchings are like their favorite spectator sport, while on the other hand they’re saying not a single life can be ended.

Isn’t this an obvious contradiction?

Alas, historic context explains the white supremacist perspective here, such as why they see no contradiction in carelessly taking lives while telling others lives can’t be taken under any circumstances.

Slavery was an industry of owning humans and birth was the means of production and enrichment for the slave owners. They did not give slaves any rights, let alone choices, when they demanded that children be born as quickly as possible without medical care, to the detriment and death of black women.

The historic white supremacist attitude towards maternity rights persists in America even to this day.

The ongoing maternal mortality crisis disproportionately affects black women, who the Centers for Disease Control and Prevention notes are three to four times more likely than white women to die from complications related to pregnancy.

Why is this happening? The medical field is seeking answers, but one of the most obvious solutions is ensuring black women’s access to quality, unbiased medical care.

And then these same owners of humans causing high rates of maternal mortality also claimed to reserve the right to kill humans indiscriminately, murdering whomever they wanted, and brag about their desire for front row seating in any lynchings. See the consistency in the dehumanization?

I’ve written about this before, and in particular how Abraham Lincoln described the situation in 1838 America:

Thus went on this process of hanging, from gamblers to negroes, from negroes to white citizens, and from these to strangers; till, dead men were seen literally dangling from the boughs of trees upon every road side; and in numbers almost sufficient, to rival the native Spanish moss of the country, as a drapery of the forest.

Turn, then, to that horror-striking scene at St. Louis. A single victim was only sacrificed there. His story is very short; and is, perhaps, the most highly tragic, of any thing of its length, that has ever been witnessed in real life. A mulatto man, by the name of McIntosh, was seized in the street, dragged to the suburbs of the city, chained to a tree, and actually burned to death; and all within a single hour from the time he had been a freeman, attending to his own business, and at peace with the world.

Such are the effects of mob law; and such are the scenes, becoming more and more frequent in this land so lately famed for love of law and order; and the stories of which, have even now grown too familiar, to attract any thing more, than an idle remark.

I hope that gives better context and some needed analysis for why the white supremacist candidate Hyde-Smith today is saying “a public hanging, I’d be on the front row”; bringing up lynchings in her campaign to prevent the first black senator to represent the state since the Reconstruction era.

The story gets worse, far worse, however. Several people have pointed out to me that very large silicon valley technology companies are funding these white supremacist platforms.

U.S. Senator Cindy Hyde-Smith (R-MS) was caught on tape “joking” about her willingness to attend a lynching at a campaign event in November. […] One corporation that apparently was unbothered by Hyde-Smith’s remarks: Google. On Tuesday, Google donated $5000 to Hyde-Smith’s campaign, according to documents filed with the FEC.

This is no joke. Google after a widely-discussed lynching statement threw campaign donations at a white supremacist candidate. One might be tempted to think this is a one-off, a strange coincidence. However, investigators already have pointed out that Google is funding an even more well known white supremacist candidate:

Google previously donated $10,000 to the Making America Prosperous PAC, the leadership PAC of Congressman Kevin Brady (R-TX). Making America Prosperous gave Congressman Steve King (R-IA) a cash infusion after other corporate donors abandoned him over his ties to white nationalism.

After other corporate donors had abandoned candidates with a white nationalism (Nazi) platform, and after a candidate made comments in favor of lynchings, Google apparently sent funds to help the white supremacists win.

Recently, as I met with many Chief Security Officers (CSO) to discuss cross-cloud security architectures, I heard several times from different leaders “do not mention Google in this room, they are not an option”. It seemed so harsh. And it came without detail, as If I already should know. I had to learn more, to find out what was driving the hard line eliminating the giant brand.

Turns out it is…ethics.

I had figred it related to the history of lying about privacy controls and failing to monitor staff abusing access to private data. That was bad, for sure, and Google hasn’t done the best job clearing their name. It also isn’t the sort of thing that writes off a brand entirely, as controls evolve and trust returns through operations monitoring.

