Sunday, August 4, 2019

Another mass shooting and lost hope


It's not just the guns.  I usually sway middle ground on gun rights, second amendment and so on. I am not a gun person. I don't go out to the range nor collect guns. But i did grow up in a military family where my father and most of my uncle's server from a few years to over 30 in the Marines , army, navy, air Force, national guard and so on. I've had friends in various branches. I even tried to be a chemical weapons kind of engineer in the army myself.  So I'm well aware and familiar with guns and the love of guns.  But this love affair with Rambo and assault weapons pretty much meant for one thing is a bit absurd.

  A couple people in a community owning a boatload of assault weapons and even granades aren't going to stop the military, the feds or national guard or the swat team from storming a town.  It might deter them for a moment, but what side of the coin are all these people on anyway?   Former Military and police officers are going to attack their own brothers and sisters and kids ? Current military and police are going to turn against their own brothers and sisters in arms ?  Everybody is suddenly a Rambo and practices everyday ? 

People forget all these organizations and corporations are made up of people. Maybe it's to much TV and internet and isolation or something.  It's not like the enemy storms the gates and you'll be ready. That enemy just as likely could be your neighbor, your brother, your sister.   In some cult like psycho locked down community, maybe , but things don't happen in isolation.

America has many problems. Mental health. Hatred for anything not just like them on all sides these days.  Lack of any real freedoms is becoming the norm.  People from all sides shout on Twitter or whatever social media forum. We talk about bullying, yet it's the norm.  The norm from all sides.  And the hate keeps spreading.  But this fascination with needing a thousand guns , the need to have access to them and nobody know I have them is absurd.  

But flat out state or federal gun control isn't going to work.  The government is lost and confused and everyone just has their own agenda for making themselves wealthier and more of a star now.  Star celebrity power and fake news comes from all of these people now. 

The world has a mental health and hate everybody that doesn't look and act like me problem.  But nobody wants to admit they are also part of the problem. It's point fingers at everyone else.   And the kids grow up lost , confused and find the terrorist organizations that fit their agenda. Or they fall for the Kool aid. They all are terrorist organizations. Then again don't the media , drug companies and silicon valley tech companies tap into that same psychosis to get kids and others addicted and convinced?  Is a guy like Mark Zuckerberg or Elon Musk or Jeff Bezos all that different than the rest of these folks convincing people to do something or believe something?  Then get in a hissy fit when someone calls them out on something? 

"We are just a tech company..." Is always the excuse. At some point we need to start looking into all these people and the how's and whys and ways the Facebook's and Amazon's and Ubers and the cults of Elon Musk and Steve Jobs and Trump and Putin and the  Clinton's and  so many others play their own version of mind control and manipulation.   

Because that's way beyond mental health issues.   These cartels and Nazi white power groups and gangs and terrorist organizations and politicians and leaders and tech leadership and Wall Street and big corporations  all seem to play the same mind games and find the right people at the right time and make them believe in whatever they are selling.

  It's not all guns.  It's mental health, mind control and manipulation.  And nobody is really safe anywhere anymore.

Sunday, July 28, 2019

Smart city and IoT security vulnerabilities

  
Smart cities and IoT is here to stay. And going forward , 5g,  Elon Musks satellites laser internet whatever system and things like nb-iot, lorawan, microwaves and more , things will only become more vulnerable. And connected.

  Hardware is hard.  Margins can also be rough.  Look at half the scams on Kickstarter and even crypto ICOs.  Sell a vision to naive folks and never deliver anything real.  Or deliver an insecure raspberry pi with no security features. The Intel's of the world have vulnerabilities much less some fly by night sell some $9.99 sensor company.

   Security is hard.  It's not sexy. Nobody cares till they have to care.  Plain text passwords, lack of security knowledge, it's all easy and faster to just pretend security isn't real.  Robinhood takes money from millennials and stores in plain text. Nice.  Not really. But even the unicorns and hot companies get caught in this release faster and who cares about software development lifecycle and security processes.   It is what it is , but real.

So what can be done about smart cities and IoT and this hatred for cryptography and encryption? The dislike of any cyber security protocols  by the politicians,  government agencies and law enforcement agencies? This is bad.  People who seem to be very uneducated when it comes to anything related to technology are passing laws and pushing their own agendas or corruptions.

Maybe it's not their fault. Maybe it is. Then again transparency and real open data  isn't a desire from any of these groups either.  Somehow not wanting  privacy and encryption , but needing it at the same time  to hide their own secrets is some massive weird unknown. It's a bit shady. And not good for anybody.  Add this hate for encryption to the Facebook's building their own private bank and bypassing encryption by just putting more controls on phones to collect and spy,  is a serious serious  issue. 

So what can we do ?

Well for IOT and smart cities , encryption is useless if the devices are vulnerable.  My company Pagarba does IoT and smart city vulnerability and pentesting.  We do blockchain. From our perspective, A good idea and best practice, whether pagarba or another firm,  is some form of IoT security audit. Perform a full end to end checks and balances assessment. Where you  assess the network,  data and device inventory, data and device classification, application and device  flow mapping,  along with a thorough risk and privacy impact assessment.  At this juncture you can even add drone mapping for physical security assessments. All this to drive appropriate protection for your IoT community, organization and smart cities. 

Smart city IoT is here ...

Pagarba (pagarba.io) worked on some real time location tracking sensors and data collection projects.   We've been diving into radio frequencies, Lora , lorawan and private decentralized mesh networks lately to build better smarter Internet of things systems.  Good stuff. Interesting city.

" Wireless sensors can be used to monitor traffic data and analytics.  An ongoing pilot program on lower Union Street aims to count vehicles with the goal of reducing flow and idling. Traffic patterns differ between sport utility vehicles and compact cars. With a better understanding of the types of vehicles on city streets, the city can schedule traffic lights more efficiently. Data will also allow vehicles can be re-routed in the event of a crash or some other kind of large-scale event. "

Wednesday, March 6, 2019

Distributed computing CALM - ness or not


Distributed computing and coordination is not a necessary evil, it is an incidental requirement of a design decision

The key insight in CALM is to focus on consistency from the viewpoint of program outcomes rather than the traditional histories of storage mutation. The emphasis on the program being computed shifts focus from implementation to specification: it allows us to ask questions about what computations are possible.

Interesting article and some good insight. Worth a read.

https://blog.acolyer.org/2019/03/06/keeping-calm-when-distributed-consistency-is-easy/

Why so many Fake artificial intelligence companies


     Quite interesting that 40% of these "AI" firms don't use artificial intelligence at all. Do some even know what tensorflow or mxnet or neural networks even means ?  

Also funny how Google decided this post had issues.  Real products with real artificial intelligence would make sense. But hype and marketing fake news sells I guess. 

https://www.ccn.com/40-percent-ai-firms-europe-never-use-ai-vc-says

Thursday, December 20, 2018

Exempt crypto security laws

https://www.coindesk.com/us-lawmakers-file-bill-to-exempt-cryptocurrencies-from-securities-laws

Could be good , time will tell what regulations will proceed and which ones will not.

"
The “Token Taxonomy Act” was introduced Thursday by Reps. Warren Davidson and Darren Soto, a move that comes months after a roundtable in Washington, D.C. that sought input about regulatory measures for the industry. According to the text, the bill – among other items – seeks to exclude “digital tokens” from being defined as securities, amending both the Securities Act of 1933 and the Securities Exchange Act of 1934."

Fortifying the Cyber Frontier: Safeguarding LLMs, GenAI, and Beyond

In the ever-evolving world of cybersecurity and infosec, the convergence of cutting-edge emerging technologies like Large Language Models (L...