Tech Freedom

Weekend Edition 55: Security, Elonworld, SBF Trial, and More…

Weekend Edition 55: Security, Elonworld, SBF Trial, and More...

Weekend Edition 55: Security, Elonworld, SBF Trial, and More…

 

NSA Top 5 Security Problems

Qakbot Ransomware not Dead Yet

ElonWorld: X Sued, Neuralink Competitor Gearing Up

Bankman-Fried Trial News

AI News

AWS and Azure to Be Examined by UK Competition Authority

Apple Fixes Their Shit

Duck Duck Go: We Were a Contender…

 

WE 1 – NSA’s Top 5 Corporate Cybersecurity Issues

The nation’s top spying agency has released its top 5 list of knuckle-dragging IT screw-ups they’ve found in corporate America.

The top bonehead, come-on-I-know-enough-to-do-better-than-that, mistake that the NSA found was failing to change default settings on new hardware and software. Usually these defaults are public knowledge, regularly posted to maufacturer or developer websites, not to mention countless forums and blogs. If you have yet to change your default logins, you owe it to yourself to figure out how and at least do that. This is basic, guys.

Number two on the derp list is not handling your permissions properly. Here’s the situation: you have a large network, with in-house servers, a hundred or more workstations, a couple dozen printers, routers, switches, firewalls (well maybe not that, if you can’t even manage to set up accounts properly), and WiFi access points, but you unwittingy set up all accounts as administrators, so that you don’t have so much management to do on the network (maybe?). This, in a Microsoft environment, is a recipe for a security disaster. As administrators, these users have full access to change settings, install and uninstall programs and hardware, not to mention opening your network to all manner of attack vectors. Only your IT guys (and perhaps not even all of them) should have administrator privileges. Not John and Jane Doe in the cubicles, they don’t need that much power in your network.

Number three is slightly less basic, but even at that, it, if your IT guys have a clue what they are doing as network admins, should be a slam dunk. It has to do with proper network monitoring inside your network. This is like setting up a secure area, but imagining that you don’t need security cameras to enhance surveillance in that space. Put the effort in. Install the cameras and the monitors, as well as sufficient on-premise storage to manage the logs in question. These logs can save your life, figuratively, when you do eventually get attacked, that way you can trace the vector for the attack, and patch that vulnerability.

Number four is another network basics issue: not segmenting your network(s) into vlans and the like, so once an attacker gets in past the initial wall, they just have clean access to ransack the whole place without anything else to stop them. If you segment your network(s), they will at least have to figure out where their targets actually live and work through more (even if they may be basic) firewalls in order to access their chosen targets. It may buy you enough time, if you have solid enough internal networking monitoring (and staff) to stop them before they get to anything really sensitive. However, if you don’t have that in place, then the likelihood is high that you have not segmented your network(s), either, and you’ll be that much more screwed in the inevitable event of a successful cyber attack against your company.

Number 5 has to do with patching vulnerabilities and other issues. If you do not have a coherent patching system, then you’re likely to miss a workstation here, or a server there when you find the need to patch your system (which should be regularly, as criminals are always shifting their vectors and methods of penetrating your system). If not everything gets patches at once, you will have blind spots and weaknesses that you thought were handled effectively, but were not. Make sure that your IT plans have comprehensive patching as a feature, that way you are less likely to miss things.

The list was actually a top 10, so here are the rest:

Bypass of system access controls

 

Weak or misconfigured multifactor authentication (MFA) methods

 

Insufficient access control lists (ACLs) on network shares and services

 

Poor credential hygiene

 

Unrestricted code execution

 

Numbers six and ten both tie back into number two, as if user accounts are set up with proper permissions, you are less likely to have someone able to inappropriately bypass access controls, and certainly wouldn’t be able to just run random code on one of your workstations. MFA and credentials are huge issues, and you may be tempted to think that just because you have MFA set up in your organization that it will save you from bad passwords which are easily brute-forced, but poor MFA (such as strictly basing it on SMS or email) can lead to MITM (man in the middle) attacks, as both of those things can be snooped or hacked into and redirected if an attacker is determined enough. A better way to approach MFA is to use something like Aegis or Authy to handle those codes, rather than simply trusting SMS to do it safely. This will cut down on many illegitimate access headaches for you. ACLs are related to number four, the network segmentation issue, as well as number two, the administrator access for all users issue. ACLs, when set properly, will keep resources safe from attack, as well as keeping one department’s resources separated from another department. This should be basic network engineering design, but apparently, corporate IT doesn’t get it, or perhaps, the management of the company doesn’t understand the need for these things, thus will not allow their IT team to set things up properly because it would be too inconvenient. I don’t know.

https://www.pcmag.com/news/nsa-here-are-the-dumbest-cybersecurity-mistakes-we-see-at-large-organizations

 

WE 2 – Qakbot Ransomware Still a Thing…

Now we are being warned that the Qakbot RaaS (Ransomware as a Service) infrastructure is not dead yet. Always reminded of Monty Python when I see that phrase… Lol. The FBI tried to take it down, but apparently only took out the botnet’s command & control servers, not completely destroying it. This is what leads the researchers at Cisco to believe that Qakbot may not 100% dead. It has still been sending out emails with links to download the Ransom Knight/ Cyclops ransomware, rather than Qakbot itself. Some other researchers have questioned that this is still Qakbot, insisting that it is rather something separate which seems to use former members of that botnet for something else entirely. As I said in the first piece today, criminals are always shifting their methods so that it is harder to catch them. After all, the gang behind Qakbot was not apprehended, but the C&C servers running the botnet were taken over and shut down by the FBI back in August (wait, you mean they aren’t just hyper-focusing on Trump and his supporters? They are actually doing some reasonably useful things as well?). We shall see if this is Qakbot or something else entirely in the coming days and weeks. Be careful with emails guys, always, always check that something actually came from the person that it allegedly came from. Do not just randomly open attachments from people you don’t know, or even from someone you do know, if you weren’t expecting to receive an attachment from someone, make sure to touch base with them first. These attachments can and often do contain bits of nasty code which can make your machine a part of one of these botnets, not to mention putting your data at risk as well. If you check with the person and they sent it, you are probably ok to open it. If not, then please, don’t open it. These steps will save you and your IT guys much grief in the future. They will thank you for not just randomly opening emails from people you don’t know. Phishing attacks are one of the most common ways that pieces of malware find their way onto systems and networks. Take this warning seriously and help your IT team help you to keep your company’s assets safer.

https://www.pcmag.com/news/notorious-qakbot-botnet-threat-continues-despite-fbi-takedown

 

WE 3 – Elon World

3-1: X Sues X… No, Elon Isn’t Suing Himself…

No, the platform formerly known as Twitter isn’t suing itself. There is another extant social media platform called X which is suing Elon’s personal social media playground. The suit seeks relief, in the form of a permanent injunction against the giant around the name, since their platform, which exists to connect lawyers and their clients, is also known as X, and this name change on Elon’s part will lead, and has already led to a decline in users on that smaller, Florida-based platform. The Florida platform is known as X Social Media, and has been around since 2015. They say that they have invested (probably too much) in brand awareness and advertising over the last 8 years. Yet another reason why a single letter is not a good idea for a name for something that will be public-facing. Many other companies have claims on various related trademarks, whether logos or full on brands, from X Social Media, to Meta, to Microsoft. Elon is looking pretty room-temp in the IQ department, here. He should have done more research before making this jump, just because he always wanted a platform called “X” which could handle anything and everything someone might want or need to do online.

https://www.pcmag.com/news/x-sues-x-over-name-elon-musk-twitter

 

3-2: Neuralink Has Competitors?

Apparently they do. One of them, Precision Neuroscience, is building a factory in Dallas, TX as we speak. They are at roughly the same phase of the process as Neuralink is, that is, FDA permission for human trials. The co-founder and Chief Science Officer of Precision is a Neuralink alumnus, and sees this move as crucial for safe development (both in terms of industrial espionage and for the health and privacy of the people they seek to help) of their brain-computer interface technology. Some others in the space are Synchron, Paradromics, and Blackrock Neurotech. I’d never heard of anyone other than Neuralink in the space, but then the media is fixated on “wunderkind” Musk, so why would they give airtime to anyone else? After all, the media is controlled by the same people who created Musk. It sounds like Precision’s methodology is less invasive than Neuralink’s, which seems like a net-positive to me, if we are going to move forward with this step toward merging man with computers. That whole thing just feels like a non-starter to me. I don’t want all of my neural energy and signals read and processed by some datacenter somewhere, then spat into my computer or phone via an app. It’s all too damn invasive, I mean, I love technology as much as the next guy, but some things just should not be. Even Star Trek never dealt with this in a positive way… The closest thing I can recall were the Binars or the Borg. The Binars were at least relatively benign, where the Borg were more or less like a technological cancer of sorts, on a galactic level. No individualization (other than the Queen), and all thoughts within the collective were funneled toward the goal of expanding the collective. Just freaky. Not a fan.

https://www.cnbc.com/2023/10/05/neuralink-rival-precision-neuroscience-buys-factory-in-brain-implants.html

 

WE 4 – SBF BS: The Trial Has Begun

4-1: SBF Tried to Pay Trump to Not Run in 2024

SBF’s biographer (what the hell? A 30 year old gets a biography written?) claims that he tried to pay Trump $5 Billion to not run in the last election Let’s process this a bit shall we? He was brazen enough to float the idea to someone on Trump’s team, not just chat about it internally. He never really made the attempt for a couple of reasons, though, one, he was unsure of its legality, and two, FTX fell apart about a year ago now, so he went from being flush with cash to being more or less broke. Two very good reasons to not try to bribe someone to not run for office. Yes, this would have been bribery if he had gone through with it. Then, aside from that, the wheels fell off of his crypto lambo. We have talked about how he is accused of money laundering, wire fraud, and a litany of other things in the past, and we will rehash all that in a bit, as his first trial began on Tuesday, October 3. The writer, who met with him over 100 times in the last couple of years, is convinced that at least SBF didn’t really grasp the reality that he was living on customer funds. He claims that SBF is no Madoff. I’m still not convinced that most crypto isn’t fraudulent on its face, anyway. Well, no more fraudulent than fiat currency, that is just underpinned by the government. Well, let’s continue talking about this clown.

https://www.cnbc.com/2023/10/02/sam-bankman-fried-considered-paying-trump-5-billion-not-to-run-lewis.html

 

4-2: Trial 1: Start

SBF being charged with 7 things, which if he is convicted of all of them, he will net at least a 100 year sentence. Wow. We have covered this before, but let’s get into it again, shall we? So, he claims that he was unaware of all of this, but it looks like, that is pretty much a bald-faced lie…

The full list of charges are:

 

Conspiracy to commit wire fraud on customers of FTX.

Wire fraud on customers of FTX.

Conspiracy to commit wire fraud on lenders to Alameda Research.

Wire fraud on lenders to Alameda Research.

Conspiracy to commit fraud on customers of FTX in connection with purchase and sale of derivatives.

Conspiracy to commit securities fraud on investors in FTX.

Conspiracy to commit money laundering.

 

Now, all that said, the reason why he is being accused of these things is because he did indeed misuse customer funds, whether he was conscious of that fact or not. It was not only illegal to do so, but was against their own terms of service to use customer funds for anything without express consent from the owners of those funds. It smells really bad, even though we are supposed to be considering him innocent until proven guilty. That is hard when the evidence, even as someone who is a legal layperson, really strongly points toward guilt. We will see how many of these charges stick vs how many he is able to disprove somehow. I don’t know how likely I am to be able to present this impartially moving forward. His lawyers have their work cut out for them in more or less trying to argue from ignorance for SBF, however, the judge has already stated that that strategy would be a nonstarter in opening arguments. We’ll see how all this goes, he has another trial to look forward to, after this one wraps around Thanksgiving, next March, which will cover more charges made since his extradition.

https://www.cnbc.com/2023/10/03/sam-bankman-fried-criminal-trial-starts-today-heres-whats-at-stake.html

 

4-3: Who Might Testify?

SBF’s parents, ex-girlfriend, Anthony Scaramucci, a bunch of investors from FTX and others, including his brother. How was Mooch related to this? If you recall, he was momentarily a press secretary for the Trump admin, I think between Spicer and Huckabee-Sanders. FTX seems to have funneled resources to and through the Bankman-Fried family as a whole, SBF’s parents and his brother were at least semi-involved with all of this, whether simply receiving those resources in the form of money or property, or being more intimately involved with the operation of FTX. Caroline Ellison is the step daughter of Gary Gensler, who had been one of SBF’s professors, and is the current head of the SEC. She was the CEO of Alameda Research, as well as the on again, off again romantic partner for SBF. Mooch was an investor, friend, and business partner of SBF. Wow. No wonder Trump has had such strong words about BTC and crypto as a whole. Not saying that he was directly involved or even likely talked to SBF at any time while he was in office. However, Scaramucci was involved, at different times, with the Trump admin. Make of that what you will.

https://www.cnbc.com/2023/10/03/sam-bankman-fried-trial-witness-list-scaramucci-ellison-more.html

 

 

WE 5 – AI Nonsense

5-1: Google Assistant to Get Bard Soon

Hey Google! Sorry if I just triggered your phones or wiretap devices, all… But soon enough, the simpler AI of Assistant will get a boost via the injection of Bard into the system. That’s right, Assistant with Bard is coming soon, and will be able to do almost anything that you can do with Bard or ChatGPT, only within your Android device and the Assistant. It will be able to summarize missed emails, analyze pictures, and generate things for you based on text or voice prompts. I never got into any of the voice assistants, because they just never sat right with me and I also was never initially happy with their results. I wasn’t patient enough to train them effectively, so I always had parts of my phones which I never really touched. How many of you are like me in that way? If you want a decent speech to text engine which you can use to hook into your phone’s keyboard, try the Futo Voice Input app, you can find it on Fdroid, if you add the repository for it, or even on the Play Store. It is put together by a braintrust which is dedicated to open source and device repairability. If you are a fan of Louis Rossmann, you’ll appreciate this organization. I’ll drop a link below to the F-droid repository.

https://www.pcmag.com/news/google-assistant-is-getting-a-bard-generative-ai-upgrade

https://app.futo.org/fdroid/repo/

 

5-2: Copilot: Can It Run Windows For You?

