danni naeil

Month: December 2023

  • Book review: Fancy Bear Goes Phishing

    Book review: Fancy Bear Goes Phishing

    As soon as I noticed a book published with this savvy title (and cover, created by Rodrigo Corral) this year, I knew I had to read it: Fancy Bear Goes Phishing: The Dark History of the Information Age, in five Extraordinary Hacks. Authored by Scott J. Shapiro, professor of law and philosophy at Yale Law School. In his youth, Shapiro spent much time with computers, but later chose a career in philosophy and law. When writing about cyberwar, he returned to computers, re-learning programming, computer science and the lingo: Evil maid attack, bald butler attack, bluesnarfing, phishing, spear phishing, whaling…

    Attempting to answer the simple questions of why the Internet is insecure, how do hackers exploit insecurity and how they can be prevented, or at least decreased in numbers, Shapiro takes us on a journey with five stops, from the late 1980’s to the hacks of the Democratic National Committee and the Minecraft wars 30 years later.

    One of Shapiro’s main arguments is the distinguishment between upcode and downcode. Upcode is the human aspect of cybersecurity, such as regulation, law, and organizational norms, whereas downcode is the technical programming and operating of programs, operative systems and alike. His consistent argument is that upcode regulates downcode. Thus, he opposes solutionism, the view that “technology can and will solve our social problems”. I’ve written about the tech elite earlier in 2023, their engineering-like focus on all issues, they being able to solve everything with math and algorithms, as if reality can be reduced to technicalities. Shapiro continues, with his fantastic sense of humour: “Great news! We can reverse centuries of imperialism, revolution, and poverty with our cell phones.” This connects to Bruce Schneier’s angle on cybersecurity too: focus on the humans primarily.

    Another sentence deeply related to Cathy O’Neil is “Most problems do not have solutions that are reducible to finite procedures.” Solutionism cannot succeed, because it relies on (Alan) Turing’s physicality principle: changes in the digital realm presupposes changes in the physical realm, which means computation, when all is said and done, is a physical process, and relies on control over the physical world, such as cables, servers, and routers.

    The almost inherent insecurity of the Internet of Things (IoT) is quite obvious, another connection to Schneier, who claims the same thing. IoT-devices have very rudimentary operating systems, meaning they’re usually really poorly designed. They have a singular, or few, purposes, rendering them with attack vectors. So, your refrigator might be part of a zombie-net controlled by some angry teenager playing Minecraft, using your very refrigator attacking another server running Minecraft.

    Solutionism dominates so much, represented by ignoration and non-comprehension among programmers and computer scientists, disguised as the common resentment and claims that politics is unfit to kepp up with things technical. The sentiment of solutionism Shapiro compresses in one sentence:

    “Politics becomes engineering; moral reasoning becomes software development.”

    Cybersecurity – it’s a human thing

    Shapiro connects law and legal discussions in the cases the tells. What are the implications judiciously for the hackers, how does the hackers think, and the legal system perceive these acts. In cases where the perpetrator is sentenced, how does the legal system reason?

    I appreciate how he considers gaming and programming culture as overtly (white) male, rendering women targets usually for misogynic hatred, or at least suspicious activites by men against women (and other gender identities, might I add). This touched briefly on the deeply ingrained meritocratic aspects of programming/hacking culture, as covered by Gabriella Coleman in Coding Freedom: The Ethics and Aesthetics of Hacking.

    Shapiro also provides us with the combination of basic computers science terms and programming functions, such as the difference between data and code, and how operating systems work. If you don’t understand how very rudimentary programming functions, Shapiro will inform you how it actually works to prove his points, and easen the complexities of cyberspace somewhat. Knowledge will calm you more than ignorance, he reasons, and I concur.

    Mainly he presents various ways hackers exploit humans via their cognition: visuality, irrationality, probability, and time. Hackers are great cognitions and really social beings, at least virtually, and comprehend how some people will be fooled.

    The sense of humour!

    Regarding the oh, so common Nigerian prince/general/rich person mail, Shapiro regularly depicts issues and technicalities through diagrams or pictures, and provides proper examples the reader can understand, such as:

    “This Nigerian Astronaut pushes this internet scam to eleven.”

