Category Archives: Security

Security

Viginum Just Wrote a Sales Brochure for Blackcore Disinformation

Leave a comment

I’ve been scratching my head about the Viginum report on Blackcore. As a quick introduction, the report says an orchestrated online disinformation campaign didn’t work, since the fake accounts didn’t persuade anyone. And so you would think that’s a relief. But instead, I have a nagging feeling that what is actually being sold isn’t the persuasion.

The Blackcore demo page offered a persuasion method and 1,600 avatars to do it with. But the product is more about something that can take a beating, compromise by public exposure, and keep on running campaigns anyway. Delete the shells, keep the registered toolmaker, edit the avatars, reload and fire again. The Viginum report in that context proves the product works as designed, by showing a full pressure takedown isn’t able to take it down.

The report names who’s at the top. The 8200-to-INCD-to-Cygun chain leads to Yigal Unna, a real law firm, a real address, a registry number. So they could name him. And in Section 4 they do the thing that looks like the start of a prosecution. They write atteinte aux intérêts fondamentaux de la Nation, harm to the fundamental interests of the Nation. That phrase is one of the four boxes that VIGINUM’s founding decree requires it to check before it can call anything foreign interference. Section 4 checks the box, VIGINUM detects and names, and yet it cannot prosecute.

Ok. Ready. And then? Nothing happens. Why?

The operation is built to handle it. The foundation layer is fake accounts and disposable websites. Those are illegal and they’re hidden, and after the press coverage in May they evaporated. Flip a switch, they’re gone. The top layer is the opposite: the report says there are legal companies, registered in Sweden and the UK, with named directors. They’re clean on paper, which means finding them nets nothing. They make software. Making software isn’t a “harm“.

The trap is the foundation is easily erased while the parts floating above aren’t breaking any laws. VIGINUM climbs all the way to the top of the system and finds a registered businessman who can say he just sells the usual marketing tools.

Fun history fact: modern marketing was born in WWI government propaganda offices. Creel’s Committee on Public Information under Woodrow Wilson was a civilian agency, the first large-scale propaganda bureau the United States ever ran. The famous Bernays worked inside it. Lippmann spent the war in Army military intelligence, working on Allied propaganda aimed at German troops at the front. The concepts of manufacturing consent back at home were assembled as state service at war between 1917 and 1919, and then privatized into Madison Avenue the moment the war ended.

After WWI Edward Bernays left the military propaganda office to sell the same methods to corporations. He claimed Goebbels adopted them to push Hitler into power.

The reason an investigation goes all the way up to a former head of Israel’s national cyber agency is that this isn’t some random shop. It’s the normal Israeli cyber-export path working as intended: people leave military intelligence, the money and legal cover follow them into private companies, the state encourages it.

Israeli intelligence operators become marketing tool vendors, or “security” monitoring tool vendors.

When investigators reach the root, they can’t claim a company broke the rules. So the technical report builds a case and then looks like it flames out with a generic firm. It can’t cross into demanding a trial for a foreign government’s economic strategy. The report lands on “the Service will continue its investigations” because there is no solution yet for what is really being sold.

And the irony, therefore, is that the French report ends up a sales brochure: Israeli disinformation sold as a resilience product.

History, Security

Stammtischler by Klee

Leave a comment

In 1931, Paul Klee sketched “Drinking Companion” (Stammtischler), as if to capture the obnoxious, poorly informed loud mouth you wouldn’t want in charge of anything.

Klee was one of the first German artists the Nazis labeled “degenerate,” which Nazis said meant Jewish, so they accused him of being Jewish. He was not Jewish.

The Nazis had been losing popularity in 1932 but then they abruptly seized power, with Hitler appointed in January 1933 to Chancellor. Klee was dismissed from the Düsseldorf academy, his home was searched by the Gestapo, and he moved with his family to Bern, Switzerland. In 1937 the Nazis still attacked him, trying to shame him in a “Degenerate Art exhibition” that compared his work to mental illness.

Security

Trump Abruptly Bans Foreigners Using Anthropic’s Top Models

Leave a comment

Think you can use American products? Think again. In fact, every company in the world right now needs to be moving off American technology or preparing for a move, because Trump just showed how he can shut it down like oil.