This article kind of drools over the notion of ease of use in reference to the ever evolving cluster fuck that is Windows. Pardon my foul language. Windows has only gotten more and more complex over the years, and Copilot, once it has been iterated upon (assuming that it makes it through that process, which is not guaranteed, RIP Cortana) is intended to enable that kind of fluid interaction. Its stated goal is to “turn every user into a power user”. Perhaps I am an elitist, but I think that if you want to get good at something, dumbing it down and adding another layer of surveillance tech to the equation doesn’t seem like the way to do that. Why don’t we just make the interface simpler and cleaner, so that actions are intuitive, even for the youngest users, rather than adding AI to the mix? On the surface, and turning off the skeptic and cynical parts of my brain, this article makes a valid point. I do want something akin to Jarvis, only without Big Brother watching my every action in excruciating detail, then making itself smarter at my expense. Is there a way to have my cake and eat it, too? I don’t know. I can dream, though. The only way I can see this happening is if everyone had the ability to self-host their own AI models. That is an exceptional amount of computing power, know-how, and overall power consumption that would be necessary for the whole population to have access to tools like that. I also question the impulse in that direction, though, because as much as it could make life easier and create moments of lower friction for creativity to flow, is that always a good thing? I don’t know. What do you guys think?

https://www.cnet.com/tech/services-and-software/copilot-may-mean-never-having-to-learn-windows-ever-again/

 

WE 6 – AWS and Azure to Be Examined by the UK CMA

I talked about the possibility of this referral coming months ago, and salivated over it, while simultaneously lamenting the need for a government large enough to smash mega corporations if need be. I am a ball of contradictions on this topic. I admit it. However, I feel like Big Tech needs to be taken to school. Maybe even behind the woodshed. They have become abusive to us because we allowed them to by continuing to utilize their products and services like a bunch of mindless sheep. They take advantage of us by offering cheap, relatively easy entry ways into the world of cloud computing, but then making it hard to leave their walled gardens. This is wholly unfair to us as consumers, as well as to other innovative businesses which may be better for us as a whole, even if they may not be as initially frictionless as the Azures and AWSs of the world. As they figure it, in the UK, AWS and Azure cover 60-70% of the market for cloud services, and even Google is dwarfed in comparison, at a mere ~11-21% of the UK market. Those are eye-popping numbers. The CMA is concerned that this represents too much concentration of power in the hands of too few, which is rarely good for anyone in the long run. They will carefully examine the situation, and we can expect a report with their findings and potential fines and whatnot by early 2025. I hope that the UK smashes these giants with an aptly sized hammer, not just levies fines against them, as is the typical turn of events in cases like this. We shall see. What is your take on these issues? Is it good to have government big enough to push around trans-national corporations like Microsoft and Amazon? Should MSFT and AMZN have ever gotten to where they are in terms of market share? I’m not questioning the quality of their cloud platforms, just the ways in which they maintain their grip on the businesses and individuals which see no alternative other than to depend on them.

https://www.cnbc.com/2023/10/05/amazon-and-microsofts-cloud-dominance-referred-for-uk-competition-probe.html

 

WE 7 – Apple Shenanigans

7-1: Apple Fixes Their Shit

iOS 17.0.3 was released to fix some of the overheating issues with the iPhone 15 series of devices. If you listen to or watch the show, here is where Connor will start his rant about how stupid some of their “fixes” have been in the latest updates.

This article tries to comfort people about how hot their phones have been getting lately, echoing Apple that it doesn’t have anything to do with the new materials used, and that unless there is a warning about heat on the screen, the devices are safe to use. Ignore that burning sensation in your hands and the acrid scent of char-grilled fingertips wafting up from your lightly smoking, $1000+ status symbol. They try to pin the extra heat on poorly optimized apps, or the restore process, but insist that the updates they pushed out this week are bug fixes to reduce that extra heat on your wholly unnecessary updated iPhone status symbol. That is why I call them status symbols: they are overpriced for what they do, and unless you have one from 4+ years ago, currently, you don’t NEED a new one. Stop mindlessly consuming, just because Apple says you should.

https://www.cnbc.com/2023/10/04/apple-iphone-15-overheating-fix-released-in-ios-update.html

 

7-2: DuckDuckGo: Apple Almost Switched to Us…Really Guys.

As a part of the antitrust trial against Google, the founder and CEO of DuckDuckGo testified that Apple was much closer to switching default search engines than anyone outside knew. There were a series of 20 calls or meetings between 2016, when Weinberg first pitched the idea, and 2019, when Apple finally ended the conversation. Weinberg always felt that at least on his side, these talks always went well, but that the standing contract with Google was the primary deal breaker for the partnership moving forward, even just for private mode searches within Safari. They also pitched to Samsung, Mozilla, and Opera, but time and time again, felt stymied by the extant agreements all of them had with the 800lb gorilla. Apple executives remember things a bit differently, though. One, who also testified, was concerned with the link to Microsoft (as DDG uses the Bing indexes) as an Achilles’ heel for the whole thing, an incongruence with the way that they presented their product. I used to use DDG. Used to love it. Then it went woke and started tampering with results. If I am going to use a search engine, I don’t want it to feed me ads or what its creators think I should want to see, but just what I ask to see. If DDG does not provide that, then I don’t care so much about its vaunted privacy focus, because its whole MO is eroded by the way that their algorithms tamper with my search results. I think that testimony like this will lead to heavy fines, if not potentially a Ma Bell situation with Google. I want to see it splintered in to a thousand, tiny pieces, and prevented forever from reintegrating in to its previous state. That is likely too much to ask, but a boy can hope, can’t he?

https://www.cnbc.com/2023/10/05/duckduckgo-ceo-testified-about-talks-with-apple-to-replace-google.html 

Weekend Edition 54

Weekend Edition 54: More AI Shenanigans, Elon World, and Internet for all?

Weekend Edition 54 – AI Shenanigans and Community Internet

 

SpaceX Now Has Military Comms Contract

AI Shenanigans with Bard, ChatGPT, the CIA, and More

FCC & Net Neutrality: Part ?

FTC Suing Amazon

X Axes “Election Integrity”

Community Internet Access

 

WE 1 – SpaceX Nets US Mil Comms Contract

Just what Elon needed, another gov’t contract. If it weren’t for gov’t contracts and corporate welfare, he would be a broke side note because his “inventions” and “innovations” are mostly crap when evaluated on their own merits. If you couldn’t tell, I’m tired of talking about this clown and his “achievements”. I see him as a creation of the deep state who vacillates in his opinions and actions depending on which way he senses the wind blowing. I do not trust him worth a damn. I used to want a Tesla, now whenever I see someone driving one, my first thought is, “well, there’s another sucker”. But I digress. This contract is actually relatively small in Musk terms… Only up to $70 million for a siloed communications platform based on Starlink technology. What else is involved? We don’t really know. Is Starlink up to the challenge for providing military grade communications? I don’t know. These feels like a PR move, to me. Back to my initial point, though, this feels like the DOD saving one of its creatures because Starlink is not profitable yet, and with as high end of a client as the DOD, it seems like that would add prestige to the company and encourage people to give it a shot. Personally, I don’t get the drive toward satellite communications methods, when they are necessarily farther away than terrestrial options, introducing more latency to the connection. Just dumb.

https://www.pcmag.com/news/spacex-wins-pentagon-contract-to-supply-military-communications 

 

WE 2 – AI Shenanigans This Week

Bard conversations have started to be indexed by Google Search. What did you think would happen when you feed the search giant more information, anyway? Use your brains, people. If it makes shareable links to your “conversations” with Bard, then why wouldn’t the Google Search crawler grab those links and put them into its search results list? Let’s use our brains, people. Google claims that they are working to stop that from happening in the meantime, but why take the chance, anyway? These chat bots are a privacy nightmare to begin with, “Thanks, Microsoft!” (sarcasm) Remember, Microsoft was the one who threw data gathering caution to the wind about a year ago when it heavily invested in OpenAI. They decided that security and privacy were secondary concerns to just getting ChatGPT out into the wild ASAP, and could be “dealt with later”. Do you value your privacy that little? Are convenience and expediency that important to you that you are willing to give that much more data to our would-be tech overlords (not to mention the 3-letter agencies which gave them life originally)? You may be thinking, “I don’t have anything to hide. I haven’t done anything wrong.” Well, have you ever searched for truth on the internet? Tried to dig into election interference claims? Questioned the Narrative? These are online actions which get you “noticed”. You may be on a list or two, already. You may not have been de-platformed or de-banked, but many have been. Choose to learn the best ways to move forward with privacy as a primary concern, and let me tell you, using these chat bots ain’t it, Chief. It is time to get away from MS products with Co-Pilot (aka ChatGPT) built into the OS and accompanying software. It is time to ditch Google for everything, unless you are willing to encrypt every file you upload there (which would do nothing for your emails and search histories), so just find alternatives, ideally through self-hosting as much as you can. It is time to get away from Apple (not that my co-host is doing so, but yeah… He’s a walking oxymoron, a privacy wonk who uses Apple because it is pretty and “just works”, even though they snoop on all your data) for the same reasons… When you trust them with your data, it is private from everyone but Apple, kind of like with the MS ecosystem. Except, with MS, there is no such thing as security, as Windows, and the rest of their ecosystem, is so full of security holes that you’re lucky if you find something that is actually protected well.

https://www.pcmag.com/news/be-careful-with-bard-google-search-showing-private-chatbot-snippets

Guess what? The CIA is now developing own AI tools that we are allowed to know about now. Oh boy. Yes, they need AI to help them and the rest of the USIC (US Intelligence Community) to sort through all of the data they gather from US citizens (thanks, W!) You, if you are an AI researcher, could get a job helping the Devil to spy on the rest of us and parse that info into something more useful for them. Doesn’t that just sound like a utopian vision? Try 1984 to the max. They have the surveillance apparatus trained on us already, but particularly for those of us who are not wise to their games at all, that just looks like playing in the Big Tech sandboxes, as usual. You can foil some of their data gathering by using tools like encrypted DNS and no-log VPNs, but aside from that, if you MUST use spy OSes and software, stick them in virtualized environments, where they can only see and communicate if you allow them to, vs taking all your telemetry and phoning home constantly to report on you, like some sort of Stasi or KGB or CIA informant. If this feels like allot of work, it is, but thanks to the Patriot Act and others since then, our personal privacy is no longer guaranteed in this country. Is it worth a bit of work to clamp down on the firehose of data that you volunteer to Big Tech and the 3-letter agencies by using Big Tech tools? I think so. If all of us woke up and stopped making it easy on them to mine our data, then I think we would make a big impact.

https://www.pcmag.com/news/bard-chatgpt-and-the-cia-us-agency-prepping-its-own-chatbot

 

Now you can allegedly tell Bard to fuck off from your website without harming your SEO rankings on Google Search. The tool is called Google-extended, and you can modify your robots.txt file on your website with the following string to tell it to buzz off:

User-agent: Google-Extended
 Disallow: /

Will it work? I don’t know. I will be implementing it on my websites though, since I do not want these stupid bots getting any smarter reading my content, then using it to cobble together some answer to someone else’s query. No thanks. My sites don’t have paywalls anyway, but I want credit for whatever marginally original thoughts I may have, and being spat into some database doesn’t offer that. Call me old fashioned, but if 242 of the top 1000 websites have already implemented the ChatGPT version of this string, then why not me? I know, odd that I would make any appeal to popularity like that, but there it is.

https://www.pcmag.com/news/dont-want-google-to-use-your-website-for-ai-training-you-can-now-opt-out

 

Here we go again… ChatGPT can easily browse the internet again. Enterprise and Plus users can now use Browse with Bing in the Bing Chat window. It had been rolled out, but due to abuse by some users, and outcry from creators and stakeholders whose material behind a paywall had been illegitimately accessed through the tool. Seems like this was inevitable. We know that these AI models can get around paywalls, and that there have been lawsuits about that capability, yet MS/ OpenAI is continuing on with this, even doubling down. I know that Connor and I have opposing opinions about intellectual property and the like, but this just seems stupid, unless MS figures that they have enough data gathered over the last 25 years on all gov’t officials that they don’t need to worry about negative rulings being particularly effective or brutal. They say that it will also be rolled out for free users soon as well.

https://www.engadget.com/chatgpt-is-allowed-to-browse-the-internet-once-again-211332316.html

 

Meta, not to be outdone, has created 25 AI personalities of famous people, from Snoop Dogg to Bear Grylls, and many in between. Now these personalities are not specifically clones of the real person, but based on the real person and tied to specific interests. That is creepy AF to me. These AIs are apparently voiced by these celebrities, somehow. This just feel like desperation on the part of robot lizard boy, Zuck, to make everyone look at Meta again when the core platform is more or less dead. I don’t know. These bots will play characters who can directly pull search results from Bing. That just sounds like a bad thing to me. If I’m gonna talk to a chat bot, I’d rather it be a blank slate rather than have a gimmick personality tacked onto it. I can’t imagine that this is going to be well-received by the user base for Meta. Then again, I’m weird. I know that. Perhaps the younger set, whom this has been squarely targeted at, will be awed by having some of their favorite influencers (such as Mr. Beast) involved with the project. I hope not. Just stay away from this nonsense, guys. It may be kind cool on the surface, but do you really want to give even more data to Zuck than you already volunteer through using Meta, Instagram, WhatsApp, and Threads (who actually uses Threads, anyway?)? Ditch these platforms and use your brains for something more beneficial, please.

