Technology

Error message

Deprecated function: The each() function is deprecated. This message will be suppressed on further calls in _menu_load_objects() (line 579 of /var/www/drupal-7.x/includes/menu.inc).

Google Ordered Russian Translators Not to Call War in Ukraine a War

Published by Anonymous (not verified) on Mon, 28/03/2022 - 9:00pm in

Tags 

Technology, World

In early March, contractors working for Google to translate company text for the Russian market received an update from their client: Effective immediately, the ongoing Russian war against Ukraine could no longer be referred to as a war but rather only vaguely as “extraordinary circumstances.”

The internal email, obtained by The Intercept, was sent by management at a firm that translates corporate texts and app interfaces for Google and other clients.

The email passed along instructions from Google with the new wording. The instructions also noted that the word “war” should continue to be used in other markets and that the policy change was intended to keep Google in compliance with a Russian censorship law enacted just after the invasion of Ukraine.

Asked about the guidance, Google spokesperson Alex Krasov told The Intercept, “While we’ve paused Google ads and the vast majority of our commercial activities in Russia, we remain focused on the safety of our local employees. As has been widely reported, current laws restrict communications within Russia. This does not apply to our information services like Search and YouTube.”

According to a translator who spoke to The Intercept, the orders apply to all Google products translated into Russian, including Google Maps, Gmail, AdWords, and Google’s policies and communications with users. (The translator asked for anonymity to avoid reprisal by their employer.)

The internal memo helps explain why some Google webpages, including an advertising policy and video help document found by The Intercept, use euphemistic terms like “emergency in Ukraine” in their Russian version but “war in Ukraine” in the English version.

The censorship law, signed by Russian President Vladimir Putin on March 4, created harsh criminal penalties of up to 15 years in prison for disseminating so-called false information about the Russian military. This is widely believed to include referring to Russia’s assault on Ukraine as a war or invasion, given that the Kremlin had previously drawn a hard line against such terms. The Kremlin calls the war a “special military operation,” and its internet censorship board has reportedly threatened to block websites that use terms like “invasion.”

Like many other American companies, Google swiftly declared its support of Ukraine and opposition to the Russian invasion after the attack began. And like several other Silicon Valley titans, it also implemented new policies to stifle the Kremlin’s ability to propagandize. A March 1 company blog post by Google global affairs chief Kent Walker stated, “Our teams are working around the clock to support people in Ukraine through our products, defend against cybersecurity threats, [and] surface high-quality, reliable information.” Walker added that Google had “paused the vast majority of our commercial activities in Russia,” including sales to Russian advertisers, sales of advertising directed at Russian YouTube viewers, sign-ups for Google Cloud in Russia, and “payments functionality for most of our services.”

Western commentators have generally lauded Google’s efforts related to the invasion. But the email and translations in Google’s Help Center suggest that its principled stand against Russian state propagandizing is to some extent outweighed by the company’s interest in continuing to do business in Russia.

In an English-language version of a Google advertising policy update note titled “Updates to Sensitive Events Policy,” dated February 27, 2022, the company explained it was freezing online ads from Russian state media outlets because of the “current war in Ukraine,” considered a “sensitive event.” But the Russian version of the post refers only to the “emergency in Ukraine” rather than a “war.”

A Google advertising policy page in Russian describes the war in Ukraine as "current events that require special attention (emergency in Ukraine).

A Google advertising policy page in Russian describes the war in Ukraine as “current events that require special attention (emergency in Ukraine).”

Screenshot: The Intercept

In the Video Help Center, the post “Restricted Products and Services” repeats the warning: “Due to the ongoing war in Ukraine, we will temporarily pause the delivery of Google ads to users located in Russia.” In the Russian version, the warning is again changed: “Due to the emergency situation in Ukraine, we are temporarily suspending ad serving to users located in Russia.”

A Google support document explains why the company is freezing online ad sales to Russian media outlets. The English version says it's because of the "current war in Ukraine," while the Russian version refers to the "emergency in Ukraine."

A Google support document explains why the company is freezing certain online ad sales. The English version says it’s because of the “war in Ukraine,” while the Russian version refers to the “emergency situation in Ukraine.”

Screenshot: The Intercept

Another help post found by The Intercept shows a Russian-language version written in compliance with the new censorship law:

A Google support document explains why the company is freezing online ad sales to Russian media outlets. The English version says it's because of the "current war in Ukraine," while the Russian version refers to the "emergency in Ukraine."

A Google policy page, restricting advertising on certain content, references the “war in Ukraine” in the English version. The Russian version on March 10 referenced the “emergency” in Ukraine, and on March 23 was updated to state,  “Due to the extraordinary circumstances in Ukraine, we are suspending the monetization of content that uses, denies or justifies the current situation.”

Screenshot: The Intercept

In some cases, Russian help pages include both a reference to “war” and a state-sanctioned euphemism; it’s unclear why.

It’s possible an automated translation system is at fault. According to the translator, most translations are done automatically via software. In more sensitive cases — community rules and support pages — there is usually human oversight to ensure accuracy. This source added that any potential usage of the term “war” in the context of Ukraine would be censored across all Google products still available in the Russian market. They also said the euphemism policy would hypothetically apply beyond support page text to other Google products like Maps.

The move is only the most recent instance of acquiescence to Russian censorship demands by Google and its major Silicon Valley peers. In 2019, Apple agreed to recognize the Russian annexation of Crimea in its iOS Maps app in response to Kremlin pressure. In 2021, Google disclosed that it had complied with 75 percent of content deletion requests it had received from the Russian government that year; that same year, both Google and Apple agreed to remove apps affiliated with prominent Putin critic Alexey Navalny.

The post Google Ordered Russian Translators Not to Call War in Ukraine a War appeared first on The Intercept.

I Want You Back: Getting My Personal Data From Amazon Was Weeks of Confusion and Tedium

Published by Anonymous (not verified) on Sun, 27/03/2022 - 10:00pm in

Tags 

Technology

You can view the information that various websites — like Facebook, Google, and LinkedIn, to name a few — have about you by submitting a data request. A corporate data request is a curiously asymmetrical notion: These companies don’t request your information, they just take it (sometimes even if you don’t use their services), yet you have to request your own information from them. It’s a bit like if you have a stalker who’s been shadowing you around, meticulously documenting everywhere you go, everyone you talk to, and everything you do, who’s now handing you a form to fill out if you want to see the boxes of files they’ve been keeping on you. I decided to request my data from Amazon, which courteously affords me the opportunity to join the ranks of the numerous third parties that can also get my data from Amazon.

The Roach Motel

The first thing I learned is that Amazon is in no hurry to give you your data, nor does it really encourage you to ask for it in the first place. I couldn’t even figure out how to navigate to the request page without turning to a search engine. In fact, Amazon seems keen to discourage data requests, as making one is a labyrinthine endurance test of being bounced from one webpage to the next, waiting for weeks, and then downloading, extracting, and combing through dozens of files. Requesting your data from Amazon is an exhausting procession that feels a little bit like a text adventure game designed by Franz Kafka.

Once you’ve actually made it to the preliminary “Request Your Personal Information” page, Amazon suggests that you can also access “a lot of your personal information in Your Account.” This is the first iteration of a refrain that you will run into multiple times throughout the protracted data request process, repeated every step of the way.

Amazon 'Request My Data' selection menu. Screenshot by The Intercept.

Amazon’s “Request My Data” selection menu.

Screenshot: The Intercept

After you click on “Request My Data,” you’re taken to a page with a drop-down menu where you can “select the data that you want,” with the option “Request All Your Data” in the 16th position, at the very bottom of the menu. And in case you’ve forgotten that you can also see some of your data in your account settings, Amazon offers a helpful reminder: “Don’t forget you can access a lot of your data instantly, as well as update your personal information, from Your Account.”

Once you submit your request, you’re taken to the “Data Request Creation” page, which thanks you and informs you that “You’re almost done…” but now need to click a verification link in your email. Amazon at this point makes some intonations about how this email verification step is necessary because your privacy and security are the company’s top priority, though considering that when your data is available you’ll need to check your email anyway, it’s not clear how checking your email twice adds any security. And by the way, in case you’ve forgotten already, Amazon also reminds you on this page that “You can access a lot of your data instantly, as well as update your personal information, from Your Account.”

Amazon 'Data Request Creation' message. Screenshot by The Intercept.

Amazon’s “Data Request Creation” message.

Screenshot: The Intercept

At this point, you’ll need to pop over to your email and click the “Confirm Data Request” link. Doing so will take you to the “Data Request Confirmation” page, which informs you that Amazon has “received and [is] processing your request to access your personal data.” This feels a little strange, as you don’t recall ever making Amazon jump through this many hoops when it wanted to access your data. (This page again reminds you that you can get “a lot of your data … from Your Account.”)

The “Data Request Confirmation” page also informs you that you may be in for a bit of a wait. Though Amazon says that it will “provide your information to you as soon as we can,” “soon” is apparently meant to be interpreted on a monthly time scale, as the page further states that “usually, this should not take more than a month.” Though of course, “in exceptional cases, for example if a request is more complex or if we are processing a high volume of requests, it might take longer.” This protracted time frame forms an intriguing juxtaposition to the otherwise universal emphasis on speed that facilitates shopping on Amazon. “If you have to click multiple buttons, if you have to wait for too long, if you have to answer a lot of information — all of those things create friction, and friction exponentially kills the joy of shopping,” Nadia Shouraboura, a former member Amazon’s management board, said in the 2014 CNBC documentary “Amazon Rising.”

Amazon 'Data Request Confirmation' message. Screenshot by The Intercept.

Amazon’s “Data Request Confirmation” message.

Screenshot: The Intercept

Given Amazon’s obsession with speed and eliminating friction to foster faster consumerism, the dawdling data solicitation process seems like it just might be intentional, designed to dissuade requests. A far simpler explanation comes through an invocation of Hanlon’s razor, the old adage to “never attribute to malice that which is adequately explained by stupidity.” Amazon whistleblowers cited by Politico have said that the company “has a poor grasp of what data it has, where it is stored and who has access to it.” If that’s the case, then it stands to reason that it can take a month or more for Amazon to process a data request. As former Amazon chief information security officer Gary Gagnon succinctly put it in an interview with Reveal, “we have no fucking idea where our data is.”

Asked whether the company takes a long time to fulfill data requests because it doesn’t have a good grasp on where customer data is kept, Amazon spokesperson Jen Bemisderfer said the company “strongly reject[s] the assertion that we don’t keep track of customer data. Producing [customer data] reports requires that we know where data is stored. Amazon maintains multiple and complementary tools and processes to systematically identify where personal data is stored and how it flows.”

Bemisderfer did not directly address a question about whether Amazon intentionally makes the data request process difficult, instead writing, “We are committed to providing customers with access to their information and are always looking for ways to improve the customer experience.”

It ultimately took about 19 days for Amazon to fulfill my data request, in stark contrast to its reported median time of 1.5 days to process a data request, as per the company’s California Consumer Privacy Act disclosure for 2020. There was no option for expedited Amazon Prime data delivery and no button equivalent to an instantaneous Buy Now (née 1-Click) option when selecting my data. When the data was finally ready, Amazon sent me an email expressing outright jubilation at the fact that it had managed to find my information, stating: “We are happy to confirm that we have completed your data request.” And since it’d been a few weeks, Amazon also understandably thought that I could use another reminder that I could “find all the available information” related to my Amazon profile (“including reviews”) on my profile page.

Amazon 'Your personal data is ready to download' email. Screenshot by The Intercept.

Amazon’s “Your personal data is ready to download” email.

Screenshot: The Intercept

Clicking the link to download the data in the arrival email in turn took me to the “Download your Amazon Data” page, which once again (for the sixth and, mercifully, final time) helpfully reminded me that “You can access a lot of your data instantly, as well as update your personal information, from Your Account.”