Anthropic had released Fable two months after declaring its models too dangerous to be released. Fable was said to be proof that safety was solved, soon after they had said the opposite. What it in fact delivered was a machine that refused to work.

This has become a rather sad theme in the AI industry. Zero integrity control, causing outages.

The “service safety” they designed was a denial of service, the literal opposite. The detection system was so aggressive that ordinary requests were kicked out. A model that shuts down at a benign prompt is not secured. It is broken. That is insecurity, by definition. The company called insecurity their security release. They sold denial of service as a premium feature and labeled protection.

The United States read the Anthropic marketing about dangers and believed it. Hook, line and sinker! The gullible and unpredictable Trump administration demanded access be revoked for a thing that couldn’t reliably be accessed. On 12 June the Commerce Department issued an immediate export control directive suspending all access to Fable 5 and Mythos 5, the first time the federal government has reached into a deployed commercial model and switched it off.

To be accurate, Anthropic had never designed access around denying foreigners. The Trump administration is obsessed with punishing people based on an “alien” designation (“artfremd” in Nazi Germany). So the Trump order was to deny access to foreigners and Anthropic was forced to disable it for everyone instead.

This is reminiscent of 2009-era stuff when the initial cloud providers were shocked, shocked I tell you, to find out ITAR is real. Here we are today with Anthropic claiming they can’t tell a foreign national from anyone else in real time, so the model is down. As if ITAR is real. Again.

Perhaps the right way to read all of this is that the American government just demonstrated a footgun clumsily and loudly, that at any minute they will cut off the world from American-based technology. The Straight of Hormuz disaster is just the beginning. They did it with Microsoft, now they are targeting Anthropic.

The warning shot to the world is the big, centrally distributed American services aren’t trustworthy. They are at the whim of Trump. Just like oil.

The stupid part of the story, aside from America being a hot-headed tin-pot dictatorship under the thumb of ex-KGB, is that Anthropic is pleading that there’s no danger to the public, while the government still believes the Anthropic claims that there’s danger to the public.

…the level of capability displayed there is widely available from other models (including OpenAI’s GPT-5.5), and is used every day… we disagree that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people. If this standard was applied across the industry, we believe it would essentially halt all new model deployments for all frontier model providers.

Anthropic says whoa you can’t just block a model for being “too dangerous”, only we can do that as a marketing trick.

The capability the government feared, by Anthropic’s own account, is a model reading a codebase and fixing flaws, something it concedes other public models already do without restriction. So the Trump order protects no one from a tool the vendor now insists is ordinary.

A product that shut itself down aggressively to prevent usage has been certified as a weapon and withdrawn from a public that could never use it in the first place. Even the jailbreak is downplayed by Anthropic as nothing to fear.

The Anthropic incoherence is a huge problem, as I have pointed out flaws with their Mythos system card and again flaws with their Fable system card.

For example, look at how an Anthropic card in 3.1.1 opens by calling Mythos 5 the most capable cyber model they have ever evaluated, then in the next breath files it in Tier 1, their lower risk category, defined as human-dependent assistance with known techniques.

I can not get over how dumb America looks right now. Incoherence and disproportion take the main stage, not any absence of capability. The Trump ban is for the low tier by definition. Reading a codebase and fixing previously known bugs is textbook Tier 1: meaningful assistance with known methods, still needing a human. Arguably beneath it, since it is defensive. So America has openly stated to the world an export control blocks a Tier 1 interaction over a capability Anthropic reserves for Tier 2.

It’s like Trump banning GPU export because they can generate images. Dude, it’s what people buy them to do. That’s not even dual-use, that’s just use. And then we have to deal with the fact that Anthropic designed a thing that powers off when you power it on.

Unusable once by design.

Unusable twice by decree.

American integrity is twisting in the breeze like an infamous bridge we were all supposed to study so it would never happen again.

Tacoma Narrows bridge design fell apart in a moderate 40mph breeze. Anthropic Fable falls apart with basic prompts. The danger is in the design failures, not in the citizenship of the person trying to use it.
Energy, History, Security

Paid in Full: The Data Center Economy and the Criminalized Protester

Leave a comment

A Trump government contract reached the public last month by accident, after CoreCivic’s lawyers attached it to an email to the Houston Chronicle. The figures it revealed put the cost of running Dilley, the only family detention center in the country, at about $15.6 million a month, $13.1 million to operate and $2.5 million for medical care. The cost to taxpayers has been made constant, whether the facility is full or nearly empty.

