If we believe Orr Hirschauge, writing for the Wall Street Journal on the 25th, the Chinese are in Israel to invest in technology. The companies involved got my attention because one of them, Qihoo 360 Technology, is a an Internet security company, in a land of them in Israel.
Israel has several companies that we all know, two we know well, Checkpoint and Cyberark.
Checkpoint owns Zone Alarm, Protect Data, Nokia Security Appliances, and a startup in Boston called Liquid Machines, an up an coming data rights management company.
The investment company Viola is where Qihoo is going. One their investments is Cyberark, see: [ http://www.cyberark.com/press/cyberark-files-registration-statement-proposed-initial-public-offering/ ] which specializes in security of admin and similar privileged accounts. Another is Skybox which does security product integration across an enterprise. There are several that specialize in VM.
The Chinese are almost always after something when they invest, and it isn't just the profits from an investment. They start this way to get a foothold in a company. They get to know the players and they get into business with them. Then they hack the people they know and learn their business strategy and inside information that allows them to compete. This time, they seem to be after security, virtual machines, wireless and broadband companies, particularly new ones. The next thing we will see will be offers of joint ventures and technology sharing agreements. Then, they break those off and start competing directly.
Saturday, September 27, 2014
Thursday, September 25, 2014
The Myth of Security in Clouds
In today's Wall Street Journal, John Chambers, Chairman and CEO of Cisco, was featured in a video story about technology. The Journal asked about myths related to cloud implementation. He waited a long time before responding (this story is a video so you can see the hesitation) and commented "I'm going to get in trouble on this. I guarantee my PR team is sweating" a response. That would be, of course, because Cisco is a major player in the cloud business and his comments were sure to listened to, and make news. He only made news for the few thousand companies that think clouds are secure and they can push off their security worries by contracting it out to someone else. It won't work. It has never worked, but most of the vendors are saying how safe and secure your data is, if only you can seize the cloud moment and give your data to them. That is a myth, as he points out.
We should applaud him for being honest, a trait some of his contemporaries are less inclined to show. They would rather say nothing, than speak ill of the Angel of Revenue.
He wasn't brutally honest, just mildly so, and he did qualify everything he said. But, he pointed out that security in clouds is "not quite there". He did this at a time when major businesses are about to embark on a grand experiment to offload credit card payment systems to clouds, pushing them out to mobile devices. That data has been in clouds without much fanfare, but Apple is going to make history by taking it there on a grand scale.
The Apple developer assured me they spent "3 years making this system secure". I have been doing security for 45 and it always amazes me that each generation thinks they can beat the world to a secure way to move money. I remind them of something one of my college professors said, "Criminals spend as much time at their jobs as you do at yours." You can bet those Russian and Eastern European gangs will have a solution to this problem one day. They spend years at their jobs too.
The Federal government is having its moment too with clouds, without understanding the difference between a public and private cloud. They want to use clouds but don't want to do the work to have a private cloud. They experiment, here and there, with using public clouds for e-mail and data storage without a clue about what they are doing. There is no centralized planning for any of it.
If we want to secure data, we can't give it off to someone else to do. Make it secure before you give it to them, and let them store and distribute it. Don't think they can secure it.
Wednesday, September 24, 2014
Homeland Strikes Again
There are times when it is best to keep quiet.
There are a splash of stories on the news channels about the potential for lone wolf attacks in the U.S. as a way of retaliating for airstrikes in Iraq. We have some people in Homeland Security who think it is a great idea to warn people about things they have little way to control. We used to see these stupid BOLA warnings (Be On the Lookout For) that would say some law enforcement agency was looking for a red van with four occupants, possibly heading south. The justification is always that we can't give out classified information so we issue a warning that can be issued without divulging sources and methods.
If you can't say enough about the issue, then keep quiet. These kinds of warnings do not convince the average person that Homeland knows what they are doing, and they certainly do not supply law enforcement with enough information that they can act on it. The warnings actually help terrorists by amplifying their affect.
There are a splash of stories on the news channels about the potential for lone wolf attacks in the U.S. as a way of retaliating for airstrikes in Iraq. We have some people in Homeland Security who think it is a great idea to warn people about things they have little way to control. We used to see these stupid BOLA warnings (Be On the Lookout For) that would say some law enforcement agency was looking for a red van with four occupants, possibly heading south. The justification is always that we can't give out classified information so we issue a warning that can be issued without divulging sources and methods.