However, that wasn’t the only issue. People sent me stories about Google choosing to fund campaigns despite widespread (easily searchable) condemnation. I mean Steve King…come on Google, why would you fund him? Even AT&T dumped that unrepentant racist. There seems to be a timing issue for a brand claiming to be the most up-to-date source of knowledge.

And it gets worse again. Google now has been caught in further controversy after an attempt to claim ignorance and make a “we do not condone” explanation for their contribution.

Google claimed it made the donation on Nov. 2—the same day Hyde-Smith made her comments. “This contribution was made on November 2nd before Senator Hyde-Smith’s remarks became public on November 11th,” Google representatives said. “While we support candidates who promote pro-growth policies for business and technology, we do not condone these remarks and would not have made such a contribution had we known about them.” If Google’s claim were true, that would mean the Hyde-Smith campaign filed a false report. It would also mean the campaign failed to report on time. Federal law requires than any donations made within 20 days of an election be reported within 48 hours.

“We do not condone” is not “we condemn”. Historians again are needed here, because context helps explain what’s really going on.

Mississippi had the highest rate of lynchings of African Americans, which of course was linked inexorably to economics.

Once black were given their freedom, many people felt that the freed blacks were getting away with too much freedom and felt they needed to be controlled. Mississippi had the highest lynchings from 1882-1968 with 581.

As you can see in the quoted writings of Lincoln above, citing mob law before the civil war, white supremacist candidates always have and always are positioning lynchings as “pro-growth policies for business and technology”. It is more plainly described here:

March 1892, a white mob lynched three black men — Thomas Moss, Will Stewart and Calvin McDowell — and left their mangled bodies in a field a mile north of downtown Memphis….their crime was their temerity. They dared to challenge white businessmen accustomed to having a monopoly on economic activity.

A Google inability to straightforwardly condemn such a statement about public hangings (see the redemption train video above), while further endorsing white nationalists as being pro-business and technology…should be more in the news. Or how did Lincoln put it?

…have even now grown too familiar, to attract any thing more, than an idle remark

At least I know a wide group of CSOs are monitoring the situation, as a function of deciding how and when to trust a cloud service provider that fails so hard at ethics.


Update Nov 26, 2018:

Google is unmentioned among the companies distancing themselves further from the white supremacist campaign

Jaz Brisack, the first female student at the University of Mississippi to receive the prestigious Rhodes scholarship, called Sen. Cindy Hyde-Smith (R-Miss.) a “white supremacist” in an interview with The Oxford Eagle on Sunday.

[…]

Groups including Major League Baseball, Walmart, AT&T, Leidos, Union Pacific and Boston Scientific have all asked for their donations to Hyde-Smith’s campaign to be returned.

Google does get a mention elsewhere, asking a day before the election that their contribution be returned.

Meanwhile in other news about this candidate:

Major Win for the Right to Repair Movement

Motherboard has details of the latest news, which has big implications for hacking and security

Librarian of Congress and US Copyright Office just proposed new rules that will give consumers and independent repair experts wide latitude to legally hack embedded software on their devices in order to repair or maintain them. This exemption to copyright law will apply to smartphones, tractors, cars, smart home appliances, and many other devices.

This goes directly to the heart of the matter with lawyers at companies like Apple, who convince engineering to penalize owners of technology who attempt to fix things they own

Apple has a built-in kill switch that can prevent new MacBook Pros from functioning if they have been repaired by anyone who is not authorized to do so by Apple.

As a former authorized Apple repairman, I totally disagree with Apple’s thinking here. And to be fair Apple is not the only one. Back in 2015 I wrote a few thoughts about what’s at stake

US Regime Leader Openly Calls for Military to Murder Foreign Civilians

You may recall earlier this year when the United Nations charged a U.S.-led coalition with humanitarian law violations, due to airstrikes on a school that killed 150 civilians.

Basically U.S.-led coalition forces were formally called out because they “failed to take proper precautions” before launch of airstrikes.

