Guys!

How the NSA’s Firmware Hacking Works and Why It’s So Unsettling | WIRED.

Guys, I really don’t want to spend all my time reading and writing about security. Can we just agree that the NSA has pretty much hacked every PC down to the metal? That there are other government and NGEs (non-government entities) that have done, or want to do the same? That it is inevitable that people will discover what was done by all these jokers and all the gaps will be compromised? And, finally, that the NSA is bad for USA businesses, but good for foreign Anti-Spyware companies like Kaspersky? Ok. That’s the current state of non-security.

So can we go back to writing about Mac tips and alien abductions please?

Surprise! Your Yoga has some holes in it.

Researcher Discovers Superfish Spyware Installed on Lenovo PCs – NYTimes.com

Surprise! Your “Yoga”, has some holes in it. Designed to be as attractive and useful as any Apple device (and marketed unconvincingly as a replacement for your MacBook Air), the Yoga unfortunately came (past tense, according to Lenovo) with Superfish Spyware pre-installed. “Adware” and “Bloatware” – collectively known as “crapware” – are de rigueur for Windows purchasers, but Superfish takes this to a new level with an unsigned certificate providing easy access to your data for anyone who knows how to use it.

I met an insider years ago (p.s. – Pre-Snowden), who told me he was convinced Lenovo had code embedded in the computer ROM that allowed Chinese authorities full access to the device. He gave up on trying to expose this security “flaw” after everyone, including the FBI, told him he was paranoid. So, who’s paranoid now?

Tip: Savvy computer buyers shop for those “special” Windows computers without crapware. Or buy Macs.

 

@War: Insights into the Sony Hacking

@War: The Rise of the Military-Internet Complex: Shane Harris: 9780544251793: Amazon.com: Books.

Read this book – Shane Harris’s “@War” is an informative read that will give you some keen insights into hacking and cyber warfare and the evolving stance of the US government and the agencies engaged in the struggle for power and funding in this arena. Though by its nature this book is destined to become an accounting of history, it is current enough to explain much of what is going on right now. Such as:

Why the NSA doesn’t do more to help protect the hacking of business interests? Has it even tried? And just what are “hackbacks” and are they really illegal?

Why is the FBI (instead of the NSA or US Cyber Command) making proclamations about North Korean culpability? One answer, the FBI’s DITU (Data Intercept Technology Unit) acquires the international “data” from domestic sources, that is passed to the NSA. (The FBI, traditionally tasked with domestic crime, now has more staff involved in collection and analysis of digital information than in “traditional” domestic crime investigations.)

Who stands to benefit from an increased fear of Internet crime, hacking, and warfare? Welcome to the new frontier—same as the old frontier—agencies, companies, and contractors vying for billions of dollars in taxpayer funds. Just watch as President Obama and congress find lots of reasons to put more and more resources into “Cyber Warfare”. (Why we have to be threatened with some kind of “war” to make our data more secure is another question. Haven’t all the hacks of banks and corporations and thefts of personal data given us some personal priorities of what really needs to be protected? Apparently not…)

Depending on how much you already pay attention to this topic you may be shocked, surprised, or affirmed by the level at which our Internet is already watched and controlled, and how much more control these players would like to have. This is not just a regurgitation of Edward Snowden’s whistleblowing. Without judging or indulging in politics of the left or right, it’s investigative journalism, with many cited sources, notes, and a thorough index. Best of all, it reads well.

New Report: Snowden Revelations Hurt U.S. Companies – Digits – WSJ

New Report: Snowden Revelations Hurt U.S. Companies – Digits – WSJ.

Ah, the power of words. From this headline you would think that Edward Snowden was directly responsible for the damage done to US technology businesses. What a brilliant master criminal. Because? Because businesses (especially foreign businesses) are wary of companies who leave the door open for the NSA to come snooping around. Or give the NSA the keys to the house. Or throw the stuff into the back of the NSA truck parked in the driveway. So to speak. It’s all in how you phrase it, right? The Wall Street Journal has a certain Murdochian perspective on this. A somewhat more objective news organization might have titled the article, “Study Confirms: Discovery of NSA Spying Hurt U.S. Companies”.

And that’s the difference.