On the data download page, under the veneer of endless consumer choice, I was presented with a total of 74 separate zip files that had to be downloaded individually (though enterprising users have built scripts to help automate the process). This turn toward extreme granularity is doubtlessly not unappreciated by the ever-discerning consumer who, despite explicitly requesting all of their data from the drop-down menu earlier in the request process, may nonetheless now only wish to download the cryptic Advertising.1.zip and Advertising.3.zip but may studiously want to avoid Advertising.2.zip, and is therefore thankful to be spared the burden of being saddled with two additional kilobytes of extraneous data.

Amazon data download page, with 74 separate zip files to download if you want all of your data.

The Amazon data download page that Nikita Mazurov received.

Screenshot: The Intercept

Amazon is here employing a kind of reverse dark pattern: Instead of irksome layout gimmicks designed to trick users into inadvertently doing things (like subscribing to mailing lists), Amazon is using an irksome layout pattern to discourage you from downloading all of your data. Specifically, this is kind of a “roach motel” model reminiscent of when Yahoo presented users with more than 300 buttons to individually press to opt out of third-party data collection from its partners. Except in Amazon’s case, you have to go through this process to merely view your data, not opt out of it.

“You Can Access a Lot of Your Data”

Once you’ve gone through and painstakingly downloaded all of the zip files, you need to extract the contents of each one either using a program included with your operating system or (if you can’t find one already on your computer) a free tool like 7-Zip. The extracted data is predominantly in the form of CSV files, which can be opened in a spreadsheet editor like Calc, included with the free office productivity suite LibreOffice. (Microsoft Excel will work too.)

While Amazon’s reminders that you can access “a lot” of your data by looking around your account and profile settings is doubtlessly true (given that “a lot” is a nebulous quantifier), what becomes apparent when looking over your requested Amazon data is that the company collects a lot of information that you cannot view in those settings.

In skimming over this trove, one thing became very clear right away: Amazon sure seems to love to retain information. Though the company states that it is legally required to keep certain data like order history, other information like search keywords seems to be retained at Amazon’s discretion. The company intricately logs chat and email interactions you’ve had with buyers, sellers, and Amazon; your cart history; your orders, returns, and reviews; and your searches (for the past three-and-a-half years), or at least those made while logged into your account. The spreadsheet that lists your search history (Retail.Search-Data.Retail.Customer.Engagement.csv in Retail.Search-Data.zip) contains 65 fields with information like search terms, your IP address, how many search results you clicked on, how many search results you added to your basket, and how many search results you ended up buying. The file also includes fields with unclear titles. For instance, one column marked “Shopping Refinement” sporadically lists cryptic strings of numbers like “26,444,740,832,600,000” for various search queries.

Aside from keeping a meticulous ledger of all your site activity, Amazon also takes the liberty of holding on to data you may have had the mistaken impression you deleted. If you click “Remove” on any address you have stored in the “Your Addresses” portion of your Amazon account, this in fact only removes the address from that page, not from Amazon’s records. Addresses that you have removed from your account are merely labeled as “Is Address Active: No” in Retail.Addresses.pdf (within Retail.Addresses.zip). On its “Add and Manage Addresses” customer service page, Amazon makes no mention of the fact that deleted addresses are only deleted from being visible to you on your account page and are not actually deleted from Amazon’s servers. Given that account recovery security questions for various services can be along the lines of “What’s the name of the first street you lived on?” or the fact that people sometimes use their old house or apartment numbers as their PINs, gaining access to a user’s comprehensive list of old addresses can be particularly advantageous for someone who has access to your Amazon account and wants to expand their reach.

Amazon’s advertising data on you is inexplicably divided across three zip files. Advertising.3PAudiences.csv (in Advertising.1.zip) lists “Audiences in which you are included via 3rd Parties.” It’s not explained how Amazon acquires this third-party audience data, but according to this dataset I apparently am a homeowner, in possession of a luxury sedan and SUV, and in the 45 to 54 age range. This was all news to me, as I am none of those things. It genuinely feels good to know that Amazon is wasting resources on harvesting inaccurate audience demographic information from third parties.

The two Advertising.AdvertiserAudiences.csv files (in Advertising.1.zip and Advetising.2.zip), meanwhile, list “Advertisers who brought audiences in which you are included.” It’s not clear what this field actually means — for instance, if “brought” is a typo for “bought” — but at any rate, my data is apparently somehow linked to a total of 167 advertisers, including Carrington College, Clever Cutter, Fitbit, HCA Healthcare, the Leukemia & Lymphoma Society, and something called Animal Friends. Three Canadian banks — Bank of Montreal, Royal Bank of Canada, and Scotiabank — are disproportionately represented in this list of advertisers that have hoovered up my data; I don’t know why, though I did several times order gifts to Canada.

There are also zip files dedicated to other Amazon services like Alexa, Amazon Games, Amazon Music, Kindle, and Prime Video. I don’t make use of those, so mine were empty, though it does at this point come as no surprise that Amazon keeps track of, for example, how long you watch individual Prime Video offerings and which country you are in when viewing them, or which books you read on your Kindle, down to which pages you look at.

Overall, from my Amazon data request I learned that I never did find a good “DIY plasma ball kit” or a decent “summer watermelon recipes” book, but I am decidedly happy that Amazon thinks I’m a 45 to 54-year-old luxury sedan-driving homeowner and that multiple Canadian banks have a competing interest in me.

Minimizing Data Exposure

There are numerous steps one could take to minimize the amount of information Amazon is able to collect. You could be sure that you’re using ad-blocking software like uBlock Origin to reduce the chance of advertisers tracking your browsing habits and buying or selling that information. You can also peruse Amazon through the private mode in your browser, or at least while being logged out of your Amazon account. And if you don’t want Amazon to have your IP address, home address, phone number, and credit card information, you could always use a virtual private network for browsing, a Post Office box for shipping, a temporary burner phone number for account verification, and a temporary or virtual credit card number. It may also not be an entirely bad idea to periodically start fresh, via Amazon’s ever-helpful “Request the Closure of Your Account and the Deletion of Your Personal Information” page.

The post I Want You Back: Getting My Personal Data From Amazon Was Weeks of Confusion and Tedium appeared first on The Intercept.

Estonian Solar Barrel Technology to Sunny Cuba.

Published by Anonymous (not verified) on Tue, 15/03/2022 - 11:57pm in

Estonian solar energy technology to sunny Cuba. SolarBarrel sends its revolutionary photovoltaic kits to Cuba, aiming to give its contribution to increasing the local production of energy from sustainable sources and to help the island’s development in these hard times of environmental and climate challenges, that we and our beloved planet are facing. A fast-growing…

The post Estonian Solar Barrel Technology to Sunny Cuba. appeared first on Peak Oil.

Leaked Chats Show Russian Ransomware Gang Discussing Putin’s Invasion of Ukraine

Published by Anonymous (not verified) on Tue, 15/03/2022 - 4:16am in

Tags 

Technology, World

Internal chat logs leaked from the notorious Russian ransomware gang Conti reveal unfiltered conversations between ultranationalist hackers in which they repeat Russian President Vladimir Putin’s conspiratorial lies about Ukraine, discuss the impact of early Western sanctions against their country, and make antisemitic comments about Ukraine’s Jewish president.

The logs were leaked late last month, reportedly by a Ukrainian security researcher, after Conti publicly announced its support for Putin’s invasion of Ukraine and threatened to retaliate against any cyber warfare targeted at the Russian-speaking world. The logs span two years and multiple chat services and were released alongside training documentation, hacking tools, and source code.

The Intercept reviewed the most recent month of logs, focusing on those originating from RocketChat, a group-chat system similar to Discord or Slack, that Conti hosted on the anonymity network Tor. The messages are full of typos, slang, and a heavy use of mat — vulgar Russian profanity. We translated these messages using Google Translate and DeepL, and then a native Russian speaker manually corrected them. As with any translations, there are sometimes multiple possible interpretations, so we are making the original Russian available here. All time stamps from chat messages are in Coordinated Universal Time.

Logs of only some chat rooms appear to have been leaked. Most of the recent messages are from the #general channel, a room where the hackers candidly discussed non-ransomware topics like drug use, pornography, cryptocurrency, an obsession with investigative journalist Brian Krebs, and occasionally technical topics. While the #general channel had 160 users — Conti is a very large criminal enterprise — only a handful of these users actually posted messages during the monthlong period.

The conversations quickly turned political on February 21 when Putin announced that Russia recognized the separatist territories Donetsk and Luhansk in eastern Ukraine as independent nations, and on February 24 when Russian troops invaded Ukraine. The Russian hackers openly repeated Putin’s falsehoods as fact, such as that Ukraine is run by a “neo-Nazi junta” and that its government is seeking nuclear weapons. Members of the chat continually shared news updates that exaggerated Russia’s success so far in the war.

The chat logs also include a heavy dose of misogyny, including discussions of child sexual abuse content and jokes about rape, as well as antisemitism aimed at Ukrainian President Volodymyr Zelenskyy.

Also on February 21, Conti announced internally to its employees that the leader of the criminal enterprise had gone into hiding. While it’s unclear exactly what happened, the announcement said that “close attention to the company from the outside has led to the fact that the boss apparently decided to lay low.” It added that Conti did not have enough money to pay everyone’s salaries and asked that they take two to three months of vacation. While Conti’s active operations had ceased, the server hosting RocketChat was still up, so the conversations after that were purely about Russia’s war in Ukraine. CyberScoop this week quoted sources saying Conti recovered from the leaks and is operational.

The Conti Ransomware Gang

Conti is the most successful ransomware gang in operation today. As Check Point Research has reported, the gang appears to operate much like a large corporation, with twice-monthly payroll, five-day workweeks, staggered shifts to ensure around-the-clock operation, and even physical offices. According to a 2022 report on cryptocurrency crime from the company Chainalysis, Conti extorted at least $180 million from its hacking victims last year.

Many of the victims have been in the health care sector, including, Ireland’s public care system. In May 2021, in the midst of the Covid-19 pandemic, Conti encrypted data on 85,000 Irish health care computers and demanded a $20 million ransom payment in exchange for the decryptor, according to a report in CPO Magazine. Ireland’s Health Service Executive refused to pay the ransom, but it’s still costing Ireland 100 million euros to recover from the attack. The FBI also warned that Conti ransomware attacks targeted at least 16 health care networks in the United States.

Conti employees appear to be active during work hours in the Moscow time zone and all internal communication is in Russian, though some people involved don’t live in Russia. One frequent poster in the chat rooms, who goes by the username “Patrick,” appears to be a Russian citizen living in Australia. An older member of Conti is a 55-year-old Latvian woman, according to reporting by Krebs. Based on these chat logs, Conti appears to be an independent criminal enterprise without formal ties to the Russian government.

But it appears that Russian intelligence reached out to members of Conti on at least one occasion. After the ContiLeaks were published, Christo Grozev, executive director of the investigative journalism group Bellingcat, tweeted that his organization had been warned that “a global cyber crime group acting on an FSB [Russia’s security agency] order has hacked one of your contributors,” and they were looking for information about Alexey Navalny, the imprisoned  Russian opposition leader. In 2020, FSB agents were implicated in a poisoning attack on Navalny.

Chat logs in ContiLeaks, from a chat service called Jabber, seem to indicate that Conti was this cybercrime group, acting on an order from the FSB. A user called “Mango” told a user called “Professor” that he had encrypted chat messages from a Bellingcat journalist but didn’t know how to decrypt them. Mango pasted a snippet from a separate chat that he had with a user called “Johnnyboy77,” who told him about targeting a Bellingcat journalist and mentioned “NAVALNI FSB.”