If you can't say enough about the issue, then keep quiet. These kinds of warnings do not convince the average person that Homeland knows what they are doing, and they certainly do not supply law enforcement with enough information that they can act on it. The warnings actually help terrorists by amplifying their affect.
Tuesday, September 23, 2014
When 5 Billion is a small number
Those who saw the IRS Director on CBS' 60 Minutes this past week, must have wondered why they hadn't done anything about a simple fraud affecting 3,000,000 people every year, costing them time to stand in lines a mile long to resolve a problem they didn't cause. It is causing losses of $5 Billion a year, slightly less than the theft of credit cards has cost Target so far.
All it takes is filing a fraudulent tax return using a stolen social security number, which everyone seems to use as an id number, in spite of rules to the contrary. Why we continue to accept that is beyond me. IRS has made it easy to do, by assisting the fraud by dubious ways to make payment to a debit card making the money portable. They were sending checks to the same address for hundreds of people, but anyone living in a condo knows how that can be. Still, matching is a typical way to discover this kind of fraud and its obvious they aren't doing it.
Their problem is simple. It isn't that much money. The Treasury takes in $3 Trillion in revenue every year and it keeps going up. $5 Billion is less than 1%, and maybe all the fraud schemes like filing multiple returns across IRS Regions, and the myriad of schemes to keep from paying taxes at all, don't add up to more than 2%. They might easily say, "acceptable loss" to anyone who was looking into it.
Only that isn't the way you determine what is acceptable. They should be looking at how much it costs to cross match returns, and how much would they recover. Maybe that answer would be more revealing than the current fraud. They have to prosecute the cases and they get no revenue when it is over. Maybe that is what they mean by acceptable loss.
The credit card industry was doing the same thing with stolen credit cards and the numbers had to get really big for them to do anything about it. The 60 Minutes show alluded to the same thing happening with this fraud. Before they will act, the numbers will be $100 Billion yearly, or something in that neighborhood.
Maybe one of the questions the Hill should be asking in this next round of hearings is "What is the number that you need to make this loss unacceptable?"
All it takes is filing a fraudulent tax return using a stolen social security number, which everyone seems to use as an id number, in spite of rules to the contrary. Why we continue to accept that is beyond me. IRS has made it easy to do, by assisting the fraud by dubious ways to make payment to a debit card making the money portable. They were sending checks to the same address for hundreds of people, but anyone living in a condo knows how that can be. Still, matching is a typical way to discover this kind of fraud and its obvious they aren't doing it.
Their problem is simple. It isn't that much money. The Treasury takes in $3 Trillion in revenue every year and it keeps going up. $5 Billion is less than 1%, and maybe all the fraud schemes like filing multiple returns across IRS Regions, and the myriad of schemes to keep from paying taxes at all, don't add up to more than 2%. They might easily say, "acceptable loss" to anyone who was looking into it.
Only that isn't the way you determine what is acceptable. They should be looking at how much it costs to cross match returns, and how much would they recover. Maybe that answer would be more revealing than the current fraud. They have to prosecute the cases and they get no revenue when it is over. Maybe that is what they mean by acceptable loss.
The credit card industry was doing the same thing with stolen credit cards and the numbers had to get really big for them to do anything about it. The 60 Minutes show alluded to the same thing happening with this fraud. Before they will act, the numbers will be $100 Billion yearly, or something in that neighborhood.
Maybe one of the questions the Hill should be asking in this next round of hearings is "What is the number that you need to make this loss unacceptable?"
Thursday, September 18, 2014
Security of Defense Contractor
We are reminded by today's disclosures by almost every news carrier (AP and Reuters being the first I saw) that the Chinese have hacked into some interesting parts of TRANSCOM (again, we should add, since it isn't the first time TRANSCOM has been hit) deep in its transport subcontractors. The examples given are airlines and ships, of the 20 o so discovered, two were reported to TRANSCOM. Before we blame these folks for what is happening to their contractors, we might consider they are not alone in having their contractors hacked. In the last couple of years it has become an epidemic of names, most of whom should know better, since they sell cyber defense.
There is no oversight of computer security among defense contractors. There used to be a program to do that, but it only covered the protection of classified information. They don't even do much of that anymore, and contactors security staffs certainly need help. They don't get much from their own management. You can run down the list of major defense contractors who have been hacked and can hardly find one that wasn't. It makes no sense.
