Coincidence???

This week I finished reading a book titled “Ransomeware Hunting Team.” As I read I began to realize why passwords are so important, and necessary. Each time I write about passwords it is negative. I hate passwords with a passion. My favorite saying is that the only one that a password protects me from is me. Fortunately, I have only encountered a ransomeware attack once in my lifetime, and I was smart enough to ignore it, and also wise enough to restart my computer in Safe mode, I got lucky. The thought of my computer being invaded by a complete stranger who then sends a nasty-gram asking for money to get rid of him makes the hair on my arms stand at attention. The only thing scarier is encountering that same man on the street who sticks a gun in your face and demands your wallet.

In the book “Ransomeware Hunting Team” the authors tell a story of the heroic effort expended by a few people in the world who take the opposite stance as the thieves. The main characters are hackers who specialize in, and get delight from being able to unlock the thief’s key, and to save the victim from paying the ransom. At first, these brave hackers were the only ones fighting the hundreds (or maybe thousands) of evil-hackers who everyday hold unsuspecting victims hostage. It took decades of cooperation between the good-hackers and the FBI to finally develop enough clout to fight back effectively. In the mean time, evil-hackers had bilked billions of dollars from individuals and corporations.

I still believe that better computer designs, and more secure software can be developed to squash the ransomeware developers. But will anyone be able to force computer and software companies to do that?This is such a big problem that it will take a concerted effort by our government to enact regulations and controls that will make it impossible for evil-hackers to function.

To my surprise, yesterday I read headlines that airlines had been shut down nationally due to an unknown computer outage. My mind immediately jumped to suspect ransomeware, and Russian hackers looking to get rich by imposing such a grand scheme as shutting down the major transportation system in the country. It is a documented fact that the USA has imposed sanctions on Russia, and the sanctions are working. It is also known that the USA is assisting Ukraine in the war with Russia. This is not just a coincidence. The shutdown of the USA air transport system is most likely Vladimir Putin getting revenge on the United States for waging war against Russia by using Ukraine as a proxy.

Of course the airlines have denied that the problem is not due to ransomeware. It would be too embarrassing for them to admit such a thing, and it would be even more embarrassing to admit that the FAA has sent Russia tons of money to get the system back up and running. It would be even more damaging to learn that the FAA system was so out of date that it was susceptible to crash just like Southwest Airlines. We spend trillions of dollars every year to run our country, but I’d be willing to bet that there isn’t one nickel in the budget for upgrading crucial computer systems.

My prediction is the Department of Transportation, run by a weakling rookie, will spend more money trying to find the root cause than they would spend on a system upgrade.

Upgrading Frustrations

I finally succumbed to an annoying message that kept appearing daily on my screen about the need to upgrade my machine. Stupidly, it is my first mistake if 2023. Clicking on the “Install now” button has yielded a mystery. First it asked for a password to get into iCloud. Immediately, another window asked for a password for my Apple ID. Since I had just revised these passwords two days ago, and wrote them down, I felt confident this task would finally go easy.

After entering the second password, a new window appeared asking for the pass-code from my iPhone. I typed it in, and now the screen has frozen with a spinning wheel. The only option it gives me is a “Forgot iPhone passcode?” I can only assume that the spinning wheel indicates that this beautiful pile of engineering wonderment is searching for something. The passcode is something that I use everyday each time I want to look at my phone since the darn thing times out after 2 nano-seconds of inactivity. The wheel has been spinning for thirty-five minutes now.

What do I do?

Let it spin in the hopes that eventually it will install the updates? Shut the machine down and start all over again? What is that definition of insanity? Repeating the same activity over and over again hoping to get a new outcome.

I feel the world is going to self destruct with all of these computers being loaded with passwords requiring passwords to access. Where is the AI (Artificial Intelligence) that is supposed to forego the need for human intervention? Yet, on a daily basis we hear company after company spewing the results they get using AI.

As I am writing this rant my iPhone just beeped a message stating the following:

HU2bSs information.