2021-04-09 18:13:13 mango: So, are we really interested in such data?
2021-04-09 18:13:24 mango: I mean, are we patriots or what?)))
2021-04-09 18:13:31 professor: Of course we are patriots
2021-04-09 18:13:49 mango: I understand. if they decipher it there – I will beacon
2021-04-09 18:14:23 mango: and I also wrote there the other day to you about the auction, but as I understand it, you are still busy and did not delve into)
2021-04-09 18:31:25 mango:
[21:21:02] <johnyboy77> in short, there is a person’s mail from bellingcat
[21:21:06] <johnyboy77> who specifically works in the RU and UA direction
[21:21:06] <johnyboy77> say so
[21:21:08] <johnyboy77> and all his passwords are
[21:21:17] <johnyboy77> and she’s still valid
[21:30:56] <mango> well, pull the correspondence, at least screen them
[21:31:05] <mango> need specifics bro what to talk about
[21:31:07] <johnyboy77> now download files
[21:31:12] <johnyboy77> NAVALNI FSB
[21:31:13] <johnyboy77> even this
[21:31:18] <johnyboy77> right now
2021-04-09 18:31:26 mango: :)
2021-04-09 18:35:42 professor: why not just dump the whole thing

The day after Russian troops began their invasion of Ukraine, Conti posted a statement on its website, a site normally used used for publishing data from companies that refuse to pay ransom. Conti announced its “full support of Russian government,” and warned that if anyone attacked Russia, cyber or otherwise, they would use “all possible resources to strike back at the critical infrastructures of an enemy.”

conti1

Original statement from Conti

Screenshot by Check Point Research

Hours later, they tempered their statement, but many had already noticed their unequivocal support for Russia in its war against Ukraine.

conti2

Conti’s modified statement

Screenshot by Check Point Research

Repeating Putin’s Conspiratorial Lies

When Russian soldiers invaded Ukraine on February 24, people in Conti’s #general channel began discussing the war. One member of the chat, Patrick, was by far the most swayed by Putin’s lies about Ukraine. Patrick insisted that war was inevitable because Ukraine was attempting to obtain nuclear weapons. This is false, but this conspiracy theory made up a large part of a speech Putin gave on February 21 just prior to the invasion.

2022-02-24 09:53:54 patrick: war was inevitable, ukraine made an application for nuclear weapons
2022-02-24 09:54:37 patrick: in their possession
2022-02-24 09:55:00 weldon: monkeys don’t explain things, they climb trees
2022-02-24 09:55:02 elijah: @patrick well done and done. Still, no one will ever use it. Yes, just to scare
2022-02-24 09:56:38 elijah: Look, missiles from North Korea periodically arrive in the territorial waters of the Russian Federation. But no one cares. And they have nuclear weapons, by the way. But somehow no one was alarmed
2022-02-24 09:56:47 patrick: old man, you’re wrong, there is no doubt about north korea now
2022-02-24 09:58:42 patrick: no one is happy about the war, brothers, but it is high time to put this neo-Nazi gang of Canaris’s foster kids on trial

In his speech, Putin also falsely claimed that Ukraine’s democratic government is a neo-Nazi dictatorship. Throughout the first days of fighting, Patrick repeatedly insisted that Ukraine is run by a “neo-Nazi junta.” It’s not. Ukraine does a have a legitimate Nazi problem (so does the United States and Russia), but Ukranian neo-Nazis are a small minority and don’t hold any positions in government.

Zelenskyy is Jewish. His grandfather, Semyon Ivanovich Zelenskyy, fought the Nazis during World War II. All three of Zelenskyy’s grandfather’s brothers were shot and killed by Nazi soldiers occupying Ukraine.

2022-02-24 10:01:33 patrick: Putin will answer all questions today, I hope that by the evening Kyiv will be ours
2022-02-24 10:02:47 biggie: what’s the point
2022-02-24 10:03:02 elijah: `by the evening kiev will be ours` – and??? What is the profit in this, well, besides boosting the guy’s ego and an additional reason for the quilted jackets [patriots/nationalists] to fap on the king?
2022-02-24 10:03:07 biggie: only people will die and that’s it
2022-02-24 10:05:11 patrick: the neo-Nazi junta will be liquidated and prosecuted, civilians will not suffer

In another message, Patrick says he’s not fighting in the separatist regions of eastern Ukraine because he’s in Australia, donating money to “the victims of the genocide of the neo-Nazi junta.” Putin accused Ukraine of committing genocide against Russian-speaking civilians in Donbas—this also isn’t true.

2022-02-24 11:02:25 kermit: and why are you here and not a volunteer in the DNR or LNR?
2022-02-24 11:03:34 patrick: I’m in australia helping the the victims of the genocide of the neo-Nazi junta with money
2022-02-24 11:03:45 kermit: you’re hiding far away
2022-02-24 11:04:24 kermit: in any such movement you have to back it up with deeds. right now you’re just another spectator and instigator
2022-02-24 11:04:33 kermit: money is bullshit in a matter like this
2022-02-24 11:04:58 patrick: Zelia [Zelensky] is the one hiding, it’s his last day, our people are already in the suburbs of Kiev

Zelenskyy and Antisemitism

Although Putin has justified his invasion by framing it as a war on Nazi ideology, numerous discussions in the chats point toward antisemitic sentiment within Conti. Such bigotry has been a prominent part of an ascendant far-right movement throughout the U.S. and Europe, including in Russia and Ukraine. On February 21, a user named “Weldon” pointed out that Zelenskyy is Jewish. Several others joined in with antisemitic jokes.

2022-02-21 13:03:18 weldon: Zelensky is a jew
2022-02-21 13:03:24 kermit: oh fuck
2022-02-21 13:03:26 kermit: Jews
2022-02-21 13:03:28 kermit: great
2022-02-21 13:03:31 kermit: my favorite
2022-02-21 13:03:39 weldon: that’s right, not Jewish, but a Jew
2022-02-21 13:04:26 kermit: fuck, I wish I was a jew
2022-02-21 13:04:55 kermit: just be born Jewish and you’re considered a member of a secret society and you mess up the Russians’ life
2022-02-21 13:05:46 weldon: come on. A Tatar was born – a Jew cried :joy:
2022-02-21 13:06:58 kermit: a Crimean Tatar?
2022-02-21 13:08:07 gelmut: black Crimean Tatar born in Odessa, who received Russian citizenship :-D
2022-02-21 13:09:11 weldon: obama?
2022-02-21 13:19:39 gelmut: A Jewish boy approaches his parents and says – I want to be Russian. To which the parents reply: – If you want to be Russian, you go to the corner and stand there all day without food. Half a day later, his parents ask: “How do you live as a Russian? And the boy answers: – I’ve only been Russian for two hours, but I already hate you Jews!

After Russia’s invasion was in full swing, the topic of Jews appeared again. This time, Patrick suggested that Jews ruined the Russian empire, and a user named “Biggie” said that it’s necessary to “de-Jewishize” Israel by force. “Pindo” is a slightly pejorative term for an American, and “Pindostan” is slang for the United States.

2022-02-25 09:10:45 patrick: everyone, up to and including the pindostan [America], must answer for the destruction of my homeland – the USSR, so be it
2022-02-25 09:11:53 patrick: Vinnytsia is surrounded
2022-02-25 09:14:19 biggie: that’s how sovok [Soviet Union, or Soviet nationalists] responded to the breakup of the Russian empire
2022-02-25 09:14:41 biggie: All’s fair
2022-02-25 09:15:52 angelo: wait Soviet factories were built by Americans and Europeans with the hands of our comrades. The empire was ruined by Jews with English money
2022-02-25 09:15:59 angelo: I’m getting confused who got what for what and why.
2022-02-25 09:16:38 angelo: we need Jesus, only he will judge and tell the truth, who God is for!
2022-02-25 09:16:55 angelo: @jesus !
2022-02-25 09:17:18 biggie: yeah, that means we have to conduct a military operation in Israel for de-Jewishization

Earlier in the month, the user named “Thomas” joked with the user “Angelo” that he’d be sentenced to eight years in prison for “anti-patriotism” but quickly said he was kidding. Angelo said, “I know you’re kidding. We are brothers!” Thomas made a casual Nazi joke about being Aryan brothers, adding that “the skinhead theme is my favorite.”

2022-02-16 08:43:42 angelo: we are brothers!
2022-02-16 08:43:48 thomas: Slavs?
2022-02-16 08:43:51 thomas: or Aryans?
2022-02-16 08:44:01 thomas: Ooh, the skinhead theme is my favorite.
2022-02-16 08:44:05 thomas: whoever has cleaner blood

 Ramil Sitdikov/Sputnik via AP

Russian Liberal Democratic Party Leader Vladimir Zhirinovsky attends a meeting of Russian President Vladimir Putin with lawmakers of the new convocation of the State Duma in Moscow, Russia on Dec. 10, 2021. Photo: Ramil Sitdikov/Sputnik via AP

Photo: Ramil Sitdikov/Sputnik via AP

“It’s Gonna Be Sad Without” Zhirinovsky

In early February, the 75-year-old ultranationalist Vladimir Zhirinovsky, a demagogic politician and leader of Russia’s Liberal Democratic Party of Russia, was reportedly hospitalized for Covid-19 and in critical condition.

Zhirinovsky is a far-right authoritarian populist known for decades of controversial views. According to a 1994 article in the New York Times, Zhirinovsky called for “the preservation of the white race” in a 1992 television appearance to the U.S., which he warned was being turned over by the white population to black and Hispanic people. In 2016, Zhirinovsky strongly supported the election of Donald Trump for U.S. president over Hillary Clinton, telling Bloomberg, “Trump and I could impose order on the whole planet. … Everyone would shut up. There wouldn’t be any extremists, no Islamic State, and white Europeans could feel at ease as we’d send all the immigrants home.”

The Conti hackers seem more than just Putin-supporting Russian patriots — they identify with Zhirinovsky’s far-right, authoritarian, racist politics. In the chat room, they discussed Zhirinovsky’s condition, as well as conspiracy theories about why he’s really in the hospital and if he’s even really sick.

2022-02-16 13:59:48 kermit: everything is okay in the kremlin
2022-02-16 14:00:00 thomas: how’s Zhirik [Zhirinovsky] doing?
2022-02-16 14:00:03 thomas: is he alive?
2022-02-16 14:00:07 thomas: It’s gonna be sad without him.
2022-02-16 14:00:09 kermit: I don’t know, he’s sick
2022-02-16 14:00:15 kermit: he’s not in the kremlin
2022-02-16 14:00:32 thomas: there was a video that said he is not being treated for covid, his lovers poisoned him
2022-02-16 14:00:35 thomas: and on the news
2022-02-16 14:00:42 kermit: lol
2022-02-16 14:00:43 thomas: not mistresses but male lovers
2022-02-16 14:00:46 weldon: :joy:
2022-02-16 14:00:52 kermit: yeah that’s a known fact
2022-02-16 14:01:31 weldon: *Petrosyans *fuck with Stepanenkas :rofl:
2022-02-16 14:01:36 kermit: https://www.youtube.com/watch?v=8aDxfJ-eCxw
2022-02-16 14:07:11 gelmut: By the way, everything is bullshit about Zhirik. Their party man said that everything is fine with him, it’s just hype and journalist faggots. In fact he is just lying in the hospital just in case and working there, feeling fine. They bring him documents to sign right there.
2022-02-16 14:09:18 kermit: Trust the party members from the LDPR
2022-02-16 14:09:22 kermit: That’s just the way it is.
2022-02-16 14:10:01 kermit: They’ll tell you that Volfovich [Zhirinovsky] is dying out there and people don’t know what to do

Feeling the Sanctions

On February 24, at the very beginning of the West’s sanctions against Russia, members of Conti were clearly already feeling squeezed, including by their inability to buy digital gear from Apple. After urging from Ukraine, Apple had quickly cut off sales of products like iPhones and MacBooks to Russia. The value of Russian’s ruble had plummeted to 85 rubles for each U.S. dollar (by March 7, each dollar cost 150 rubles).

