Category Archives: Sailing

Feudalistic Threats to Web 3.0

When I’m asked to explain Web 3.0 I always try to start by explaining that the world is far more diverse than just coins and financial assets.

This is similar to my old saw about history being more detailed than just who won what war and why. Culture is not just coinage.

The entirety of the human experience, which arguably will be predominantly expressed via the web if anywhere in technology, is vast and rich beyond monetary action. Only about half of transactions even involve money at all.

Yet, for many people their only topic of interest or focus on technology is how to capitalize as quickly as possible on anything “new”. Beware their depictions of the Web solely as finance instead of encompassing our most rich and interesting possibilities.

Geolocation data, as just one facet, has long been recognized as a source of power and authority. Think of it in holistic terms of the English and Dutch cracking the secretive Portuguese spice trade routes and upending global power, instead of just focusing on the spices being traded.

Knowledge is a form of power, which have been expressed as political systems far more vast than markets alone could ever encompass.

Here is an example to illustrate how oversimplification of humanity down to financial terms becomes an ethical quagmire, highlighting some very important mistakes of the past.

Ukraine cancelled a Crypto airdrop.

…“a lot of people” were abusing the possibility of an airdrop by sending minuscule donations “just to benefit” themselves. This is a common tactic among crypto investors, known as airdrop farming.

Farming is in fact the opposite of what is described here. Growing food at low margin so that others may gain has somehow been framed backwards: extraction of value from someone else’s plan to help others.

In other words “airdrop farming” is far more like “airdrop banking” as it has nothing in common with farms but a lot in common with banks. It begs a question why there there was any direct return and benefit of “donations”, given what has been said in past about that loop.

Appropriation of the term “farming” in this context thus reads to me as propaganda; we may as well be in a discussion of Molotov’s WWII bombs as a delivery of bread baskets.

Likewise in the same story Kraken’s CEO displayed complete ignorance by saying his company would be on the side of Russia in this war and could not help Ukraine because in his mind political Bitcoin only has “libertarian values”.

Exchanges including Coinbase, Binance, KuCoin, and Kraken all refused Fedorov’s February public request that they freeze all Russian accounts, not just those that were legally required by recently-imposed sanctions. The companies said such an action would hurt peaceful Russian citizens and go against Bitcoin’s “libertarian values,” as Kraken CEO Jesse Powell put it.

Calling Bitcoin libertarian is like calling diamonds bloody.

In fact, Bitcoin is notoriously slow-moving (terrible for payments) and notoriously volatile (terrible for currency) just like blood diamonds being extracted from dirt at artificially low cost to artificially inflate their value to a very small group desperate for power.

Mining doesn’t have to be an exercise in oppressive asset hoarding with a total disdain for the value of human life, but Kraken clearly displays here they operate intentionally to repeat the worst thinking in history.

So what values are we talking about really? Proportionality (tailoring response to the level of the attack, avoiding collateral impact) is not a libertarian concept, obviously, because its a form of regulation (let alone morality).

Note instead there is complete lack of care for victims of aggression on the principle of protecting “peaceful” among aggressors, with absolutely no effort to prove such a principle.

It’s sloppy and exactly backwards for a Bitcoin CEO to claim he cares about impacting others. The inherent negative-externality of Bitcoin means it carries a high cost someone else has to pay, proving that if Kraken cared about “peaceful” Russian civilians it would shutdown all Bitcoin since it harms them all while benefiting few if any.

Systemically redistributing transaction costs from selfish individuals to society instead, while claiming to be worried about societal impact of an individual action is… dangerously reminiscent of “nobles” and “clergy” of pre-revolutionary France who ignorantly stumbled into their own demise.

The Web already is so much more than a narrow line of thought from the ugly past of feudal thinking, and 3.0 should be more broadly representative of the human condition instead of boxed in like this by selfish speculators trying to get rich quick through exploitation and manipulation of artificially constrained assets.

Italian Police Seize Russian Oligarch’s 500ft Sailboat (Largest in World)

A boat builder boasted in 2017 about their 143m ship with gross tonnage of 12.600 that can only go 20 knots:

Her name: SAILING YACHT A. She will draw eyes the world over, as no other superyacht has ever done before.

Apparently this prediction of drawing eyes came true just now. Italian police announced the 530 million euro monstrosity had achieved their full attention.

Italian police have seized a superyacht from Russian billionaire Andrey Igorevich Melnichenko, the prime minister’s office said on Saturday, a few days after the businessman was placed on an EU sanctions list following Russia’s invasion of Ukraine. […] Designed by Philippe Starck and built by Nobiskrug in Germany, the vessel is the world’s biggest sailing yacht, the government said. Melnichenko owns major fertiliser producer EuroChem Group and coal company SUEK.