https://www.engadget.com/meta-is-unleashing-more-than-25-ai-chatbot-personalities-onto-the-world-181428710.html

 

WE 3 – FTC on Net Neutrality… Again

Rosenworcel, with her newly minted, imbalanced board at the head of the FCC, is looking to re-roll out the controversial regulations that were so important to the Obama administration and now to Depends’ so-called administration. What is Net Neutrality, and why do GOP/ conservative lawmakers and pundits hate it as we do? In brief, Net Neutrality makes broadband ISPs into something like phone companies, a utility. This exposes big money mega-corporations to regulations which they do not want to deal with. I’m not suggesting that anyone on either side of the aisle is more influenced by special interests than the other, here, that is not my point. DC politics is a nasty swamp which has very little to do with We the People anymore. That is 90% of our “representatives” on both sides of the legislative branch. My primary concern as a constitutionalist is when the bureaucracy creates more power for itself without consent from the governed. I believe that the government should be small, taxes should be low, if they exist at all, and regulations should be close to non-existent. However, that requires a moral, intelligent, and informed populace, which doesn’t really exist at scale right now. That is how we got where we are from Ben Franklin’s comment in response to what sort of government they created for the US, back in the 1780s, “A republic, if you can keep it”. Also how we have degenerated from John Adams’ famous quote that our constitution is “a government for a moral people, and is ill-equipped to govern any other.” Here we are, though. With companies big enough to be governments in their own rights, buying influence with senators, representatives, cabinet-level officials, and even presidents. Companies large enough to readily abuse everyone because they have near-monopolies on the tools and services that we have become dependent on in the present moment. I believe in the free market and that the free market is the most just way to handle the means of production that humanity has developed, therefore, I also believe that on a long enough timeline, governments should not need to be so big as to be tyrannical. However, in our current situation, government is unfortunately necessary to put these giants in their place from time to time, so that they do not become abusive to the point where the public is harmed by their practices (which could be argued to be the case right now). The banner rules for this set of regulations hinge on the FCC being able to force companies to keep their services “free of unnecessary impedance to the flow of data”, such as data caps, bandwidth caps for specific services or customers, and other such things, which are not really a super issue right now.

On the surface, like most of these regulatory efforts, that sounds rosy and hunky-dory, doesn’t it? If you dig down, the veneer is only deep enough to fool someone who just glances at the patch for the “problem”, though, and that is why people like me don’t see that it is a net benefit to be net neutral. The problem is that it centralizes too much more power in the hands of unelected officials, so they need means to police these regulations, which would give them even more access to data than they already have, and could snowball into more ability to shut down dissent in our country. Have we recently seen proof that (((they))) would do just about anything to maintain their power? Yes. Yes, we have. Why are the January 6 participants still being held in DC jails? Why are they having the book thrown at them when they did (mostly) nothing wrong that day? This could potentially turn into something really nasty for We the People. That is why I stand against it, from what I understand of it.

https://www.pcmag.com/news/fcc-prepares-to-take-another-swing-at-writing-net-neutrality-rules

 

WE 4 – FTC Sues Amazon, Claiming Monopoly

It’s about time. Amazon is too damn big. It uses dark patterns throughout its customer facing properties. It makes it hard for merchants to sell things elsewhere, particularly if they find that they could sell their wares for less elsewhere.They will bury those sellers’ listings beneath layers of Amazon house brands and other ads for related things, such that those sellers’ wares may as well not be on that marketplace. This seems like it should be an open and shut case, but then, like MS, AMZN probably has copious amounts of blackmail data on the people seeking to knock it down a few pegs. We will see what, if anything comes of this suit. How many mom and pop businesses have had to close down because drop shippers on Amazon undercut them? One could argue that this is progress, but if progress entails destroying the life’s work of many, then is it really worth it? I don’t buy it. That isn’t to say that I am not among the throngs of people who hold Prime memberships, and on whom Amazon has far too much shopping and search pattern data. I am a hypocrite on this one, because I do not yet see a viable alternative to the Amazon near hegemony, quasi-monopoly situation. Do I want one? Yes. Are there a few marketplaces which are trying to do that, I think so. However, none are there yet. I think Amazon should be broken up, just like Alphabet, Microsoft, and Apple should be. It should be splintered as AT&T once was, though that didn’t last all that long, as AT&T is probably bigger now than it was before the efforts of the FTC in the late 90s and early aughts.

https://www.pcmag.com/news/ftc-sues-amazon-claiming-e-commerce-giant-maintains-a-monopoly 

 

WE 5 – Engadget Whines About X Firing Election Tampering Team

Awww, poor leftists. Crying over Elon actually following up on what he promised when he took over Twitter almost a year ago. Yaccarino, who was hired about 6 months ago, promised that X would abide by the rules set forth by the EU regarding mis and disinformation, which they have found to be much larger issues on the platform than on others, such as Meta. X/Twitter is the wild west right now. I still think that Elon is trying to torch it. There are many things which do not make sense from a business standpoint, such as how he always runs his mouth on the platform. That is not a normal CEO thing, typically CEOs get insulated behind layers of gatekeepers and PR people. This is so that whatever the public sees from a high profile CEO is sanitized and en pointe, so that they don’t have to do damage control a’la LMG. I don’t want to throw gas on that pyre, but in brief, there were issues at LMG (Linus Media Group, which operates the Linus Tech Tips, Short Circuit, and other tech-related news channels on YouTube) surrounding the accuracy of their videos, as well as some company culture issues which have led to what should be a criminal investigation. Linus Sebastian, the founder and owner of the company, likes to run his mouth, and often gets himself into trouble doing so. This is very similar to Elon’s approach with X/Twitter at this point. I don’t need to repeat my take on him from earlier in the blog, so suffice to say that I do not trust him worth anything. I think that he pulled the plug on these teams because he knew that they were ultimately bad for users. So, good on him for that. That’s where I’m going to leave this one…

https://www.engadget.com/x-reportedly-cuts-half-of-its-election-integrity-team-091135783.html

 

WE 6 – Mesh Internet: Achievable Goal or Unobtainable Pipedream?

First, we should probably define some terms, as mesh may not be a common idea. A mesh network is by nature decentralized, which grants it resiliency. Instead of a traditional ISP situation, a mesh-based provider has multiple points of ingress and egress, which means that if one point goes down, traffic is shuttled to another hub or switch, whereas if something happens to your fiber optic line in the street, you could be out of luck for weeks, as my co-host has been experiencing. If he was working with a mesh provider, such as one like NYC Mesh, then he would still get solid service, and it would almost certainly cost less. Given, he is not in NYC, but this could, at least in part, solve some of the issues he’s had over the last month or so. It involves low-cost, point to point directional WiFi transmitters and receivers to link the nodes of the mesh network. There are other similar organizations in Philly, LA, and Portland which have similar goals, which are to serve under-served communities with solid, unlimited broadband access. The more I look at this, the more apparent it is that they intend to create an open MAN, or Municipal Area Network, only without direct reference to the city of New York. This puts them in the crosshairs for AT&T, Verizon, Comcast, Spectrum, and the rest of the ISP mafia which serves NYC, along with much of the rest of our nation. These companies see community projects like NYC Mesh as existential threats to their hegemony over internet access. This breeds much animosity because thousands of people per day (hard to tell how many exactly, since they do not gather personal data on their users) choose to access the internet via their mesh network rather than through those companies’ pipelines (at least directly). I can see how this is difficult to execute on for long term situations, as it is dependent on volunteers and on the main ISPs in the area to not shut it down whenever they realize that it is happening, via cutting off access for the main nodes or some other such draconian measure.

This also sounds like a security nightmare, since unless you are hardlining into your access node, it is just a giant WiFi access point network. That gives me a cold sweat thinking about it. However, if you, as a home user for a mesh access situation like Mesh NYC are intelligent and bring that goodness into your home via a personal router, then to ideally a separate access point for your network, and you set up a VPN and encrypted DNS for it, along with firewalls to keep your devices connected with the other devices on the MAN-type mesh network, but safe from prying eyes. That moves this from doable for the average bear to needing some sort of network engineer to adequately get safely connected. Maybe I am jumping the gun here, but in looking more closely at the documentation for Mesh NYC, I see that the mesh is really not about point to many type scenarios, but rooftop to rooftop, rooftop to hub, and hub to hub connections. Once installed outside, a GBe connection is established to an inside router for the user’s personal network, which they can have be as complex as they want. The main thing that NYC Mesh asks is that those end user private networks keep guest networks open. That makes me nervous, but if you set it up right, you could pass that onto neighbors as you might with a traditional connection (as a failback option for them, should their own traditional connections fail). That said, I feel a bit better about the whole scenario, here, from a security standpoint. Still seems very nerd-oriented, and there aren’t as many nerds in the populations that they claim to want to help the most with this. Sorry if this has been a bit random, but was writing as I read things. Take a look at the docs for NYC Mesh here, if you are interested: https://docs.nycmesh.net/

https://www.cnet.com/home/internet/features/internet-for-the-people-the-movement-for-affordable-community-led-broadband/ 

Weekend Edition 53: AI ALL the Things & More

Weekend Edition 53: AI ALL the Things & More

WE 53 Blog
3 Letter Agencies Warn of “New” Ransomware Threat
Lastpass: Strengthen Your Passwords, Y’all
NeuraLink Enters Initial Human Trials
AI Regulation: Possible?
Moar AI… AI ALL THE THINGS
AI Legal Troubles
TIkTok Troubles
Google Antitrust Trial Phase 1: Start
Signal Researching Quantum-Proof Encryption

WE 1 – Warning About Snatch Ransomware
The Feds (FBI and CISA) are warning us about a new evolution of the Snatch, ransomware-as-a-service package. Some version of it or other has been floating around for about 5 years now. Here’s what it has been seen doing lately (incidentally, this only hits Windows machines), once it infects a machine, it will force it to reboot into Safe Mode, and from there, it will run roughshod over your files, encrypting them without anything to stop it. These US agencies issued the following advice to prevent infection or limit the reach of an infection:
§ Reduce threat of malicious actors using remote access tools by:
§ Auditing remote access tools on your network to identify currently used and/or authorized software.
§ Reviewing logs for execution of remote access software to detect abnormal use of programs running as a portable executable [CPG 2.T].
§ Using security software to detect instances of remote access software being loaded only in memory.
§ Requiring authorized remote access solutions to be used only from within your network over approved remote access solutions, such as virtual private networks (VPNs) or virtual desktop interfaces (VDIs).
§ Blocking both inbound and outbound connections on common remote access software ports and protocols at the network perimeter.
§ Implement application controls to manage and control execution of software, including allowlisting remote access programs.
§ Application controls should prevent installation and execution of portable versions of unauthorized remote access and other software. A properly configured application allowlisting solution will block any unlisted application execution. Allowlisting is important because antivirus solutions may fail to detect the execution of malicious portable executables when the files use any combination of compression, encryption, or obfuscation.
§ Strictly limit the use of RDP and other remote desktop services. If RDP is necessary, rigorously apply best practices, for example [CPG 2.W]:
§ Audit the network for systems using RDP.
§ Close unused RDP ports.
§ Enforce account lockouts after a specified number of attempts.
§ Apply phishing-resistant multifactor authentication (MFA).
§ Log RDP login attempts.
§ Disable command-line and scripting activities and permissions [CPG 2.N].
§ Review domain controllers, servers, workstations, and active directories for
§ Audit user accounts with administrative privileges and configure access controls according to the principle of least privilege (PoLP) [CPG 2.E].
§ Reduce the threat of credential compromise via the following:
§ Place domain admin accounts in the protected users’ group to prevent caching of password hashes locally.
§ Refrain from storing plaintext credentials in scripts.
§ Implement time-based access for accounts set at the admin level and higher [CPG 2.A, 2.E].
So that said, be careful, and most of you who watch or listen or read this probably aren’t IT pros at major corporations which would be worth targeting. The main notable targets have been government agencies or big companies. If you do not work somewhere where there is sensitive information which would be worth holding for a ransom, you likely don’t have too much to worry about from this particular malware attack. Connor may have other thoughts, but most individuals probably don’t have anything much to worry about from the gangs who rent access to this tool.
https://www.techradar.com/pro/security/fbi-and-cisa-issue-warning-about-dangerous-new-ransomware-strain
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-263a

WE 2 – LastPass: We’re Gonna Need Y’all to Step Up
I don’t know if you remember, but late last year, there was a major data breach at the well-known password manager, LastPass. Now, they are requiring all users to lengthen their master passwords to at least 12 characters to slow down future attackers. This is a good idea, but how about changing the way they do business? Why is this on their clients to clean up the mess? Isn’t there something more that LastPass could or should do to prevent this sort of mess in the future? Not much else to say here, other than to suggest that you go FOSS and use a self-hosted BitWarden or something like that, so that your passwords aren’t stored in some cloud somewhere that simply begs to be hacked because it is centralized data.
https://www.pcmag.com/news/lastpass-requires-users-to-update-master-password-to-at-least-12-characters