Families were known for years to be seeking shelter from harm in that school. While the military said it feared militants were present, it instead killed innocent civilians and then failed to produce any evidence of an actual threat.

Russia was accused of having a similarly careless policy as the U.S.-led coalition, murdering civilians indiscriminately:

Pinheiro, commenting on the Russian strike, said that under international humanitarian law, using certain weapons in civilian areas automatically amounts to the war crime of launching indiscriminate attacks because of the nature of the weapons used.

And three U.S.-led coalition strikes on a school near Raqqa in March 2017 killed 150 residents – roughly five times the toll acknowledged by the Pentagon, which said at the time that dozens of militants and not civilians were killed.

The U.N. investigators found no evidence that Islamic State fighters were at the school and said the U.S.-led coalition had violated international law by failing in its duty to protect displaced civilians known to be sheltered there since 2012.

The above tragedy and charges of humanitarian law violations now seems like foreshadowing. In today’s news the U.S. regime leader has called upon the military to begin firing indiscriminately into unarmed crowds of civilians:

…he wants the military to treat anyone doing that as if they are armed with a deadly weapon.

“When they throw rocks, consider it a rifle”

To be fair, this is an old talking point of extremist groups around the world who have long said whites only can survive if guns are used indiscriminately as a means to maintain white nationalist power over non-white civilians.

These extremist groups were upset recently when evidence collected about U.S. Border Patrol excessive use of force had led to reports showing that rocks and bottles rarely ever justify armed response.

Eight people have been killed by agents in rock throwing incidents since 2010, according to the ACLU. According the IG report, there were 185 rock assaults in the 2012 budget year, and agents responded with gunfire 12 percent of the time.

The studies were initiated, in part, because of cases like the Rojas death in 2013 when a large group of U.S. enforcement officers basically physically tortured a man in front of many witnesses, yet avoided any charges of wrongdoing. That case was settled last year with $1M paid to Rojas’ family due to Rojas’ inhumane treatment.

Naturally the outcome was “a government-commissioned internal review that recommended to end the practice of shooting people who throw rocks and bottles at agents”. And naturally the Border Patrol ignored the review.

That’s where politics as usual was sitting on a 12%-of-the-time issue that needed serious consideration. Only the white nationalists believed strongly in excessive use of force as a natural (god given, genetic) right. Others argued things like 12% meant they couldn’t rule out shooting in defense, or looked for ways to get the 12% number down to something else.

What seems to just have happened is the U.S. publicly declared gunfire should be used 100% of the time a civilian could be judged as hostile; 100% of the time that someone carrying something that looks like a rock or even just carrying a bottle, they should be targeted with lethal force.

Considering someone a target for a rifle when they carry anything that looks like a rock, is the language of…guess what? That is white nationalist policy.

It is a radical, extreme, abrupt change to U.S. policy to openly call for murdering foreign civilians. Nevermind the nuance of data/reports since Rojas’ death or the settlement, and the U.N. charges earlier this year. The latest news of the U.S. regime leader is that he is declaring himself a “nationalist” leader of the U.S. military who doesn’t care about indiscriminate civilian death.

“Trump’s ‘I’m a Nationalist’ comment will likely represent the biggest boon for white supremacist recruitment since the film Birth of a Nation glorified the Klan in 1915 and gained the KKK 4 million members by 1925,” tweeted reformed neo-Nazi Christian Picciolini.

What kind of nationalist wants to shoot unarmed civilians of foreign countries 100% of the time?

It’s fairly obvious the association, based on who has applauded loudest at his use of that term alongside extremist xenophobic doctrines

The effort to plant the seeds of white nationalism in the political mainstream, where they might blossom into pro-white political coalitions that appeal to a broader swath of Caucasian voters, will not be easy, according to the chairman of the American Nazi Party.

But Rocky Suhayda thinks there is one political figure who presents a “real opportunity” to lessen the load.

Who is it? Donald Trump

I mention all this mostly because it proves my earlier blog post true, that there is no way under the current regime that their brand new statement “US offensive cyberattacks will not target civilian infrastructure” can be true.