Technically Melnichenko just resigned in an attempt to find a loophole in sanctions.

EuroChem Group AG, a leading global fertilizer producer, announces that Andrey Melnichenko has resigned his position as Non-Executive Director of the Board of Directors, and withdrawn as main beneficiary, effective March 9, 2022. The move follows Mr. Melnichenko’s inclusion in an EU sanctions list, and was taken to ensure EuroChem is able to continue providing millions of people around the world with nutrients for agriculture, helping to underpin global food security.

Nutrients that underpin global security?

*Cough* bullshit *cough*.

But seriously, this opulent waste of money on a party yacht sinks any claims to Melnichenko or his company giving a crap about global food security.

Source: Nobiskrug

It might be the ugliest sailboat I’ve ever seen. At best it resembles a Chinese Junk.

A trio of 300 ft masts with full battens on a 480 ft lethargic bathtub make no sense to me at all. I’m not kidding about bathtub designs being slow. Surface area clearly increases towards the waterline.

Source: Nobiskrug

It has all the grace and efficiency of a flat tire.

Really it looks like someone took a big container ship and chopped its stern off, then crammed on a cruise ship’s reverse poop deck. Running lights make it even uglier, like an old running shoe from Walmart.

Source: DailyMail

To be fair we’re talking about a fertilizer and coal billionaire who wanted a party boat that could operate on clean wind power instead of fertilizer or coal. Nothing about it sounds right, if you see what I mean, and yet somehow I am certain the Italians will know exactly what to do.

Russian Elites On the Run, Trying to Hide Ships as Ports Close

The usual placid sailing waters of Russian billionaires has abruptly given them the boot.

UK Transport secretary, Grant Shapps, said that he “had banned all ships with ANY Russian connection whatsoever.”

And while some people focus on Russian private plane movements, I find naval gazing (pun intended) far more interesting.

Intercepting a plane isn’t likely, whereas in international waters

…cargo vessel transporting cars, which was headed for St Petersburg, is “strongly suspected of being linked to Russian interests targeted by the sanctions”, said Capt Veronique Magnin, of the French Maritime Prefecture.

France just sailed up and grabbed a Russian ship, taking it as a wartime action. Should this not be how operations are conducted on Russian information technology as well?

In related news, Russia’s most powerful men appear to be engaging in conflict by tail-between-legs trying to hide as best they can when there is nowhere to hide.

Data reviewed by CNBC from Marine Traffic shows that at least four massive yachts owned by Russian business leaders have been moving toward Montenegro and the Maldives…

These ships are extremely unprotected and vulnerable, while operating in open spaces with almost impossible attribution.

Let’s say a small inexpensive automated drone packed with explosives sinks them (the sort of thing described for over two hundred years, at least since the auto-mobile naval torpedo of 1866), what then?

Source: Mailloux, R., Sengupta, D. L., Salazar-Palma, M., Sarkar, T. K., Oliner, A. A. (2006). History of Wireless. Germany: Wiley.

Or what if the port is targeted and destroyed, as we saw in 2018 when the docks of Roslyakovo abruptly failed.

Most people probably haven’t heard of that incident, and would be far more familiar with the fact that neutral civilian American ships were repeatedly bombed by Germany before WWI started; President Woodrow “KKK” Wilson had intercepted the related German Navy order on November 18, 1914 and somehow managed to deny telling Americans for three years why so many ships and ports were on fire.

…agents who are overseas and all destroying agents in ports where vessels carrying war material are loaded in England, France, Canada, the United States and Russia. It is indispensable by the intermediary of the third person having no relation with the official representatives of Germany to recruit progressively agents to organize explosions on ships sailing to enemy countries in order to cause delays and confusion in the loading, the departure and the unloading of these ships.

And on that note July 22, 1916 (still a year before Wilson would declare Germany an enemy, and just eight days before the infamous “Black Tom” explosion in NYC) the German military intelligence set off a massive bomb during a parade in downtown San Francisco and killed 10 civilians.

Whereas naval warfare has a long and storied past, today it seems to have much in common with cyber warfare, which constantly gets written up as needing a new set of norms, instead of being treated as acts of war.

1,000 Porsches Burning Rubber: Ship Carrying Luxury Vehicles to America Catches Fire and Set Adrift

A Samsung-built ship “specialized” to carry luxury European cars to America is reportedly a smoldering wreck in the Atlantic, after catching on fire 90 nautical miles (170 km) southwest of the island Faial.

