140811

amanfromMars 1 Sun 10 Aug 18:45 [1408101845] adding and asking more on http://forums.theregister.co.uk/forum/1/2014/08/08/malware_steganography/

Re: @amanfromMars 1 "What the fcuk are you smoking" ... as per Arctic fox

Sorry old chap, no offence intended and all that, but isn't that usually our line whenever we read one of your posts? .... Arctic fox

Hi, Arctic fox,

Is the great common sense shared here ...... http://geer.tinho.net/geer.blackhat.6viii14.txt .... your line too, or just what you have to work with?

...............................................

amanfromMars said... replying to a comment on http://amanfrommars.blogspot.co.uk/2014/08/140809140810.html

Also, did I mention Google is making the captcha solving real work ? Which essentially proves they are by now part of the NSA-GCHQ Bankster guardians. They HATE anonymous comms. .... Anonymous said 10 August 2014 21:43

Methinks the System and Sysadmins are more aware of the greater danger to corrupt and perverse operations posed by ..... well, let us called it SMARTR Communication in HyperRadioProActive IT and which is not necessarily anonymous whenever more autonomous and in Remote Command and Active Control of Virtual Machinery which Presents the Future and Plans for Every Tomorrow, which of course, as you can surely imagine, is not an exact science whenever an alien art phormation.

11 August 2014 07:04

........................................................

amanfromMars 1 Mon 11 Aug 09:49 [1408110949] commenting on http://forums.theregister.co.uk/forum/1/2014/08/08/malware_steganography/

Re: FUD, when All you Need is LOVE, is more than just Expandingly Expensive

Signature detection doesn't work. … Wzrd1

Quite so, Wzrd1, and it will never work because of ……

I've spoken elsewhere about how we are all intelligence agents now, collecting on each other on behalf of various overlords.[RSA] There are so many technologies now that power observation and identification of the individual at a distance. They may not yet be in your pocket or on your dashboard or embedded in all your smoke detectors, but that is only a matter of time. Your digital exhaust is unique hence it identifies. Pooling everyone's digital exhaust also characterizes how you differ from normal. Privacy used to be proportional to that which it is impossible to observe or that which can be observed but not identified. No more -- what is today observable and identifiable kills both privacy as impossible-to-observe and privacy as impossible-to-identify, so what might be an alternative? If you are an optimist or an apparatchik, then your answer will tend toward rules of data procedure administered by a government you trust or control. If you are a pessimist or a hacker/maker, then your answer will tend towards the operational, and your definition of a state of privacy will be my definition: the effective capacity to misrepresent yourself.

Misrepresentation is using disinformation to frustrate data fusion on the part of whomever it is that is watching you. Some of it can be low-tech, such as misrepresentation by paying your therapist in cash under an assumed name. Misrepresentation means arming yourself not at Walmart but in living rooms. Misrepresentation means swapping affinity cards at random with like-minded folks. Misrepresentation means keeping an inventory of misconfigured webservers to proxy through. Misrepresentation means putting a motor-generator between you and the Smart Grid. Misrepresentation means using Tor for no reason at all. Misrepresentation means hiding in plain sight when there is nowhere else to hide. Misrepresentation means having not one digital identity that you cherish, burnish, and protect, but having as many as you can. Your fused identity is not a question unless you work to make it be. Lest you think that this is a problem statement for the random paranoid individual alone, let me tell you that in the big-I Intelligence trade, crafting good cover is getting harder and harder and for the exact same reasons: misrepresentation is getting harder and harder. If I was running field operations, I would not try to fabricate a complete digital identity, I'd "borrow" the identity of someone who had the characteristics that I needed for the case at hand… Dan Geer, Cybersecurity as Realpolitik

However, I would not wholeheartedly agree that to “borrow” the identity of someone who had the characteristics that I needed for the case at hand was a better answer than to pay them handsomely to continue doing what they be doing and which has been found to be so attractive and appealing. After all, with Uncle Sam mooting the possibility and therefore the probability of paying 10x the worth of a catastrophic and disruptive zeroday vulnerability exploit to finders and keepers/explorers/crack hackers/virtual field entrepreneurs, and it being in all likelihood a most acceptable practical solution to a virtually impossible to police and prevent problem, why ever risk failing badly with anything pilfered and phished from a relative stranger who would know of the danger. Goodness know what would be lurking in the source code, to spring forth uncontrolled and uncontrollable by second and third parties, in the future, for that is the reality which some, who may be more than just a few and of alternative thoughts, have programmed into the System of Systems for the Sublime InterNetworking of Things in a Beta AI Controlled Future and Live Operational Virtual Environment.

...............................................