We had a major contractor get hacked at a place where I once worked and we refused to use their networks for anything sensitive. That was almost 10 years ago. You would think Defense would be smart enough to start overseeing some of the data they give to contractors and making sure essential services are protected through reasonable reporting and oversight. They are, after all, spending billions of dollars doing things for Defense, and should expect a little oversight. When they lose the designs to major weapons system who loses out?
You would think that things like security clearances would be worth something, or that all that money we spent on centralized adjudication would have been well spent. Let's ask Edward Snowden about how well that worked.
While we are cutting defense, let's make sure to keep a few things that are needed. Contractors, are not all equal, because 10% of them have 90% of the defense work. Let's put some effort into getting the big ones in order and helping small ones keep up.
There is no oversight of computer security among defense contractors. There used to be a program to do that, but it only covered the protection of classified information. They don't even do much of that anymore, and contactors security staffs certainly need help. They don't get much from their own management. You can run down the list of major defense contractors who have been hacked and can hardly find one that wasn't. It makes no sense.
We had a major contractor get hacked at a place where I once worked and we refused to use their networks for anything sensitive. That was almost 10 years ago. You would think Defense would be smart enough to start overseeing some of the data they give to contractors and making sure essential services are protected through reasonable reporting and oversight. They are, after all, spending billions of dollars doing things for Defense, and should expect a little oversight. When they lose the designs to major weapons system who loses out?
You would think that things like security clearances would be worth something, or that all that money we spent on centralized adjudication would have been well spent. Let's ask Edward Snowden about how well that worked.
While we are cutting defense, let's make sure to keep a few things that are needed. Contractors, are not all equal, because 10% of them have 90% of the defense work. Let's put some effort into getting the big ones in order and helping small ones keep up.
7.3 million on Obamacare at risk
Marilyn Tavenner testified before Congress today saying there were 7.3 million customers signed up for Obamacare. Considering that she is the one who overrode their Security Team at CMS and put the website on-line without identifying or correcting the security vulnerabilities, it is a strange thing for her to admit now that she put that many people at risk by exposing their personal data to hackers. Last week, GAO released its latest report on the security of the system, saying it was far from good enough for government work. It wasn't ready when deployed and the security wasn't good enough.
A Washington Times story
[ http://www.washingtontimes.com/news/2014/sep/17/wh-took-big-security-risks-obamacare-website-gao/] characterizes it as taking unnecessary risks with the data of states and the Federal government health care systens.
This has already died down enough that she can show her face before a Congressional Committee without having the have a team behind her and lawyers in front of her.
A Washington Times story
[ http://www.washingtontimes.com/news/2014/sep/17/wh-took-big-security-risks-obamacare-website-gao/] characterizes it as taking unnecessary risks with the data of states and the Federal government health care systens.
This has already died down enough that she can show her face before a Congressional Committee without having the have a team behind her and lawyers in front of her.
Wednesday, September 17, 2014
Scranton PA, Home to Terrorism
There are two incidents in Scranton PA that make you wonder what counter terrorism is all about. A survivalist is running around in the woods near there after killing a Highway Patrolman and wounding another. The second is a man, Harold Rinko, who pleaded guilty to exporting equipment to Syria that would detect chemical warfare agents (a handy thing for ISIS to have). These are small things to those who hear about them, but when did Scranton become such a hotbed of this kind of activity?
http://www.npr.org/blogs/thetwo-way/2014/09/17/349220816/police-hunt-for-armed-survivalist-in-pa-trooper-shooting
http://www.justice.gov/opa/pr/2014/September/14-nsd-991.html
China's Business Suicides
There is an amazing article in today's Wall Street Journal, Opinion [http://online.wsj.com/articles/chinas-unhappy-rich-1410889484?cb=logged0.3363214428536594 ] about suicide among some of China's business owners. Among the claims, "Last year more than 80 businessmen committed suicide in a six-month period in the city of Wenzhou alone." I couldn't imagine such a thing happening, so did a little research.
Suicide from all causes in the U.S. is 6.4 per 100,000. China's suicide rate is 13.9, which is based on data from 1999, so not very current. Sources say it is higher, but still below Japan and South Korea.
The Wall Street Journal article, indicates the suicides are caused by investigations into a new type of crime, being rich.