Thousands of Porsches, Audis, and Lamborghinis were marooned on an unmanned burning cargo ship in the middle of the Atlantic Ocean Thursday. […] The ship was still burning and billowing out clouds of white smoke as a Portugal navy ship inspected whether it was in danger of sinking, officials said.

Source: VesselFinder

It had a lot of Porsche on board.

Luke Vandezande, a spokesperson for Porsche, said the company estimates around 1,100 of its vehicles were among those on board Felicity Ace at the time of the fire.

My first guess would still be that a Lamborghini started the blaze. Here’s just a thought. Someone was in a Lambo revving the engine with nowhere to go. This is a common thing for people who like to play loud noises but don’t understand when the car doesn’t move to let heat dissipate (including excessive waste, such as flaming exhaust), then at some point flames engulf the body.

In an ironic twist for their manufacturer (regulations cheating Volkswagen) one easily could argue that diesel vehicles (even Porsche) shipped to Americans would have been far less likely to cause such an environmental disaster.

A simple search of the cargo contents shows a lot of lithium battery car manifests going different places, which all together would generate a fire especially toxic to the environment…


Also of note on the boat is a 2016 FORD MUSTANG VIN: 1FA6P8CF6G5283818 consigned to 313 AMBER JILL COVE KILLEEN, TX 76549. I don’t see anyone writing about that, let alone a 2018 HARLEY DAVIDSON FAT BOB VIN: 1HD1YLK12JC022519 consigned to 820 GARZA JONES LANE LAREDO, TX 78045.

Can You Trust

The site has launched ahead of schedule and right at the top it has a “Here’s how you know” link to explain why you should trust this “official website“:

Does it seem safe? While they make a couple sound points, there’s more to it.

Do you also trust that a .gov was developed using a secure lifecycle, is operated safely and that it hasn’t been compromised by commercial motive? In other words, is there high integrity of the data on the pages as much as there may be integrity of the source identity?

I strongly recommend developing quality measures for the former (hard) much more than the latter (easy).

It reminds me of another .gov launch not so very long ago that was subjected to extreme partisan yet technical bickering…

The “” website at the end of 2013 was ruthlessly attacked by Republican lobby groups and “experts” such as TrustedSec. Here’s a good example from headlines in early 2014:

Source: WFB, 2014

Someone barking that the site is “100 percent insecure” and trending worse seems factually false, no? It was a gross misrepresentation for political gain if not an outright lie.

In fact, while TrustedSec used the press to spread a rumor that was 100% unsafe they were actually telling congress in testimony

It is accurate that no system can ever remain one hundred percent protected against threats.

Could this kind of absolutism fallacy and obvious gaslighting be grounds for being disbarred from practicing security though?

No, because let’s be honest the security industry has no baseline of integrity for meaning being delivered in a message.

Sound harsh?

Consider that the TrustedSec CEO Dave Kennedy was on a highly-politicized PR campaign to discourage people from getting health insurance, mugging with Michele Bachmann (infamous religious extremist who advocated for dropping bombs as “one of the greatest acts of peace” while simultaneously trying to block peace agreements because she believed they could usher in World War III and the horror of… dropping bombs).

Source: Twitter

Kennedy’s obvious political self-promotion at this time went from hugging the extremist bomb-advocate Bachmann back stage at FOX news to literally spreading “100 percent” nonsense and FUD… claiming even would hack anyone who dared to use it for their life-saving healthcare needs.

…saying vulnerabilities remain on “everything from hacking someone’s computer so when you visit the website it actually tries to hack your computer back, all the way to being able to extract email addresses, users names—first name, last name—[and] locations.”

“Actually tries to hack your computer back”?

This is nails-on-chalkboard stuff, only made worse by him saying the threat scale goes “all the way to being able” to know your name. So your name has been leaked proving that you’re in America and need healthcare insurance just like everyone else? That’s “all the way”?

And then there was the false claim made on FOX news that large numbers of probes of a .gov website indicates it already has been hacked or will be soon.

Source: Fox News, 19 Nov 2013 (via Utah’s Senator Mike Lee)

And this nonsense of course had the expected reaction putting people in a frothy partisan panic:

…you couldn’t pay me a million $ to go anywhere near that website #FullRepeal #ImpeachObama #MakeDCListen

That’s a 2014 reaction tweet from @livinbythelake. Today that same account is retweeting the wife of the Executive Editor for the Washington Examiner that COVID19 is a communist plot.

While clearly a “poison squad of whispering women” show they are coordinated in amplifying a fear narrative from TrustedSec as right-wing misinformation, the actual flaws were being misrepresented.