    Anyone who comprehends this sentence, will enjoy reading a serious book on a serious subject.

    It goes up to eleven

    Of all the books on technology I’ve read, this is the best one. Were I to give people a recommendation on one single book they could read to better grasp the cyber realm, Fancy Bear Goes Phishing it is.

  • Swedish economy – still in free fall

    Last year I wrote about the state of the Swedish economy. I called it “Swedish economy in free fall.” It was a bit crude, though many things on the Internet are. I miscalculated the speed of the fall and anticipated the economy would sort of land in April this year. It didn’t. Things move slower than I thought. Still, how have things gone since? Well, not exactly ssssuper.

    First. The Swedish economy is (finally acknowledged, bring out the champagne!) in recession. It has contracted, albeit not much. Reasons for this acknowledgement? The interest rate has left the 0-mark and entered the realm 4 % (compared to nearly 16 % a brief period in the 1990’s), which leaves lots of households with even greater problems paying mortgages. Many households have spent too much money on houses in the last decades, rendering them very vulnerable to 2 % interest rate.

    Second. This effects the housing market and the construction companies. Approximately 25 % of all contractors have filed for bankruptcy or been obliviated this year. One person working for a construction company mentioned this to me in April, so it’s no surprise to hear news mentioning this number now.

    Third. The housing market is dropping like a stone. Houses/flats aren’t sold. The drop in price is about 15 %. People can’t sell their “expected yield”.

    Fourth. This, in turn, renders more people unemployed, straining the economy of the municipalities and regions (who make austerity decisions in each and every place these days) in the end and decreasing the consumtion, straining the national economy. People use more of their savings on spending, consumtion contracting, even in times of “Black week” and Christmas shopping.

    So, things are getting grim. Finally, some argue that unemployment will grow next year. That’s shocking! Who could’ve thought people would become unemployed in an economic crisis? It hasn’t, like, happened before it seems, although that’s exactly what happens each and every time an economic or financial crisis comes.

    Listening to certain “experts” is like watching a very bleak comedy, French style (French Noir). They seem bent on negating anything that proves a crisis is coming. The employment rate is going strong, the housing market will soon rise again, Riksbanken (the central bank) won’t increase the interest rate further… These unfounded, even dumb, arguments are more like rational people attempting to make sense of something they do not understand, I’m sorry to say: If you borrow too much money, one day you’ll have to pay. It might be sooner, it might be later, but the day will come. And events and things are interconnected, like I’ve stated above. Even if the inflation rate is lessening, the fact is that companies, municipalities and regions have begun to turn lots of people unemployed this year. One thing leads to another. Many people will be tempted to spend money they do not have for decades to come on things they actually can’t have, but pretend to have. Build an economy on such thoughts and you will find yourself in a crisis. Just add time.

  • Democracies in time

    Democracies in time

    The Foreign Intelligence Service of the Russian Federation (abbreviated SVR) seems busy spreading a narrative of Russian invincibility and inevitable Ukrainian defeat. Recently it was visible in one of Sweden’s largest newspapers, where American “experts” asserted Ukraine needs to negotiate immediately. In August CNN claimed The Federal Security Service of the Russian Federation (abbreviated FSB) was attempting influencing Westerners “through layers of ostensibly independent actors.” A known Swedish blogger accused Svenska Dagbladet for actively spreading this narrative by interviewing an “independent” American “expert”. Anders Åslund disproves the obvious faulty arguments put forward by these kinds of “experts”. Josh Rogin from the Washington Post also wrote a good opinion piece on this very issue. Finish authorities have revealed that Russian intelligence services have been active in foiling Sweden joining NATO. Who could’ve thought?

    In an interview with The Kyiv Independent, Serhii Plokhy argues that we need to brace and prepare for a long war. The coming year might be pivotal and he argues, correctly I think, that short-term memory is dangerous, tending to dominate among political elites. Personally I believe regular people oftentimes see life through a short-term memeory version too. The latest inflation rate or cost of cucumber in the store seems more damaging to the world, and the self, than a long, brutal war.