We have detected suspicious activity on your account and have locked it as a precaution. Click link below to unlock your account:

https://l.ead.me/approved . . . .

If you do not verify your account before 24 hours, your Paypal account will be terminated. Sincerely,

Paypal Team

Is this a coincidence or is it related to the problem I see happening on my desktop computer?

If it weren’t for all the friends I have made on this BLOG I would go into hiding and never again show myself on any computer related correspondence again. It will be the only secure way to keep my sanity and my safety. The world is teeming with corrupt individuals working tirelessly to pick my pockets and enrich themselves. The more passwords and safety systems put into place by the computer companies the bigger the challenge becomes for the hackers to break into computers.

I truly believe there is a design answer to this dilemma. Keeping unwanted entry into computers must be built into the machines. It is doable, but is it profitable? It seems that there will always be some small portal through which thieves can gain entry, and steal to their hearts content. In the meantime, we suffer at the hands of thugs who insist on making a living by stealing. Eventually, our computers will take on the appearance of the Pyramids of Egypt. It has taken thieves as long as two thousand years to find the portals to some of the burial vaults within. If they could create such a secure system over two thousand years ago, surely we can create a better one today in our computing machines.

It has been one hour since the spinning wheel began it’s journey, and it is time for me to hit the kill switch and restart this machine. At least I was able to write a story about it. As soon as I post this piece I will enjoy the kill.

Zero-day Hacked Bugs

Every once in awhile I read a non-fiction book that challenges my intellect. The most recent is called “This Is How They tell Me The World Ends,” by Nicole Perlroth. This account on cyber security scared me to death about the internet and computers in general. It is my conclusion that the only way one is safe from being hacked on the internet is to shut off the computer and pull the plug, and never plug it back in. If you are using a laptop the only way I can think of is to disconnect from the web, and pull the battery.

Cyber security is something that bugs the crap out of me. I have written just recently about my hatred for using passwords. Companies like Google, and Apple are password paranoid. I always tell people that the only one being protected from getting into my programs and sites is me. I don’t remember passwords at all, and these companies are forcing users to input passwords for every segment of their business. Take Google for instance, I am now familiar with Google, but I wasn’t really interested in Google Drive, Google Photos, or Google anything. They now require user names and passwords for each individual segment of their business. Apple has iPhone, Icloud, and Ipie all demanding user names and passwords. I confess that I don’t get into these segments very often so I don’t remember those details. I keep a 3 x 5 card file with the information as my password manager. The trouble with my system is that it is antiquated and cannot keep up with the digital world. In the case of Apple, I have a stack of 3×5’s stapled together that are 1/4 inch thick with information. Usually, by the time I need to use one of these passwords Apple has deemed it too old and requires a new one. That blows the hell out of my system to make all passwords the same. Recently, by the recommendation of my friends, I am searching for a digital password manager that will replace my card file. I am convinced that it might be easier to give in and use the suggested long complicated passwords generated for me and to forget about keeping track of anything. Except, now that I have read this book I cannot knowingly give in to the hacking world by allowing easy access into my world. It is bad enough that every professional program that I use is froth with hacker entry points that would easily circumvent my passwords.

Let me digress for a moment from the general theme of this post. I like to read news, that is genuine news, and not all the political clap-trap being put before us as news. Over the last few years there have been some notable stories I have followed and forgotten. One of them was a story about a mysterious bug that took over Iran’s computers and disabled (destroyed) several thousand computers they used to control their centrifuges to enrich Uranium. At the time, there was no proof, but the speculation was that the United States and Israel were responsible. Another story, more recent, involved a complete power blackout in Ukraine that crippled the country for days that was attributed to Russia.

As it turns out, both of these stories are accurate and both hacks caused extensive and expensive damage to the countries they were perpetrated on. STUXNET was the invention of the U.S. Our government genii invented this mechanism by sewing several known software-bugs together and also invented a way to sneak it onto an Iranian computer. It took a while for this new bug to work it’s way through the Iranian network, but eventually, it infected a lot of machines, which in turn infected the devices controlling the centrifuges. I give our government an “A” plus, plus, plus for committing an act of war upon Iran without hurting people.