WE 3 – We Are Borg, Resistance Is Futile
Neuralink, AKA Musk’s pet project to trans-humanize us by embedding chips in our brains which can link up with computers. This is cool on a purely technological level, but creepy and stupid AF on a practical one. I mean, what nerd hasn’t ever dreamed of being able to work their computer at the speed of thought, rather than being limited by how fast you can type or move the mouse physically? On the other hand, this is a proprietary chip that Elon wants to put in everyone’s brains. Could they have a facility for reverse communication as well, such that suggestions from the computer or your smart tv or radio or streaming service could be placed directly into your brain? I’m not a fear guy, but this freaks me out, genuinely. If it were limited to 1-way linkage, and only ever used for people who cannot physically work with their phones or computers, and only gathers absolutely crucial data to make the thing work better vs profiling users, then I MIGHT be slightly more open to it. At this point, I trust this project about as much as I trust Musk… About as far as I can throw him. Early in this piece, and in the title, I mentioned trans-humanism and the Borg, from Star Trek. I have reason to believe that this is the end that they are aiming for, where humanity becomes merged with machines and humans are no longer really human anymore. We’ve talked about trans-humanism before, but it has been a minute, so let’s get into that, briefly. Trans-humanism is the belief system which states that humanity as it is, is flawed, but we have the technological know-how to fix it, and that we should. Think of this as a combination of the Borg and the 6 Million Dollar Man/ Robocop/ Inspector Gadget, only in real life. This is where these people, including Musk and Gates, want to take the human race. The Borg, if you didn’t know, live a collective existence, where they all hear the thoughts of the collective and have specific tasks to perform, and that is the extent of their lives. No individuality, any one drone can be modifed to replace any other. No private thoughts, no feelings, just the collective. But, back to present day reality, and the reason we are talking about this: Neuralink has now been approved by the FDA to begin human clinical trials. That freaks me the hell out, tbh.
https://www.pcmag.com/news/elon-musks-neuralink-puts-out-call-for-humans-to-try-its-brain-implant

WE 4 – AI Regulations: Possible, or Not?
Some think yes, others are not so sure. Others are hair-on-fire about the whole thing and are desperate to get this done, ASAP. The UK and the US are working independently to understand and try to rein in the whole AI phenomenon. The UN is also starting to weigh in, and has a preliminary report due on the issue by the end of this year. Jimmy Wales, of Wikipedia, believes that it is not doable to try to control it at this point. All of these would-be regulators, he thinks –probably accurately- don’t understand it hardly at all. In his view, the genie is out of the bottle. He compares the governmental efforts to regulate it to the notion of trying to control something like Photoshop now. Another skeptic about global regulatory efforts is Pierre Haren, who has been working on AI for 45 years, and was part of the team that created Watson at IBM. Remember Watson? I do. No one talks about that AI anymore, but then it wasn’t “generative” like GPT, LLAMA, or PaLM are. His skepticism stems from the geopolitical realm, more than the technical realm. His concerns are quite valid, about countries who would choose to disregard regulations (which they have a habit of doing in other areas already), if they don’t fit with their desired ends. That said, Mr. Haren is “flabbergasted” by the proliferation of generative AI tools and models, he thinks that it is no mere parrot. Perhaps he knows better than I do, having worked on the field for longer than I’ve been alive, but that level of focus may also cloud his judgment. That is allot of time to pour into a single type of project. So far, we have been talking about the scenario at a global level, as the UN has its sights set on solving regulatory issues there, so that all member states must adhere to those regulations (we all know how well that has gone with even our own country, much less “rogue” nations like North Korea, Iran, or Pakistan). Now I’m going to turn to the UK and their efforts, more locally.
In the UK, their CMA (Competition and Markets Authority) has been working feverishly to develop a set of AI foundation model principles. Here are their suggestions (all principles are, really):
· Accountability: AI foundation model developers and deployers are accountable for outputs provided to consumers.
· Access: Ongoing ready access to key inputs, without unnecessary restrictions.
· Diversity: Sustained diversity of business models, including both open and closed.
· Choice: Sufficient choice for businesses so they can decide how to use foundation models.
· Flexibility: Having the flexibility to switch and/or use multiple foundation models according to need.
· Fair dealing: No anti-competitive conduct including self-preferencing, tying or bundling.
· Transparency: Consumers and businesses are given information about the risks and limitations of foundation model-generated content so they can make informed choices.
These seem innocuous enough, but do they actually DO anything? Usually, these sorts of things don’t do much, as they are just governmental suggestions, but they are thinking hard about all of this. They are concerned about many things, perhaps worried or even panicked would be better words. Their prime concern is with market dynamics and whether the playing field is fair for the small, or the new to the market who aren’t named Microsoft, OpenAI, Google, or any of the other “big guys” in the field right now. It is all more or less nonsense. Maybe I’m being a little harsh, but government controls over free market systems are a non-starter for me. Do I see that they are currently, if begrudgingly, necessary, but I hate the notion of needing a nanny state to boss around companies which are too big to be good for humanity.
https://www.bbc.com/news/business-66853057
https://www.computerworld.com/article/3706991/uk-regulator-outlines-ai-foundation-model-principles-warns-of-potential-harm.html

WE 5 – AI ALL the Things
Microsoft is injecting all of its software with its GPT-4 based Copilot AI, from Windows to MS365, to Photos, to Paint, to Spotify and Edge browser. This is starting to roll out on Tuesday. Are you comfortable with all of your Microsoft products being empowered with AI to gather all of your data? Google itself is adding Bard to Gmail, Youtube, Docs, and across much of its cloud stack, as we speak. So, per the title of this piece, AI ALL the Things. Most of Microsoft’s software stack is now “AI-boosted”. Google’s cloud stack, plus Youtube, is largely Bard-ed now. This privacy assault purely motivates me to ditch these solutions as much as possible. AI is a privacy nightmare, and Microsoft is driving it off the cliff in order to gather as much data on its users as possible, as if the rootkit-cum-OS that is Windows, plus all of Microsoft’s other software stack wasn’t enough in terms of scraping data from their users. Again, same story with Google/Alphabet, right now, since many use their cloud as their internet OS: from Search, to email, to entertainment/information, to other cloud software (Docs, Sheets, etc). On one hand, this is cool. That is, if we do not consider anything like privacy or security in the midst of this thing. I mean, we have talked about how Microsoft has almost bragged about the fact that they single-handedly created this mad rush to implement generative AI such as it is right now. The reality is that OpenAI, Google, and the rest of the industry around generative AI products were operating under a much more careful way of approaching the issue, with privacy as front and center as a model which requires as much data as these large language model based AIs require in order to do what they do and continue to improve. The whole thing is sketch to me, anyway. However, my primary concern is for privacy and honoring the rights of individuals versus just driving ever harder for greater and greater levels of tech progress. The question is progress toward what, exactly? A future where humans never use their brains for anything taxing or rewarding? A future where we cannot think for ourselves? Maybe we are already mostly there, which is a disturbing thought. My response to that is, stand up and think for yourselves. Don’t just take my opinions or anyone else’s as gospel. Challenge everything. Do your own damn research and make up your own mind. I am not perfect in this regard, but I do try to grow in that regard. I will never give up my autonomy, such as it is, to a machine. I do not ever plan to use these things, even if it puts me behind the curve. My content will always be mine. My thoughts will be mine as much as humanly possible.
https://www.pcmag.com/news/microsofts-copilot-ai-coming-to-windows-on-sept-26
https://www.engadget.com/microsofts-latest-windows-11-update-drops-on-september-26-163553126.html
https://www.computerworld.com/article/3707074/google-adds-its-bard-chatbot-to-gmail-youtube-docs-and-other-apps.html

We 6 – OpenAI Sued… Again
This time by George R.R. Martin, writer of the book series which was adapted into the disgusting if smash hit, Game of Thrones. He has another well-respected author, John Grisham on board with the suit. They claim that the GPT models are infringing on their copyrighted materials in order to make itself “smarter”. The case alleges that the LLMs in question have “engaged in theft on a mass scale” because the authors’ works have been used without giving them proper remuneration for utilizing their intellectual property. Is it really a copyright claim or is it that they are afraid of being replaced, as the “expert” in the article cited below suggests? I do not believe that generative AI, such as is publicly available now can “create” anything unique. It is all derivative of the copious amounts of data that they are able to scrape from around the web, whether locked behind a paywall or not. I am a firm supporter of intellectual property and copy rights, whether Connor is too much of a socialist to agree with that stance or not. We will butt heads on this for a long time, no doubt, and the argument on the air was likely something fun to hear, but the bottom line is that as someone who is a content creator of sorts, a blogger and streamer who takes news articles and applies his own spin to them to make usually fairly left-leaning news stories read in as unbiased of a way as possible, I cannot fully espouse not providing means for a creator of anything which is valued by members of the public at large to make a living from their labor, whether a labor of love or passion or not. Connor feels that anything put on the internet should be free game. To be clear, he is no more a fan of AI and the generative AIs out there than I am. However, he feels that IP and copyright are stupid, and that artists and authors should simply labor for the love of what they are doing and keep their day jobs to feed their families, unless they are commissioned to produce a piece or other creative output. We recently had this discussion, and decided that we were never likely to see eye to eye on this issue, and that he is a walking ball of contradictions.
https://www.bbc.com/news/technology-66866577

WE 7 – DALL-E 3 Released
OpenAI’s image generation AI has had its third major version drop recently. It is now able to accurately place text in images (could be a memer’s dream). Like GPT-4, this will be baked into MS Copilot for all of its products. This is a privacy nightmare. I feel like I’m beating a dead horse at this point though. I don’t have much of benefit or much that is positive to say about this development, so I will cut this section short.
https://www.pcmag.com/news/openai-unveils-new-and-improved-ai-image-generator-dall-e-3

WE 8 – TikTok Back in the Legal Hotseat
TikTok has been used to start allot of mess because people have so little discernment and common sense these days. This has led to some good things, but also many very bad ones. Certain viral videos have spurred spurious murder accusations, ginned up riots in various places, and created mayhem where none should have existed before. This is a dangerous tool. Unscrupulous people who just want the eyeballs and notoriety have fabricated stories and even interfered with the proper carriage of justice. Internet sleuthing has its place, don’t get me wrong. Do your research as best you can so that you can form educated opinions about things, rather than just following the herd. That said, not many can really be trusted as sources of information. Trust but verify. Look for real evidence, whether it supports the opinion you prefer or not. Disconnect from the matrix. Stop doom scrolling on social media sites, whether YouTube, TikTok, Telegram, X, or anything else. Use your brain. Don’t just get caught up in the furor of the moment. End the outrage cycle. TikTok is not being sued for this, yet, but perhaps it should be. Then again, do we hold the gun responsible in a shooting or the shooter? If the user base dried up overnight, TikTok wouldn’t last long. I know I’m nobody, with a next-to-nil following at this point, but for the love of all that is holy, break your addictions to these platforms. Get away.
The EU is fining TikTok for privacy violations in regard to childrens’ data on the platform. Let me reiterate that: the EU is slapping TikTok with a $368 million fine for not protecting kids’ data and for utilizing dark patterns on the platform to keep people from limiting the platform’s data gathering apparatus. The platform is, of course, taking issue with the ruling, protesting that they have remedied most of the problems which the Irish Data Protection Commission found with the way that the platform did things with user data. We will see if this fine sticks. This is not the first time that the platform has been slapped in the Eurozone, either. The UK fined them for similar issues back in April, but that fine was basically a slap on the wrist, at $16 million. They make that sneezing at this point. If these slow boiling regulators are cracking down on them, we have a couple of questions to ask ourselves:
1) If the privacy protections on the platform (which exists to gather data on its users, by the way) are so lax, then why do we use it?
2) If it has destroyed lives, then why continue using it?
https://www.cnn.com/2023/09/15/tech/tiktok-fine-europe-children/index.html
https://www.bbc.com/news/technology-66719572

WE 9 – Google’s Battle is Just Beginning
The DOJ’s suit about Google search’s monopolistic practices is just beginning. They have been in discovery for the better part of a couple of years now, but opening arguments have just happened in the last week or two as I write this. I wish I had seen this article last week, but here we are. The government’s case is ultimately similar to ones the giant has faced elsewhere in the world, that its dominance in search and ads are not natural, but created through the company’s ability to generate contracts with browser and other app creators to embed their engine as the default (even in Firefox), then punish them for breaking that contract. Are you still one of the 89% of the market which utilizes Google Search instead of taking your data elsewhere? Why is that? Convenience? Haven’t been convinced that they do not neutrally serve results, but base them on their own algorithms and the ad spend of the companies which pay for it? I could tee off on this for a dog’s age, but I want to focus on the case at hand. To be clear, I am not saying that their results are bad, just biased in very intentional ways. If the engine didn’t work, the world would have rejected it long ago, the way they did with Ask.com and other similar search engines in days gone by. Remember Ask.com? Maybe I date myself. Yeah, I’m dating myself. Ask was originally Ask Jeeves, which was one of the first search engines out there, and one of the first which could understand full sentence queries. Google was a joke in comparison back then. Google’s dominance in the market is what is in question, whether it is natural and due to innovation, or artificial and due to anti-competitive practices which have stifled or even extinguished competitors. The government’s case hinges on the latter supposition. I hope that Alphabet gets its ass handed to it, and is broken up over its gross disregard for user privacy. That is just me, though. What do you guys think? Will this case actually lead to something positive for the public, or not?
https://www.computerworld.com/article/3706516/gloves-come-off-during-day-one-of-googles-antitrust-trial.html

WE 10 – Signal to Boost Encryption
Signal is already moving to strengthen its encryption algorithms to prevent quantum computers from breaking it. This may seem premature, but if you look at what quantum computers can do vs traditional systems (and Connor doubtless will contradict what I’m about to say), it is important to try to stay ahead of the curve. Quantum computers take advantage of the uncertainty of things at the quantum level to add a third option to the traditional binary of electronic computing. This third option allows for, according to some, more data to be processed at a far higher rate of speed than in the fastest and most powerful of traditional computers.This can make the complex math which underlies much of cryptography to become child’s play to crack and decipher, rendering previously strong forms of encryption essentially pointless, as even brute forcing it becomes far more doable than on the most powerful of server clusters and super computers, much less common consumer hardware. Quantum computing is not readily available to the public, much less (less than state-level) bad actors, at this time, but is being worked on at a similar clip to large language models right now. This could lead to it being a real issue in the next 5-10 years. I am actually more concerned about that than I am about generative AI morphing into a general AI that can actually think for itself and take over the world. That said, though, it is quite a ways off, but I am glad that the team at Signal is already working on this issue.
https://www.techradar.com/pro/security/signal-is-adding-quantum-level-encryption-to-help-keep-customers-safe

Weekend Edition 52: AI Hype, Arm IPO, Security, Etc.