2022-02-24 07:04:43 angelo: I take it now the latest model iPhone and Macbook are the ones you have now and that’s it
2022-02-24 07:05:22 weldon: so it is
2022-02-24 07:10:26 biggie: as long as the dollar is 85
2022-02-24 07:11:09 weldon: screw GDP on the dollar
2022-02-24 07:11:25 biggie: What about the iPhone?
2022-02-24 07:12:07 weldon: Shove your iPhones up your ass
2022-02-24 07:12:58 biggie: what about macbooks

They joked about Russia joining NATO so they could switch from the free-falling ruble to the euro. Angelo said he couldn’t even buy a brand of juice because it’s American.

2022-02-24 07:17:23 biggie: we should join NATO, then the euro would replace the ruble and nothing would drop
2022-02-24 07:17:34 angelo: I even couldn’t buy Dobry Juice now – it’s American
2022-02-24 07:18:31 angelo: you should take Viagra, nothing will drop.
2022-02-24 07:19:20 weldon: @biggie you shouldn’t miss the shitter when you piss
2022-02-24 07:19:44 biggie: :smiley:
2022-02-24 07:43:20 biggie: “In half an hour, a quarter of Russia’s stock market is like a cow lapped it up… MOEX index -28,8%”.
2022-02-24 07:43:41 biggie: we’re broke.
2022-02-24 07:45:42 biggie: on the other hand we could soon be stocked up
2022-02-24 07:46:12 angelo: but
2022-02-24 07:46:15 angelo: but
2022-02-24 07:46:19 angelo: I haven’t fucking figured it out yet
2022-02-24 07:46:48 weldon: close up before they close you down

The Conti members even discussed a rumor that PornHub, the major American pornography site, would block Russian users. This was false; PornHub didn’t actually block Russians from using its service.

2022-02-24 22:02:38 thomas: Some American senators suggest blocking PornHub in Russia in addition to social networks!
2022-02-24 22:02:44 thomas: That’s it, we’re done)
2022-02-24 22:02:49 thomas: They will take away our last joys!

Obsession With Brian Krebs

In late January, during a conversation about drug use, the user “Kermit” said, “We should send our correspondence to Krebs.” Angelo replied, “The worst that can happen.” They’re referring to Krebs, the investigative journalist who covers cybercrime groups like Conti. This is especially interesting because since ContiLeaks was published, Krebs has, in fact, been analyzing the group’s correspondence.

2022-01-28 20:01:08 kermit: we should send our correspondence to krebs
2022-01-28 20:01:10 angelo: the worst that can happen
2022-01-28 20:02:03 angelo: I come back once in the evening,
Stoned on hash.
Life becomes beautiful
And it’s madly good.
2022-01-28 20:02:17 angelo: going….. smoking…
2022-01-28 20:02:26 angelo: he’s freaking out, he’s gonna say the Chelyabinsk delinquents
2022-01-28 20:02:48 stanton: Cannabis is supposed to be good for your head.
2022-01-28 20:03:04 angelo: everything is relative
2022-01-28 20:03:24 angelo: if you’re prone to schizophrenia you might end up in a mental hospital
2022-01-28 20:04:30 kermit: or join the KPRF [Communist Party of the Russian Federation]

It’s clear that members of Conti read Krebs’s work. They frequently mention him when they’re talking about anything particularly inappropriate. For example, on February 2, in a conversation about porn, masturbation and articles about performing oral sex on yourself, Kermit posted, “that’s the kind of correspondence krebs won’t leak :/”.

2022-02-02 20:56:41 elliott: :rofl:
2022-02-02 20:57:01 kermit: that’s the kind of correspondence krebs won’t leak :/
2022-02-02 20:57:08 angelo: he was reading something about giving himself a blowjob

On February 16, Conti members discussed how to remain anonymous using different Jabber clients, chat programs that can be used to connect decentralized chat servers. They discuss Jabber clients called Pidgin, Psi+, and MCabber, how cool and hackery using them looks, and how well their encryption plugins work. They also discuss how their different anonymous Jabber accounts could get linked if they lose internet access and disconnect from multiple accounts at once. Thomas described his technique for mitigating this threat as “Krebs level.”

2022-02-16 08:34:19 thomas: i have each Jabber account on a different client or in a different sandbox
2022-02-16 08:34:22 thomas: and turn them on manually
2022-02-16 08:34:27 thomas: so there could be no timing attacks
2022-02-16 08:34:34 thomas: no autostarts
2022-02-16 08:35:00 thomas: in short, the security is krebs level

Misogyny, Homophobia, Child Sexual Abuse

The messages in this RocketChat channel #general include the sort of misogyny, casual sexism, and crude anatomical references that have historically been endemic among certain groupings of young computer hackers. In one message, Angelo explained that the #general channel was for “pussy and boobs” and the #announcements channel and private messages were for work.

2022-02-08 14:56:47 angelo: you see, in general, pussy and boobs and announcements, in PM work

In one conversation on February 3, Angelo joked with others about raping a girl in her sleep. The replies included “iconic move” and “no, don’t touch them, they’re for meat when the pigeons and bums run out.”

Members of Conti also frequently used homophobic slurs in the chats. Human rights groups have denounced Russian prohibitions, under Putin, of so-called gay propaganda — acts considered to promote homosexuality — saying it contributes to an increasingly homophobic environment where acts of brutality against gay people are common.

On February 25, Patrick posted about how the Safe Internet League, an internet censorship organization in Russia, was going to declare Yuri Dud a foreign agent after a video he published about Ukraine. Dud is a well-known Russian journalist and YouTuber who identifies as Ukrainian. Patrick ended with “Kill the faggots!”

On February 28, Angelo and Kermit discussed child sexual abuse videos (what Kermit openly referred to as “child pornography”) and the ages of girls they liked to watch.

“The Boss” Is Missing

On February 21, the user “Frances,” who had only posted twice before that month strictly about work, posted a long and surprising update in the #general channel.

The “boss” of the Conti ransomware gang apparently disappeared and couldn’t be reached, probably because of “too much attention to the company from outside” and because of internal leaks. Conti didn’t have enough money in emergency reserves to even pay everyone’s salaries. Frances asked everyone to send him up-to-date contact information, take two to three months of vacation from work, and erase their tracks and clean up their accounts used for hacking in the meantime.

It’s unclear why Conti didn’t have enough money to pay salaries. John Shier, a senior security adviser at the security firm Sophos, told CyberScoop that Conti reportedly has a bitcoin wallet with $2 billion in it. And despite the request for employees to take vacation, there have been nearly two dozen news posts with hacked documents from ransomware victims on Conti’s extortion website since February 21.

2022-02-21 13:30:25 frances: @all
Friends!

I sincerely apologize for having to ignore your questions the last few days. About the boss, Silver, salaries, and everything else. I was forced to because I simply had nothing to say to you. I was dragging my feet, screwing around with the salary as best I could, hoping that the boss would show up and give us clarity on our next steps. But there is no boss, and the situation around us is not getting any softer, and pulling the cat by the balls further does not make sense.

We have a difficult situation, too much attention to the company from outside resulted in the fact that the boss has apparently decided to lay low. There have been many leaks, post-New Year’s receptions, and many other circumstances that incline us all to take some time off and wait for the situation to calm down.

The reserve money that was set aside for emergencies and urgent team needs was not even enough to cover the last paycheck. There is no boss, no clarity or certainty about what we will do in the future, no money either. We hope that the boss will appear and the company will continue to work, but in the meantime, on behalf of the company I apologize to all of you and ask for patience. All balances on wages will be paid, the only question is when.

Now I will ask all of you to write to me in person: (ideally on Jabber:))
– Up-to-date backup contact for communication (preferably register a fresh, uncontaminated public Jabber account
– Briefly your job responsibilities, projects, PL [programming language] (for coders). Who did what, literally in a nutshell

In the near future, we, with those team leaders, who stayed in line – will think how to restart all the work processes, where to find money for salary payments and with renewed vigor to run all our working projects. As soon as there is any news about payments, reorganization and getting back to work – I will contact everyone. In the meantime, I have to ask all of you to take 2-3 months off. We will try to get back to work as soon as possible. From you all, please be concerned about your personal safety! Clean up the working systems, change your accounts on the forums, VPNs, if necessary, phones and PCs. Your security is first and foremost your responsibility! To yourself, to your loved ones and to your team too!

Please do not ask about the boss in a private message – I will not say anything new to anyone, because I simply do not know. Once again, I apologize to my friends, I’m not excited about all these events, we will try to fix the situation. Those who do not want to move on with us – we naturally understand. Those who will wait – 2-3 months off, engaged in personal life and enjoy the freedom :)

All working rockets and internal Jabbers will soon be off, further communication – only on the private Jabbers. Peace be with you all!

The post Leaked Chats Show Russian Ransomware Gang Discussing Putin’s Invasion of Ukraine appeared first on The Intercept.

A Perfect Storm for Inflation: COVID, Loose Money, and Putin

by Brian Czech

The current bout of inflation should be no surprise to steady staters. We have national and global ecosystems pushed to the limits by population and economic growth. At the same time, we have monetary authorities and heads of state—neoclassically oblivious to limits—eager to stimulate the economy with loose money. It’s a recipe for inflation.

Gift of inflation.

A simple warning issued in March 2020: full tweet here.

We tweeted all the way back in March 2020 that inflation was coming. If it wasn’t already in the works from COVID-caused supply shocks, President Trump’s fiscal stimulus (CARES Act) put it there. President Biden’s American Rescue Plan came a year later (and one year ago today). These fiscal policies were politically prudent and remedial for many, but they fanned the flames for inflation.

And now we have a two-pronged supply shock emanating from the steppes of Eastern Europe. Russian energy and Ukrainian grain (plus Ukrainian energy and Russian grain) are now sanctioned, restricted, and constricted. The Russian threat also puts even more pressure on NATO countries and Russia to let loose with yet another round of money.

All this creates a perfect storm for an episode of inflation that will be long-lasting and global. If the war in Ukraine spirals further out of control for a protracted period, this inflationary period could become one of the worst in world history. It’s time to take a 21st century look at the fundamentals of inflation, and plan for the storm ahead.

Inflation

Inflation is one of those confounding concepts—a bit like gravity—that is at once easy to understand and subjected to baffling analysis. Fortunately, a perfectly clear and memorable phrase can be used to grasp it: “too much money chasing too few goods.” As such, you tend to know it when you see it. If you’re old enough to buy a beer, you’ve already seen plenty of it.

Three animated dollar bills chasing a runaway shopping cart full of goods.

Too much money chasing too few goods.

Economists distinguish “demand-pull” inflation from “cost-push” inflation. These are two sides of the same coin (so to speak), but the phrase “demand-pull” connotes the “too much money” aspect of inflation, while “cost-push” connotes “too few goods.” Yes, the distinction has a chicken-and-egg aspect: Given either pull or push, inflation is hatched.

Given that “too much money” and “too few goods” are aggregate measures, inflation is a macroeconomic phenomenon, but sometimes sectoral price increases are conflated with inflation per se. If everyone suddenly wants a pet rock, the price increases, but that’s not inflation, demand-pull or otherwise. Similarly, if rocks become harder to find, the price increases, but that’s not inflation, cost-push or otherwise. Consumers can turn to cheaper pet sticks or pet ants, or simply eschew the pet sector entirely. Prices don’t go up across the board. The price of pet rocks is simply a microeconomic phenomenon reflecting the supply and demand thereof.

It makes little sense, then, to talk of inflation exclusively in terms of pet rocks, widgets, or even lumber. It would seem that the proper way to measure inflation would be with a relatively full basket of goods, monitoring the cumulative price over time. That is, in fact, what the Bureau of Labor Statistics (BLS) does with the Consumer Price Index (CPI).

The BLS doesn’t need to include every single good and service stemming from the thousands of industries identified in the North America Industry Classification System. You might, for example, leave out the pet rocks. Surely, however, you wouldn’t want to omit groceries and gas, would you?

