Friday, November 17, 2017

The Cost of Harassment in Washington

With the recent flood of reports of inappropriate behaviour by those in Hollywood and Washington, a recent release from the United States Congressional Office of Compliance (OOC) provides us with a glimpse of how much harassing behaviour costs U.S. taxpayers.

Here is the cover letter to the report:


....and here is how much harassing behaviour by those in Washington cost taxpayers:


That's a total of more than $17 million that was paid out as settlements over the two decades between 1997 and 2017 for 260 incidents related to Congressional harassments.  Note that these settlements are not necessarily for harassment of a sexual nature, rather, they include discrimination related to religion, disability and race.

In any case, while $17 million may not seem like a great deal of money given the size of Washington's budget, it speaks volumes about the harassment that goes on in the hallowed halls of Washington.

Fortunately, as shown here, there is a solution:




Freedom of the Press in the Post-Truth Era

Since the 2016 U.S. presidential election, there has been a strong sentiment that all is not right in the mainstream media.  With President Donald Trump posting tweets like this:



...it is not surprising that a substantial portion of Americans (and people of other nations) have become increasingly skeptical about what they see, hear and read.  What is missing in the debate about the mainstream media, however, is the degree of freedom that the press has to actually cover the events that impact our lives.  Thanks to the most recent report from Reporters Without Borders (RSF), we have a comparison of freedom of the press among all nations in the world, including the United States.

Let's start by looking at how Reporters Without Borders (RSF) calculates the degree of freedom of the press.    The degree of press freedom for the journalists of 180 nations is determined by using the responses of experts to a questionnaire created by RSF which measures the following qualitative parameters:

1.) pluralism - the degree to which opinions are represented in the media.

2.) media independence - the degree to which media functions independently of business, religion and political power and influence.

3.) media environment and self-censorship - analyzes the environment in which news providers operate.

4.) transparency - the degree of transparency of institutions and procedures that affect the production of news.

5.) legislative framework - the degree to which a nation's legislative framework governs news activities.

6.) infrastructure - the quality of the infrastructure that supports the production of news.

The questionnaire consists of 87 questions which have been translated into 20 languages.  

In addition to the qualitative analysis, RSF also takes a quantitative look at abuses or acts of violence against journalists and scores them on a scale of 0 to 100.

The combined qualitative and quantitative scores are combined, giving a nation a score ranging from 0 to 100 with 0 being the best possible score and 100 being the worst possible score.  This allows RSF to compare scores from one year to the next.  Two scores are calculated; ScoA is based on the first 6 qualitative indicators and ScoB is based on a combination of the first six indicators with the quantitative abuses indicator.  A nation's final score is the greater of the two scores; by using this score in its final ranking, RSF is able to prevent a nation that has a low degree of journalistic abuse from getting a high ranking simply because the media is centrally controlled (i.e. a lack of freedom of the press).

The rankings are as follows:

From 0 to 15 points - good (nations coloured white)
From 15.01 to 25 points - fairly good (nations coloured yellow)
From 25.01 to 35 points - problematic (nations coloured orange)
From 35.01 to 55 points - bad (nations coloured red)
From 55.01 to 100 points - very bad (nations coloured black)

Here is the map showing RSF's rankings:


Let's look at some specific rankings and scores:

1 - Norway - 7.60

2 - Sweden - 8.27

3 - Finland - 8.92

4 - Denmark - 10.36

5 - Netherlands - 11.28

16 - Germany - 14.97

19 - Australia - 16.02

22 - Canada - 16.53

29 - Spain - 18.69

39 - France - 22.24

40 - United Kingdom - 22.26

43 - United States - 23.88

45 - Taiwan - 24.37

63 - South Korea - 27.61

72 - Japan - 29.44

91 - Israel - 31.01

102 - Ukraine - 33.19

120 - Afghanistan - 39.46

135 - Palestine - 42.90

136 - India - 42.94

139 - Pakistan - 43.55

147 - Mexico - 48.97

148 - Russia - 49.45

155 - Turkey - 52.98

163 - Libya - 56.81

165 - Iran - 65.12

168 - Saudi Arabia - 66.02

176 - China - 77.66

180 - North Korea - 84.98

It is interesting to see that some of the nations that have been the beneficiaries of Washington's regime changing events have among the least free medias in the world.  It is also interesting to note that the United States has less freedom of the press than some of the former Iron Curtain nations like the Czech Republic, Latvia and Lithuania.

Let's close this posting with this quote from Reporters Without Borders:

"The 2017 World Press Freedom Index compiled by Reporters Without Borders (RSF) reflects a world in which attacks on the media have become commonplace and strongmen are on the rise. We have reached the age of post-truth, propaganda, and suppression of freedoms – especially in democracies." (my bold)

Remember that when you read, listen to or watch news coverage in whatever nation you are living in.  It's a sobering to think that we now live in a post-truth era, a fact that affects all of us no matter which side of the political spectrum that we may fall on.

Wednesday, November 15, 2017

Washington and the McCarthy Era Part II

recent release from WikiLeaks received almost no traction in the global mainstream media, however, this release provides us with an inside look at how the Central Intelligence Agency uses its own malware to impersonate a key Russian cybersecurity company.  This subject is particularly pertinent given Washington's obsession with all things Russian since the alleged hacking of the 2016 U.S. presidential election.

According to the documents released by Wikileaks, "Hive" is a major component of the CIA's infrastructure to control its malware which is used to hack, record and even control modern hi-tech equipment globally.  Here is a description of Hive:

"Hive solves a critical problem for the malware operators at the CIA. Even the most sophisticated malware implant on a target computer is useless if there is no way for it to communicate with its operators in a secure manner that does not draw attention. Using Hive even if an implant is discovered on a target computer, attributing it to the CIA is difficult by just looking at the communication of the malware with other servers on the internet. Hive provides a covert communications platform for a whole range of CIA malware to send exfiltrated information to CIA servers and to receive new instructions from operators at the CIA.