Weekend Edition 52: AI Hype, Arm IPO, Security, Etc

Airbus Hacked

Mullvad Warns About MacOS Sonoma

NSO Group Spyware Appears on Russian Journalist’s iPhone

China Denies Banning iPhones

ARM IPO

Google Play Scans in Realtime Now

Win11 to Protect Enterprise Passwords Better

Starlink: Going Broke?

AI Luminaries Testify Before Congress Again

 

WE 1 – Airbus Got Hacked… Oops

Hudson Rock, one of the big names in the cyber security space announced that hacker “USDoD” managed to exfiltrate (steal) data from the major French aerospace company, Airbus. Hudson Rock did not learn of this through some form of forensic investigation, but through crawling through hacker forums online, where the hacker had made the claim that they had made this attack. They managed to steal employee and vendor contact information through a compromised account connected with a Turkish airline employee. This is a common threat vector, to infect an employee’s account with information-stealing malware, then sell that gathered info to someone else on the black market, who then carries out a more direct attack on the target. In this case, it looks like the employee likely downloaded a compromised pirated version of .Net and was infected by the RedLine malware, which then grabbed about 3200 contacts related to Airbus, then the hacker connected to the initial attack sold it to someone else, who directly hit Airbus.

This hacker, “USDoD” claims to have carried out a similar attack on the FBI’s Infraguard database system, which hosts information about roughly 80,000 people, ranging from business leaders, IT Pros, LEOs, military members, and government officials. Ain’t that just grand? They (we do not know if this hacker is male or female at this time) appear to have joined an emerging ransomware group. We will see what happens and develops from that partnership. We need to stay on top of these sorts of attack vectors, as according to this article, it they are an increasingly popular option for hackers. How can we do that?  Try to make sure that our end users don’t expose themselves to unnecessary risk by installing pieces of software and whatnot which are unvetted, such as that instance of .Net which led to the attack on Airbus. How can we guard against this? As an IT guy, my gut says that centralization is a valid answer, but it is difficult to completely lock that down for end users, and also generates more work on the front end, as well as ongoing for IT professionals. I know, it sounds like I’m being lazy, and perhaps I am, but why would I willingly volunteer for potentially exponentially greater levels of that sort of work, moving forward? I’m not that much of a masochist. Do I see any other real alternatives, though? Not sure.

https://www.securityweek.com/airbus-launches-investigation-after-hacker-leaks-data/ 

 

WE 2 – Mullvad Privacy Company Warns of Problems with MacOS Sonoma

Mullvad discovered that the latest versions of MacOS have a critical flaw in their firewall implementation which breaks the popular privacy app. This also breaks many other VPN services, such as PIA and NordVPN, but ProtonVPN appears to be unaffected. The flaw appears to be related to packet filtering, so if your VPN or other network security tools do not require it in order to work properly, then you are probably fine. My personal take is that this was a shot across the bow for any Apple user who wants a modicum of privacy or security. This may be a mountain-molehill situation for me because I more or less hate Apple. I admit my bias, here, and if you have read or heard my commentary in the past, you know that. On the other hand, I was talking to Connor about this story and he has a significantly less cynical take on it. He sees this as more of a “happy accident” kind of thing, vs a calculated attempt to limit user privacy on Apple’s part. I don’t know. Not close enough to the developer space to have an educated opinion on the situation. Connor found a reddit thread about the situation where some users were saying that it had already been worked out. Maybe this is a fireless smoke situation, but time will tell, and I will follow up on this after the new version of MacOS actually hits the streets.

If you didn’t know, Mullvad is a privacy wonk’s wet dream. Connor will likely extol its benefits during the show, but know that it is not a paid spot or anything, just a couple of privacy-aware nerds geeking out over this really cool, open source focused privacy provider. They do not offer a subscription option, though you can pay ahead for as long as you want, at about $5.50/ month in cash, via credit card, or even BTC. The reason they do not do subscriptions anymore is that they do not want to keep any personally identifiable information from their users on hand. They are also 100% logless (which is crucial for any truly private VPN, because if they keep your logs on hand, they know exactly where, what, and when you have been online, and they could sell that info or even be hacked, then how private is that data, really?). Their servers are also 100% based on RAM, not permanent storage, which means that if the power is cut or the hardware is restarted, there is no data anymore. I used them for a month, and Connor, I think, has them in his personal privacy arsenal still, and enjoys/ appreciates them. As I said above, he’ll probably gush over them in the show, and I can’t entirely guess how that will go.

https://www.pcmag.com/news/mullvad-vpn-warns-of-critical-firewall-flaw-in-apples-macos-sonoma 

 

WE 3 – Pegasus Spyware Used Against Exiled Russian Journalist

Here are the basic details:

Galina Timchenko, the exiled head of an indie journalism outfit which has been critical of Putin and his administration had her iPhone hacked back in February according to Citizen Labs.

Apple notified her of the attack back in June.

It was a tapless infection which apparently occurred during a private meeting in Berlin, with other exiled Russian independent media types.

It used an exploit called “PwnYourHome”, which was patched earlier in the year.

This is the first reported Pegasus attack against a Russian journalist.

No one seems willing to point a solid finger at which State in the area might be responsible, though it seems likely that it was Russia, who banned her media company back in January.

Ok, so let me weave this story just a bit:

First, in January of this year, the Kremlin officially banned Ms. Timchenko’s organization, Meduza in Russia, citing national security concerns. In February, there was a private meeting in Berlin between exiled Russian independent media company heads. Ms. Timchenko was present at that meeting, and at some point during those proceedings, her iPhone was infected with Pegasus spyware (whose parent company, NSO Group, based in Israel, has ties with US Ret. Maj. Gen. Michael Flynn), through a click-less exploit, called “PwnYourHome”. There are several former Soviet Bloc countries in the area, including her host state of Latvia, who have licenses to use Pegasus and have no ethical qualms with using it, but none of them have been conclusively linked to this first-reported attack. Apple did notify her of the hack back in June, at which time she got in touch with Citizen Lab, an EU watchdog group. They did forensics on it, and uncovered the use of the Pegasus malware. Apple has since patched that vulnerability. The article ends with a suggestion to anyone who fears that their phone may have been compromised (any more than it already as as an Apple human tracking device) to place it in “lockdown mode”, as that has been shown to limit malware’s access to the hardware and its data.

Lockdown mode greatly reduces the convenience factor of your iPhone, iPad, or MacOS computer by making it so most Messages attachments cannot be downloaded, links cannot be clicked or previewed, Safari will largely break, Incoming FaceTime calls will be blocked, No more shared Albums in Photos, No more cross-device connections with other Apple products without explicit permission, so syncing photos and whatnot is right out when any of your devices is in lockdown mode. This all makes lots of sense, because most malware wants to spread itself to other devices and individuals, and once it does that, to gather private data from them and from your devices as well, of course. You don’t just randomly get targeted with Pegasus spyware, it basically has to be a State-level actor in order to afford it, so unless you are a vocal partisan, hacker, or some other sort of high profile source of pain for a governmental actor, you will probably be safe from this kind of interference. Perhaps Connor has some other thoughts about that, in fact, I imagine that he is probably saying, “Hold on a minute, Matt…” or something that right about now.

https://www.pcmag.com/news/nso-group-spyware-found-on-russian-journalists-iphone-who-put-it-there 

https://www.pcmag.com/how-to/how-to-secure-your-iphone-ipad-or-mac-with-lockdown-mode 

 

WE 4 – China Officially Denies Banning iPhone Use

The CCP’s Foreign Ministry has publicly denied that their government has “officially” banned iPhone and other foreign-branded devices from use at work by CCP officials. They stated that there has been no rule, law, or regulation passed in China which explicitly bans the use of those devices by government officials. They went on to indirectly mock the US’s stance on Huawei and other Chinese companies by stating that they, “… protect foreign companies’ rights and interests in accordance with the law and strive to foster a first-class market-oriented, law-based and internationalized business environment.” Shots fired, much? They sound like a jilted lover, pining over the relationship that once was, but is no longer. The article goes on to speculate, much like some sort of gossip rag or tabloid would, about the possible existence of an “unwritten rule” in this regard. This is possible, maybe even likely, but when the whole thing that we talked about last week was allegedly based on a pair of  “unnamed sources”, I have to question the reality of the whole scenario. Big side eye. X to doubt. I don’t know about you guys, but I’ve had enough of “news” being spun off from “unnamed/ anonymous sources, close to the situation”. So much nonsense has been created from spurious comments made by those sorts of people. Sure, there are moments when a whistle blower has be anonymous for personal safety, but I, for one, struggle with the printed libel and spoken slander that has been created to support false narratives about various public figures in this country. Time will tell if this is actually real or not.

https://www.pcmag.com/news/china-no-were-not-banning-iphones-for-government-workers 

 

WE 5 – Well, Well, Well… Arm Filed for an IPO

Let me start at square one here: do you guys know what ARM is? It is the company behind the architecture of the SOC (system-on-a-chip) processors which power most of the mobile world. It originally stood for Acorn RISC Machine (yes, named for the creator of the BBC Micro and Master retro computer systems from the 70s and 80s), but has shifted over the years to meaning Advanced RISC Machines. They went public with about 10% of their shares on Thursday, raising nearly $5 billion and netting a valuation of $54.5 billion. That is huge. SoftBank (Japanese investors) still hold 90% of the company’s stock. They are concerned, and even talked, about RISC-V as a potential threat to their hegemony in the chip IP world, should the open source architecture continue to gain traction and be capitalized at the rate it is. They should be worried. I love the idea of RISC-V and think that open source technology is the future in general. Notice that RISC is a feature in both of these architectures. What is RISC? It is one of two ways to handle logic and command structures in processors of various kinds, the other is called CISC, and is represented by the x86-64 lineages of processors, such as are featured in most desktop, laptop, and server computers today. CISC stands for Complex Instruction Set Computers. RISC stands for Reduced Instruction Set Computers. The philosophy behind the various RISC architectures is that simplicity is better and to be preferred over complexity. These (RISC) chips tend to be far more power efficient than their CISC brethren, but in the past were not as fast or as powerful as CISC chips, which is why so much of the computing world is predicated on the Intels and AMDs of the world, rather than on Arm or RISC-V. That, and the marketing for x86 processors has been much more forceful than Arm or its relatives over the years.

https://www.cnbc.com/2023/09/14/arm-ipo-what-is-risc-v-and-why-does-arm-call-the-rival-product-a-risk.html 

 

WE 6 – Play Protect Now Scans in Real Time

So, you know how the Play Store has a malware scanning facility for apps that have been uploaded to its servers, yeah? Well, it is about to gain the ability to scan your sideloaded apps for problems as well. This seems like a good thing on the surface, but when you look closer at this development, it feels like more overreach from the tech giant. Then, I am considered a power user, if not a technician of sorts, and certainly an enthusiast. I know that that provides a different perspective than it does or would for most average users. Forgive my cynicism, here, but when Google’s whole MO is to gather data on its users to sell to advertisers (at the least) and to serve as a database for the 3-letter alphabet agencies (at the worst), I struggle to see anything they do as a net-positive. I mean, perhaps for security this is a good thing, but privacy, i just don’t see it. Then again, I am a big degoogling guy, so maybe that colors my stance there. I’m not unreasonable on that front, but personally, I want to be as private as I can be and still hold onto some form of modern convenience. I’d rather not have a big tech outfit watching my every action like hawk to monetize it in some way. I think wisdom is to help users to develop discernment about the apps they choose to use, but that is probably too much to ask, so just like with the Airbus story earlier, a centralized solution is probably for the best for now, as much as that concentrates power in the hands of too few, just so that average people can thoughtlessly use their devices. The bottom line is that I do not trust any of the centralized options out there right now. I just don’t have a better alternative right now. That irks me greatly. We need something to replace this until people as a whole decide to learn a bit so that they can do better in defending themselves from threats.

https://www.techradar.com/phones/android/google-play-protect-is-upping-its-game-by-scanning-apps-in-real-time 

 

 

WE 7 – Windows Security *stifles laughter*

Microsoft is claiming that their enterprise clients can expect better password safety moving forward now. This update allows administrators to choose to block NTLM (New Technology LAN Manager) from connecting to systems via SMB (the Server Messaging Block, which allows file & print sharing on Windows networks) to prevent password cracking attacks. To be clear, this update does not completely block it, but rather prevents outbound connections to remote servers to stymie attackers attempts to steal the hashed user passwords on that system. This is a decently big deal in terms of Windows security, but when the OS is a rootkit in itself, I fail to see the purpose here. Perhaps I am too harsh on Microsoft, here, but I have my doubts. This is a decent step, but why is it being limited to only enterprise license holders? Oh yeah, they are the big money makers for Microsoft, so of course they would get the good stuff before the rest of us simple end users would. There are so many tweaks and whatnot that are locked to enterprise level licenses that the OSes almost may as well not be the same. I’m not saying that you should sink money into Microsoft’s ecosystem at all, though, those licenses are not cheap and are designed for Network and system administration professionals to set up and deploy across vast corporate landscapes, not Joe Blow PC user on Elm St. Personally, I think that all users should have at least a basic understanding of how their systems work, so that when something breaks, they have at least a basic toolkit to reach for to diagnose and repair it themselves. We lost that probably when the world decided that Windows was the future rather than something like BeOS or OS2. The process went from, “Oh, computers are just for nerds or gamers who know basic programming or hacking, to computers can be for everyone, and oh now we need a new class of technicians to fix these flawed, buggy, and oft-broken systems so that end users don’t need to know any of this stuff in order to use the computers we make”… Or something like that. That needs to be reversed. I know this is counter cultural, but let’s learn how to take responsibility for our things rather than simply simply using them until they break. That is one of my passions and informs all I do with Tech Freedom.

https://www.techradar.com/pro/security/microsoft-releases-windows-11-update-to-block-password-stealing-attacks 

 

WE 8 – Is Starlink Actually Solvent?

