Pathetic loser, John Young, is now back on the same page as Wikileaks!

[professor rat]

JULIAN " the most dangerous facilitator of totalitarianism we have ever seen. 
The internet is a threat to human civilization " ASSANGE 2012

Here's one real easy way to avoid the ever proliferating boondoggle, John...

GET OFF THE INTERNET!

small rehash of part of modern cointelpro/disruption tactics from activism

[Karl]

Private Military Corporations (PMCs) are essentially mercenaries acting
largely outside of government regulation or democratic control. They are
hired by private corporations to assist in their interests and act as
for-hire businesses with few or no ethical considerations. Some examples of
these corporations are TigerSwan, Triple Canopy, and STRATFOR.

PMCs are often staffed with U.S. military veterans, and employ
counterinsurgency techniques and skills honed during the invasions of Iraq
and Afghanistan, or other military operations. And in many cases, these
PMCs collaborate with public law enforcement agencies to share information,
such that law enforcement is essentially acting as a private contractor

for a corporation.
Disruption Tactics Used by Corporate Goon Squads

PMCs can be expected to deploy four basic tactics.

   1. * Intelligence Gathering*

First, they will attempt to gather as much information on protesters as
possible. This begins with what is called OSINT — Open Source Intelligence.
This simply means combing through open records on the internet: Googling
names, scrolling through social media profiles and groups, and compiling
information that is publicly available for anyone who cares to look.

Other methods of information gathering are more active, and include
physical surveillance (such as flying a helicopter overhead, as occurred
today), signals intelligence (attempting to capture cell phone calls,
emails, texts, and website traffic using a device like a Stingray also
known as an IMSI catcher), and infiltration or human intelligence (HUMINT).
This last is perhaps the most important, the most dangerous, and the most
difficult to combat.

   1. * Disruption*

Second, they will attempt to disrupt the protest. This is often done by
using the classic tactics of COINTELPRO to plant rumors, false information,
and foment infighting to weaken opposition.

During the protests against the Dakota Access Pipeline, one TigerSwan
infiltrator

working inside the protest camps wrote to his team that

“I need you guys to start looking at the activists in your area and see if
there are individuals who are vulnerable. They’re broke, always talking
about needing gas money or whatever. Maybe they’re disillusioned, depressed
a little. Life is fucking them over. We can buy them a bus ticket to any
camp they want if they’re willing to provide intel. We win no matter what.
If they agree to inform for pay, we get intel. If they tell our pitchman to
go f*** himself/herself, the activist will start wondering who did take the
money and it’ll cause conflict within the activist groups and it won’t cost
us anything.”

In 2013, there was a leak of documents from the private intelligence
company STRATFOR, which has worked for the American Petroleum Institute,
Dow Chemical, Northrup Grumman, Coca Cola, and so on. The leaked documents
revealed one part of STRATFOR’s strategy for fighting social movements. The
document proposes dividing activists into four groups, then exploiting
their differences to fracture movements.

“Radicals, idealists, realists and opportunists [are the four categories],”
the leaked documents state. “The Opportunists are in it for themselves and
can be pulled away for their own self-interest. The Realists can be
convinced that transformative change is not possible and we must settle for
what is possible.  Idealists can be convinced they have the facts wrong and
pulled to the Realist camp.  Radicals, who see the system as corrupt and
needing transformation, need to be isolated and discredited, using false
charges to assassinate their character is a common tactic.”

As I will discuss later on, solidarity and movement culture is the best way
to push back against these methods.

Other examples of infiltration and disruption have often focused on:

   - Increasing tensions around racist or sexist behavior
   - Targeting individuals with drug or alcohol addictions to become
   informants
   - Using sex appeal and relationship building to get information
   - Acting as an “agent provocateur” to encourage protesters to become
   violent, even to the point of supplying them with bombs, in order to secure
   arrests
   - Spreading rumors about inappropriate behavior to sew discord and
   mistrust


   1. * Intimidation*

The third tactic used by these companies is intimidation. They will use
fear and paranoia as a deliberate form of psychological warfare. This can
include anonymous threats, shows of force, visible surveillance, and so on.

   1. * Violence*

When other methods fail, PMCs and public law enforcement will ultimately
resort to direct violence, as we have seen with Standing Rock and many
other protest movements.

As I have written before, colonial states enforce their resource 

Hacked security camera

[jim bell]

Hackers breached security company Verkada to access 150,000 cameras 
https://mol.im/a/9344335 via http://dailym.ai/android

Re: The FBI Should Stop Attacking Encryption and Tell Congress About All the Encrypted Phones Its Already Hacking Into

[John Young]

Worth considering that FBI's public critique of encryption is (has 
always been) a cover for their cracking capablities.


This is standard disinformation for spies, natsec, budgets, lately 
for the mushrooming, bloated cybersecurity  industry.


