Category: security | 保衛 | 정보 보안 | 情報セキュリティー

According to Wikipedia security can be defined:

Security is protection from, or resilience against, potential harm (or other unwanted coercive change) caused by others, by restraining the freedom of others to act. Beneficiaries (technically referents) of security may be of persons and social groups, objects and institutions, ecosystems or any other entity or phenomenon vulnerable to unwanted change. Security mostly refers to protection from hostile forces, but it has a wide range of other senses: for example, as the absence of harm (e.g. freedom from want); as the presence of an essential good (e.g. food security); as resilience against potential damage or harm (e.g. secure foundations); as secrecy (e.g. a secure telephone line); as containment (e.g. a secure room or cell); and as a state of mind (e.g. emotional security).

Back when I started writing this blog, hacking was something that was done against ‘the man’, usually as a political statement. Now breaches are part of organised crime’s day to day operations. The Chinese government so thoroughly hacked Nortel that all its intellectual property was stolen along with commercial secrets like bids and client lists. The result was the firm went bankrupt. Russian ransomware shuts down hospitals across Ireland. North Korean government sanctioned hackers robbed 50 million dollars from the central bank of Bangladesh and laundered it in association with Chinese organised crime.

Now it has spilled into the real world with Chinese covert actions, Russian contractors in the developing world and hybrid warfare being waged across central Europe and the middle east.

Seabasing

In a tale of fact imitating fiction the US Navy is looking at ways to support the military in future conflicts by creating bases which allow ships to act as a combined space, which they call sea basing (or seabasing). The reason for this is in battles with the likes of China they may not have the luxury of a nearby land base like they have had in the Middle East, so they need to provide a flexible platform that will perform a similar function including floating docks and logistics.

Being out at sea and operating in this way helps put the force out of range of enemy weapons as well, or what the US Marines describe as exploit the sea’s maneuver space.

This includes ramps and sensors that would allow service men and equipment to exchanged from ship-to-ship with as much ease as moving around a base on land. Presumably this would have some sort of affect in terms of increasing the data network connections between ships to help them function better and more cohesively.

The idea of seabasing echoes the carrier and lashed together boats of Neal Stephenson’s Snow Crash. Snow Crash is a classic work of cyberpunk fiction written in 1994. In the book refugees play a key part in the plot. The refugees have attached themselves to a privatised aircraft carrier owned by a media company that is heading to the US. More design related content here.

More information
The future of sea basing | Armed Forces Journal
Sea Basing: concepts, issues and recommendations by Sam J. Tangredi (PDF)
Pacific seabasing exercise will highlight new ships | Marine Corps Times
Globalsecurity.org – Seabasing
Figuring Out the Future of War in the Pacific — Or, What the Hell is Seabasing? | Vice News
What is Seabasing | United States Marine Corps
Seabasing Annual Report | United States Marine Corps