Short answer: yes it is. It is well short of its original projected numbers from when SpaceX first spun the project off, however, it is solvent. They projected 20 million users for the service, with a revenue of ~$12 billion and an operating profit of ~$7 billion by the end of last year. Those were typical, pie-in-the-sky Musk numbers, the reality is that they had about 1 million users, a revenue of $1.4 billion, and operating profit of something less than that, if not a loss. I don’t like Elon, and think that he has a slightly above room temperature IQ, but has suddenly become some sort of marketing genius. I doubt very much that he ever wrote a single line of good code for X (later PayPal), and has never done any real work in terms of design for Tesla or SpaceX. I think that perhaps he came up with the names for the vehicles, but other than adding mystique to the companies he owns by being an alleged autistic wunderkind and fabulously wealthy through US gov’t subsidies and other corporate welfare measures, I doubt that he has added much tangible value to the companies he supposedly owns. Change my mind without resorting to propaganda.

https://www.pcmag.com/news/starlink-is-popular-but-is-it-making-enough-money-to-stay-afloat 

 

WE 9 – AI “Luminaries” Testify Before Congress Again

In a closed session, former and current CEOs of Microsoft, Bill Gates and Satya Nadella, alleged tech wunderkind Elon Musk, Meta CEO Mark Zuckerberg, OpenAI CEO Sam Altman, Alphabet/ Google CEO Sundar Pichai, former Google CEO Eric Schmidt, Nvidia Chief Jensen Huang, and others spoke to a group of roughly 60 senators, headed up by Chuck the Schmuck (Chuck Schumer, the Senate Majority leader) on Wednesday. Elon spun it as potentially, “going down in history as very important for the future of civilization.” in a comment to a CNBC reporter just after the end of the meeting. The bottom line is that the legislators are trying to listen to big tech about this blundering monster that it has created by unleashing generative AI on the public before it was finished baking. Here’s looking at you, Microsoft, you greedy, data-grubbing monstrosity, you. You just couldn’t wait to mine all the more data with your freshly bought OpenAI tools, could you? Microsoft has created this insane rush to develop these AI’s by forcing Altman and company to release chatGPT to the public, arguably before it was ready. I don’t know, y’all. It seems to me that it would be simpler to have just practiced a modicum of patience around this issue, but they couldn’t help themselves, like a kid on Christmas morning, or a fat kid in a candy store (I was a fat kid, I can talk). Just pitiful, and now we are in a mess, where the government has to scramble to regulate this allegedly dangerous technology. I am still unconvinced that current generation generative AI platforms and their incredibly large datasets and algorithms are something we should be afraid of for the reasons that they say. I strongly caution against their use for privacy reasons, not because I am anywhere near convinced that we should fear them evolving into something that could take over the world. I never plan to use them at any point, if I can help it because of the inherent privacy issues presented by the technology, not to mention its penchant for “hallucinating” bad answers, or just completely missing the ball, so to speak.

https://www.cnbc.com/2023/09/13/musk-zuckerberg-among-tech-leaders-visiting-senate-to-speak-about-ai-.html 

Weekend Edition 51: Privacy, on the Rocks

Weekend Edition 51: privacy, on the rocks

Weekend Edition 51: Privacy, on the Rocks

 

US Officials Fake Social Media Accounts

AI Nonsense

Android TV Malware

New FCC Commissioner

CCP Bans Apple for Federal Employees

UK Encryption Woes

 

WE 1 – Feds Have Fake Social Media Accounts

This one is gonna be hard for me to not be sarcastic about, but then, I suppose that I am a conspiracy theorist… It has been shown recently, through research done by the Brennan Center (named for Obama’s C_A head, by the way), that the DHS, CBP, and ICE all use fake social media accounts to surveil possible illegal aliens who slipped past their nets at the border. This article really only explicitly names those agencies, but the theory is that it is far more widely practiced among other federal-level agencies. This was more or less confirmed in the Twitter and Facebook Files, which were at least partially released earlier this year. The reality there, though, was that these agencies did not need fake accounts in order to keep track of people. They had wide open back doors installed at the hearts of these organizations, which they frequently used. I digress, though. This piece is about the DHS, CBP, and ICE and their abuses of these popular social media sites. These measures are unconstitutional. We have the right to free speech in this country, as well as the right to freely assemble (digitally or physically), as well as the right to privacy. Now the criminals who are either looking to scam the system or who are actively doing so have no such rights. There is also a gray area for the social media companies who have policies which expressly prohibit such tactics, so it is an issue that they have allowed it to keep going. What do you guys think?

https://www.theguardian.com/us-news/2023/sep/05/us-immigration-homeland-security-social-media-fake-profiles

 

WE 2 – Greasy Nuisance Signs EO to Investigate AI’s Impact on CA

Gavin Newsome (aka Greasy Nuisance or Gov. Greaseball) is apparently jumping onto the fearporn bandwagon about the impact of AI. This idiot wouldn’t know his ass from a hole in the ground if someone didn’t show him the difference. So he is having State-level departments study it and draft a report for him over the next 60 days about the economic impact of the use of AI in CA, as well as how the government could potentially use it in the state. Lord have mercy, just what we need, a bunch of Sacramento mindless jerks studying and implementing AI in governmental settings. That’s what is likely to come next, instead of recorded messages in bureaucratic office phone systems, they’ll roll out some GPT-based generative AI solution to talk to to screw we the people over even more than the insane crap regulations that we have to wade through in order to get anything worthwhile done, here. Apparently he (Gov. Greaseball) felt the need to insinuate that generative AI could cause environmental and energy grid disasters which could lead to “mass casualty events”. Proof that this moron has been watching CNN and Fox News (lmao) too damn much. We need a governor who can think for himself, here in CA. That might rankle too many within the Sacramento machine, but it is what We the People need, just as much as We the People need to learn to unhook ourselves from the brain drain of the Media. Let’s all learn to think for ourselves, here, and not be mind controlled zombies anymore. Maybe he;s wondering how these sorts of things could be triggered via AI tools so that he could make it look like it was AI’s fault when he follows the Cabal’s orders re: depopulation. He may need some huge gesture for them to agree to installing him as Depends’ successor in the White House. He sure is Central Casting enough, if you catch my drift. He has also made moves in relation to the Presidency, many think that he has all but thrown his hat into the ring already. That would be a disaster for this nation. Even more than the current puppet-admin. He has put the icing on the destructive cake here in CA. We’ve tried to kick him to the curb a few times now, but as in the USSR, it isn’t the votes that count, but who counts the votes that counts. He and the machine which installed him here are the ones who always count those votes, so nothing changes. He’s a mindless empty suit who will do whatever people more powerful than he is tell him to.

https://www.pcmag.com/news/california-joins-the-ai-regulation-frenzy 

 

WE 3 – Microsoft Vows to Shield Users of Copilot from Litigation

Wow. Just wow. Now, this is just on offer for paying customers, not any old Joe Schmoe who uses BingAI to create something which infringes on someone’s copyrights. Specifically for paying customers of Office 365 who use Copilot, as well as enterprise users of BingAI. They claim that if those users are challenged on copyright grounds, Microsoft will assume any legal liability they incur through their use of Copilot AI. Wow. Big talk from Redmond, y’all. I wonder when they’ll be put to the test first. Will they have to eat their words? Not like they don’t have the funds to handle this, being one of the largest companies on the planet, and besides, here’s another angle: if they handle all of the legal challenges for these customers, they get that much more data to train GPT on, so that their guardrails will be better and the results of people’s prompts will be less likely to trigger litigation in the future. Oh, another caveat: those users have to have been using the MS-designed guardrails in order to qualify for this indemnification. If you circumvented those things, you are screwed, so no DANGPT shenanigans. If you don’t know, there have been groups who have created various work-arounds to the guardrails for ChatGPT, and Microsoft has added its own filters to the situation, which can apparently be turned off, otherwise this issue would be moot, as I see it.

https://www.pcmag.com/news/microsoft-vows-to-shield-users-of-copilot-ai-from-copyright-lawsuits 

 

WE 4 – Google Sets Tone for Political Ads

Google has decided that any political ads using AI generated content must acknowledge that it was AI generated. This seems reasonable. They are about to roll out guidelines for content which will require prominently placed notices to the effect of “this image does not depict real events” or “this video content was synthetically generated” in or near the posted content. How many times, already, have we been taken in by something that appears real, but is not? Wait, every day on the news… Uh oh. But in terms of online, though, sometimes memes are difficult to tell from reality. For instance, how many people thought that the image released last week, alleging to be Trump’s mugshot was real? I did for a bit. That was essentially a clever meme, since mugshots always have height markers and such in the background. Trump has made a killing off of those images. I do not say this to disparage the cleverness of that move, or to insinuate that Trump should or should not have been arrested. That issue, I leave for another time. His team is absolute fire, in terms of marketing. They turn all of these things that would destroy any other candidate into cannon fodder for the campaign. But I digress. Deepfakes are a problem for people who lack discernment, this has been proven time and time again. The technology exists to make anybody say just about anything, fairly easily. Forcing campaigns to acknowledge when they are using generative AI to create out-of-character or unreal types of scenarios for their candidate or the opposition is a good thing, in my book, since these tools, in the hands of ethically challenged political hacks could really create ugly situations. Google has also banned demonstrably false statements in campaign ads. Who decides what is true, though? Google? Or actual, real facts?

https://www.bbc.com/news/technology-66739858

 

WE 5 – Low-end Android TV Devices Are Vulnerable to Hacking

You may or may not remember the Mirai firmware bug which could allow an attacker to hijack your device to form a botnet and carry our Distributed Denial of Service attacks (DDoS) against servers of their choice. What is a DDoS attack? It is a method by which bad actors often do shut down the servers for a targeted website by creating a network of “bots” which spam nonsense packets at the server in question until it gets overwhelmed and has to shut down. There’s a new descendant of that exploit called Android.Pandora.2, which is making the rounds as a malicious firmware update. What is the purpose of an attack like this? The point is to cripple a website and perhaps hold its function for ransom. How can you avoid this if you have one of these older Android TV-equipped devices? Make sure that you regularly update your OS and firmware, and that you only install apps from trusted sources, not just random places.

https://www.techradar.com/pro/security/mirai-botnet-infects-android-tv-boxes-to-run-ddos-attacks 

 

WE 6 –  We Finally Have a Full Slate of FCC Commissioners

Whether this is a good thing or not remains to be seen. There is a real possibility that this new commissioner will renew the pursuit of Net Neutrality. That would be disastrous. Net Neutrality opens the door to greater censorship, not greater freedom. The FCC has only had 4 commissioners, 2 from each wing of the corrupt bird that is congress, for the duration of Depends’ administration to date. That has changed now. Leftists are cheering because their team now has a majority in this key commission which sets so much policy in this critical space. I am so tired of politics, y’all. It’s a dirty game which only seems to get dirtier the deeper you look into it. Special interests need to be given the boot so that people who are genuinely interested in serving We the People can rise up and change things. PAC’s need to be dismantled and banned. Big money cannot be allowed to corrupt the process any longer. Whether you want to call it Deep State, the military-industrial complex, or the cabal, or whatever other moniker you want to assign, it needs to be denied access to the halls of power. The revolving door between big business and big government needs to be shut down permanently. Sorry for the excursus here, but you probably agree with my sentiments if you’re bothering to read this blog anyway, so there you go. Let me know in the comments if you have any other related thoughts or prognostications.

https://www.pcmag.com/news/senate-confirms-new-fcc-commissioner-ending-2-plus-years-of-deadlock 

 

WE 7 – No More iPhones for CCP Officials

Lol. Now the CCP strikes back for the US’s bans on TikTok and Huawei, among others. They are turning our logic against us, and doing a tit-for-tat move. Well, iPhones are made by a well-known US company (albeit one with huge ties with the CCP, since most manufacturing seems to occur at Chinese little more than slave factories), therefore, since Apple is based in the US, they must have back doors into the devices in question which will feed data to the US intel community, after all. Apparently, this is just an official statement of an unwritten rule which has been in place since before CONvid was released. This cracks me up, honestly. This could also be a proactive clap back to US allies banning hardware from Chinese-based companies, as well as the pending giant turd called the RESTRICT act. Remember that steaming pile from a while back?

