View from Holy Cross, Thursday, January 08, 2015
Going home tomorrow so all’s well. There ought to be a service for hiring malicious hackers to harass people who send long unsolicited mail to people. The hospital router gets overloaded, and 7 Mb messages stall the system and it takes forever to clear them. Ah well. It has been all day and still… The latest thing are messages big but no visible content and no headers. Have no idea what that is.
According to an editorial posted in USA Today, "people know the
consequences" of insulting the Mohammedans’ prophet. The piece goes
on to ask, :"Why did France allow the tabloid to provoke Muslims?" and so forth:
Muslims consider the honor of the Prophet Muhammad to be dearer to them than that of their parents or even themselves. To defend it is considered to be an obligation upon them. The strict punishment if found guilty of this crime under sharia (Islamic law) is capital punishment implementable by an Islamic State. This is because the Messenger Muhammad said, "Whoever insults a Prophet kill him."
However, because the honor of the Prophet is something which all Muslims want to defend, many will take the law into their own hands, as we often see.
Within liberal democracies, freedom of expression has curtailments, such as laws against incitement and hatred.
This is something I’d expect to see in a transcript of a Bin Laden video…
◊ ◊ ◊ ◊ ◊
Joshua Jordan, KSC
You have identified one of the primary problems. Sharia states clearly that infidels are not equal to Muslims, and anyone who leaves Islam deserves death. It is fundamental to Islamic Law that infidels, even people of the Book – primarily Christians and Jews – must pay a tax in order to avoid conversion. For everyone else it is Islam or the sword. Many say that they do not practice that, but it is there and not to believe it is heresy. They have a remedy for heretics.
Coming to a strategy in this war is key. If it is treated as a problem of law enforcement we are doomed to a strategy of defense only, giving all initiative to the enemy. That makes for a long war. Have we that much patience? Will the nation make war upon those who have had enough of reaction to enemy atrocities?
NBC’s Terror Expert Kohlmann: "France Has A Very Serious Problem With Islamphobia" <http://www.familysecuritymatters.org/track/trackurl.asp?q=bxBwrlnesmrr
I would have thought that having a security expert who puts Islamophobia as the major threat after an attack on a publications office may be part of the problem.
Hello, Jerry –
Best of luck on your recovery.
On 30 Dec, you printed a number of responses which generally pooh-poohed the idea that the FBI could have got it right about N. Korea and the Sony hack. In general, they showed considerable disrespect for the FBI’s forensic IT capabilities. "How could they possibly search through proxy servers, spoofed MAC addresses, etc and finger North Korea in such a short time?"
Well, apparently they didn’t need to. From http://www.nbcnews.com/storyline/sony-hack/sony-hackers-got-sloppy-used-north-korean-ips-fbi-director-n281556 the North Koreans got sloppy and didn’t do any of that stuff. Using IPs that are unique to N. Korea seems pretty boneheaded, but that seems to be the case. And the alternate theory presented in the posts, that the hack was done by disgruntled insiders – well, finding a way to get access to N. Korean servers in order to cover one’s tracks seems a little much for Hollywood IT workers, even those who have helped create the "Mission Impossible" series.
So, in this case, the FBI needed only the IT equivalent of the ability to read the postmark on an envelope.
Underestimating an opponent is a classic prelude to failure, but so is overestimation.
Interesting. Of course they can’t train people without exposing them to the West. Sort of like the Soviets except Communism makes more sense than fealty to Kim Jong Un.
I’m glad to see you coming back to writing and commenting so quickly.
Best wishes for eventual complete recovery.
I’m especially glad that your stroke was (I’d guess) recognized and treated quickly, before much (or any, I hope) permanent damage happened.
My analogy from ten years living with my Dad’s disabling stroke (alas not treated quickly) is that it’s the difference between losing the local programming for the affected skills but being able to relearn relatively quickly because the local hardware’s still there, versus losing the local hardware that slice of programming ran on, at which point relearning is dependent on retasking other hardware and is much slower and more problematic.
Even the latter can be overcome eventually, but it takes a lot more brute persistence. May all your recovery be of the former sort, but if you do hit any of the latter, well, I don’t see you as inclined to give up too easily in any case so I’ll spare you the obvious advice.
I’m very much looking forward to SpaceX’s next try at intact recovery of their first stage. The launch window is 2:09 am your time Friday, 3:09 mine, so unless insomnia hits we’ll likely read about it in the morning.
I’d be tempted to wake up and watch, except they (understandably I
think) aren’t going to televise the landing attempt live in any case.
Regardless, flying an entire booster stage to Mach 10 or so then bring it back in one piece is a major step toward things we’ve both been working toward for a long time. May we both have cause for some joy come tomorrow morning.
Regarding Cryptolocker (malware that encrypts your data files, and requires a ransom to unencrypt), it is extremely difficult to unencrypt without paying the ransom.
Your advice to backup to an external hard drive then disconnect that hard drive from your system is good advice. Backups are important. One could also copy to DVD, although that is much slower. Large capacity external hard drives are relatively inexpensive. So that advice is good for the average user, or perhaps the small business.
The difficulty is in the implementation. You have to remember to do it. And you need to have a good rotation schedule so that you have multiple backups in case you don’t catch an infection right away. The ‘googles’ will have lots of advice on rotation backup schedules.
But the implementation is difficult. My own procedure is thus:
– I use the Microsoft SyncToy to backup my laptop data files to another computer on my home network. The advantage is that it only copies changed files, plus also deletes files as needed. Quite easy to set up, and pretty fast. So that protects my laptop files.
– On that desktop, I have the Carbonite automated backup program installed (www.carbonite.com). It takes care of automatic backups, doing them continually in the background so as to not affect the use of the computer. Files are encrypted and stored in Carbonite’s "cloud", and can be retrieved to any computer at any location. The cost is reasonable for personal use, plus they also have plans for businesses. They also have plans to support multiple computers in a location.
It is my understanding that Carbonite keeps multiple versions of your files, so it is possible to get a previous version of your backed up files.
I could do the backups myself, but using Carbonite as my automatic – "don’t think about it" – backup is more convenient. And it protects me from any possible data loss due to theft or damage (fire, flood, local hard disk failure, etc.). And I don’t have to think about it.
There are others that provide similar services to back up your data to the cloud. I am not worried about my data security in the "cloud", even though some of my files contain confidential data. It provides me with a backup process that I don’t have to worry about.
There are many ways to backup and protect your data. I am happy with my choice.
(I have no affiliation with Carbonite other than being a satisfied customer.)
…Rick Hellewell, Security Dweeb
First, I’m glad you’re doing better.
Second, the solution to Cryptowall and similar problems would be to get a Letter of Marque, recruit a few friends, and go hunting.
While law enforcement agencies have to play by the rules, a Letter of Marque pretty much allows you to set your own rules. A sufficiently skilled group of researchers would be able find out where the money has gone — at which point, the same group could make life interesting for the scumbags.
Since it’s not likely that a Letter of Marque would be granted, another solution is for the email and browser writers to set a default that attachments won’t be opened without specific authorization. Click the link, and a pop-up box would require the user to enter a code before the attachment can be opened.
My brother and I have a practice of sending a single-use authenticator in any email which includes a link. This authenticator is simple — a reference to something we’ve discussed in a recent phone call — but it’s something that nobody else would have.
Do you think the President would issue you one? And Ukraine might object to your hunting there…
Freedom is not free. Free men are not equal. Equal men are not free.