Yet that is precisely what economists at the Federal Reserve do with the curious concept of “core inflation,” which accounts for the prices of most goods and services except food and energy. For ecological economists, “core” sounds like a misnomer when the most essential goods are omitted. The rationale of economists at the Fed is that food and energy prices are more volatile than those of other goods; the core should be more stable. A less volatile core measure is supposed to make things easier for forecasting and goal-setting purposes, but it’s hard not to suspect some kind of political fish lurking in the waters circa 2000, when the Fed adopted the concept.

The notion of a non-volatile inflation metric is a bit like thinking, “When we weigh the patient, let’s not include the fat in the midsection, because that area jiggles around more than the rest of the body.” If it’s not a political red herring, the notion of a foodless, energy-absent core measure of inflation is yet another example of the conventional economics profession overlooking the primacy of the agricultural and energy sectors at the trophic base of the economy.

When you think about inflation, do you think it wise to omit grocery bills and gas prices? I didn’t think so. Neither would moms, car drivers, or eaters. (Have I left anyone out?)

Century of Supply Shock

In this article, “supply shock” takes on two meanings. We have the typical meaning of a sudden and steep decline in the supply of a resource, such as an oil shock resulting from an embargo. Of immediate concern, though, is the absolutely macroeconomic scenario I wrote about in Supply Shock: Economic Growth at the Crossroads and the Steady State Solution. A suite of essential resources are dwindling rapidly, although unobserved and out of mind for most. Soils, groundwater, sawtimber, fisheries, various minerals, and conventional energy resources become ever scarcer as the global population grows and the stocks of these resources are eroded, compromised, or outright liquidated. We’re entering an era or a century of Supply Shock, corresponding with other labeled periods such as the Anthropocene and Sixth Great Extinction.

Some may argue that, by definition, the ongoing, background declines of natural resources are trends, not shocks. That would be a fair argument if we were talking about one resource, but supply curves across the board are moving inward, and faster by the decade. Soon enough, the cumulative effect will be stunning to generations accustomed to dealing piecemeal with temporary supply issues, such as an oil embargo here or a fishery collapse there.

Furthermore, economists and politicians are still living in a fantasyland, expecting new technologies to save the day. By the nature of their professions, they tend to be older folks who’ve seen many a 20th century problem overcome with new technology. Unfortunately, most of them seem to have little sense that the low-hanging technological and thermodynamic fruits have been picked, leaving the shelves barer and less accessible for this century. The impending wake-up call will be quite a surprise to them, as it will be for the media who cover them.

For the broader public then, which in turn gets its fuzzy understanding of economics from the mainstream media, the combination of widespread shortages and the limitations of technology will suddenly appear overwhelming. People (exceedingly few of whom read outlets such as the Herald) will be wondering, “Why weren’t we hearing about this in advance?” They’ll be shocked.

In other words, while the economy of nature is undergoing its Sixth Great Extinction, the human economy is entering the Century of Supply Shock. The money supply will be chasing fewer goods, and the stage will be consistently set for inflation, just waiting for feckless fiscal and monetary actors.

Fiscal Stimulus

Biden launching the American Rescue Plan.

President Biden touting the American Rescue Plan. (CC BY-NC-ND 3.0, Eric Haynes)

Thus far we’ve had three rounds of economic impact payments—aka “stimulus checks”—to buffer the majority of American citizens from the economic impacts of COVID. Direct payments totaling approximately $867 billion have been or will yet be made pursuant to the CARES Act (2020), the Consolidated Appropriations Act (2020), and the American Rescue Plan (2021). $456 billion is somewhat attributable to Trump (who signed the first two bills), and $411 billion to Biden (who signed the American Rescue Plan). The total is not far from a trillion dollars; roughly five percent of American GDP and well over one percent of global GDP.

Where did such a huge sum of money come from? While it’s a little more complicated than this, the money is mostly debt. The CARES Act, for example, was signed by Trump on March 27, 2020, well into the fiscal year, which itself was budgeted for long before COVID-19 was even identified. In other words, the money came out of thin air, much like COVID.

That means we instantly had an inflated money supply, by definition, chasing goods already becoming scarce in the age of Supply Shock. Demand-pull and cost-push forces were already at work, with the depths of the COVID pandemic yet to come. The subsequent two fiscal stimuli packages were more planned and better budgeted, but still “financed” largely by debt, conducive to further inflation.

COVID-Caused Recession

The COVID-caused recession brings us back to the “fewer goods” part of the inflation equation. While COVID-19 triggered an initial wave of positive demand shocks for such home-bound supplies as toilet paper, pasta, and paper towels, negative demand shocks slammed the hospitality, entertainment, and certain retail industries. (Imagine being an airline or a dentist during the depths of the pandemic.)


Sports and entertainment sectors took a heavy hit during the COVID pandemic.

More importantly, virtually all sectors were slowed by supply chain issues resulting from workplace shutdowns and an erosion of the labor force due to covid deaths, illness, and exposure avoidance. The ultimate avoidance tactic was retirement or resignation. Millions of workers—especially the very young and the retirement-eligible—learned they didn’t necessarily need to work. Not when they were receiving stimulus checks while saving the expenses of commuting and parking. The Great Resignation is “still in full swing,” too.

Only higher-income individuals and families weren’t eligible for stimulus checks. That means those who received the checks were fairly dependent upon them for essential goods and basic services; the checks weren’t deposited in savings accounts. The demand for such goods (most notably food) is price-inelastic, too, so the sudden glut of debt-based money was bound to settle into the prices at grocery stores, convenience stores, and pharmacies. That’s demand-pull inflation.

As if all that wasn’t enough, Russian President Vladimir Putin ordered the invasion of Ukraine on February 24, 2022, setting in motion supply shocks at the trophic base of the economy.

The Volatile Mix of Gas and Grain

The relevance of trophic levels in the structure of the economy is about to take center stage in the tragic play called Inflation 2022. Almost one-fourth of the world’s wheat and nearly a third of its barley comes (normally) from the grain belt stretching from western Ukraine through southwestern Russia. Ukraine alone provides about 16 percent of the world’s corn. Significant shares of rye, soybeans, potatoes, vegetable oils (most notably sunflower), and numerous other food staples emanate from this breadbasket of Europe.

Ukrainian agricultural production and transport will be severely challenged by the Russian invasion. The vast majority of wheat in this part of the world is winter wheat; planted in fall and harvested in summer. If the war remains hot into the summer, with most Ukrainian men—and many women as well—occupied with fighting, farming will suffer. Farmers are also facing shortages (high prices) of fertilizers and pesticides at a time when income flows and even basic financial operations will be difficult to maintain. Similar problems will be faced in all of the major Ukrainian agricultural operations. For what surplus might remain, export routes along the Black Sea are cut off.

In addition, Russian commodity exports have been banned, not only by receiving countries but, in retaliation, by Putin himself. That means grain from the USA and Canada, along with lesser grain belts in Mexico, Argentina, Chile, Brazil, China, India, Australia, Kazakhstan, and Turkey will be needed to feed the world. Wheat and corn prices are already skyrocketing, and supply shocks from the “chernozem” belt of Ukraine/Russia are reverberating into the price points for all cereal grains including rice.

Meanwhile, as steady staters know, money originates from the agricultural surplus that frees the hands for the division of labor unto all other sectors. That’s the trophic theory of money, which links the real (trophically structured) economy with the monetary sector in a manner that makes inflation easier to understand. The trophic theory of money implies that, if agricultural surplus declines, less real money is “authorized.” When the agricultural decline is sudden, as with a pronounced, cereal grain supply shock, the nominal money supply is just as suddenly inflated. And this is precisely the current situation.

In other words, no one should be wishfully thinking that inflation can be confined to the grocery store. All the money in the world—real money that is, adjusted for inflation—stems from agricultural surplus (or more generally, food surplus, which at this point in history is all about cereal grains). This underscores the truly macroeconomic aspect of inflation. It’s not only market forces that reallocate demand into different sectors, spreading price increases along the way. Rather, the money supply—same supply used for all goods and services—is inflated from the moment the agricultural surplus declines. If it takes a little longer for prices of some goods and services to increase, relative to others, the difference can be chalked up to the trophic procession of production from agro/extractive at the base to heavy manufacturing (and rough services) in the middle to light manufacturing (and refined services) at the higher levels. That’s why, in these early stages of the Russian invasion, commodity prices have increased faster than others.

Of course, one such commodity is energy; most notably crude oil and natural gas, supplies of which have also and suddenly been disrupted by the war. These are probably the most widely reported commodities for several important economic, environmental, and geopolitical reasons. I bring them up here primarily to highlight their linkage to agricultural production. Cereal grain production in the chernozem belt has become heavily mechanized, and the trend continues. As if all the other hurdles weren’t enough for Ukraine and Russian grain production and export, rapidly rising fuel prices add further to the cost-push inflationary pressures.

As global leaders, think tanks, and corporations analyze or plan for the future, they may want to pay close attention to the economic effects of the war in Ukraine. We’re learning a painful lesson about how disastrous things can become when we push beyond reason for growth. The planet can only produce so much food, oil, natural gas, and all the other resources. Yes, renewables are coming online for powering electricity grids, but the wheat combines of the Eurasian steppe don’t turn on a dime, and renewables may never cut it for the type of sheer horsepower needed for cultivating the chernozem of Eurasia, North America, or any other grain belt.

The money supply, on the other hand, can become inflated overnight, impacting the lives of billions of people in short order and with long-lasting consequences for families and businesses.

The warning signs are clear now, and they’re not all about the environment. The biggest, newest red flag on the planet is inflation, the dreaded tax-in-effect that hits everyone, everywhere. In the Century of Supply Shock, inflation will always be nipping at our heels, ready to run wild with any agricultural supply shock, ready to run loose with any feckless “stimulus,” fiscal or monetary. It’s yet another warning that we need a new approach: degrowth toward a steady state economy.

Brian Czech, Executive Director of CASSEBrian Czech is the executive director at CASSE.

The post A Perfect Storm for Inflation: COVID, Loose Money, and Putin appeared first on Center for the Advancement of the Steady State Economy.

Big Tech’s Kafkaesque Approach to Censorship Is Driven by an Abiding Contempt for Its Audience

Published by Anonymous (not verified) on Sat, 05/03/2022 - 10:07am in

Grim-on-Rising

Ryan Grim, left, and Robby Soave, right, host The Hill’s morning politics show “Rising,” in a screenshot from a YouTube broadcast in March 2022.

Photo: The Hill

The politics morning show “Rising,” produced by The Hill and which I currently co-host, was suspended by YouTube on Thursday for allegedly violating the platform’s rules around election misinformation. Two infractions were cited: First, the outlet posted the full video of former President Donald Trump’s recent speech at the Conservative Political Action Conference on its page. The speech, of course, was chock full of craziness. Second, “Rising” played a minutelong clip of Trump’s commentary on Russia’s invasion of Ukraine, which included the claim that none of it would have happened if not for a “rigged election.”

“As an American, I’m angry about it and I’m saddened by it, and it all happened because of a rigged election. This would have never happened,” Trump says in the clip, which you can watch here

The crime, we learned, that got the show suspended for seven days from its platform was that neither I nor my co-host, Robby Soave, paused to solemnly inform our viewers that Trump’s phrase — “a rigged election” — referred to his ongoing claim that the election was stolen from him in 2020 and that this claim is false.

We did scrutinize Trump’s claims. Along with a guest, The Federalist’s Emily Jashinsky, we discussed a theory floated by my Intercept colleague Murtaza Hussain that Trump is such a “madman” of such “aggressive unpredictability” that perhaps that instability did have some deterrent effect.

Later in the segment, we discussed the New York district attorney’s apparent lack of enthusiasm for prosecuting Trump over bank fraud. I argued that whatever the outcome, “If you ask the public, do you think Donald Trump would have inflated his property values when trying to get loans and deflated his property values when paying his taxes, you’d probably get 100 percent of people being like, yes,” I suggested.