The RESTRICT Act has been touted by leaders on both sides of the aisle as a good thing, which always makes me nervous, I don’t know about y’all, but when “leaders” on both sides of the aisle praise a piece of legislation, it usually means that We the People are about to get stiffed and the government is about to get a raft of new powers to use against We the People. Let me remind you about this bill: its full name is Restricting the Emergence of Security Threats that Risk Information and Communications Technology Act. If that doesn’t send a chill up and down your spine, then perhaps a review of a few of the points it covers should. This bill would essentially ban VPNs in the US, because if one uses a VPN with an endpoint outside the US, one could access the products and services which the bill exists to block access to, due to their being created and managed by companies based in the countries which this bill is concerned with. The list of countries is populated with the usual suspects: China, Russia, North Korea, Cuba, Iran, and Venezuela. Companies which appear to be in the crosshairs, but remain unnamed, include Kaspersky (who makes anti-virus software), ByteDance (parent company of TikTok), and Huawei. It could also ban, or greatly complicate the growth of cryptocurrency. That is chilling. I used Kaspersky back in the day (before I made the move to Linux, full time, where AV solutions are less necessary on an individual computer basis, vs in a Windows environment). This bill is a massive overreach and further erodes our right to privacy as American citizens, which should be enshrined in the constitution. Thane again, the government of We the People, by We the People hasn’t lived to those standards for a very long time. If they were actually attending to the letter of the constitution, rather than dancing on its ashes every day, they wouldn’t try half of the harebrained nonsense that they have inflicted on the sleeping populace in the last 110 years, since the birth of the Fed.

https://www.techradar.com/pro/security/china-bans-iphones-for-government-officials 

WE 8 – UK Government Claims That It Hasn’t Backed Down

Remember a while back when I talked about the nonsense bill that the UK was working on, under the guise of “protecting the children”? There were a few encrypted messaging apps which objected strongly to the verbiage in that legislative effort, which included Signal, Whatsapp, and iMessage. The reality is that if encryption is the raison’d’etre for an application, and that is undermined by a government’s need to snoop, then there is no longer a good reason for that app to serve users in that country, for that matter, if e2e (end to end) encryption is broken at the behest of one country, then it may as well not exist elsewhere, either. This not only effects messaging apps, though that is the prime focus by the UK, here, but utilities like VPNs, that without the facility of e2e encryption would cease to serve any real purpose, either. These legislators, similar to the ones behind the RESTRICT Act, here in the US, are absolutely clueless about the technology. They just see a barrier to their control of our thinking and speaking and want it gone. The concept that encrypted messages could be meaningfully scanned without breaking the encryption is laughable at best. This is like dropping a nuke where a laser-guided precision strike would suffice. My understanding of the tech involved is that encryption = scrambling of message contents in such a way that no one without the key could read or make sense of it. By its nature, if someone other than the party you are communicating with has that key, then you are no longer private nor secure, and you may as well be emailing or sending an sms text message. In privacy terms, those are two of the least private ways to communicate, and you may as well be publicly broadcasting your data via FM radio. Sounds like the UK is about to lose access to Whatsapp (big deal, not really private or secure, hello, it is owned by Meta), iMessage (private, except from Apple, if I’m not mistaken), or Signal Messenger (the most private of the three). This is just a dumb move. I hope that the UK government wakes from its power trip in time to not pass this turd into law.

https://www.bbc.com/news/technology-66716502 

 

 

Memesplanation Shorts – Romans Road 7

Memesplanation Short - Romans 1:1-2

Romans 1:1-2

Paul, a loving and loyal servant of the Anointed One, Jesus. He called me to be his apostle and set me apart with a mission to reveal God’s wonderful gospel. I write to all his beloved chosen ones in Rome, for you are also called as holy ones. May his joyous grace and total well-being, flowing from our Father and the Lord Jesus Christ, rest upon you.

My commission is to preach the good news. Yet it is not entirely new, but the fulfillment of the hope promised to us through his prophets in the sacred Scriptures.

Today, we start Romans fresh, in chapter 1, and walk through, a 1-4 verses at a time, except for chapter 8, which we just finished. I couldn’t help myself. I love that chapter. This is Paul’s introduction to the ekklesia at Rome, which he did not plant, and had never visited before. This is who Paul sees himself to be, a loving and loyal servant of Jesus. He is an apostle, but that comes after relationship. Then he greets them in grace and full shalom in Jesus. Get your relationship with Him first, just as Paul did. Don’t get mixed up, as so many do.

Memesplanation Short - Romans 1:3-4

Romans 1:3-4

For the gospel is all about God’s Son. As a man he descended from David’s royal lineage, but as the mighty Son of God he was raised from the dead and miraculously set apart with a display of triumphant power supplied by the Spirit of Holiness. And now Jesus is our Lord and our Messiah.

Who is this Jesus, anyway? He is writing to a group of Jesus followers, but wants to be sure that they don’t get it confused. The gospel is all about Him. This is almost Paul saying, you can trust me, I know Jesus, too. This is the foundation of why I am writing to you, that being our shared faith. Jesus is man and God. He is our savior, and the one who has reshaped our very lives. He is our anointed Lord. I do not know most of you, but it feels apt to say something like that to you, now.

Memesplanation Short - Romans 1:5-6

Romans 1:5-6

Through him grace cascaded into us, empowering us with the gift of apostleship, so that we can win people from every nation into the obedience that comes from faith, to bring honor to his name. And you are among the chosen ones who are called to belong to Jesus, the Anointed One.

Jesus is the source of all of this grace and life-changing reality. He has sent out some, like me, that some from every nation might be won into faithful obedience to God. You have already made the commitment to Jesus, and I recognize that. I have heard many good things about you and your lives, your faithfulness to the Lord in the face of persecution, and your love for the rest of the Body of Christ. Find your all in Him, today.

Weekend Edition 50

Weekend Edition 50: Trojan Apps, Teams Now Separate in EU, NVIDIA News, AI, and Tesla Nonsense

Weekend Edition 50: Trojan Apps, Teams Now Separate in EU, NVIDIA News, AI, and Tesla Nonsense

 

Be Careful, Little Droids, What You Install

Remember that Fine? Microsoft Doesn’t Want to Fight it Anymore

Nvidia AI Chip Restrictions Expand

Nvidia Closes Deal with Google

OpenAI Violates GDPR? You Don’t Say…

Protect Some of Your Data on Meta… Or Just Delete Your Account

‘Enterprise-Grade’ ChatGPT, Right….

NHTSA Raising Cain over Elon Mode Autopilot Mode

 

 

WE 1 – Chinese Trojan Apps Detected in Play Store

ESET, one of the premier antivirus providers, recognized two fresh CCP malware-embedded communications apps in the Play Store last month. They have been taken down, now, but they were also uploaded to the Samsung Galaxy Store. They were Signal Plus Messenger and Flygram. The first is a modification of the popular encrypted messaging app, Signal. This one can “collect similar sensitive data, such as the phone’s contact list, while also spying on a victim’s communications. “It can extract the Signal PIN number that protects the Signal account,” Stefanko wrote. In addition, the malicious code can allow the hacker to exploit the “link device” function to view their messages on the Trojanized Signal app.” What’s that mean? If you installed this modified app, your data would be anything but secure or private, in fact, it would be funneled to some server or servers in China. The malicious code injected into these apps is familiar to industry professionals, and is called BadBazaar. Here’s how you can avoid these sorts of apps, though, even if they make it through the screens and onto trusted stores: 1) make sure that the name of the app actually matches the official name, without modifications or tweaks; 2) Check the reviews for the app before you install it on your phone or computer; and 3) Make sure that you are properly sourcing your apps, direct from the developers, if possible (you can easily download and install Telegram from telegram.org and signal from signal.org if you’d like to do that, I actually suggest you do that, rather than depending on Google or Samsung, as those apps have extra censorship anyway).

https://www.pcmag.com/news/chinese-hackers-uploaded-trojanized-signal-app-to-google-play-store

 

WE 2 – Remember How Microsoft was About to Get Fined in the EU?

Well, they decided to split Teams off from MS365 in the EU to avoid the cost of litigation and fines. I’m somewhat shocked, to be honest. Then again, many municipalities and governments in the EU have gotten away from Microsoft products already, so MS is on its back foot in the EU. They do not want to make themselves any more odious in the Euro Zone than they already are. As of October, business, education, and private users will be able to select a cheaper Teams-less subscription option (saving $26/ year per user), or to buy Teams on its own for $65/ user per year. I made hay on the story about the potential fines to be assessed about a month ago, but MS kind of took the wind out of my sails here, by preemptively moving to split up its bundles in the Eurozone. Darn it all. Darn it all to heck. Will they voluntarily do this elsewhere? Here, perhaps? What would that do to businesses which depend on Teams and its integrations with the rest of O365? Many businesses depend on this collaboration suite, in all its facets, so if they did, it might hurt those small businesses. On the other hand, there is another aspect to this: MS is also set to provide easier API integration access to Slack and Zoom with O365 (calendars, email, etc).
 

https://www.pcmag.com/news/microsoft-to-sell-teams-separately-in-eu

 

WE 3 – Nvidia to Face Stricter Limits on AI GPU Sales

You know how the US has put restrictions on which and how many GPUs Nvidia could sell to China recently? Well, Depends’ handlers are concerned about Chinese diplomats and corporate getting their hands on this technology in the Middle East and shipping it back home. Thus, they are poised to apply similar limits in Saudi Arabia, Yemen, Jordan, and others. This could really hurt the chip designer. They could topple from their lofty perch as a $1 trillion dollar market cap company. Yes, AI has shot them to the moon that much. Their shifted focus could also trickle down in the form of GPU shortages to the consumer sector because all of their emphasis is on handling the demand for these insane number crunchers for AI development. Even with a company as massive as Nvidia, you have to remember that they only have so much time and resources that they can purchase in the form of “fab” time at TSMC. Remember, TSMC also makes chips for AMD and Intel, and must make time for that as well.

https://www.pcmag.com/news/nvidia-faces-more-restrictions-on-ai-chip-sales-this-time-in-the-middle

 

WE 4 – Speaking of Nvidia and AI, Nvidia Has Just Inked a Major Deal with Google

Just what we needed, right? Nvidia partnering with yet another of the abusive tech giants, arguably one of the worst. Then again, they already have deals with Microsoft and Amazon to have severs based on the H100 GPUs running to power their various AI models and tools. This news caused a 4.2% spike in the stock value for Nvidia. It closed at $493.55 on Thursday August 31, 2023, which is its highest close ever. That is huge for the chip maker, as their stock has historically tended to be closer to the $100-200 per share range, and in the last year, they have seen a >100% stock price value boom. This has sent them over into the trillion+ dollar market cap club, with the likes of companies like Apple, Google, and Microsoft. That is nuts. Understandable with Microsoft driving the AI boom, not to mention Windows and Office/ MS 365 sales, along with hardware and Azure and their big cash cow, OpenAI. There is a part of me that wants to speak ill of their success, but aside from when they pop up in the news for doing something stupid, these titans just keep on trucking, almost no matter what happens.

As an aside: because of their horrible business practices (here’s looking at you, Microsoft, Apple, and Google), I cannot be entirely happy with their success, as they hock typically sub-par products which spy on and treat their users like data mines rather than people who have rights to privacy and the like. Microsoft products are terrible, both on a functional level and in terms of privacy and security, and they spy on you like there is no tomorrow. Their telemetry is so embedded that it is almost impossible to root it out without impairing the already limited functionality of their OS and other software as a service options that my suggestion is to ditch it altogether and learn Linux so you can be free again.

As far as Google, we all know that they are a spy company by now. They exist to scrape data from your search queries, gmail messages, youtube histories, android usage history, and Maps data, among their other “free” products. There are alternatives for their services which do not entail bowing the knee to the monster Gates bred. Ones which will not force ads down your throat or scrape your usage data.

And Apple… don’t get me wrong, the Apple silicon hardware is a thing to behold and deserves the spotlight, but I do not like how they lock their users into a walled garden. Notice I called them users, not device owners. Apple does not treat people who buy their hardware as though they had bought it, but as though they were simply leasing these devices.

But I digress… Good job, Nvidia, for being astute enough in your planning to see this AI thing coming far enough ahead to capitalize on it the way that you have in the last year. That is not to say that Nvidia is a perfect company, either… They have stiffed their most loyal customers so many times, extorting them for marginal gains in their rigs, down to spiking the prices for those crucial parts to the moon. I’m still not convinced that RTX is that important, but because of the mindshare that Nvidia enjoys among PC enthusiasts, they have been able to steer the market in a very Apple-like way and set the tone for the other GPU makers (AMD, and lately, Intel).

https://www.cnbc.com/2023/08/29/nvidias-stock-closes-at-record-after-google-ai-partnership.html

 

WE 5 – ChatGPT Doesn’t Respect the GDPR? You Don’t Say…

A Polish researcher has filed a 17-page complaint with the local privacy watchdog relative to his experience with using ChatGPT to write a biography of himself and found mistakes in the results. Not sure how that made him question the privacy here, but he did dive into the terms of service and whatnot. When he did that, he found what appeared to be GDPR violations in regard to vagaries around how they handle personal data. Gee whiz, I wonder why they would have to be vague about privacy, given Microsoft’s involvement and attitude toward AI as a whole. Remember the last couple of weeks when we have talked about the “wild west of AI”, the responsibility for which is squarely at the feet of Microsoft, who bought OpenAI, the makers of ChatGPT. They took a, “do it now” approach to AI development, and discarded most of the safeguards which had been in place by the developers at OpenAI, among others. This has radically, and I would say, negatively, impacted AI development as a whole, as they chose to throw safety, functionality, and privacy concerns, burn them, and piss on the ashes. This infected the rest of the companies who had already invested r&d time and money into AI, because now they had to play catch-up with Microsoft’s new data mining toy, ChatGPT.