Coming on strong for disinfo is capacious leaking, malware, 
ransomware, election interference, foreign hacking, and seemingly 
unstoppable prattle about press freedom.


Privacy and anonymity are the monsters of disinfo even as all the 
advocates boost their income with warnings and letting their log 
files be subpoened, hacked, siphoned, stolen, harvested, third 
partied with lousy data protection, inept administrators, corruptible 
executives.


To be sure, the entire internet is a boondoggle and none of it is 
trustworthy, but is gradually becoming as much of an uncontrollable 
invention as the atomic bomb, both US creations, and both with a bevy 
of orignal inventors apologizing for what they wrought, reaped 
rewards and honors for, propose useless ways of correcting, bemoan 
futile proliferation.


At 01:39 PM 3/9/2021, you wrote:


https://www.eff.org/deeplinks/2021/03/fbi-should-stop-attacking-encryption-and-tell-congress-about-all-encrypted-phones

The FBI Should Stop Attacking Encryption and Tell Congress About All the Encrypted Phones Its Already Hacking Into

[jim bell]

https://www.eff.org/deeplinks/2021/03/fbi-should-stop-attacking-encryption-and-tell-congress-about-all-encrypted-phones

Exploits: AMD - TakeAWay, Intel - CSME

[grarpamp]

https://mlq.me/download/takeaway.pdf
https://www.amd.com/en/corporate/product-security


https://thehackernews.com/2020/03/intel-csme-vulnerability.html

https://thehackernews.com/2020/03/amd-processors-vulnerability.html

1.5+ YEARS, lol at responsible disclosure (irresponsible suppression)


9 Years of AMD Processors Vulnerable to 2 New Side-Channel Attacks
March 09, 2020 Ravie Lakshmanan
amd processor vulnerability
AMD processors from as early as 2011 to 2019 carry previously
undisclosed vulnerabilities that open them to two new different
side-channel attacks, according to a freshly published research.

Known as "Take A Way," the new potential attack vectors leverage the
L1 data (L1D) cache way predictor in AMD's Bulldozer microarchitecture
to leak sensitive data from the processors and compromise the security
by recovering the secret key used during encryption.

The research was published by a group of academics from the Graz
University of Technology and Research Institute of Computer Science
and Random Systems (IRISA), who responsibly disclosed the
vulnerabilities to AMD back in August 2019.

"We are aware of a new white paper that claims potential security
exploits in AMD CPUs, whereby a malicious actor could manipulate a
cache-related feature to potentially transmit user data in an
unintended way," AMD said in an advisory posted on its website over
the weekend.

"The researchers then pair this data path with known and mitigated
software or speculative execution side-channel vulnerabilities. AMD
believes these are not new speculation-based attacks."

While the notification doesn't go into specifics about mitigating the
attack, Vedad Hadžić, one of the key researchers on the paper, said
the vulnerability is still open to active exploitation.

With Intel coming under scrutiny for a string of flaws in its CPUs —
from Meltdown, Spectre, ZombieLoad to the recent unpatchable CSME
firmware flaw — the research is a reminder that no processor
architecture is fully secure.

It's worth noting that some of the co-authors listed in the study were
also behind uncovering the Meltdown, Spectre, and ZombieLoad
vulnerabilities.

Collide+Probe and Load+Reload Attacks

Like the Intel Spectre attack, the pair of exploits — dubbed
Collide+Probe and Load+Reload — manipulate the aforementioned L1D
cache predictor in order to access data that should otherwise be
secure and inaccessible.

"With Collide+Probe, an attacker can monitor a victim's memory
accesses without knowledge of physical addresses or shared memory when
time-sharing a logical core," the researchers outlined. "With
Load+Reload, we exploit the way predictor to obtain highly-accurate
memory-access traces of victims on the same physical core."


L1D cache way predictor is an optimization mechanism that aims to
reduce the power consumption associated with accessing cached data in
memory:

"The predictor computes a μTag using an undocumented hash function
on the virtual address. This μTag is used to look up the L1D cache way
in a prediction table. Hence, the CPU has to compare the cache tag in
only one way instead of all possible ways, reducing the power
consumption."


The newly discovered cache attacks work by reverse-engineering this
hashing function to track memory accesses from an L1D cache. While
Collide+Probe exploits μTag collisions in AMD's L1D cache way
predictor, Load+Reload takes advantage of the way predictor's handling
of aliased addresses in the memory.

In other words, the two attack techniques can be employed to
exfiltrate sensitive data from another process, sharing the same
memory as the attacker or a process that's running on a different
logical core of the CPU.

To demonstrate the impact of the side-channel attacks, the researchers
established a cache-based covert channel that exfiltrated data from a
process running on the AMD CPU to another stealthy process, achieving
a maximum transmission rate of 588.9kB/s using 80 channels in parallel
on the AMD Ryzen Threadripper 1920X processor.

