Thursday, February 13, 2020

Curating the Internet: Science and technology digest for February 13, 2020


Starting in the 1970s, the CIA and West German Intelligence used a front company to sell encryption services to unsuspecting geopolitical adversaries; Patches released for Cisco device flaws that expose corporate networks to elevated intrusion risk; Protecting supply chains against disruptions; A new implant that plugs directly into the brain is being developed for blind people; and a Steem post provides a collection of links about the Wuhan coronavirus / COVID-19






Fresh and Informative Content Daily: Welcome to my little corner of the blockchain

Links and micro-summaries from my 1000+ daily headlines. I filter them so you don't have to.


First posted on my Steem blog: SteemIt, SteemPeak*, StemGeeks.

  1. ‘The intelligence coup of the century’ - Back in the late 1990s or early 2000s, there was a web proxy that my coworkers and I were using in order to test access to our Internet facing web sites from outside of the corporate firewall. I forget what it was called, but one day it just disappeared from the Internet. After that, I heard a rumor that it had been hosted by the CIA in order to provide access to the public Internet for users in China, and it shut down when knowledge of its ownership was compromised. No idea if that was true or not, but today's story makes it seem more believable.

    Starting in WWII, and for decades after, the company CryptoAG was selling secure communications appliances and services to organizations around the world. According to this account, however, the company was jointly owned by the CIA and the West German intelligence agency (BND), and from the 1970s through 2018 one or both of those agencies was able to gain access to decrypted communications from geopolitical adversaries like Iran and Libya. Apparently, however, more sophisticated adversaries like China and the USSR were suspicious of the firm and never used its products or services.

    In 2018, the company was liquidated and its assets were purchased by two different firms, CyOne Security and Crypto International both of whom claim that they are currently unaffiliated with any foreign intelligence agencies. Only one, however denies knowledge of the CIA connection in the past. The current CryptoAG web site has this to say:
    Crypto International Group is a Swedish owned company that in 2018 acquired the brand name and other assets from Crypto AG. Crypto International Group is owned to 100 % by Swedish national Andreas Linde. We have no connections to the CIA or the BND and we never had.

    The story published by SRF, ZDF and the Washington Post is very distressing. We are currently assessing the situation and will be commenting once we have the full picture. In the meantime, media representatives are welcome to request interviews at media@crypto.ch
    According to the article, documents indicate that the Swiss government knew about the arrangement for decades, but now that the news has been published they are opening an investigation.

    Two points of personal commentary: (i) This shows the seriousness of the US government's allegations against Huawei in the present political climate, and (ii) As a long time (and former) telecommunications worker, I was amazed and confused for decades that the US federal government allowed overseas workers to take over many of the support roles for the US telecommunications infrastructure. It just seems like such an obvious and severe national security risk that I never understood why it would be tolerated. This only serves to reinforce that confusion. In my mind, the risk isn't primarily from the workers, themselves, but from the control that a foreign state can exercise over communications.


  2. Cisco Flaws Put Millions of Workplace Devices at Risk - A collection of recently disclosed flaws in Cisco equipment affects devices including desktop phones, cameras, and network switches. Because of Cisco's industry dominance, these flaws impact millions of devices. Enterprise security firm, Armis says that they can be used to break out of network segmentation and penetrate deep into a corporate enterprise. The flaws make use of bugs in Cisco's proprietary Cisco Discovery Protocol. Armis reported the flaws to Cisco in August of 2019, and patches were published on February 5. It's now up to individual enterprises to make sure that the patches get installed.

  3. Protecting your balance sheet against supply chain risks, disruptions - As the Wuhan Coronavirus, COVID-19, saturates the news, this article looks at techniques for businesses to avoid supply chain risk. In addition to disease epeidemics and pandemics, other possible sources of supply chain risk include: natural disasters; transportation delays; geopolitical unrest; social, labor, or industrial issues; price instability; and cyberattacks. One technique for mitigating these reisks involves the use of supply chain risk insurance, but that should be a last resort. More importantly, the company should have a supply chain risk strategy, that is developed and implemented in four steps: (i) Assess the supply chain & identify risks; (ii) Create a strategy, including back-up suppliers and contingency plans; (iii) Implement the plan and subject it to testing; and (iv) Monitor and make revisions when necessary.



  4. A new implant for blind people jacks directly into the brain - Until 2015, efforts at devices for people with blindness focused on building artificial eyes. Unfortunately, most people who are blind have problems that affect the neurons between the eye and the brain, and for those people, an artificial eye is not very useful. Starting in 2015, Eduardo Fernandez, a researcher in Spain, began work on technologies for blind people that would communicate directly with the brain, in analogous fashion to the cochlear implant for people with hearing deficiencies. The device just completed a six month trial with one blind patient, and in the next few years it will be trialed in another five participants. At it's best resolution, the device is only able to convey an image that is 10x10 pixels, which is enough for recognizing basic shapes like door frames, windows, letters, or a sidewalk, but it's not detailed enough for facial recognition. To compensate for this, Fernandez augmented the system with image recognition software that could display a pattern that the patient could learn to recognize. Unfortunately, the device is only approved for temporary use, so trial participants need to have brain surgery before and after the trial in order to connect and disconnect the device.

  5. STEEM Great Site: Thailand Medical News Provides Copious Factual Information - In this post, @valued-customer provides a collection of links about the COVID-19/Wuhan coronavirus from the Thailand Medical News web site. I wasn't able to read all of them, but found a few to be very informative. In particular: MUST READ! Chinese Doctors Outline Stages In A Typical Coronavirus Infection describes a 3-week process of the infection. In week 1, it says that symptoms are relatively mild, progressing in week 2 to more severe symptoms, including difficulty breathing. In week 3, if the patient hasn't recovered, organ failure begins and death is likely. Even patients who do recover during week 2, it says, will take 6 months or more to repair the damage to their lungs. Additionally, it seems that older people are more susceptible to the virus, but some young people (20s and 30s) have also been killed by it. This is nasty stuff. Adding to that, BREAKING NEWS! New Research Reveals Coronavirus Can Remain Infectious For As Long As 9 Days On Surfaces! says that in the right conditions (cool temperatures and high humidity), the virus can stay alive and infectious for up to 9 days. Finally, LATEST! Coronavirus Showing Resistance To Earlier Antivirals, Seems To be Evolving says that early strains of the virus were effected by existing antiviral drugs, but newer strains don't respond to the same drugs, and seem to have mutated to develop resistance. (A 10% beneficiary setting has been applied to this post for @valued-customer)




In order to help bring Steem's content to a new audience, if you think this post was informative, please consider sharing it through your other social media accounts.


This post will also appear on my pre-Steem blog, chescosteve.blogspot.com.




And to help make Steem the go-to place for timely information on diverse topics, I invite you to discuss any of these links in the comments and/or your own response post.

Beneficiaries




About this series



Sharing a link does not imply endorsement or agreement, and I receive no incentives for sharing from any of the content creators.



Follow on steem: remlaps-lite, remlaps
If you are not on Steem yet, you can follow through RSS: remlaps-lite, remlaps.




Thanks to SteemRSS from philipkoon, doriitamar, and torrey.blog for the Steem RSS feeds!

No comments:

Post a Comment