I think that that is the main draw for these mega corporations to blindly rush into generative AI models and tools. While this has spurred much rapid development in the space, which is good on some levels, it has also made this data grab that much more transparent. After all, if they can train their models and algorithms well enough, they can accurately predict our decisions and preferences and feed us ads and information to keep us in those patterns. This is about control. If knowledge is power, and data equals knowledge, and control comes through power, which is data in this equation, then data plus egomania equals control over the masses. That control leads to panics which we have seen in the last few years, from masking, vaxing, and social distancing, to lockdowns and runs on toilet paper and other commodity items. What is the solution? Refusing to participate. Do not use these generative AI tools any more than you already have, opt out of Microsoft, Apple, and Google products wherever you possibly can, and learn to live free.

https://www.techradar.com/computing/openai-accused-of-string-of-data-protection-breaches-in-gdpr-complaint

 

WE 6 – How to Protect Your Data from Llama2 on Meta

Now you can opt out of your data being used to train this open source monstrosity. It allows you to delete or exclude some of your personal data from being used to train LLAMA 2. This only pertains to info not scraped from Meta properties (Facebook posts, comments, pictures, etc, as well as posts on Instagram or the DOA Threads platform). They do claim that they have yet to roll out any AI products or services on their platforms, but how can we take them seriously, anyway? This is all about data they scrape from other sources for their LLM. Do you believe that this opt-out or delete option is something that will actually be respected, at least here in the US, where our privacy laws and regulations aren’t hardly up to the task? I think that people in the EU have a good chance, or at least a better chance, of being respected by Meta in this, because they know that if they fail to do so, they will have hell to pay from the boys and girls in Brussels. My best advice is to ditch these platforms if you are able to in the least. If not, then you’ll need to dig around in the privacy policy a bit to find the “Generative AI Data Subject Rights” form there, and click “Learn More and Submit Requests Here” link, then pick option two to delete any gathered third-party data from Llama 2. After you click submit, you will be required to pass a security check, which may or may not work. At least you will have done your best to limit their data gathering, whether it winds up meaning anything or not.

https://www.cnbc.com/2023/08/30/how-to-stop-meta-from-using-personal-data-to-train-generative-ai-.html

 

WE 7 – “Secure” and “Private” ChatGPT? Press “X” to Doubt

Well, now the world has “enterprise-grade” ChatGPT, with access to GPT-4 and all. So, why should big business want this? It is allegedly personalized, more or less a one-off of the GPT-4 LLM (large language model) which can privately be trained by each enterprise licensee. They say that it is secured with 256-bit AES encryption when the data is at rest, and TLS 1.2+ while in transit. That sounds all well and good, but how can I trust that my “version” of ChatGPT won’t make the whole thing more better by using my company’s inputs to train it? This reminds me of Bedrock, the AWS equivalent. Perhaps this is my anti-Microsoft bias showing through again, but I don’t trust anything that they have their grubby paws involved with. I dare you to try to convince me that they are actually trustworthy. Is this data truly end-to-end encrypted? Does OpenAI have access to each customer’s version? How much access do they have? 32k tokens in a company of 30-50k people seems rather constrained to me. That is what they are targeting, the whales of the world, those Fortune 500+ type of companies who have massive budgets to throw at automation and AI, to “stay at the bleeding edge” in terms of competition. It removes the 50 messages / 3 hours limit that regular Plus users have to contend with. I’m sure that Connor will have more to say about this than I do at the moment, but this, while I’m sure that it is true that these “whale” corporations do mostly use it to some extent, feels monumentally stupid to me right now. Given, most companies in that rarefied air already use O365 and the rest of the MS software stack, but why give them any more data than they already have? Again, I recognize my bias against Microsoft, here, but come on. You guys must see that this is at least problematic. 

https://www.computerworld.com/article/3705551/openai-launches-enterprise-grade-chatgpt.html

 

 

WE 8 – “Elon Mode” Autopilot Is a Thing, Apparently…

So usually when a Tesla occupant engages “Full Self-Driving” Mode, there is a nag which is in place to remind you to put your hands back on the wheel and pay attention to the road. This “nag” starts as a blinking symbol on the giant touchscreen in the dash, if you ignore it, the car will start to beep at you until you put your hands back on the wheel. “Elon Mode”, also known as, “Look ma, no hands” mode (not really), turns the nag off entirely. The NHTSA is not happy with this, as self-driving tech has not been proven safe as yet, and in communities where autonomous taxis have become a thing, they are being removed because they have had more wrecks than human drivers do. Given, those are not Tesla systems, but the ability, no matter how “secret”, to turn off safety features like that is a rather disconcerting back door, if you ask me. Musk used it in his livestreamed demo on X, almost as if to rub the government’s nose in it. I could get into how little I trust Elon right now, but that is besides the point, isn’t it? My cynical side sees all of this “self-driving” and “AI” stuff as a tool to control us more fully, but then, that is the point of govern-ment, isn’t it? To control the minds of the populace… Maybe I need to get my fin foil hat back out, but even as a tech guy, I am uncomfortable with these things. I want to own, control, and be able to manage all of my stuff as much as possible, particularly when it comes to tech. Call me paranoid, but I think that you will see that I’m right if we let this timeline spool out too much further in the direction it is headed right now. We need to jump tracks, y’all. This ends here, and now. If there were a way to do these things effectively without reference to something centralized and out of our control, then I’d be more amenable to it by far. The problem is that anything that is electronic and has open network ports anywhere can be hacked. Anything electronic can be shut down via EMP, so low-tech is the best way to go if you want to avoid that sort of nonsense. Inconvenient? Absolutely. Painful? At times. Am I something of a hypocrite in talking about this as I type on my MS Surface (running Linux since I got it) and post through my T-Mobile home internet connection? Probably. Thus is life, and at least I fully admit to hypocrisy where it exists.

https://www.cnbc.com/2023/08/30/tesla-ordered-by-nhtsa-to-provide-data-on-elon-mode-for-autopilot.html 

Romans Road 7 – Back to the Beginning

Romans Road 7 - Back to the Beginning

Father, as we return to the beginning of this letter after starting in the middle, I ask that you would help us to draw something useful from this introduction from Paul to the ekklesia at Rome. Help us to have our identity formed correctly, to understand who we are more as a function of our relationship with You than it is based on what we do. In Jesus’ name,

Amen

Romans 1:1-6

Paul, a loving and loyal servant  of the Anointed One,  Jesus. He called me to be his apostle  and set me apart  with a mission to reveal God’s wonderful gospel. I write to all his beloved chosen ones in Rome, for you are also called as holy ones.  May his joyous grace and total well-being, flowing from our Father and the Lord Jesus Christ, rest upon you.

My commission is to preach the good news. Yet it is not entirely new, but the fulfillment of the hope promised to us through his prophets in the sacred Scriptures. For the gospel is all about God’s Son. As a man he descended from David’s royal lineage, but as the mighty Son of God he was raised from the dead and miraculously set apart with a display of triumphant power supplied by the Spirit of Holiness. And now Jesus is our Lord and our Messiah. Through him grace cascaded into us, empowering us with the gift of apostleship, so that we can win people from every nation into the obedience that comes from faith, to bring honor to his name. And you are among the chosen ones who are called to belong to Jesus, the Anointed One.

 

 

Paraphrase:
Hi, my name is Paul. I am writing to you as an introduction, as I desire to come to you on my way to Spain to spread the gospel. First things first, you should know that I am a loving servant of Jesus. Then I want you to know that I am an apostle, sent, along with others, to spread the gospel of God. I want you to be well, and to sense and live in His grace and complete peace and wholeness. The good news (gospel) is not entirely new, in fact, it is a fulfillment of the Jewish scriptures. This is why, I, as a trained pharisee, am comfortable following Jesus, who appeared to me as one who is untimely born. Jesus descended from King David in the flesh, but is the very son of God and was raised from the dead after people whom I once considered to be authorities put him to death. Jesus was raised to life by the power of the Holy Spirit, the very same Spirit who you have in your hearts, who gives you life each moment. The one who heals you from the inside and shows you how to live. This risen Jesus is why I know I am an apostle, why I face danger every day, all day. I am sent as a herald to proclaim His ascent to the throne (this is what a gospel was in the Ancient Near East, a proclamation that there is a new Caesar, a new lord over you people, and it is a good thing).

 

Ok, so I have paraphrased the text and added some extra tidbits from around the rest of the New Testament, so what? What can we draw from this text? Paul had his identity straight. He put his place in Jesus first, then explained what he had been called to do. Never put your doings before your beings. I am tempted to go on a rant about that, but I don’t think that I will right now. Then, he blesses them with peace and wholeness through Jesus, from the Father, but the Holy Spirit. It is not quite his standard greeting, but then you have to remember that Paul was writing this as an introduction before he expected to meet them in person. He did not plant these congregations. He knew a handful of the prominent leaders, but not the majority of the Jesus followers in Rome. Why was he writing this letter? He hoped to prepare them to support him on his mission to the Iberian Peninsula. Jesus is real, His coming was foretold, and He fulfilled the Torah and Prophets. I serve Him, as you all do. You can trust that I am a good man, and that I am a genuine servant of Jesus, an apostle to the nations.

Memesplanations Shorts: Romans Road 6

Memesplanation Short - Romans 8:34-35

Romans 8:35-36

Who could ever divorce us from the endless love of God’s Anointed One? Absolutely no one! For nothing in the universe has the power to diminish his love toward us. Troubles, pressures, and problems are unable to come between us and heaven’s love. What about persecutions, deprivations, dangers, and death threats? No, for they are all impotent to hinder omnipotent love, even though it is written:

All day long we face death threats for your sake, God.

We are considered to be nothing more than sheep to be slaughtered!

 

Whoooooo boy! The first verse is so triumphant, isn’t it? Then Paul sites from the Psalms, as he is wont to do, often. This quote is from the LXX version of Psalm 44:22. No matter what happens, NOTHING external can separate you from God’s love. That is what you need to keep in mind, today. You are the only one, your beliefs are the only things that can separate you from God’s love which is yours, in Christ Jesus. No amount of external pressure, trials, persecution, starvation, destitution, or anything else outside of you can keep you from receiving that love. Even if we may be the target of death threats on the daily, that is nothing in comparison with the Father’s love. Rest in that today.

Memesplanation Short - Romans 8:37

Romans 8:37

Yet even in the midst of all these things, we triumph over them all, for God has made us to be more than conquerors, and his demonstrated love is our glorious victory over everything!

 

No matter what, though, we are more than conquerors, because we are in Christ. He won these battles already, for us. We simply have to appropriate His strength and His victory on our behalf. We cannot bow to circumstances or situations that we see here and now in the natural. Hold fast to the Truth, not what circumstances would suggest to you about yourself. You are not a failure. You do not suck at life. You are more than a conqueror, but you may need to redirect your energy, rather than walking out the definition of insanity.

Memesplanation Short - Romans 8:38-39

Romans 8:38-39

So now I live with the confidence that there is nothing in the universe with the power to separate us from God’s love. I’m convinced that his love will triumph over death, life’s troubles, fallen angels, or dark rulers in the heavens. There is nothing in our present or future circumstances that can weaken his love. There is no power above us or beneath us—no power that could ever be found in the universe that can distance us from God’s passionate love, which is lavished upon us through our Lord Jesus, the Anointed One!

 

Here, Paul restates his case from vs 35, only adding that there is no power in the heavens or on earth, no shame from your past, no fear of things to come, or hardship in the present (no matter who or what is really behind those circumstances), and no power anywhere in the created realms which could divide us from the love of God (and God is love). Jesus’ work on the cross and empty grave made that a concrete reality. If you are having a hellish week or a horrible life, cling to this truth. You can have peace and solace in this truth, no matter what happens to or around you.

Romans Road 6

Romans Road 6 - Romans 8:35-39

Papa,

Thank you that nothing can separate us from You. Thank you that your love is ALL-powerful. Thank you that no created thing, outside of us, can remove us from your love. Jesus, thank you that you made it possible for us to experience and live in this love. Help us to never peel ourselves away for any reason. In Your name,

Amen.

 

Romans 8:35-39

Who could ever divorce us from the endless love of God’s Anointed One? Absolutely no one! For nothing in the universe has the power to diminish his love toward us. Troubles, pressures, and problems are unable to come between us and heaven’s love. What about persecutions, deprivations, dangers, and death threats? No, for they are all impotent to hinder omnipotent love, even though it is written:

All day long we face death threats for your sake, God.

We are considered to be nothing more

than sheep to be slaughtered!

Yet even in the midst of all these things, we triumph over them all, for God has made us to be more than conquerors, and his demonstrated love is our glorious victory over everything!

So now I live with the confidence that there is nothing in the universe with the power to separate us from God’s love. I’m convinced that his love will triumph over death, life’s troubles, fallen angels, or dark rulers in the heavens. There is nothing in our present or future circumstances that can weaken his love. There is no power above us or beneath us—no power that could ever be found in the universe that can distance us from God’s passionate love, which is lavished upon us through our Lord Jesus, the Anointed One!

 

Soak in this scripture today. Let it seep into and infuse your very bones with liquid love from God. It does not matter what you face in this life, once you are in Christ, there is NOTHING outside of you which can remove or separate you from the love of God in Christ Jesus. Absolutely nothing. This passage has been latched onto by many who forget the rest of the chapter, so let me remind you that there are conditions on experiencing these things: we must be 100% surrendered to the Way of the Spirit. I’m not saying that God’s love is withheld from any of us who He knew would desire Him, even in the split seconds before death. What I am saying is that we can separate ourselves, if we make habits of walking in other ways, of living as we might if we hadn’t ever come to the Lord. I do not want to get into the once saved, always saved argument, here. All I wish to say about that is, if we choose to walk away from God after coming to Him, it is our choice. No thing outside of you can force you to make that decision, though. No thing can wedge itself between you and God, unless you allow it to do so. Shame has no place in the presence of perfect love. Fear is banished. If we bring it in, and choose to listen to it over the voice of God, then that is our choice. It did not separate us, we removed ourselves from that place of perfect love and peace. We can choose wrongly, and I have seen some do that. There was a guy who was a youth leader when I was in high school who admittedly had issues (who doesn’t, though, right?) and within a year of when I graduated from high school, left the church and became a militant atheist. He knows the truth, has (probably) experienced the love of God, and yet allowed the circumstances of his life, which were rough, even to the point of being brutal, and allowed his feelings about those things to separate him from God. Those things did not do it, his reaction to them did. That is an old story. A sad one, nonetheless, but a tired, old story. Choose well, today. Choose to stay in His love for you, no matter what your life presents to you.