NSA tools release to Dark Web Date 2014 (likely earlier imho)

Kaspersky tools removal update. But keep reading – it gets better:

http://www.mcclatchydc.com/news/politics-government/congress/article180707721.html

Now for the punchline – They’ve documented that Kaspersky, a Russian company close to Putin, was hacked by Israel. Kaspersky security researchers have confirmed the NSA hacking tools existence when they discovered it in the spring of 2014. The article;

http://www.businessinsider.com/russia-kaspersky-lab-nsa-spy-us-computer-2017-10

In a statement, the company (Kaspersky) said it stumbled on the (NSA) code a year earlier than the recent newspaper reports had it (ed: Comey stated summer 2015), in 2014. It said logs showed that the consumer version of Kaspersky’s popular product had been analyzing questionable software from a U.S. computer and found a zip file that was flagged as malicious.

And it further states, again from the article:

Kaspersky’s Equation Group report was one of its most celebrated findings, since it indicated that the group could infect firmware on most computers. That gave the NSA almost undetectable presence.

Kaspersky later responded via email to a question by Reuters to confirm that the company had first discovered the so-called Equation Group programs in the spring of 2014.

So a Russian antivirus software found a zip file with NSA hacking tools in 2014. Hacking tools that target Microsoft and other business software, again, in the Spring of 2014. Confirmed by Israeli Security researchers who hacked Kaspersky.

Now, what they found was a compressed, portable, easily emailed or traded via email even as nobody else had the signatures to detect. A zip file.

A zip file.

For those unfamiliar with the industry, by the time an exploit is being traded in a 7 z it’s long been in the wild. That is the commodity phase of the economic curve.

The economics of the dark web have been researched and are well documented (hint: look at DEFCON and Blackhat presos from a few years back.)

If you are a reporter or security researcher – keep digging. Basic economics say it had to have been being traded early 2013 for high bids with a quick pricing decline as is typical with shrink wrap software.

It remained unpatched. Every company using common business software was, and probably still is, an open book. A trivial metasploit script and your movies, your directional drilling tech, your seismic data, patents, medical history, your porn habit, email, fb, you name it, was and probably still is wide open.

Bottom line: My opinin is the timeline of the NSA hacking tools being released is 2013. If not earlier. (But I’ll stick with my mid-2013 estimated release to the wildebeasts estimate.) NSA let them into the wild as discovered by Russians (current media puts this at 2014) who were then hacked by our allies Israel. Israel then reported this to the US.

And we did nothing. Think about it.

Just add that up and you get Russia hacking US companies and associations using our own tools paid for by YOU. NSA hacking tools discovered and reported to the US by our allies in Israel. 2014 or earlier.

What did NOT happen was responsible reporting to vendors like Microsoft who only patched it when the Shadow Brokers released it on github in 2017.  Thus from 2014 (or earlier), our allies, our foes, and our own security agencies did nothing to protect US intellectual property, infrastructure, companies, jobs, and people.

Noodle that one.

…. this story will continue to unfold. And if you are an investigative journalist, maybe ask around the community politely regarding who’s zoo had the code and when.

Update;  http://www.theregister.co.uk/2017/10/25/kaspersky_nsa_keygen_backdoor_office/

thinking men think, and therefore change their minds

Man is not a rational animal, he is a rationalizing animal. – Robert Heinlein

Leadership, I frequently say, is about “making good decisions with limited information.” Not perfect decisions. But good decisions. You don’t have a choice in business: move quickly or die. And unlike CEOs on Wall Street, the small business CEO’s worst nightmare is to fail their employees and customers. I am not afraid of risk or failure as an individual, but I do have obligations and those must be met and that requires leadership during trying times.

There are three major factors that make leadership decisions difficult:

  1. Speed – you must make a decision and you never have enough information.
  2. Pressure – the pressure to make the right call, and make it now, is intense.
  3. Commitment – even if only 51% sure about a decision, commit 100%.