In a research paper done by a graduate student in Shanghai [ http://www.ceibs.edu/images/bmt/research/2012/02/08/216B3FA4023AC36C1799AC8D92E08914.pdf ] it is tied to the loan rates in that area, parts of which are generated by off-book loans by the rich to those who aren't, the so-called shadow loan, which amounts to about 25% of existing loans and can be made by individuals or banks. The state-run banks are right in the middle of this. Being rich is not the main criteria for making these loans.
As the economy drew down (and it is), these people found it hard to pay the loans back. A simple, but effective, way out of that mess is characterized on the first page of his paper - a man jumping from the top of a building (they are also jumping out into traffic which I hope does not catch on around here).
News China [http://www.newschinamag.com/magazine/when-wenzhou-sneezes] has an interesting side effect to the loans, telling of a creditor who kidnapped his customer's daughter. He offered himself up instead, getting her back, but no story of what happened after that. But, they did add the following: On Oct 4, Premier Wen Jiabao made a trip to Wenzhou to investigate the seriousness of the situation... the State Council announced tax breaks and loans for small companies and "Border checks have been stepped up in Zhejiang to prevent any more businesspeople from fleeing abroad to escape bad debts."
Things are bad everywhere.
Suicide from all causes in the U.S. is 6.4 per 100,000. China's suicide rate is 13.9, which is based on data from 1999, so not very current. Sources say it is higher, but still below Japan and South Korea.
The Wall Street Journal article, indicates the suicides are caused by investigations into a new type of crime, being rich.
In a research paper done by a graduate student in Shanghai [ http://www.ceibs.edu/images/bmt/research/2012/02/08/216B3FA4023AC36C1799AC8D92E08914.pdf ] it is tied to the loan rates in that area, parts of which are generated by off-book loans by the rich to those who aren't, the so-called shadow loan, which amounts to about 25% of existing loans and can be made by individuals or banks. The state-run banks are right in the middle of this. Being rich is not the main criteria for making these loans.
As the economy drew down (and it is), these people found it hard to pay the loans back. A simple, but effective, way out of that mess is characterized on the first page of his paper - a man jumping from the top of a building (they are also jumping out into traffic which I hope does not catch on around here).
News China [http://www.newschinamag.com/magazine/when-wenzhou-sneezes] has an interesting side effect to the loans, telling of a creditor who kidnapped his customer's daughter. He offered himself up instead, getting her back, but no story of what happened after that. But, they did add the following: On Oct 4, Premier Wen Jiabao made a trip to Wenzhou to investigate the seriousness of the situation... the State Council announced tax breaks and loans for small companies and "Border checks have been stepped up in Zhejiang to prevent any more businesspeople from fleeing abroad to escape bad debts."
Things are bad everywhere.
Tuesday, September 16, 2014
Don't Follow the Romans
One of the best articles I have seen on the U.S. foreign policy is Michael Auslin's Don't Do As the Romans Did... [Politico, 9 Sept]. http://www.politico.com/magazine/story/2014/09/obama-two-front-war-rome-110779.html#.VBhpBI1dXIM
If we look carefully at what has been going on around us, especially with ISIL and the Russians in Crimea, we can almost identify with the Romans. In case you don't remember, they lost out to a horde of barbarians at their gates, and allies that abandoned them when they were most needed. Nobody liked them. They were all looking out for themselves. Rome was overextended, and underprepared for war, an occurrence brought about by internal disputes at home. Auslin's point is a reminder of something else; Leon Trotsky's fateful saying, "You may not be interested in war, but it is interested in you", a statement repeated by Rudolf Giulliani on Sept 11 2014.
I never forget 9-11, because on that one that allows us to say 9-11 and get the idea across, I was sitting in the parking lot waiting for my wife to get home. She had to walk from the corridor of the Pentagon where the airplane had struck, to Crystal City to get a phone that would work - a landline - because the cell phones were jammed. During that time, I didn't know if she was alive or dead. The plane hit the office where she was. It didn't look good. It took her 4 hours to get back after that, because the roads were jammed with cars. I wonder how well we learned the lessons of that day.
Everyone converts to cell phones and cuts their landlines. Cities don't plan for the disasters that this kind represented, though do it now, more than then. Traffic will not be any better, without some planning to get people out of town. But, there are bigger things than these.
ISIL is a small group that won't get anywhere, an analysis that the White House advertised, even as they grew. What happened to intelligence is anyone's guess.