The notion that any viewer came away from watching that segment with the mistaken idea that Trump — whom we described as a fraudster and “an actual madman” — had indeed won the election and that it had been stolen from him can’t be taken seriously. It’s absurd, and The Hill is appealing the decision, so far with no success. But YouTube’s approach reflects a broad problem with Big Tech’s approach to censorship: It has nothing but contempt for the viewer. If we had paused to note that Trump’s gripe about his election loss was unfounded, what voter who previously believed that claim would be convinced by my simple rejection of it? And who was the person to begin with who was not previously aware that Trump disputes the election outcome? It might possibly be the most known political fact in America. 

De-platforming any mention of a “rigged election” hasn’t done anything to slow the theory down. Since YouTube and other platforms cracked down on Trump’s election fraud nonsense in late 2020, the belief that the election was rigged has only grown, particularly among Republicans. And the policy has actually stifled a rational response. As Soave pointed out in Reason, “Not only does YouTube punish channels that spread misinformation, but in many cases, it also punishes channels that report on the spread of misinformation.”

Last year YouTube came down hard on a wide swath of progressive content creators who had mentioned Trump’s claims in order to debunk them. The independent outlet Status Coup, which captured some of the most revealing footage of the January 6 riot at the Capitol — photojournalist Jon Farina gave a riveting interview to our podcast Deconstructed that evening — licensed much of that footage to cable and network news outlets but was suspended for posting it on its own channel. Covering the event, Status Coup was told, was tantamount to “advancing false claims of election fraud.” And so the left was disincentivized from talking at all on YouTube — a major source of news particularly for young people — about the election or about the January 6 assault, while the right has moved off into other ecosystems.

YouTube created the very mess it now claims its new policies are aimed at cleaning up.

As an aside, news outlets that post and house raw feeds of political events, like C-SPAN, are to me as a reporter invaluable. Long before I co-hosted “Rising,” I found The Hill’s prolific posting of speeches and press conferences immensely useful. That YouTube wants to end that in order to spare fragile minds from the direct words of politicians is a tragedy for the public, for journalism, and for future historians. (By its own rules, it ought to de-platform C-SPAN’s channel, but that’s probably too idiotic even for YouTube. Or maybe not.)

YouTube’s preening is also maddeningly hypocritical. To a quite significant degree, YouTube created the very mess it now claims its new policies are aimed at cleaning up. In the early days of the platform, YouTube did all it could to funnel viewers to “Loose Change,” the film arguing that 9/11 was an inside job, helping make it a phenomenally influential take. Conspiracy garbage — on Covid-19 vaccines, Davos, flat Earth — is favored content by YouTube to this day, because it engages viewers for hours on end. The most reliable way to draw viewers in the politics space over the past year has been to play footsie with all manner of vaccine-related conspiracies, and the pull of the algorithm has drawn entire swaths of commentators into its maw. 

YouTube pretends not to like this, and to have rules about it, and yet it programs its algorithm to actively encourage people to tiptoe right up to that line — but don’t tell creators where exactly that line is — and when one crosses it, they get hit with a sniper round from a moderator. The carcass becomes a warning to other hosts — but a warning of what? Of who’s in charge. 

Moderation is reasonable as a principle. If YouTube doesn’t want, say, porn on its site, nobody has a constitutional right to post porn there. If YouTube was interested in some sort of moderation that was intended to discourage flagrant lies from getting a boost from the algorithm — and that’s the key; again, it’s discussed as a black-and-white speech debate, but it’s largely about boost and suppression — there are ways it can do this. But it’s not.

YouTube is obviously failing at its stated goal of producing reliable, accurate, informed content, but not because it doesn’t know how to do it. It doesn’t know how to do it and also maximize profits — all of which is more evidence that its flamboyant moderation decisions are all political posturing to fend off pressure for regulation. YouTube has long wanted the crazy stuff, because that’s what pays the bills, and as a result it’s played a role in the crazy-making of our politics.

Now I get the sense — and with an opaque algorithm, that’s all you can have — that YouTube is done with political content. It’s more trouble than it’s worth. A platform fueled by gamers and reaction videos is less likely to fuel a ransacking of the Capitol — and less likely to produce the real concern, a corporate-advertising exodus — and just as able to bring in money. The conservative movement has already accepted this reality and is now building rival video platforms to host its content, further polarizing politics. The left, though, has no serious backup plan, only calls for Big Tech to “do more.”

The post Big Tech’s Kafkaesque Approach to Censorship Is Driven by an Abiding Contempt for Its Audience appeared first on The Intercept.

Facebook Allows Praise of Neo-Nazi Ukrainian Battalion If It Fights Russian Invasion

Published by Anonymous (not verified) on Fri, 25/02/2022 - 4:44am in

Tags 

Technology, World

Facebook will temporarily allow its billions of users to praise the Azov Battalion, a Ukrainian neo-Nazi military unit previously banned from being freely discussed under the company’s Dangerous Individuals and Organizations policy, The Intercept has learned.

The policy shift, made this week, is pegged to the ongoing Russian invasion of Ukraine and preceding military escalations. The Azov Battalion, which functions as an armed wing of the broader Ukrainian white nationalist Azov movement, began as a volunteer anti-Russia militia before formally joining the Ukrainian National Guard in 2014; the regiment is known for its hardcore right-wing ultranationalism and the neo-Nazi ideology pervasive among its members. Though it has in recent years downplayed its neo-Nazi sympathies, the group’s affinities are not subtle: Azov soldiers march and train wearing uniforms bearing icons of the Third Reich; its leadership has reportedly courted American alt-right and neo-Nazi elements; and in 2010, the battalion’s first commander and a former Ukrainian parliamentarian, Andriy Biletsky, stated that Ukraine’s national purpose was to “lead the white races of the world in a final crusade … against Semite-led Untermenschen [subhumans].” With Russian forces reportedly moving rapidly against targets throughout Ukraine, Facebook’s blunt, list-based approach to moderation puts the company in a bind: What happens when a group you’ve deemed too dangerous to freely discuss is defending its country against a full-scale assault?

According to internal policy materials reviewed by The Intercept, Facebook will “allow praise of the Azov Battalion when explicitly and exclusively praising their role in defending Ukraine OR their role as part of the Ukraine’s National Guard.” Internally published examples of speech that Facebook now deems acceptable include “Azov movement volunteers are real heroes, they are a much needed support to our national guard”; “We are under attack. Azov has been courageously defending our town for the last 6 hours”; and “I think Azov is playing a patriotic role during this crisis.”

The materials stipulate that Azov still can’t use Facebook platforms for recruiting purposes or for publishing its own statements and that the regiment’s uniforms and banners will remain as banned hate symbol imagery, even while Azov soldiers may fight wearing and displaying them. In a tacit acknowledgement of the group’s ideology, the memo provides two examples of posts that would not be allowed under the new policy: “Goebbels, the Fuhrer and Azov, all are great models for national sacrifices and heroism” and “Well done Azov for protecting Ukraine and it’s white nationalist heritage.”

In a statement to The Intercept, company spokesperson Erica Sackin confirmed the decision but declined to answer questions about the new policy.

Azov’s formal Facebook ban began in 2019, and the regiment, along with several associated individuals like Biletsky, were designated under the company’s prohibition against hate groups, subject to its harshest “Tier 1” restrictions that bar users from engaging in “praise, support, or representation” of blacklisted entities across the company’s platforms. Facebook’s previously secret roster of banned groups and persons, published by The Intercept last year, categorized the Azov Battalion alongside the likes of the Islamic State and the Ku Klux Klan, all Tier 1 groups because of their propensity for “serious offline harms” and “violence against civilians.” Indeed, a 2016 report by the Office of the United Nations High Commissioner for Human Rights found that Azov soldiers had raped and tortured civilians during Russia’s 2014 invasion of Ukraine.

The exemption will no doubt create confusion for Facebook’s moderators, tasked with interpreting the company’s muddled and at time contradictory censorship rules under exhausting conditions. While Facebook users may now praise any future battlefield action by Azov soldiers against Russia, the new policy notes that “any praise of violence” committed by the group is still forbidden; it’s unclear what sort of nonviolent warfare the company anticipates.

Facebook’s new stance on Azov is “nonsensical” in the context of its prohibitions against offline violence, said Dia Kayyali, a researcher specializing in the real-world effects of content moderation at the nonprofit Mnemonic. “It’s typical Facebook,” Kayyali added, noting that while the exemption will permit ordinary Ukrainians to more freely discuss a catastrophe unfolding around them that might otherwise be censored, the fact that such policy tweaks are necessary reflects the dysfunctional state of Facebook’s secret blacklist-based Dangerous Individuals and Organizations policy. “Their assessments of what is a dangerous organization should always be contextual; there shouldn’t be some special carveout for a group that would otherwise fit the policy just because of a specific moment in time. They should have that level of analysis all the time.”

Though the change may come as welcome news to critics who say that the sprawling, largely secret Dangerous Individuals and Organizations policy can stifle online free expression, it also offers further evidence that Facebook determines what speech is permissible based on the foreign policy judgments of the United States. Last summer, for instance, Motherboard reported that Facebook similarly carved out an exception to its censorship policies in Iran, temporarily allowing users to post “Death to Khamenei” for a two-week period. “I do think it is a direct response to U.S. foreign policy,” Kayyali said of the Azov exemption. “That has always been how the … list works.”

The post Facebook Allows Praise of Neo-Nazi Ukrainian Battalion If It Fights Russian Invasion appeared first on The Intercept.

Kitchen Appliance Maker Wants to Revolutionize Video Surveillance

Published by Anonymous (not verified) on Sat, 12/02/2022 - 5:45am in

Bosch, the German multinational most famous for its toasters, drills, and refrigerators, is also one of the world’s leading developers of surveillance cameras. Over the last three years, the company has poured tens of millions of euros into its own startup, Azena, which has the potential to completely transform the surveillance camera industry.

Via Azena, Bosch has led the development of a line of surveillance cameras that relies on edge computing — where each camera has its own processor, operating system, and internet connection — to provide “smart” surveillance of people, objects, and places. Like smartphones, these cameras connect to an app store, run by Azena, where customers can purchase apps from a selection of cutting-edge video analytics tools. These apps allow camera owners to analyze video feeds for different security and commercial purposes.

Here, the devil is in the details: In its documentation for developers, Azena states that it will only carry out basic auditing related to the security and functionality of the software available in its app store. According to the company, responsibility for the ethics and legality of the apps rests squarely on the shoulders of developers and users.

In the rapidly advancing field of video analytics, there is a growing market for software that can transform a video feed into a set of data points about individuals, objects, and locations. Apps currently available in the Azena store offer ethnicity detection, gender recognition, face recognition, emotion analysis, and suspicious behavior detection, among other things, despite well-documented concerns about the discriminatory and intrusive nature of such technologies.

Privacy and human rights researchers expressed concern that by decentralizing and facilitating the creation of powerful surveillance software able to analyze people’s traits and activities without their knowledge, Azena has exponentially raised the possibility for abuse. Should we be worried?

Azena says no.

Developers and users “must be compliant with the law,” said Hartmut Schaper, Azena’s CEO. “If we find out that this is not adhered to, we first of all ask for fixes, and then — depending on how severe the violation of the contract is — we can take apps out of the app store or revoke the user’s license.”

Unlike its parent company, Azena doesn’t produce cameras or develop video analytics tools. Instead, it provides a platform for companies and individual developers to distribute their own applications and takes a cut of the sales — much like the Apple and Google app stores, but for surveillance software. According to Schaper, Google’s app store is the direct inspiration for Azena: Within just a few years of releasing the Android operating system, Schaper noted, Google had revolutionized how smartphones were used and achieved domination over the market. With their new surveillance app store, Azena and Bosch hope to do the same.

