NSA / Tory / NHS disaster

Okay so we have an exploit captured or created by the NSA that is added to some ransom ware probably in less then 10 minutes and its now wreaking havoc across the globe and most worryingly the NHS.

Basically this shows a number of things

1) exploits should always be reported back to the OS manufacturers not be used by government organizations otherwise they have the potential to hit other government organizations. Adding to this the reasoning is exploits can be harvest by anyone who knows what they are doing, and these can be reused and weaponized.

2) The Tory government should fund the NHS properly security should not be done piecemeal and have someone like me or Lauri Love with oversight to check out their security. People like us think outside of the box.

3) The case against Lauri Love SHOULD BE DROPPED IMMEDIATELY !!!! We should not be torturing him with this threat of extradition to an unknown future in an American jail.

4) This is a continual battle that will probably never end. There is just today an email based virus that can take over a machine via local machine Outlook without even having to have the email opened.

5) The government are guilty not ensuring the security of its organizations like the NHS should be a top down solution from a centralized team and not done piece meal; this is for many reasons.

TOR was initially funded, developed, and unleashed on the world by DARPA; just sayin

The initial funding, development, and implementation for the TOR project was provide by United States Naval Research Laboratory and DARPA. So you can blame them for letting the dark web out onto the internet with all the clandestine behaviour that that resulted in.

It has taken the CIA and FBI years to get to the point where they can detect traffic and end points; and they were complaining, along with the governments of this world about the use of TOR and the little known I2P.

Securing unknown machines by BIOS content

UEFI is broken, by a leak from MicroPoodle, sorry Microsoft, sorry that’s a heart bleed. Anyway by examining a machine BIOS and knowing the size of the machine BIOS storage device (usually some form of EEPROM) device we can check the SHA512 sum and we can check content. With no other permanent storage devices or open communication devices (which if exist on board then employment of a Faraday cage can close this communication vector) then we can establish by exhaustion of both the individual BIOS’es contents and the configuration space of all existing BIOS’es and BIOS updates; this space will probably never be able to be completed so only true positive can be established.

So called Independent newspaper reporting on the ‘Turing Bill’

The so called Independent and other media bodies cannot even report legal issues correctly. The latest filibustered bill to pardon homosexuals is not actually connected directly with the Turing Bill of 2013. The filibustered bill is actual connected with the Sexual Offences Act. These are separate although connected in the basic nature of the incorrectness of the law regarding such matters.

News papers should be there to inform the public and they should do it correctly making the right distinctions and being correct in regard to matters of legislation and law.

The Turing Bill “pardoned” Turing for not being looked after after he shortened the war or even help win the war, being chemically castrated and left in a hell of a horrific state by the authorities and those around him.

Turing Bill filibustered by Tory minister amid row over how to pardon people convicted under scrapped anti-gay laws

Local ‘localhost’ DNS, Secure DNS, and Secure Distributed DNS server’s

It would be very simple to implement secure and resilient localized and distributed DNS.

The basic minimal mechanics for doing this requires just a caching and persistent DNS rad through server on localhost pointed to by your operating systems DNS settings.

There is already a set of cryptic but existing protocol extensions DNSSEC to the IETF DNS RFC’s, and also DNS over TLS. These would provide secure lookup of DNS records.

A further distributed peer to peer layer would ensure another level of integrity and resilience under network stress and DDoS attack conditions.


Re. Lauri Love and his possible extradition

A man who is either smart enough to outwit NASA, the US Federal Reserve, the US Army and the Missile Defence Agency, or demonstrate the inability of these organization to manage there internet security and/or modem connection presence on the global communications networks that are also privy to access from the Russia Intelligence agencies and to attacks from all manner of sources from Chinese and now North Korean sources or demonstrate this at such an early time should not have been treated like this from the start. The US authorities did not “learn their lessons” and should have treated this whole matter in a totally different manner. Late punitive legal action over ineffectual and bad legislation is in any ones interests other than the furthering of attorneys carers as is demonstrated by the Aaron Schwarz case that triggered this whole set of desperate behaviours in by all sides the first place.

Over 50 British MPs write to President Obama to drop extradition charges against alleged hacker Lauri Love