We have cut our military to the point that they send troops to battle 3 or 4 times and wonder why they die in those places. We send them to some God-forsaken places to fight Ebola, which is not a military mission. And we ship them back to Iraq with barely enough force to maintain their mission. We give law enforcement their heavy troop carriers. Is this how our military fights now?
The Romans said they didn't need to worry. Everything would work out in the end. Did we forget Al Qaeda so soon? How do 30,000 ISIS guys run down to Baghdad, coming close to surrounding the city, without somebody noticing and doing something about it? Where are the Russians and Chinese? Both of them have a lot more to lose if this doesn't go well.
The Middle East is a mess. It can burn and we can watch, or we can go to war. What kind of choice is that?
If we look carefully at what has been going on around us, especially with ISIL and the Russians in Crimea, we can almost identify with the Romans. In case you don't remember, they lost out to a horde of barbarians at their gates, and allies that abandoned them when they were most needed. Nobody liked them. They were all looking out for themselves. Rome was overextended, and underprepared for war, an occurrence brought about by internal disputes at home. Auslin's point is a reminder of something else; Leon Trotsky's fateful saying, "You may not be interested in war, but it is interested in you", a statement repeated by Rudolf Giulliani on Sept 11 2014.
I never forget 9-11, because on that one that allows us to say 9-11 and get the idea across, I was sitting in the parking lot waiting for my wife to get home. She had to walk from the corridor of the Pentagon where the airplane had struck, to Crystal City to get a phone that would work - a landline - because the cell phones were jammed. During that time, I didn't know if she was alive or dead. The plane hit the office where she was. It didn't look good. It took her 4 hours to get back after that, because the roads were jammed with cars. I wonder how well we learned the lessons of that day.
Everyone converts to cell phones and cuts their landlines. Cities don't plan for the disasters that this kind represented, though do it now, more than then. Traffic will not be any better, without some planning to get people out of town. But, there are bigger things than these.
ISIL is a small group that won't get anywhere, an analysis that the White House advertised, even as they grew. What happened to intelligence is anyone's guess.
We have cut our military to the point that they send troops to battle 3 or 4 times and wonder why they die in those places. We send them to some God-forsaken places to fight Ebola, which is not a military mission. And we ship them back to Iraq with barely enough force to maintain their mission. We give law enforcement their heavy troop carriers. Is this how our military fights now?
The Romans said they didn't need to worry. Everything would work out in the end. Did we forget Al Qaeda so soon? How do 30,000 ISIS guys run down to Baghdad, coming close to surrounding the city, without somebody noticing and doing something about it? Where are the Russians and Chinese? Both of them have a lot more to lose if this doesn't go well.
The Middle East is a mess. It can burn and we can watch, or we can go to war. What kind of choice is that?
Monday, September 15, 2014
Home Depot Playing Catch-up
In last Friday's Wall Street Journal, Danny Yadron and Shelly Banjo tell an interesting tale of big business in an article about Home Depot trying to stay ahead of hackers. When Target broke in December, (which for those in computer security, was not really December), they started to plan to do a makeover that would keep them from getting hit with the same type of attack.
Target missed an opportunity to do the same thing [see http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data ] before Thanksgiving, avoiding the Christmas rush which allowed its numbers to be so high. The rumors were flying then, and I wonder how Home Depot missed them.
Home Depot started to implement a system that would protect their payment structure from the same kind of attack. They found it was slow work, and they only got about a fourth of the network done before they got hit. It is easy to second-guess them on this, because they are a big organization and they don't want to screw up their payment system with a hasty change that might destroy them just as quickly as word that they were hacked. On the other hand, they were missing something the community knew about for a long time before Target. They, and many other businesses, are not listening to the drums.
We seem to be missing a basic function of business - business intelligence - that should tell us when a trend is about to shake up the business world with a shaft of light from "Eastern Europe". I can't believe the credit card industry is so lax that they allow these organizations to be hit, one after another, without instituting changes to the credit card systems that are getting this data and processing it. A credit card holder can do nothing, short of paying cash and moving away from them, and surely has to rely on this industry to keep us safe. It is one thing to lose a credit card to somebody in a store or parking lot, who steals the number; it is something else again to have someone steal 60 million of them. We can't do anything about that.