July 28, 2015
Hacknet + more things
Hacknet

Some Australian developers have made an immersive game about hacking that will be distributed on Steam when released. It’s called Hacknet and here’s the trailer.
</p> <blockquote class="wp-block-quote is-layout-flow wp-block-quote-is-layout-flow"> <p>Hacknet tells the tale of Bit, a hacker responsible for creating the most invasive security system on the planet. When he is murdered, his failsafe kicks in, sending instructions to a lone user who can help unravel the mystery and ensure that Hacknet-OS doesn’t fall into the wrong hands.</p> <p>Using a wide array of terminal commands and specific hacking protocols, Hacknet teaches the player how to complete a series of core missions but does not hold their hand. The world is open to explore and features multiple branching pathways and secrets to discover. Players will need to be vigilant when covering their tracks, and careless decisions may come back to haunt them.</p> </blockquote> <h4 class="wp-block-heading">Gadgets</h4> <p><a href="http://www.yolkstation.com/" target="_blank" rel="noopener">Yolk</a> – interesting solar charger design, could be interesting to reinvent the organiser</p> <h4 class="wp-block-heading">How to</h4> <p>Ipsum lorem is so last year, instead try <a href="http://slipsum.com" target="_blank" rel="noopener">Samuel L. Ipsum</a></p> <h4 class="wp-block-heading">Security</h4> <p><a href="http://feedproxy.google.com/~r/fastcompany/headlines/~3/6XEuzlqv9Q0/hackers-remotely-hijacked-a-jeep-on-the-highway">Hackers Remotely Hijacked A Jeep On The Highway | Fast Company</a> – I really don’t understand how this would be news. More security related posts <a href="https://renaissancechambara.jp/category/security/" target="_blank" rel="noopener">here</a>.</p> <h4 class="wp-block-heading">Software</h4> <p><a href="http://www.theinquirer.net/inquirer/news/2418829/ios-8-hits-85-percent-adoption-as-google-goes-dark-on-lollipop-figures">iOS 8 hits 85 percent adoption as Google goes dark on Lollipop figures- The Inquirer</a> – Android manufacturers handsets are still suffering from fragmentation; which seems to be an issue with handset localisation</p> <h4 class="wp-block-heading">Technology</h4> <p><em>The Chicago Business</em> did a fantastic interactive story of the rise and fall of <a href="https://renaissancechambara.jp/?s=Motorola" target="_blank" rel="noopener">Motorola</a>, you can find it <a href="http://www.chicagobusiness.com/section/goodbye-moto#1" target="_blank" rel="noopener">here</a>.</p> <p><a href="http://uk.businessinsider.com/intel-ceo-on-layoffs-meritocracy-2015-7?IR=T">Intel CEO on layoffs meritocracy – Business Insider</a> – nice mess for the PR team to try and clean up</p> <h4 class="wp-block-heading">Wireless</h4> <p><a href="http://www.telecomtv.com/articles/mobile/if-this-is-disappointing-count-me-in-apple-produces-another-record-quarter-12668/">If this is “disappointing”, count me in: Apple produces another record quarter | TelecomTV</a> – <em>Revenue up 33% to $49.6bn, iPhone sales up 35% to 47.5m units, average iPhone selling price up to $660, $202bn cash in the bank </em>– while Android manufacturers make up the bulk of the sales; as these manufacturers don’t have a representative share of profits.</p> </div> <div style="margin-top:var(--wp--preset--spacing--40);" class="wp-block-post-date has-small-font-size"><time datetime="2015-07-25T00:36:07+09:00"><a href="http://renaissancechambara.jp/2015/07/25/hacknet/">July 25, 2015</a></time></div></div> </li><li class="wp-block-post post-22245 post type-post status-publish format-standard hentry category-business category-consumerbehaviour category-finance category-gadget category-innovation category-marketing category-security category-webofnoweb"> <div class="wp-block-group alignfull has-global-padding is-layout-constrained wp-block-group-is-layout-constrained" style="padding-top:var(--wp--preset--spacing--60);padding-bottom:var(--wp--preset--spacing--60)"><h2 class="wp-block-post-title has-x-large-font-size"><a href="http://renaissancechambara.jp/2015/07/23/apple-pay-in-the-uk/" target="_self" >Apple Pay in the UK</a></h2> <div class="entry-content alignfull wp-block-post-content has-medium-font-size has-global-padding is-layout-constrained wp-block-post-content-is-layout-constrained"><p>Even if I wasn’t interested in technology I would have known about the launch of Apple Pay in the UK some eight days ago. My inbox was bombarded with emails from credit card providers explaining how I use their card on the service. Logos for the payment service appeared in retail partners and on billboards in tube stations.<br /> <a title="Untitled" href="https://www.flickr.com/photos/renaissancechambara/19915229052/in/dateposted/" data-flickr-embed="true"><img decoding="async" src="https://farm1.staticflickr.com/264/19915229052_672fa2cbfb_c.jpg" alt="Untitled" width="600" height="800"></a><script src="//embedr.flickr.com/assets/client-code.js" async="" charset="utf-8"></script><br /> However despite this onslaught of media hype, educational material and free advertising for the service I have only seen one person use it. A tech forward looking gentleman twisting his arm around to pay for a coffee in Starbucks with his Apple Watch.</p> <p>Now this isn’t necessarily a big issue. It is a feature that Apple provides rather than being a money generating service (a la iTunes) in its own right. I tend to see the service as an emergency measure of if I left my wallet at home (as I do on occasion).</p> <p>For retailers and TfL there is not really a compelling argument for supporting Apple Pay, beyond the brand positioning of being ‘on trend’. Indeed TfL warns that transactions take longer than NFC enabled credit cards – which isn’t that desirable when you have a big queue of people looking to go through the gate during rush hour on the central line. That relative performance makes me wonder why Apple didn’t look at other uses like electronic building access or car keys that increasingly rely on NFC or RFID technologies.</p> <p>Finally, Apple Pay is less attractive for American Express than other card providers due to the lack of support of Amex on Apple Pay by many retailers that accept their NFC cards. More finance related <a href="https://renaissancechambara.jp/category/finance/" target="_blank" rel="noopener">posts</a>.</p> <p>More information<br /> <a href="http://www.theguardian.com/technology/2015/jul/16/tfl-cautions-pitfalls-apple-pay">TfL cautions users over pitfalls of Apple Pay | The Guardian</a></p> </div> <div style="margin-top:var(--wp--preset--spacing--40);" class="wp-block-post-date has-small-font-size"><time datetime="2015-07-23T04:11:02+09:00"><a href="http://renaissancechambara.jp/2015/07/23/apple-pay-in-the-uk/">July 23, 2015</a></time></div></div> </li><li class="wp-block-post post-22239 post type-post status-publish format-standard hentry category-china category-consumerbehaviour category-culture category-ideas category-legal category-security"> <div class="wp-block-group alignfull has-global-padding is-layout-constrained wp-block-group-is-layout-constrained" style="padding-top:var(--wp--preset--spacing--60);padding-bottom:var(--wp--preset--spacing--60)"><h2 class="wp-block-post-title has-x-large-font-size"><a href="http://renaissancechambara.jp/2015/07/21/jason-matthews-on-trade-craft-and-social-engineering/" target="_self" >Jason Matthews on trade craft and social engineering</a></h2> <div class="entry-content alignfull wp-block-post-content has-medium-font-size has-global-padding is-layout-constrained wp-block-post-content-is-layout-constrained"><p>Jason Matthews is a former CIA spy who used to run agents. He retired and became a novelist with books that have made the New York Times bestseller list. The most famous of his books is <a href="https://amzn.to/3sdNwHA" target="_blank" rel="noopener"><em>Red Sparrow</em></a>, which has since been made into <a href="https://amzn.to/3q2wRVi" target="_blank" rel="noopener">a film</a> as well.</p> <p>In his Talk at Google he talks about the spy game, but its also interesting in terms of thinking about social engineering in a wider sense.<br><iframe loading="lazy" src="https://www.youtube-nocookie.com/embed/UsQO40h8GeQ?rel=0&controls=0&showinfo=0" width="700" height="394" frameborder="0" allowfullscreen="allowfullscreen">