    Francis Farrelly of the same newspaper wrote an op-ed on the possibility of Ukrainian defeat. It is, to say the least, very critical of the West, and its willingness to really support Ukraine in terms of weapons, ammunition and weapon systems. Overall, I agree, although I think the Biden administration has done a marvelous job all-in-all and definitely compared to if Trump had been president, and compared to the European Union. Without the Biden administration, for all its’ faults, Ukraine would’ve fought a partisan war. The countries supporting Ukraine have the most resources on the planet. Russia has survived this far into the war because of the Soviet stockpiles, because economically, and we hear lots about how Russia has withstood economic pressure better then expected and how much stronger Russia is compared to Ukraine (from certain Western “experts” for instance), Russia has a GDP in comparison to New York state or Canada. So, approximately 150 million Russians produce as much as 20 million New Yorkers or 37 million Canadians. What do we have to fear?

    It makes me wonder if the authoritarians have a better perspective on time than democrats and inhabitants in democratic societies? Of course Putler embarrassed himself so much he couldn’t even show up riding that three-wheeled motorbike (he can’t ride an ordinary motorbike) when he realized his troops were initially pulverized by the Ukrainians. But he also knows how to gamble in the casino of International Politics and Suchlike Affairs. So, he and his men tried all they could to prolong the war in order to outweigh the losses and eventually defeat the West by beating Ukraine on the battlefield or by waiting for the short-term-memory-people in the West to think, and shrug as if it didn’t matter: “nah, not worth it anymore”.

    Johann Hari, among others, has written about our Stolen Focus, our inability to think properly because our attention span is so splintered and the gratification system is constantly set to “On”. For instance, the Swedish economy isn’t feeling too well, but the smallest evidence of a turn, like lessened increase of inflation, means that things are already turning. But an economic crisis isn’t averted by one small improvement, since the crisis itself is built up during decades. If Ukraine can’t “win” on the battlefield once, everything’s lost and we’re prepared to back our bags and go home.

    If democracies and their inhabitants can’t see over the next hill, democracy as a concept is dead. The war between Ukraine and Russia is costly in many ways – that’s war. After all the promises of support for Ukraine, all the “Slava Ukraini” uttered by prime ministers and presidents, we simply can’t surrender for an enemy which seems stronger than initially thought or because a war continues longer than people anticipated. Why wouldn’t it last for years? Swift victories seem fictitious or cineastic. Victories require time, willingess, sacrifice, logistics, money and people.

    Franz-Stefan Gady wrote about the movie Napoleon in Foreign Policy. Firstly, he mentioned the Western thought of “one major, decisive battle” which will lead to absolute and definite victory. Secondly, he writes (and has written before) about teh belief in a game-changing weapon, or a weapon system so strong it’ll lead to victory. None of these two things exist. Nuclear weapons, you say? Yes, they have delayed Western support for Ukraine, but have definitely not lead to some magical victory for the Russian forces.

    An ex-commander in the US military claimed that the People’s Liberation Army (the military of the Chinese Communist Party, not the military of the state) is preparing to invade Taiwan in 2027 at the latest. Even if this is his words, the Chinese and American leaderships are well aware of the risk of war over Taiwan, attempting to defuse the tension. It might not, hopefully, come to pass, although it’s a reminder of the tangible risk of a confrontation between two superpowers, one democratic, one authoritarian, both wanting to shape the world.

    According to a report from a German think-thank, Russia could rather quickly rearm and reconstitute in order to continue aggressions. The current Russian leadership, and many rightwing extremists perceives several states (like the three Baltic states) surrounding Russia as rightfully belonging to the Russian Federation, as former parts of the Russian Empire. The claim of renewed/expanded aggression has been made by the Swedish military and military analysts since the fullscale war on Ukraine.

    Russia has also transformed itself, again, into a full-fledged dictatorship, bent on territorial and influential expansion. Belarus is already virtually annexed. Russia won’t bend because Ukraine negotiates. They won’t bend because NATO or the EU withdraws or abandons Ukraine.

    We can’t be as naïve as Neville Chamberlain and his cohorts and accept dictators and authoritarian states to remain calm and peaceful. Unfortunately, Theodore Roosevelt was right when he wrote you should speak softly and carry a big stick, and that a good navy (here military) is not a provocation to war, it is the surest guaranty of peace. Russia must loose on the battlefield. No one should even consided abandoning Ukraine. You stand by your promise, by your friends.