If we look to history, Marshalls et al, should have been enough to convince us that mass theft of credit cards were real threat that had to be dealt with. Somehow, we have managed to blame the stores for this, when the credit card industry is the one to blame. They have known for years what was happening. They saw Europe change, and did nothing. They saw the massive theft of card numbers in the U.S. and made promises about what they would do - in 2015. Well, 2015 is finally here. Think they will get it done now?
If your credit card number is stolen, write your Congressperson and demand they do something. I know it sounds hard to believe, to some, but the reason the industry has been allowed to wait, is legislative, not technological. They know what to do; they just wanted to wait until 2015, and they got their wish. In the meantime, how many billions of dollars were taken from the industries that were affected - 2 since the Home Depot incident started - and how many total since the first ones? "The consumer is not losing any money" they have said. Somebody is, and the consumer is the one paying for it in higher fees. The country is because computer crime has become so big and well organized that it is a threat to our national security. This is not a political issue as much as a consumer protection alert. Somebody needs to act, and it sure hasn't been the credit industry.
Target missed an opportunity to do the same thing [see http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data ] before Thanksgiving, avoiding the Christmas rush which allowed its numbers to be so high. The rumors were flying then, and I wonder how Home Depot missed them.
Home Depot started to implement a system that would protect their payment structure from the same kind of attack. They found it was slow work, and they only got about a fourth of the network done before they got hit. It is easy to second-guess them on this, because they are a big organization and they don't want to screw up their payment system with a hasty change that might destroy them just as quickly as word that they were hacked. On the other hand, they were missing something the community knew about for a long time before Target. They, and many other businesses, are not listening to the drums.
We seem to be missing a basic function of business - business intelligence - that should tell us when a trend is about to shake up the business world with a shaft of light from "Eastern Europe". I can't believe the credit card industry is so lax that they allow these organizations to be hit, one after another, without instituting changes to the credit card systems that are getting this data and processing it. A credit card holder can do nothing, short of paying cash and moving away from them, and surely has to rely on this industry to keep us safe. It is one thing to lose a credit card to somebody in a store or parking lot, who steals the number; it is something else again to have someone steal 60 million of them. We can't do anything about that.
If we look to history, Marshalls et al, should have been enough to convince us that mass theft of credit cards were real threat that had to be dealt with. Somehow, we have managed to blame the stores for this, when the credit card industry is the one to blame. They have known for years what was happening. They saw Europe change, and did nothing. They saw the massive theft of card numbers in the U.S. and made promises about what they would do - in 2015. Well, 2015 is finally here. Think they will get it done now?
If your credit card number is stolen, write your Congressperson and demand they do something. I know it sounds hard to believe, to some, but the reason the industry has been allowed to wait, is legislative, not technological. They know what to do; they just wanted to wait until 2015, and they got their wish. In the meantime, how many billions of dollars were taken from the industries that were affected - 2 since the Home Depot incident started - and how many total since the first ones? "The consumer is not losing any money" they have said. Somebody is, and the consumer is the one paying for it in higher fees. The country is because computer crime has become so big and well organized that it is a threat to our national security. This is not a political issue as much as a consumer protection alert. Somebody needs to act, and it sure hasn't been the credit industry.
Sunday, September 7, 2014
More IRS E-Mail Missing
In Politico, Rachael Bade, said this about the new round of e-mail exposures at IRS:
IRS Commissioner John Koskinen, in a report sent to the committees investigating whether the IRS unfairly targeted conservative groups in recent years, said 18 of the 82 people “had some type of technical computer issue” between September 2009 and February 2014. Five of those “had hard drive issues that resulted in a probable loss of emails during portions of the four-year period.”
Read more: http://www.politico.com/story/2014/09/irs-emails-lost-110648.html#ixzz3CcQ0AWzq
Now, maybe you can swallow the idea that a significant number of people who are being investigated for conspiracy could lose their e-mails, in a such a long period, but very few of us in IT ever could. In the annals of public misconduct, this certainly has to rival the former Governor of Virginia, who as a Republican, was rightly targeted by the Justice Department. He violated Federal law, but not State law.
If the IRS is this bad in IT, then they certainly should have removed their CIO by now. If Congress turns in November, the Commissioner will be gone and there will be investigations like you have never seen. But, in the meantime...
We are asked to believe that the IRS is technically incompetent, badly managed, apolitical, and is telling the truth to Congressional Committees trying to investigate them. None of those things are true, and never have been. IRS had IBM computers for a long time before some of the civil agencies understood what they could be used for. They haven't done real well with them, but they were far from this kind of neglect. Those e-mails are out there, unless somebody systematically went about getting rid of them. Not even the most incompetent organization on the planet has no backups of e-mails.