I suspect politicians face the same deadly triad when making decisions. And worse than letting their employees and family down, politicians risk being pilloried in the media, dragged through the hot coals of a PR disaster, and destroying the empire! Why anyone would want to be a politician is beyond me.

So it was with some relief this weekend when I read the letter to the editor in the Houston Chronicle by Charles Hamilton of Spring Texas titled “Thinking Men Think.” It was like someone with common sense finally stepped into the room. From his letter:

Regarding “Let’s give Romney time to sort out his positions” (Page B9, Friday), Gail Collins inaccurately notes a presidential nonqualifying trait in Mitt Romney‘s “not giving a fig” about undocumented workers clipping his lawn.

and

Non-objectively, she does not compare Obama’s many flip-flops (e.g., closing Guantanamo) with Mitt’s (e.g., abortion)…

Thinking men think. Man’s judgment of other men’s motives is often flawed.

Politician’s disparage each other to get elected because we the electorate remember bad stuff better. Witness the oft quoted and paraphrased “you get 10 bad reviews from an angry customer versus 1 recommendation from a happy customer.” Witness “if it bleeds it leads.” Witness Perez Hilton, the Drudge Report, etc… WE have trained the media and the politicians to feed us disparaging remarks about each other.

And the worst of those sound-byte-disparagements is she “s/he flip-floped on issue _____.” What does that mean in poli-parlance? It is slang for “the politician changed their position” with an implied “you can’t trust them.”

The White Houseflip-flopping,” by the media, is consistent with the actions of a rational human being. Feel free to ponder “what” changed. Be it pandering to the left or right. But SOMETHING changed in the politician’s world-view to have them logically take a new position.  The broad definition of flip-flopper can be painted on President Obama as well as on candidates Mitt Romney and Newt Gingrich. And how does this help move us forward? It doesn’t.

Look, we all benefit from a healthy Presidential Election. Let’s talk about the issues in the primary and in the general election. But if you hear someone say “he is a flip-flopper” the person who is speaking is not thinking with acuity. Don’t we deserve a leader smart enough to move with the cheese?

As Charles’ said – “Thinking men think.” And thank God for that!

(this is a cross post – to comment please comment on the chron.com version here.)

ensure that every convoy has ground security and air cover

“In Iraq, a U.S. military spokesman says every step in the withdrawal is a “deliberate operation in which we collect intelligence, coordinate with the Iraqi Security Forces, clear routes and ensure that every convoy has ground security and air cover.””

CNN

We want our troops home SAFE! And on Thanksgiving I give thanks to those who have served. Thank you!

I get why people are so angry

“I get why people are so angry at seeing Christmas commercials and why petitions are starting left and right and why regular, educated, hard-working Americans are taking to the streets to occupy and lend their voices to the movement.

These people are normal. They have kids and dogs and jobs that they’ve held for 17 years. They work in the lowest-paid but highest-required degree social institutions and donate money to social injustice to help other people. They take care of their sick parents. They help other people when they can by sending them to community organizations or by just paying a light bill. They do the best they know how to do. They never think they were going to end up here.

At least I didn’t think I would.”

(source)

Chron Post: Millennials head under a rock

The Chron.com started a new blog called The List and asked me to guest blog post. My first (and only) post so far is titled:

old-glory-by-eschipul1Chron Post: Millennials head under a rock

The GI generation, by all accounts, appears to have raised one of the biggest groups of spoiled kids our country has ever seen. The Baby Boomers. And the Boomers are burying the Millennial generation and their grandkids in debt and chaos. Pretending deficit spending isn’t just a deferred tax increase (it is). And that seems wrong to this Gen X’er..

In the book GENERATIONS, The History of America’s Future, the authors describe the Boomers as:

The Boomers, who came to college after Eisenhower and before the Carter malaise of 1979. These were the babies of optimism and hubris, Beaver Cleaver and Musketeers, the post-Sputnik high school kids whose SAT scores declined for seventeen straight years, student strikers, flower-child hippies and draft resisters. – pg 30

(read the full post on Millennials and the Baby Boomers on Chron.com here.)