Key outtakes:
- Misdirection: Matthews would allow surveillance teams to tail him, so that other colleagues would be tail free
- Playing into stereotype and using them as a judo move; Warsaw Pact men tended to believe a woman’s place was in the home and didn’t think of Matthews’ wife as a potential operator
- Interesting points on the problems that intelligence agencies have in understanding the motivations of ‘non state actors’ such as religiously motivated terrorists
- During the cold war, Russians who spied for the US generally didn’t get to spend any money they made, as they would only survive 18 months on average
- China’s approach is much more long-term ‘picking up grains of sand on the beach’
- The most dangerous threats in his opinion: Iranian nuclear programme for the set of unknowns that it creates, China as a short, medium and long term threat, Russia as an ongoing but less serious threat than China and ‘non state actors’
Matthews also took a New York Times journalist on the street to explain what surveillance infrastructure looked like now

“You never try to elude or escape from surveillance,” he explained. “You want to lull them into thinking that you’re not operational on this particular day. You want to calm the beast.”
Shadowing Jason Matthews, an Ex-Spy Whose Cover Identity Is Author | New York Times

More posts on related areas here.
July 21, 2015
Hypeddit + more news

Hypeddit

Welcome To Hypeddit – brilliant selection of free tracks. Hypeddit from a content perspective is rather like an old school DJ pool, but online. I wonder how long Hypeddit can last in the face of the music labels copyright enforcement industrial complex

Business

Communities Dominate Brands: Matchmaker Matchmaker Make Me a Match – What if Microsoft sold Nokia back to Nokia – much as I would like to see a Jobsian style brand resurrection the market dynamics have moved on and Nokia has bigger issues to deal with. More wireless related posts here.

Gadget

It’s almost impossible to make money selling Android phones | Boy Genius Report – which shows the hard place where Microsoft, Nokia and BlackBerry have been. More wireless related posts here.

Daring Fireball: Apple’s Share of Phone Handset Industry Profits Climbs to 92 Percent – John Gruber on Apple’s ‘profit monopoly’ in the smartphone sector

Media

The truth about blogging on Medium | TheNextWeb – why are we having to even have this discussion, Medium is the new Blogger or Typepad

Online

Hillary Clinton Takes Aim at Uber, Wall Street In First Economic Speech – it was inevitable the sharing economy was going to get political

Security

Privacy talk at DEF CON canceled under questionable circumstances | CSO Online – the information that’s out there points to a national security letter being served on the developers

The Use of Encrypted, Coded and Secret Communications is an “Ancient Liberty” Protected by the United States Constitution – which puts the law at odds with the U.S. intelligence industrial complex

Software

What’s Weixin? A Short Guide to China’s Super App – What’s on Weibo – 100 million users in 400 days. What’s interesting is the way Weixin has managed to cram so much functionality in one app and not compromising on ease of use. This is in sharp contrast to the rise of app constellations

July 15, 2015

Category: security | 保衛 | 정보 보안 | 情報セキュリティー

Seabasing

Hacknet + more things

Hacknet

Hypeddit + more news

Hypeddit

Business

Gadget

Media

Online

Security

Software