IRS is managed well in most of the Regional Service Centers or they couldn't possibly handle the number of tax returns we have going to them. Most of the people who work for IRS are dedicated and civil to the customers they serve. Big customer service organizations all have some trouble, but the distinguishing feature of them is they get to solving those and try to improve. If they were having these kind of e-mail problems, which most certainly must have had links back to somebody high up in the current administration to require such an effort, they should have been corrected. Looks like they were.
They are probably one of the most political groups on the earth, with a bundle of political appointees, many of whom are being investigated. Yes, they are government employees, but they aren't the regular Civil Service people who bust they backsides every day to make a living. These are political hacks who take their direction from the top. There are thousands of them in government, and try as they might, they can't cover that part up.
We have seen this kind of incredible argument made before by people who thought the American pubic was not paying attention, naive, ill-informed and didn't care. This is one of those cases where somebody cared enough for all of them to decide to lose their e-mails after the investigation started. They are trying to manufacture a long-term break down in IRS computing which does not exist, to cover the fact that these e-mails are missing, or can't be found. Somebody knows where they are and you can bet, more than one IRS employee is holding onto them. Which side that person is on is something that will eventually come out.
IRS Commissioner John Koskinen, in a report sent to the committees investigating whether the IRS unfairly targeted conservative groups in recent years, said 18 of the 82 people “had some type of technical computer issue” between September 2009 and February 2014. Five of those “had hard drive issues that resulted in a probable loss of emails during portions of the four-year period.”
Read more: http://www.politico.com/story/2014/09/irs-emails-lost-110648.html#ixzz3CcQ0AWzq
Now, maybe you can swallow the idea that a significant number of people who are being investigated for conspiracy could lose their e-mails, in a such a long period, but very few of us in IT ever could. In the annals of public misconduct, this certainly has to rival the former Governor of Virginia, who as a Republican, was rightly targeted by the Justice Department. He violated Federal law, but not State law.
If the IRS is this bad in IT, then they certainly should have removed their CIO by now. If Congress turns in November, the Commissioner will be gone and there will be investigations like you have never seen. But, in the meantime...
We are asked to believe that the IRS is technically incompetent, badly managed, apolitical, and is telling the truth to Congressional Committees trying to investigate them. None of those things are true, and never have been. IRS had IBM computers for a long time before some of the civil agencies understood what they could be used for. They haven't done real well with them, but they were far from this kind of neglect. Those e-mails are out there, unless somebody systematically went about getting rid of them. Not even the most incompetent organization on the planet has no backups of e-mails.
IRS is managed well in most of the Regional Service Centers or they couldn't possibly handle the number of tax returns we have going to them. Most of the people who work for IRS are dedicated and civil to the customers they serve. Big customer service organizations all have some trouble, but the distinguishing feature of them is they get to solving those and try to improve. If they were having these kind of e-mail problems, which most certainly must have had links back to somebody high up in the current administration to require such an effort, they should have been corrected. Looks like they were.
They are probably one of the most political groups on the earth, with a bundle of political appointees, many of whom are being investigated. Yes, they are government employees, but they aren't the regular Civil Service people who bust they backsides every day to make a living. These are political hacks who take their direction from the top. There are thousands of them in government, and try as they might, they can't cover that part up.
We have seen this kind of incredible argument made before by people who thought the American pubic was not paying attention, naive, ill-informed and didn't care. This is one of those cases where somebody cared enough for all of them to decide to lose their e-mails after the investigation started. They are trying to manufacture a long-term break down in IRS computing which does not exist, to cover the fact that these e-mails are missing, or can't be found. Somebody knows where they are and you can bet, more than one IRS employee is holding onto them. Which side that person is on is something that will eventually come out.
Tuesday, September 2, 2014
Do you take naked photos of yourself?
The news wires are hot today with an interesting topic involving stars of Hollywood and Apple. It is a curious case that seems to blame Apple for a breach of its iCloud, which concerns me greatly, but hasn't yet been shown to be the basis of the case. Since I keep almost everything in the iCloud that I feel is important, I don't want to see it hacked anymore than the rest of the Apple world.