According to author Perlroth, the United States unleashed a weapon that other countries either never thought of, or were afraid to undertake. The end result was a string of cyber attacks by Iran on the U.S. and also from other countries all using “zero-day” openings in software that allowed hacks to occur(a zero-day opening is a hole in software that allows another hacker to enter and infect the program). For years Hackers have been finding these openings in programs and a market for them has developed. At first they were being sold for a few dollars each. As brokers began to understand the value of the bugs the prices shot up. The hope was always that the company whose software the bug was found in would buy it and fix it. Instead, the bugs were sold to the highest bidders which were often countries that could benefit by using these bugs in cyber warfare. The STUXNET was developed using several zero-day bugs. The prices on the market shot up to $250,000 and higher. The U.S. with its deep pockets bought many at millions of dollars a bug. They didn’t use them but rather stored them for future use. After STUXNET, the cyber world got the idea to do the same and wage war the same way.

On the Ukrainian front a special task force of Russian hackers was assigned the task of developing cyber war. They began by developing small discreet components which caused trouble in the Ukraine but because of the size of each they were not considered dangerous. What the world cyber experts did not figure out was that Russia was testing the Ukrainian systems with their hacking bugs. Eventually, the world found out that Russia’s goal was to shut off the lights of a country, and this was probably a test to determine how to shut off the lights in America.

This book is loaded with story after story of hacks that were publicized, but the public didn’t think much of them or was too dense to accept the fact that these wars were taking place on a regular basis. When we think of countries going to war against one another we think of planes bombing sites, tanks shooting buildings to pieces and soldiers shooting each other in the field. We don’t think of war being computers in banks and hospitals being crippled with millions of dollars of damage, or you and me having a bank account hacked and drained of our savings. Luckily, so far that is because the damage is restricted to the computers whose programs had the zero-day bug in them.

Another example is Russia’s attempt to influence the election in this country. I truly believed the crap that Hillary was the one trying to cause our problem, but she was accurate in blaming the Russians. Trump (my hero) on the other hand sided with the Russians to aid him in his quest for the presidency. All I can think of in his defense is the story about Senator Harry Reid from Nevada claiming that Mitt Romney didn’t pay his taxes. After Romney lost to Obama and everyone was asking Harry how he could tell such a blatant lie is “that Obama won the election didn’t he?” This has truly soured me on the election process and politics in general. All of the lies that were told about Russia trying to affect the election were not lies, they were true, but Trump took advantage to use the Russian influence against Biden.

I wrote several times advising not to trust any election in any state that uses computers in the process. there is only one thing worse than using a computer and that is using a computer that is connected to the internet. Author Perlroth used several more examples in her book like the Russian hacking of the DNC. She also explained that hacking into a state’s voter database invites the opportunity to change a voter’s party or to change his vote, and a number of other egregious offenses.

Finally, I am getting back to the point where I broke off above. What can be done about all this shit happening worldwide against us? First, we can regulate the entire software industry and require that they have controls in place to monitor their products. Except, regulation stifles corporations from creativity in favor of safety. Congress won’t buy it. Why don’t we require software companies to ask the public to find these zero-day bugs and pay for them, so they can fix their products? Again, it requires a Congress that is not in the pocket of lobbyists. Why don’t we offer tax incentives for companies who will comply with hack free software? Again, the answer is lobbyists.

There is no easy fix for this problem, but I would certainly be in favor of government regulation of the software industry to produce programs that would offer us some degree of protection from cyber warfare. Our Constitution dictates that the government protect the people. Just as banks are regulated to protect us why not software? Especially software that can be used to harm both the people and the country.

There is a lot more in this book that I have not tried to cover such as China’s role in the world. It is a huge subject, and Nicole Perlroth spent many years researching for her book. Once you read the story, the title will make perfect sense.