And like Google’s integration of Android with other smartphone manufacturers around the world, Bosch and Azena are working with a number of companies that produce surveillance cameras running their operating system. Schaper thinks this will lead to drastic changes in the surveillance economy: “In the end, there will be just two or three operating systems for cameras that dominate the market,” he said, “just as is the case in the smartphone market.”

So far, the strategy has resulted in swift growth: The Azena store currently contains over 100 apps, and Schaper has boasted of how the business model made it possible to provide “the first face mask detection app within two weeks of the COVID-19 pandemic beginning.” Other apps directed at shops and public spaces promise crowd and line counting alongside more intrusive offers of individual identification, face recognition, and biometric detection.

The company has also actively courted new types of software: Azena’s “App Challenge 2021,” which was judged by representatives from a host of major security companies, resulted in apps claiming to detect violence or aggression and offering the ability to track individual movements across multiple cameras.

A facial recognition camera is shown pointed at the entrance of a store in downtown Los Angeles, California, U.S., October 16, 2019. Picture taken October 16, 2019. REUTERS/Mike Blake

A facial recognition camera is pointed at the entrance of a store in downtown Los Angeles on Oct. 16, 2019.

Photo: Mike Blake/Reuters/Alamy

Applications for video analytics can broadly be divided into two categories, explained Gemma Galdon Clavell, a technologist and director of the Eticas Foundation. The more basic applications involve identifying people, objects, barriers like doors or fences, and locations, then sending an alarm when certain conditions apply: someone passing an object to another person, leaving a bag on a train platform, or entering a restricted area.

It’s the second category — applications that allegedly detect emotions, potential aggression, suspicious behavior, or criminality — that Galdon Clavell said can be impossible to do accurately and is often based on junk science. “Identifying a person in a space where they shouldn’t be — that works. But that’s very low-tech.” With the more advanced applications, she said, developers often promise more than they deliver: “From what I’ve seen, it basically doesn’t work.”

“When you move from protecting closed-off areas to actually doing movement detection and wanting to derive behavior or suspicion from how you move or what you do,” Galdon Clavell said, “then you enter a really problematic area. Because what constitutes normal behavior?”

Behind the Scenes

For Bosch and Azena, however, these are early days. “I think we’re just at the beginning of our development of what we can use video cameras for,” Schaper said. Azena aims to go “way beyond the traditional applications that we have today,” he added, and interconnect cameras with a host of other sensors and devices.

Brent Jacot, a senior business development manager at Azena, gave an example of how this might work during a 2020 webinar. Imagine you have a camera app that is good at measuring demographics such as age or gender, Jacot said, and you connect it to another app that controls a gate. “You want to, say, open a gate only if they’re above the age of 18. Then you can take the data from this one app and feed it into the next and create this logical chain to make a whole new use case.”

In this example, the people involved might at least know what was happening. But often, the people subjected to video analytics don’t know that the cameras they are so accustomed to seeing are connected to sophisticated software systems, said Dave Maass, director of investigations at the Electronic Frontier Foundation.

“People have an antiquated vision of what surveillance cameras do,” Maass said. “They’re used to seeing them everywhere, but they just assume the video footage is going to some hard drive or VHS tape and no one is looking at it unless a crime occurs.”

People “don’t see when AI is monitoring it, documenting it, adding metadata to it, and also being trained on it.”

If people knew that the footage was being parsed for signs of emotion, anger, or more obscure traits like suspicion or criminality, they might feel differently about it. “They don’t see when AI is monitoring it, documenting it, adding metadata to it, and also being trained on it,” Maass said. “There’s a disconnect between what people are seeing in their day-to-day lives and what’s happening behind the scenes.” Azena also foresees using publicly sourced surveillance footage to train future video analytics algorithms: An informational graphic in the company’s online portal for developers states that camera users “may contribute to enhancements via crowd-generated data.”

Cameras that connect to the Azena app store run an operating system that is a modified version of Android. By using Google’s open-source smartphone operating system as the base for their cameras, Azena’s platform is open to some 6 million software developers around the world. While other surveillance cameras are limited by proprietary operating systems that can only be worked on by niche developers, Azena’s approach aims to put innovation “on steroids,” according to Felicitas Geiss, the company’s vice president of strategy and venture architecture.

Azena recognizes that security cameras are often targeted by hackers and claims to have hardened its operating system against forced entry. Security experts say that, if done correctly, using Android could mean improved security over proprietary software, given the platform’s open code and frequent updates. But in the case of the cameras connecting to Azena, this might not be the case.

Internet of Things devices often run old software that users don’t think to update, explained Christoph Hebeisen, head of security intelligence research at the mobile security firm Lookout. “That’s why routers get hacked, that’s why security cameras get hacked, and often in very large numbers.”

There are also cases where human error is at fault: Last March, after locating a username and password that were publicly accessible on the internet, a hacking group said it gained access to tens of thousands of cameras produced by the California-based security startup Verkada, some of which were hooked up to video analytics software.

 David Paul Morris/Bloomberg via Getty Images

Verkada Inc. security cameras on the company’s headquarters in San Mateo, Calif., on March 10, 2021.

Photo: David Paul Morris/Bloomberg via Getty Images

The hackers were able to view footage from prisons, hospitals, factories, police departments, and schools, among other places. A member of the group that claimed responsibility told Bloomberg that the breach exposed “just how broadly we’re being surveilled, and how little care is put into at least securing the platforms used to do so.”

On many platforms, including Android, when developers patch a potential vulnerability, they publish a notice in the form of a Common Vulnerability and Exposures list. Azena, Hebeisen said, appears to be years behind on patching CVEs: Its current operating system only addresses Android CVEs as late as 2019, judging from the webpage where it summarizes system updates.

“That is really a problem,” Hebeisen said. A determined hacker, he explained, could look at the years’ worth of vulnerabilities and work their way backward to develop an exploit.

“Now, these vulnerabilities might be accessible to an attacker externally, so they could attack those devices and possibly take them over,” Hebeisen added. “And they have the resources and time to do this.”

Azena’s CEO disputed the suggestion that the company is behind on patching Android CVEs. Schaper stated that because cameras running Azena’s operating system lack some hardware functionality that modern smartphones have, like Bluetooth, many Android CVEs don’t apply. Schaper said Azena’s security team evaluates all security patches from Google for their relevance to the camera operating system.

Hebeisen remains skeptical. The company’s response “is hard to verify independently,” he said, pointing to specific vulnerabilities in Android core components that, based on its own documentation, Azena appears to have left unpatched.

“The security of this app store and those apps stands and falls with how well they are being vetted.”

“This process is not transparent to the public,” Hebeisen said, adding that he’d like to see the company “publish regular security advisories that list the vulnerabilities that affect their OS along with the corresponding patches.”

More importantly, Hebeisen said, is that the apps on the Azena store are too high stakes to carry so little auditing. “The security of this app store and those apps stands and falls with how well they are being vetted,” he said. “Even with Google Play, sometimes malicious apps slip through — I don’t think this company is nearly as well resourced or would be nearly as careful.”

According to Azena’s documentation for developers, the company checks potential applications “on data consistency” and performs “a virus check” before publishing to its app store. “However,” reads the documentation, “we do not perform a quality check or benchmark your app.”

In comparison to Azena’s inspiration, Google, this appears to be a light-touch process. While Google Play Store developers are also ultimately responsible for the legality of the apps they upload, they are obliged to comply with a barrage of policies covering everything from gambling and “unapproved substances” to intellectual property and privacy.

Google warns developers that “powerful machine learning” is deployed alongside human review to detect transgressions, although widespread SMS scams and the recurrent appearance of stalkerware in the Play Store suggests that this process is not all it’s cracked up to be.

Bosch and Azena maintain that their auditing procedures are enough to weed out problematic use of their cameras. In response to emailed questions, spokespeople from both companies explained that developers working on their platform commit to abiding by ethical business standards laid out by the United Nations, and that the companies believe this contractual obligation is enough to rein in any malicious use.

At the same time, the Azena spokesperson acknowledged that the company doesn’t have the ability to check how their cameras are used and doesn’t verify whether applications sold on their store are legal or in compliance with developer and user agreements.

The spokesperson also said that users are able to develop or purchase applications from outside Azena’s store and sideload them onto cameras running their operating system, allowing users to run powerful video analytics software without any auditing or oversight.

“Further review beyond the contractual obligations of platform users is not possible, because the apps are not Azena’s own products,” the Azena spokesperson wrote. “The application rights remain entirely with the respective developer who offers it in their own name on the Azena platform.”

A Chilling Effect

In Europe, legislators have recognized a need to regulate and control new technologies that make use of machine learning and advanced algorithms, such as those offered on Azena’s platform. The European Union’s proposed Artificial Intelligence Act calls for balancing the benefits and risks of AI, underpinned by the aim of stimulating economic growth. Still, it’s unclear if European regulators will be able to keep up with technological advancements. Where exactly that balance should lie is currently the subject of political negotiations.

As the proposed legislation stands, Azena would likely be classed as a distributor of AI technologies, said Sarah Chander, senior policy adviser at European Digital Rights. In the case of “high-risk” apps, this would mean the company would have to ensure that providers complied with the act’s requirements for transparency, risk management, quality checks, and data accuracy; if Azena suspected noncompliance, it would have to inform the provider or withdraw the app from sale and ensure “corrective actions” were taken. “Low-risk” apps, meanwhile, would be governed by voluntary codes of conduct drawn up by government authorities.

“It’s surveillance capitalism on steroids.”

“I doubt the act will help provide accountability for distributors,” Chander wrote in an email. Even if it did, the proposed rules “don’t capture the root of why this platform is problematic. The reason why we should be concerned with a platform like this is because it is accelerating and promoting the uptake of harmful AI systems, accelerating the sale and use of pseudo-scientific, discriminatory surveillance systems, and finding ways to get these systems to market in more and more efficient ways.”

“It’s surveillance capitalism on steroids,” she added.

Echoing this concern, Jay Stanley, a senior policy analyst at the American Civil Liberties Union, said that the technology is not yet able to live up to its claims. Emotion detection technology is like selling “snake oil.” But the implications are still concerning. “Things like emotion detection are an easy sell for many people,” Stanley said. “You have all these cameras around your building and [developers] think, for example, who wouldn’t want to get a notification if there was an extremely angry person in the area?”

But Stanley is just as worried about the rapid expansion of simple applications of video analytics. “There’s a real concern here that even on the most effective end of the spectrum, where a video analytics system is trying to detect just the raw physical motion or attributes or objects,” he said, “every time you hand a backpack to a friend or something like that, an alarm gets set off and you get approached.”

“That’s going to have a real chilling effect. We’re going to come to feel like we’re being watched 24/7, and every time we engage in anything that is at all out of the ordinary, we’re going to wonder whether it’ll trip some alarm,” Stanley said.

“That’s no way to live. And yet, it’s right around the corner.”

This article was reported in partnership with Der Spiegel.

The post Kitchen Appliance Maker Wants to Revolutionize Video Surveillance appeared first on The Intercept.

Use of Controversial Phone-Cracking Tool Is Spreading Across Federal Government

Published by Anonymous (not verified) on Wed, 09/02/2022 - 12:00am in

Tags 

Technology

Investigators with the U.S. Fish and Wildlife Service frequently work to thwart a variety of environmental offenses, from illegal deforestation to hunting without a license. While these are real crimes, they’re not typically associated with invasive phone hacking tools. But Fish and Wildlife agents are among the increasingly broad set of government employees who can now break into encrypted phones and siphon off mounds of data with technology purchased from the surveillance company Cellebrite.