But... and there always is one... I was wondering about how those photos got there to begin with. Does your mother know you are taking naked photos of yourself, or allowing someone else to do that?
It is one thing to have them taken by someone activating the camera on an iPad or iPhone, because that is not going to get a hacker very much, unless they keep it on all the time and hope that their target gets naked in sight of that lens. I don't keep my iPhone around when I get out of the shower, but some people have done things that allowed them to be blackmailed. I could probably leave mine on on purpose for the rest of my life and never have anything worth a few cents. How blackmail comes into it is still a mystery.
Now, to the point, are you taking naked photos of yourself, or allowing someone else to do that? Some kids are, spawning the sexting term that finally made the dictionary. I really wish that was possible in my high school days but we didn't even have cell phones then. And, we walked to school, which apparently nobody does anymore. But these are not just young people; these are big stars with publicists, managers, and all kinds of help they don't even ask for. Do they know you are taking naked pictures or allowing someone else to do it? If they did, consider replacing them with someone with some common sense.
In the meantime, this should give pause to anyone, who contemplates taking pictures of themselves naked, for any reason. Yes, there is no reason for cell phone families not to take naked pictures of the baby, but how old does the baby have to be to stop that behavior? I wasn't happy to see naked pictures of me when I was a baby, and I'm sure adults would not like them on the Internet.
This whole process starts with technology doing things we don't like, when we shouldn't be doing them in the first place. Now they are suing Apple.
But... and there always is one... I was wondering about how those photos got there to begin with. Does your mother know you are taking naked photos of yourself, or allowing someone else to do that?
It is one thing to have them taken by someone activating the camera on an iPad or iPhone, because that is not going to get a hacker very much, unless they keep it on all the time and hope that their target gets naked in sight of that lens. I don't keep my iPhone around when I get out of the shower, but some people have done things that allowed them to be blackmailed. I could probably leave mine on on purpose for the rest of my life and never have anything worth a few cents. How blackmail comes into it is still a mystery.
Now, to the point, are you taking naked photos of yourself, or allowing someone else to do that? Some kids are, spawning the sexting term that finally made the dictionary. I really wish that was possible in my high school days but we didn't even have cell phones then. And, we walked to school, which apparently nobody does anymore. But these are not just young people; these are big stars with publicists, managers, and all kinds of help they don't even ask for. Do they know you are taking naked pictures or allowing someone else to do it? If they did, consider replacing them with someone with some common sense.
In the meantime, this should give pause to anyone, who contemplates taking pictures of themselves naked, for any reason. Yes, there is no reason for cell phone families not to take naked pictures of the baby, but how old does the baby have to be to stop that behavior? I wasn't happy to see naked pictures of me when I was a baby, and I'm sure adults would not like them on the Internet.
This whole process starts with technology doing things we don't like, when we shouldn't be doing them in the first place. Now they are suing Apple.
NSA Metadata in Court
In the Wall Street Journal today, Joe Palazzolo writes that NSA is about to have another day in court over the legality of collecting metadata which has a D.C. judge, standing alone in judicial circles, has decided it is unconstitutional. This liberal court has a record of decisions like this.
The ACLU has used Top Secret documents, disclosed by Edward Snowden, in the preparation of its case. What an unbelievable set of circumstances allows these documents to be published to begin with, then used by the ACLU in bringing an action against NSA, to undermine the counter-terrorism actions of the U.S. government. The D.C. court doesn't seem to think there is anything wrong with this. The ACLU encourages it in the name of freedom, privacy and anything else they can squeeze into a brief. The judges who will hear this case are appointed by Democrats, and two of them have prior history with this issue, voting against it. The Supreme Court overruled them. So, do we think they learned anything from that? Not a chance. This court is trying to make laws, not enforce the ones they have.
The ACLU has used Top Secret documents, disclosed by Edward Snowden, in the preparation of its case. What an unbelievable set of circumstances allows these documents to be published to begin with, then used by the ACLU in bringing an action against NSA, to undermine the counter-terrorism actions of the U.S. government. The D.C. court doesn't seem to think there is anything wrong with this. The ACLU encourages it in the name of freedom, privacy and anything else they can squeeze into a brief. The judges who will hear this case are appointed by Democrats, and two of them have prior history with this issue, voting against it. The Supreme Court overruled them. So, do we think they learned anything from that? Not a chance. This court is trying to make laws, not enforce the ones they have.
Subscribe to:
Posts (Atom)