With AMD's EPYC processors being embraced by popular cloud platforms
such as Amazon, Google, and Microsoft, the fact that these attacks can
be carried out in a cloud setting poses significant concerns.

Furthermore, the security researchers were able to successfully stage
a Collide+Probe attack on some common browsers, namely Chrome and
Firefox, by bypassing address space layout randomization (ASLR) in
browsers, thereby reducing the entropy, and retrieving address
information.

ASLR is a security implementation that's used to randomize and mask
the exact locations of code and key data areas inside a CPU's memory.
Put another way, it hinders a potential attacker from guessing target
addresses and jumping to specific sections in the memory.

"In Firefox, we are able to reduce the entropy by 15 bits with a
success rate of 98% and an average run time of 2.33 s (σ=0.03s,
n=1000)," the researchers noted. "With Chrome, we can correctly reduce
the bits with 

Cryptocurrency: FedCoin - #1 Shitcoin

[grarpamp]

"
Fedcoin: A Central Bank Digital Currency

The Fedcoin has bipartisan support. Jay Powell, appointed as Federal
Reserve Chairman by President Trump, said in October that the Federal
Reserve is conducting research into issuing a digital currency, on its
own and also in partnership with other central banks and the Bank for
International Settlements.

Janet Yellen, appointed as Fed Chair by President Obama, said last
week, “It makes sense for central banks to be looking at issuing
sovereign digital currencies.”

They give different stated reasons. Powell is more conservative, and
his focus is on addressing the potential competitive threat of bitcoin
and digital currencies from countries such as China. However, if he
really wanted to make the dollar more competitive against the yuan,
then he would just abuse the Fed’s credit less.

Yellen nods to a progressive idea, saying that a Fedcoin, “could help
address hurdles to financial inclusion in the U.S. among low-income
households.” However, if she really wanted the “unbankables” to be
able to open accounts, then she would just repeal anti money
laundering and other regulations that penalize a bank for crimes
committed by its clients.


Both Powell’s and Yellen’s statements are disingenuous. A Fedcoin is
coming, because it’s necessary. Allow us to explain the two real
reasons. The first is sinister. The second is more pernicious.



Why Fedcoin? Two Real Reasons

The first reason is the pathological fall of interest rates over the
last four decades. Interest in the US dollar has not gone negative
yet, though it has in the Swiss franc, the euro, the pound, and the
yen. Interest will continue to fall.

When the rate goes negative enough, the banks will not be able to hold
the line on paying zero interest in deposit accounts. They will be
forced to pass through their pain to depositors. This will provide the
first incentive to withdraw cash from the banks—thus pulling out
capital—since the 1930’s. The paper dollar bill has zero yield. People
will prefer zero to negative yield. Free is better than paying to hold
your money.

The central banks have three ways to try to fight this. One, they
could try to impose losses on dollar bills. They could create an
algorithm that deducts from the face value, based on serial number. If
they roll this out to point-of-sale devices, then every merchant will
know the legal tender value of your cash. That “twenty” could actually
be worth $19.93. But this seems impractical and confusing.

Two, they can demonetize cash. People are given until a certain date
to turn in their cash for a credit to their bank accounts. After that,
the paper will have no legal tender value. But, as Yellen noted, many
people are kept out of the banking system.

Or, three, they could issue a Fedcoin and force everyone to trade
their paper cash for Fedcoins. Fedcoin would be nothing like bitcoin.

Fedcoin would be programmed to erode at a rate to match the Fed’s
negative interest rates. Thus, it would not provide a haven to anyone
seeking to hold cash to avoid the erosion of bank balances. They will
have you totally trapped.

This is an extension of the same idea behind banning gold in 1933. The
people were disenfranchised, unable to opt out of the government’s
debt. The most conservative saver was forced to hold government bonds,
rather than gold. Indeed, after that, the definition of risk-free
asset is the government bond.

After 1975, you can hold gold. But now, it’s not a dollar balance. It
has dollar price volatility. Hence, it’s unsuitable for many
conservative savers (and financial institutions). If you have a
billion dollars of cash, and a liability to pay a billion dollars in
two months, then you cannot take the risk on gold. As we write this,
the price of gold has dropped $244 dollars since the start of 2021, or
about 13% in about two months.

An individual may be able to escape the system by buying gold (or
bitcoin), however the dollars are trapped in the system. The seller of
the gold (or bitcoin) is the new owner of those dollars. And faces the
same awful choice of the tiger or the tiger.

The Fedcoin will be designed to further tighten the noose. Even cash
will become entirely electronic, and subject to slow confiscation. Not
by inflation. But by negative interest rates that reduce the account
balance.
"

... and by inflation, tax theft, bail-ins, bail-outs, war bonds, govt
paychecks, debt, etc.