Across the federal government, agencies that don’t use Cellebrite technology are increasingly the exception, not the rule. Federal purchasing records and Cellebrite securities documents reviewed by The Intercept show that all but one of the 15 U.S. Cabinet departments, along with several other federal agencies, have acquired Cellebrite products in recent years. The list includes many that would seem far removed from intelligence collection or law enforcement, like the departments of Agriculture, Education, Veterans Affairs, and Housing and Urban Development; the Social Security Administration; the U.S. Agency for International Development; and the Centers for Disease Control and Prevention.

Cellebrite itself boasted about its penetration of the executive branch ahead of becoming a publicly traded company in August. In a filing to the Securities and Exchange Commission, the company said that it had over 2,800 government customers in North America. To secure that reach, The Intercept has found, the company has partnered with U.S. law enforcement associations and hired police officers, prosecutors, and Secret Service agents to train people in its technology. Cellebrite has also marketed its technology to law firms and multinational corporations for investigating employees. In the SEC filing, it claimed that its clients included six out of the world’s 10 largest pharmaceutical companies and six of the 10 largest oil refiners.

Civil liberties advocates said the spread of Cellebrite’s technology represents a threat to privacy and due process and called for greater oversight. “There are few guidelines on how departments can use our data once they get it,” said Albert Fox Cahn, executive director of the Surveillance Technology Oversight Project. “We can’t allow every federal department to turn into its own spy agency.”

But Cellebrite’s extensive work with U.S. authorities may be providing it with something even more important to the company than money: political cover. Like NSO Group, whose formidable phone malware recently made headlines, Cellebrite is based in Israel. While NSO’s Pegasus malware is far more powerful than Cellebrite’s technology, providing near-effortless remote infection of devices, both companies have stirred controversy with their sales to authoritarian governments around the world. Cellebrite’s technology is cheaper and has been used in China to surveil people at the Tibetan border, in Bahrain to persecute a tortured political dissident, and in Myanmar to pry into the cellphones of two Reuters journalists. (Under pressure, the company has pledged to stop selling in China and Myanmar, though enforcement is spotty.)

But unlike NSO and the lesser-known Israeli spyware company Candiru, which were added to a Commerce Department trade blacklist in November, Cellebrite has yet to face calls for sanctions. There are signs that people at the company are worried: The day before the NSO listing, D.C. lobbying firm Alpine Group registered with the U.S. Senate to lobby on behalf of Cellebrite. The contract was Cellebrite’s first engagement with outside lobbyists since 2019.

Cellebrite and Alpine Group declined to comment on the lobbying contract. But according to Natalia Krapiva, tech-legal counsel for Access Now, “Cellebrite tries hard to distinguish themselves from NSO by claiming that they are not a spyware company that gets involved in foreign espionage.” While she did not know for certain the reason behind Cellebrite hiring Alpine Group, she said, “They are investing a lot of resources into aggressively defending their reputation, especially in the West.”

“Cellebrite is now trying to put the flashlight more on how much they are connected to the American government,” said Israeli human rights lawyer Eitay Mack, who has repeatedly exposed abuses perpetrated with Cellebrite technology. “But I believe that they are very worried. They are working in many countries that the Americans have problems with. Because of the story of NSO Group, they are afraid that things could become difficult for them.”

So far, however, Cellebrite’s growth seems to be continuing unimpeded, pushing deeper and deeper into police, corporate, and bureaucratic surveillance.

The Fish and Wildlife Service, along with most of the U.S. departments and agencies contacted by The Intercept, did not comment for this article. A spokesperson with the strategic communications firm Reevemark, which represents Cellebrite, pointed The Intercept to the “Ethics and Integrity” page on Cellebrite’s website but otherwise declined to comment.

FILE - In this July 18, 2011, file photo, an examiner at an FBI digital forensics lab views data extracted easily from a smartphone, in Salt Lake City. A digital forensics firm known for helping law enforcement crack into locked smartphones has fallen victim to hackers. Technology news website Motherboard said Thursday, Jan. 12, 2017, that it has obtained 900 gigabytes of data related to Israel-based Cellebrite. (AP Photo/Lynn DeBruin, File)

An examiner at an FBI digital forensics lab views data extracted from a smartphone, in Salt Lake City, Utah.

Photo: Lynn DeBruin/AP

The Rise of Cellebrite

Cellebrite’s journey into the citadels of global power began in the 1990s, when it was started as a relatively benign consumer technology outfit. Its first product was a tool to migrate contacts from one cellphone to another. It eventually moved into coercive forms of data transfers, allowing customers to bypass phone passwords and vacuum data out of devices.

As smartphones came to contain more and more information about people’s daily lives, business boomed among police and militaries around the world. Cellebrite cashed out in 2007, selling to the Japanese conglomerate Sun Corp., although many of the researchers who collect cellphone vulnerabilities remain based at its campus in Petah Tikva, Israel.

In 2016, the company got a boost from speculation that the FBI had used a Cellebrite product to unlock the phone of one of the perpetrators of a mass shooting in San Bernardino, California. The rumors turned out to be false, but Cellebrite’s government work in the United States continued to grow. It gained clients within the FBI, Immigration and Customs Enforcement, and the Air Force, as well as among local police departments, which have used its technology on people accused of minor crimes like graffiti, shoplifting, and being drunk in public.

“We talk about the sanctity of the home, but there’s so much more on your phone … than probably anything in your house.”

The company has a 4,000-square-foot showroom that it calls an “envisioning center” in Tysons Corner, Virginia, a stone’s throw from the nation’s capital. Today its chief marketing officer, Mark Gambill, is based in the area, according to his LinkedIn profile.

Cellebrite’s flagship offering is the Universal Forensic Extraction Device, or UFED, a phone-hacking kit, but it also offers software that can perform similar feats through a desktop computer as well as products to access data stored in the cloud.

This type of work has been lucrative. According to Cellebrite’s recent SEC filing, the company’s average government customer spends $415,000 on data collection devices and services, with additional millions if they add on analytics software.

The cost of that business, Cellebrite’s critics say, is borne by citizens, and not just in the form of tax dollars. “We talk about the sanctity of the home, but there’s so much more on your phone that gives a deeper and more intimate view than probably anything in your house,” said Jerome Greco, a public defender for the Legal Aid Society. Greco remembers police turning to a Cellebrite UFED-type device following a bar fight between strangers. “What could be on the person’s phone, when they didn’t know each other?” he said.

The proliferation of Cellebrite’s technology within the federal government is “deeply alarming,” said Cahn. While a 2014 Supreme Court ruling set new legal hurdles for searches of cellphones, citing the intimate information the devices now contain, this has “meant very little on the ground.”

“Very, very few people understand the power of the tools that Cellebrite offers.”

“Not only is there no justification for agencies like U.S. Fish and Wildlife Service to use this sort of invasive technology, it’s deeply alarming to see agencies use these devices in more and more low-level cases,” he added. Federal wildlife investigators aren’t the only ones using Cellebrite tools in the great outdoors: Wildlife officers in Missouri and Michigan, for example, use such devices, and Cellebrite has heavily marketed its hardware and software for combating animal trafficking. Upturn, a nonprofit focused on justice and equity, last year published a report documenting the purchase of mobile device forensic tools, including Cellebrite technology, by over 2,000 smaller agencies. “Very, very few people understand the power of the tools that Cellebrite offers,” said Upturn’s Logan Koepke.

“Cellebrite should only be used by competent law enforcement agencies with proper oversight and screening, and only for more serious crimes,” said Krapiva. “It should be up for public discussion as to whether we as a society accept that such invasive tools are being used by educational institutions, private firms, and government agencies.” Other experts interviewed by The Intercept said they believed that cellphone crackers should never be used, even when investigating serious crimes.

Cellebrite’s federal customers provide little transparency as to how they’re using the powerful technology. Of the agencies that did respond to The Intercept’s requests for comments, few offered any concrete information about their use of the tools or answered questions about the implications of that usage. The U.S. Department of Veterans Affairs, for example, would not comment on specific technologies, according to a spokesperson, who said only that the department uses a “wide variety of tools” to “leverage technology” to advance its mission.

The Department of Education at least allowed through a spokesperson that it uses Cellebrite tools for “investigative work” by its inspector general and “to determine if a government-issued iPhone has been compromised and to what extent.” The Department of Energy, whose responsibilities touch on nuclear weapons and federal research labs like Los Alamos, said that it uses Cellebrite products in investigations by its Office of Intelligence and Counterintelligence and inspector general and to examine government-owned handsets “that have exhibited or been reported to exhibit strange or malicious behavior; or devices that were taken on foreign travel where there is an opportunity for compromise or tampering by a foreign adversary.”

A Social Security Administration spokesperson told The Intercept that Cellebrite tech is used in its office solely to investigate allegations of fraud, including stolen Social Security numbers, insurance fraud, and scams related to pandemic-related relief such as Paycheck Protection Program loans and unemployment benefits. The spokesperson declined to discuss specific instances.

2E6HF4G Cables for connecting between several mobile phones and Cellebrite UFED TOUCH, a device for the data extraction from mobile device such as mobile phone or smart phone, are seen at Tokyo office of Japanese electronics maker Sun Corp. during a photo opportunity in Tokyo March 30, 2016.  Israel's Cellebrite, a subsidiary of Japan's Sun Corp and a provider of mobile forensic software, is helping the U.S. Federal Bureau of Investigation's attempt to unlock an iPhone used by one of the San Bernardino, California shooters, the Yedioth Ahronoth newspaper reported on March 23, 2016. REUTERS/Issei Kato

Cables for connecting between several mobile phones and Cellebrite UFED TOUCH, a device for the data extraction from mobile devices, are seen at Tokyo office of Sun Corp. on March 30, 2016

Photo: Issei Kato/Reuters/Alamy

After Hours, Lining the Pockets of Law Enforcement

Further complicating the ethics of government Cellebrite use is the fact that, according to LinkedIn, Cellebrite has employed more than two dozen U.S. government employees from across the country as contract instructors or forensic examiners. The contract employees have apparently included police detectives, a Secret Service officer, and people who claim to work for the Defense Department and defense contractor Lockheed Martin.

Other contractors say they work for the Florida attorney general’s office and the United States Postal Service Office of the Inspector General.

“Cops teaching cops is not anything new,” said Greco, the public defender. “But I would be concerned that there is a financial incentive to choose Cellebrite’s tools over others.”

“Cops teaching cops is not anything new. But I would be concerned that there is a financial incentive to choose Cellebrite’s tools over others.”

“Even if it’s an appearance of impropriety, it’s concerning,” said Krapiva.

Cellebrite’s apparent payments to police officers and prosecutors may also violate some police departments’ policies on moonlighting. The Florida attorney general’s office did not respond to questions about its policy on taking on side work. A Postal Service spokesperson approached with the same questions said that The Intercept would need to submit a Freedom of Information Act request to the Office of the Inspector General. The policy, which was eventually provided following a request, requires agents with the office to seek formal approval of outside employment in writing so that the position can be reviewed for potential conflicts of interest. It is not clear whether that happened in this case.

In another instance of government collaboration, Cellebrite has also brokered a partnership with an influential attorneys general’s association, with the goal of “creating legal policy and procedures” that allow for the use of a Cellebrite cloud tool.

Cellebrite may need all the U.S. government work it can get. Its stock prices have taken a dip. Recent exits from authoritarian countries have made its U.S. contracts even more critical to staying afloat. In December, facing recruitment difficulties in Israel following negative press coverage, the company launched a public relations campaign comparing its employees to superheroes.

Mack, the human rights lawyer, said the campaign had an air of desperation to it. “They have already been marked because they are working in some very bad places,” he said. “And things are going to keep being exposed.”

The post Use of Controversial Phone-Cracking Tool Is Spreading Across Federal Government appeared first on The Intercept.

The Chip Wars Heat Up

Published by Anonymous (not verified) on Tue, 08/02/2022 - 6:00am in

"...there’s something much bigger at work here: The Chip Wars, as I’ve dubbed them, are heating up, and revealing some of the tensions between national needs and extraction from local communities."...

Read More

Pages