The problem has been known much longer. A ICE itself called the Dilley arrangement unique, a fixed monthly fee for the entire facility regardless of how many people are held. A Homeland Security inspector general found the contract improperly obtained, routed through a middleman town in a way that shielded the operator and left the agency with no assurance it served taxpayers or detainees.

Pay for prisoners was improper, unaccountable, and fixed to a building. Why?

Look deeper, into the context, the geography, and the care model of “centers”. The human detention operator collects the same sum whether their water is clean or not, whether a sick child is seen or left unseen (to die). Lawmakers who toured in May counted fewer than 400 people, including 93 children, and ran the division.

Taxpayers are being charged roughly $37,500 per detained person per month.

Most people being held carry no criminal charge, and many have active asylum claims being ignored. They are being seized on streets far from any border, like the five year old taken outside his Minnesota home. The revenue is the purpose of these centers, not justice, not safety. CoreCivic reported $116.5 million in profit for 2025, up nearly 70 percent, and guided investors higher. Dilley alone generated $180 million in revenue, inside a $45 billion congressional expansion of detention. The same record documents a measles outbreak and food and water detainees call moldy and foul. A toddler died, after release in the facility’s earlier years.

This is a known pattern in history.

It’s the ordinary shape of administered harm. Atrocity at scale rarely sustains itself as spectacle. Spectacle draws resistance, so the apparatus migrates into procurement within an already established, rushed trajectory. The lethal variable to watch for is a revenue line uncoupled from the human outcome, a fixed fee or a quota that pays the same whether the people inside are tended or neglected. The pattern is neglect performing the harm within a trajectory so no one has to authorize it. It’s been called the crematorium that needs no fire.

Germans study the history that Americans rarely understand. In 1933 voices of opposition were violently erased, leading to the “cold crematorium” of camps that killed by willful neglect.

The evidence tends to precede the public reckoning, because it’s unbelievable, too hard for people to process until it’s too late. On December 9, 1931, a Munich newspaper printed a leaked Nazi plan for the Jews and the euphemism, Endlösung. The “final solution” was known long before the regime would invade neighboring countries and spin up industrialized murder camps. The paper was attacked for saying it, then shut down violently, its reporters sent to Dachau, the first Nazi concentration camp, built to detain and break the regime’s political opponents, where many were murdered.

Memorial block for Richard Lipinski, a well known Leipzig SPD politician who voted against Hitler “Enabling Act” in 1933 and was put into “protective custody” and died from “effects of his detention”. Phrases that to this day try to normalize fascism, literal murder for power.

Administered harm shows up like a payment schedule, for outcomes that should be raising the highest alarms. Notably, Britain read the warnings through the 1930s and held back from stopping Hitler in March 1936, when his troops entered the Rhineland under orders to retreat if France resisted. London and Paris accommodated instead of attacked. Why did they wait?

This contract just became public because a lawyer attached the wrong file to an email. Who today sees it and waits? What are they waiting for?

Target Hospitality owns the Dilley family detention center and runs its food service, the place notorious for a measles outbreak and 911 calls about children struggling to breathe. CoreCivic operates it. In March, Target announced a pivot into data center company towns, to wash the stink of the ICE deal off its name. The lodging contractor moved its brand from feeding and housing a detention center to housing the crews who build data centers.

When you look at the datacenter maps, you are looking at land permits, a slab, tilt-up walls, and a power easement that may never energize. Very large campuses of empty boxes on cheap land in scarce-water country, their end use left unsettled.

Source: Brockovich Data Centers

A July 2025 executive order made the data centers critical infrastructure. Federal agencies and fusion centers then began tracking fictional “anti-tech violent extremism,” sweeping peaceful critics and town-hall attendees into the framework built to criminalize protected political speech into domestic violent extremists. The order protects the box, which rhymes with the detention economy, even when it does not yet show a data center becoming a human center. Oppose the data center box, and the security state opens a terrorism file.

A terrorism designation of people outside the data centers feeds the same detention expansion that the Dilley contract pays for. It’s like a fascist LEGO set: build the box, file the objector as a terrorist, fund detention that pays whether the beds fill or not, and the only open question left is how all those unpopular empty boxes will be making any money.