Hive can serve multiple operations using multiple implants on target computers. Each operation anonymously registers at least one cover domain (e.g. "perfectly-boring-looking-domain.com") for its own use. The server running the domain website is rented from commercial hosting providers as a VPS (virtual private server) and its software is customized according to CIA specifications. These servers are the public-facing side of the CIA back-end infrastructure and act as a relay for HTTP(S) traffic over a VPN connection to a "hidden" CIA server called 'Blot'." (my bold)

The cover domain that is browsed by anyone surfing the web will deliver "innocent content" to the user who will not suspect that the website is abnormal.  The Hive source code allows the CIA's malware to mask itself under false security certificates that impersonate public companies making users think that the extraction of their information was being undertaken by an impersonated company. 

Here is another quote from Wikileaks:

"Digital certificates for the authentication of implants are generated by the CIA impersonating existing entities.  The three examples included in the source code build a fake certificate for the anti-virus company Kaspersky Laboratory, Moscow pretending to be signed by Thawte Premium Server CA, Cape Town.  In this way, if the target organization looks at the network traffic coming out of its network, it is likely to misattribute the CIA exfiltration of data to uninvolved entities whose identities have been impersonated." (my bold)

In the WikiLeaks documents we find this:


If you look at the text eleven lines from the top you will find the words "Kaspersky Laboratory", the Russia-based security company and purveyor of one of the world's most popular anti-virus products.  By using these fake digital certificates to authenticate the implants, the CIA is able to make it look like Russia-based Kaspersky Laboratory is the party that is responsible for the exfiltration (extraction) of data.

According to the Hive 2.9.1 User's Guide, a self-delete function was added to Hive to ensure that any version of a Hive implant that lies dormant for a predetermined amount of time effectively destroys itself, leaving behind only a .config file and a .log file in the /var directory.

While all of this may seem rather unimportant in the grand scheme of Washington, it is important to remember that the House Science Committee recently held a hearing in October 2017 on the risk of Kaspersky products to the U.S. government as shown here:


 ...and sent the following letter regarding request for information on the federal government's use of Kaspersky products in July 2017:






Here's what the Department of Homeland Security had to say about Kaspersky and the removal of Kaspersky products from the computers of federal agencies on September 13, 2017 because they posed a risk to the "integrity and security of federal information systems":


So, basically, Kaspersky has been found guilty of being a security risk to the United States government at the same time as at least one arm of the U.S. security branch is using Kaspersky as a mask for its own snooping malware. 

Interesting times we live in, aren't they?  It's like the paranoia of the 1950s McCarthy era all over again.

Tuesday, November 14, 2017

Global Climate Change - How Warm is Warm?

While you may or may not believe in the concept of anthropogenic global climate change, a recent study by University of Washington's Adrian Raftery et al entitled "Less than 2 degrees C warming by 2100 unlikely" should at least give you pause to ponder the direction that our fragile world is heading.  This study is particularly pertinent given that a 2 degrees Celsius temperature increase is often seen as the "tipping point" that could lead to environmental calamity. 

The authors of the paper suggest that the Intergovernmental Panel on Climate Change (IPCC) projections for global temperatures out to 2100 are not based on a fully statistical approach.  The authors use a country-specific model to predict future greenhouse gas emissions based on each nations' population, per capita GDP and carbon intensity (carbon dioxide emissions per unit of GDP).  They note that carbon intensity for many nations has already peaked as shown in this graphic which expresses carbon dioxide emissions in tonnes of CO2 per USD100,000 in Purchasing Power Parity:


Based on 50 years of past data, the authors calculated the following parameters going out to the year 2100:

1.) Growth in per capita GDP - 1.8 percent annually with slower GDP growth in developing economies

2.) Decline in carbon intensity - 1.9 percent annually

3.) Global population - increases by 4 billion, from the current 7.2 billion to 11.2 billion with much of the increase in the population of Sub-Saharan Africa

When looking at the contribution of the three factors to uncertainty about carbon dioxide emissions in 2100, the authors measured that GDP per capita accounted for 50 percent of total uncertainty, carbon intensity accounted for 48 percent of total uncertainty and global population accounted for only 2 percent of total uncertainty.  

With this background in mind, here is a histogram showing the authors' predictive distribution of global mean temperature changes relative to the period from 1861 to 1880 in degrees Celsius:


Calculations show that, by 2100, there is a 90 percent chance that global temperatures will increase by 2.0 to 4.9 degrees Celsius with a median of 3.2 degrees Celsius.  There is a 5 percent chance of warming by less than 2 degrees Celsius and a 1 percent change of warming by less than 1.5 degrees Celsius. 

Let's close by looking at some quotes from the lead author, Adrian Raftery:

"Our analysis shows that the goal of 2 degrees is very much a best-case scenario. It is achievable, but only with major, sustained effort on all fronts over the next 80 years.  Our analysis is compatible with previous estimates, but it finds that the most optimistic projections are unlikely to happen.  We're closer to the margin than we think.  Overall, the goals expressed in the Paris Agreement are ambitious but realistic.  The bad news is they are unlikely to be enough to achieve the target of keeping warming at or below 1.5 degrees."

As we can see from this study, one of the biggest impacts on long-term greenhouse gas emissions is the change in carbon intensity.  If continuing innovations reduce global energy needs at the same time that economic output grows, we may not win the 2 degree Celsius battle but we may prevent the worst case scenario from occurring as is predicted in this rather sobering research.