If a water treatment plant has rocks in or around it, or an energy plant is used to make bottles, what really prevents a “nationalist” leader from dictating cyberattacks commence regardless of humanitarian laws or logic?

This departure from logic is truly a dangerous turn away from what should be a carefully constructed decision-tree. Allowing someone to hold a rifle when they are told to see every rock as an imminent threat is a certain recipe for disaster.

It also has very important implications in terms of automation and big data technology such as driverless cars (urban missiles). Will the person working on an algorithm to control all the cars on the border of the U.S. identify anyone holding a bottle as an imminent threat to “nationalist” power?

Perhaps we also should consider how sending 7,000 soldiers and associated equipment to the border is to transfer lethal equipment to white nationalist terror cells, who more egregiously and readily want to violate humanitarian law, given how troops are preparing for militias stealing their gear.

There are many good counter-examples to this U.S. shift towards ignorance and highly insecure logical fallacies (again, the U.S. regime is claiming that anyone with a bottle is equivalent threat to an American soldier with a rifle, which is as stupid as it sounds).

To see what other models have been used, and should be explored in our immediate driverless future, look at historic discussions of grey areas, small percentages, tight timelines and attempts at precise targeting.

Here’s just one such exploration of avoiding putting targets on innocent civilians:

Tension was heightening. The minutes dragged on.

And then, five minutes before 5 o’clock, 25 minutes after the fighters took off, a phone jangled in Canary. It was the secure line that connected directly to Mossad headquarters. “Doubts have arisen,” said the voice on the line…

Nine Bombs Sent to Critics of US Regime, Just This Week

Per my earlier post about terror attacks under the current US regime, the BBC says the number this week has jumped to nine:

The device arrived at the Tribeca Grill in Manhattan early on Thursday local time, US media said, citing police.

Former Vice-President Joe Biden has also reportedly received packages.

If linked to previous incidents, this would be the ninth perceived critic of President Donald Trump to receive a suspected explosive device this week.


Update: An suspect has been arrested, according to NYT story with the byline “Van With Pro-Trump Stickers Seized”

Speaking on CNN on Friday, Mr. Clapper said he was not surprised that a device had been sent to him. He has been a frequent critic of President Trump, a similarity shared with everyone whose names have appeared on the packages discovered so far.

“This is definitely domestic terrorism,” Mr. Clapper said. “Anyone who has in any way been a critic, publicly been a critic of President Trump, needs to be on an extra alert.”

The regime leader meanwhile, in an attempt to condemn terrorism, instead lashed out again at his critics and denied having accountability for lashing out at his critics

“Funny how lowly rated CNN, and others, can criticize me at will, even blaming me for the current spate of Bombs and ridiculously comparing this to September 11th and the Oklahoma City bombing, yet when I criticize them they go wild and scream, ‘it’s just not Presidential!'”

Boots in the Datacenter Don’t Mean an Enemy is Denied Virtual Power

This post title easily could be a new book cover. Catchy, no?

There is an interesting discussion over C4ISRNET (Media for the Intelligence Age Military) about US military training and plans to hack civilian infrastructure

Part of this discussion is the notion of a commander needs to dominate in what’s called gray space — space that is not owned by either friendly forces or the enemy — to seize certain objectives as part of their overall campaign. This could manifest itself in the seizing of an oil pumping station due to its importance on the national economy. In the future, Army leaders believe it won’t be enough to physically control the pumping station and surrounding territory, but forces must control the virtual network as well.

“What good is it to win the terrain if the enemy can simply by computer network turn off the pumping,” Wittstruck asked.

Ok, to be fair, they’re talking about preventing infrastructure being hacked remotely by an enemy. Still, you have to admit turnabout is common in planning exercises. Also, not sure why network gets modifiers here. First it’s a virtual network. Then it’s a computer network. People, if you control THE network, you get both virtual and computer domination.


Alternate title: Black VPC Squadron (Baa Baa Black VPC).

“They were a collection of misfits and screwballs who became the terrors of the network. They were known as the Black VPC”