Probes ought not be directly correlated to breaches without some intelligence. That’s like saying evidence of water around a floating boat means you should guess it soon will spring a leak.


Here was another clear sign TrustedSec’s Kennedy was speaking completely out of his mind on this issue.

His examples of “models” were sites later breached at FAR WORSE scale than

When it comes to securing personal information online, Kennedy cited Amazon, Facebook, and Twitter as models for the industry.

Facebook?! Are you FFFFFing kidding me.


More than 540 million records about Facebook users were publicly exposed on Amazon’s cloud computing service…

Remember this was TrustedSec CEO testifying to Congress in November 2013 that Facebook should be held up as a model for the industry to protect privacy. This is literally what he said to Congress:

…the federal government isn’t known for having super secure web sites or even having adequate security to protect U.S. related sensitive data.

Oh really?

Facebook had just been breached in June 2013 leaking 6 MILLION records for over a year when this highly politicized testimony was filed alongside a poisonous PR campaign.

Does Facebook ever sound like any sort of real “model” for an industry to you? Facebook always has been known for failing at security and being a threat to U.S. data. It’s almost inconceivable that someone in 2013 was recommending them as a model, and it’s incredibly suspicious for anyone claiming the title “TrustedSec”.

Come on people, let’s look at this in context.

TrustedSec’s CEO was spreading on partisan news campaigns that the US government website is “100 percent insecure” and that everyone instead should carelessly put their data in Facebook (foreign adversary) hands?

Here’s how I described Facebook to everyone reading this blog in 2011 why I deleted my account in 2009:

…private company funded by Russians without any transparency that most likely hopes to profit from your loss (of privacy)… if Facebook is dependent on Zuckerberg their users are screwed.

That’s a full two years before the “TrustedSec” CEO was on TV telling Americans to hand their most sensitive data to the Russians instead of their own government.

Facebook’s massive unprecedented failures of safety (gross negligence if not incompetance) were never hard to find, and have only worsened over time:

Am I missing some? Surely this alleged “model” couldn’t have been any worse of a recommendation.

The icing on this history cake is that TrustedSec’s testimony gave milquetoast recommendations for fixing that read like they were pulled directly from a 2-minute introduction to information security.

Fix the current security problems on the web site, which pose a high or critical risk… Develop a security operations center and ensure effective controls are in place… Perform end-to-end testing to benchmark the existing risk towards the infrastructure and take appropriate action…

It’s so vague and generic as to be completely unhelpful.

Here’s what the TrustedSec guide to marine safety probably looks like: if you see or hear water you must be sinking, take appropriate action.

Let’s recount.

After five years reported about 10 million people had received health-care coverage (essential to quality of life) while only as many as 75,000 people may have had sensitive information breached. Even that amount is disputed, so where’s the giant disaster predicted?

Headlines by 2017 were “Obamacare is working well” no thanks to TrustedSec doing its best to tell people to stay away. popularity increased dramatically to 56%, no thanks to TrustedSec doing its best to tell people to stay away.

So, will the right-wing lobbyist “hackers” put on suits and ties to be wined-and-dined by FOX news again to spread FUD about this new health-oriented .gov site being a threat?

Facebook, the darling of the Republican lobbyists and extremists intent on destroying Obamacare, over the same time delivered the worst security practices and breaches in history (on top of destroying quality of life and being implicated in atrocity crimes).

Why so bad?

Basic American history offered us a good insight into “experts” like Dave Kennedy stumping in 2013 for the Confederate Party, even predicting escalation to the violence seen last year.

ObamaCare cannot be accepted. No matter that it was passed by Congress, signed by the President, found constitutional by the Supreme Court, and ratified by the people when they re-elected President Obama. It cannot be allowed to stand, and so the tactics for destroying it get ever more extreme. The point of violence has not yet been reached, but the resistance is still young.

How dangerous was it in 2013 for a security “expert” to tell people not to sign up for healthcare from a .gov site?

Very dangerous, made far worse by telling them to trust Facebook instead. We can think of extremists like Bachmann telling us that dropping bombs was her model for peace like Kennedy telling us that using Facebook was his model for privacy.

So back to today, how dangerous will it be if someone says avoid .gov and don’t get test kits or vaccinations during this pandemic?

Read more 2014 analysis of history for the answer.

Our modern Confederates are quick to tell the rest of us that we don’t understand them because we don’t know our American history. And they’re right. If you knew more American history, you would realize just how dangerous these people are.

So it all begs the question who do you trust and what does it mean when you see that you are using a .gov site? History has the answers.

Related: Timeline of Amazon breaches and timeline of Twitter breaches, neither doing nearly as well in trust as has this whole time.