Know You are the Target – KYT

>> February 24, 2020

>> Blog Post #30

KYC rules have been around for a while. You probably feel that you have more or less always known them, if you are under 40 years old. But KYC is pretty much a product of the 21st century. And a few recent decades of the internet have turned it into a FAT set of data.

Names, birthdays, addresses, social security numbers, etc.…. the amount of data collected on an increasingly large population is staggering.

The fact that some companies have specialized in this field has created champions, corporations that collect highly personal data of millions of individuals.

I am pretty sure that a lot of processes could be conducted without KYC, as I personally fail to believe that AML/KYC laws do any good at all and that the rhetoric of it being useful to fight against terrorism is nothing more than a lie.

But this data is of great interest to thieves and having it all handled and protected by centralized companies is a recipe for disaster when they are breached, and they all end up being breached….

These breaches are getting bigger and bigger. The organizations behind the attacks are often state sponsored as we just learned in the Equifax breach.

This will not end well. It is time people started looking at KYC / AML regulations as a major attack vector against innocent individuals.

Jammu and Kashmir

>> February 10, 2020

>> Blog Post #27

I was writing last week about what countries seem to have in store for us in the future in terms of cyber warfare.

I am always surprised when I read the paper at the very large number of conflict zones in the world. I remember a few years ago going to the DMZ while travelling in South Korea. The DMZ stands for demilitarized zone and as you can guess from its name….

No, it actually is a very heavily militarized zone, one of the most crowded militarized zones in the world, separating North Korea from South Korea since the 1950s’. Visiting it brings back memories of the cold war and the “it’s the good guys versus the bad guys” type of explanations on what the world is about. I was amazed when going there that the two neighboring Koreas were under a cease-fire for the past 60 plus years. Can you imagine your country not putting an end to a war by signing a peace treaty, but only signing a cease fire, the type of agreement that generally do not last, only to see it persist for decades?

Anyways, I recently learned about another zone that seems to have known rocky times in the twentieth century: Jammu & Kashmir.

Jammu & Kashmir has the great privilege of being a topic of dispute between India, Pakistan and China. That’s right, 3 countries that have the nuclear bomb. What could go wrong?

Well it happens that recently, the Indian government revoked Jammu & Kashmir’s constitutional autonomy and decided to cut their internet. That digital black-out imposed on the Jammu & Kashmir region is apparently supposed to help India control the local population in the region. Apparently shutting down the internet is somewhat of an Indian habit since according to this Forbes article, India holds the sad record of the country that shuts down the internet the most in the world, and it’s not even close. You probably will realize that number two on that list is none other than their rival neighbor Pakistan.

Inhabitants of Jammu & Kashmir have had their internet cut since December 18, that’s hundreds of days without the internet or very limited access to it. Can you imagine how much of a toll that must take on people, communications, businesses, the health system, education.

What happens when tomorrow you and your community are deemed to be opponents for whatever reasons a local government has come up with: race, religion, cultural specificities.

This is the type of action that will become more common as governments will decide to inflict pain on a specific population. You might be the good guys today, but that can change in a hurry. Be aware of it and maybe just keep in mind that you should probably have some kind of plan in place for when you lose access to your internet for a few days. It’s just like having a few candles in your kitchen cupboard for when the lights go off. Better be prepared.

The World We Live In

>> February 3, 2020

>> Blog Post #23

Moments when you step back from your daily lives to take a hard look at what the world really looks like are rare, I assume. At least that was the case for me until I somehow committed to fighting back a lot more.

I would like to take a look today, for a second, at where we are headed.

The goal is not to guess the future, but to look at some events taking place in the present and what they tell us about what might be shaping up for us moving forward, as they are indicative of underlying trends we rarely discuss.

I’ll make a lot of assumptions in this post, on what you might or might not know. These assumptions are made to mimic my own knowledge, or lack of, on the topic at hand.

You’ve probably heard of the Great Firewall of China, the censorship mechanism designed by the People’s Republic of China to control access its 800 million internet users have to the internet. If you’ve clicked on the above link and were able to read the page from Wikipedia, it means that either you do not live in China or that you have a VPN set up and working. Because that is what the Great Firewall of China (GFC) does, it blocks access people have to content and services that are not deemed suitable, by the government, for people living within the frontiers of their country. A standard internet user in China does not have access to sites such as: Google, Facebook, YouTube, the New York Times or Wikipedia for example. In order to do so, China relies on its technology and communications’ companies to enforce the policy it has defined centrally. The GFC enables China to control what its citizens have access to and limit access to foreign content and opinions that might be harmful to their state.

You might also know that other countries will try to limit outside influence by favoring local companies, services and news agencies, creating strong regional entities in the process:

World Map of Social Networks

I believe we live with these facts knowingly and that they do not bother us much, if at all. I actually would hate to see the whole surface of the earth covered in blue and would rather see more diversity rather than less, but that’s another story.

Depending on where we live in the world, we are all under some form of control. The level of that control will vary from country to country.

However, what we don’t necessarily watch is how much countries are strengthening their grip on the internet and getting ready to confiscate it from us, the people, at their will.

Gone are the days of the cold war, with its latent equilibrium between two forces, two blocs. Today’s inter connections are far more complex, multi-polar. You can spy on your enemies and allies alike. The exercise has become so trivial that no one seems to care anymore.

Various countries are contemplating developing nuclear weapons, increasing the risk of seeing old equilibriums be challenged. Look at what North Korea, Iran or Turkey are doing. And that might just be the tip of the iceberg for us common folk.

What various countries around the globe are doing is actively prepare for all the possibilities of cyber warfare and they are equipping themselves with information gathering tools, monitoring tools and offensive cyber weapons. I believe their scenarios are both for intervening outside of their own borders as well as inside their frontiers, against their own people. I will go into some more details about each over the next few weeks to try and extract a few lessons from what we seem to be witnessing.