Passwords Rule the world

Lately my desire to write is waning. Why? Who knows? I just don’t get inspired anymore. For many years I was inspired by politics, but since the last election I have cooled to the political arena. I just don’t understand what all these new groups want, nor do I understand who they are. Just what is “woke”? Why is there a need for Black Lives Matter? Who is it that panders to all the weird minds that believe they are a new gender other than male or female? Open Borders? We have open borders between every state, but the way things are going I wouldn’t be surprised if some jack ass of a state will close its borders to anyone coming in. Spend money you don’t have, print some to make up the difference. I like that one for my own personal finances. If Uncle Sam can get away with it why can’t we? Think about that one, if you don’t have money to buy a house or a car, buy it anyway and print money to pay for them. Except, why would anyone work if they could push a button and print the cash they need? Without people working there would not be anything to buy, and then we would all get very hungry very quickly.

I often imagine what the world would be like if there was no gasoline to power our cars. Most times these thoughts come to me as I’m driving along on a crowded tollroad with thousands of cars burning gas like crazy, except the Tesla’s of course, they are burning electrons from their batteries. -Right now I’m a few pages into a book titled “This Is How They Tell Me the World Ends.” The topic is cyber weapons. I’m not sure I can complete the remaining 400 pages if the horror coming toward us via computers continues for that many words. The author describes how the Country of Ukraine mysteriously and suddenly went black. No one knows why it happened, but the Russians are very suspect. It happened because some hacker got into the electrical grid and shut all things electrical down. Think about that one too. No lights, no TV, no iPhones, no internet, no computers, no refrigerator, no water, no toilets, no stores, no gas to pump, the list goes on and on. Imagine your life without electrical power. Life will get interesting but sure. It would make the COVID-19 lockdown seem easy.

Top Worst Passwords

There is a complete underground economy developing in the area of cyber security. All of it is secret, in order to keep it from causing us to panic. Remember the name Snowden. He was the young man who walked out of the NSA with a pocket full of thumb drives filled with our best kept cyber secrets. At the time Obama made it sound like it wasn’t a big deal, but all the talk lately about Russian hackers taking over our elections is leaking from the Snowden defection. I don’t think he will ever be allowed to return to the USA again. I hope he likes Russia, cold weather, and vodka.

At my age, I keep telling myself to become more involved, but at the same time my body says, slow down. My mind says enjoy life and forget about the terrible things that can happen to the USA. You won’t be around to see or experience it. Or will I? The cyber criminals can inflict big damage very suddenly over a huge area. Maybe the answer is to swallow a bullet when that happens.

I will finish reading this book and no doubt have nightmares along the way, but maybe, just maybe I’ll be able to help the world solve the problems caused by too many systems that are too lightly protected by easily hacked passwords.

Loose Lips

In times of war, military secrets leaked to the enemy are acts of TREASON. This week we learned of a massive leak of military information regarding the Afghan and Iraq wars. Did I say war? Yes, Congress declared both as wars. They are wars for everyone except for the Commander in Chief. He thinks they are criminal acts, and is handling them the same way as any murderer or thief. During World War II, any act of treason was punishable by death. Why is Obama handling the raid of information by a foreign organization like WikiLeaks so loosely?

I see a thread of continuity here that is scary. Obama definitely has a laissez-faire attitude about the security of our country. Let me count the ways:  1.) Establish an open border, and allow anyone in who wants to come, even terrorists. 2.) Throw your allies under the bus in favor of your enemies. 3.) Disband the nuclear arsenal. 4.) Allow strangers to crash White House State dinners. 5.) Allow your top general to fraternize with liberal magazine writers. 6.) Allow the Muslims to practice dhimmitude by building a Mosque next to the Twin Towers to show they conquered the USA. 7.) Bow to foreign powers. 8.) Take months to react to a request from your front line general. 9.) Allow known Russian spies to live in the country. 10.) Allow a second-rate computer hackers like WikiLeaks gain access to military information and then dismiss it with a “so what?”

The real question to answer is this: Did WikiLeaks hack into our computers, or, did someone inside our government give them access. If they hacked in, I call it an act of aggression the same as war. If one of our people gave it to them, I call it TREASON.