saint

Good slides on how to reduce risks

Highlights

In analyzing 138 actively exploited vulnerabilities in 2023, Google Mandiant reported Oct. 15 that 70% of them were zero-days, indicating that threat actors are getting much better at identifying vulnerabilities in software.

It’s a worrying trend in and of itself, but what caused even more concern among security analysts was that Google Mandiant also found that the time-to-exploit (TTE) — the time it takes threat actors to exploit a flaw — was down to a mere five days in 2023 compared with 63 days in 2018-19 and 32 days in 2021-22.

Resurfaced in my feed. Obvious in retrospect.

Some interesting research

Researcher Christina Bodin Danielsson calls open office landscapes a “sea of ​​slaves.”

^^ more like tin can :)

Highlights

Iran’s multifaceted approach in the cyber domain allows Iran to project power and influence in the Middle East while avoiding direct conventional military confrontations with stronger adversaries. Iran uses cyber operations to complement its broader geopolitical strategies, often employing cyber espionage and sabotage to gain strategic advantages or to retaliate against sanctions and military threats. As Iran increasingly incorporates AI technologies into its cyber operations, the likelihood of more disruptive and damaging activities escalates, presenting a substantial challenge not only to regional stability but also to global security.

Maj. Gen. Qassem Soleimani’s death marked a significant turning point in Iran’s cyber strategy, pushing Tehran to assert its power and influence through increased cyber activities aimed at the U.S. and its allies

Cyber proxy groups use various tactics to create negative psychological effects among adversaries. APTs such as Mint Sandstorm use precise targeting to create unease among a specific group of people. Iran also uses “faketivists,” which are groups that commit cyberattacks for a specific cause, like hacktivists, but are borne from a specific geopolitical event and are created by a nation-state to perpetuate narratives that support their cause. Faketivists can be nation-state actors and/or proxy groups associated with the IRGC and the Ministry of Intelligence and Security (MOIS). The cyberattacks in Israel that have deployed faketivists have had mixed success, but they have garnered both local and global support. The purpose of these groups is to spread their “success” and to create disruption and attention, regardless of actual operational success.

Looking ahead, we can expect Iran to further integrate AI into its cyber strategy, escalating the frequency and sophistication of attacks, particularly on critical infrastructure and democratic processes. Additionally, the growing alignment between Iran and other global cyber powers, such as Russia and China, further increases the sophistication and reach of its cyber capabilities, presenting significant challenges for those attempting to counter these evolving threats.

In a statement on Tuesday, ILA President Harold Daggett said the union is “now demanding $5 an hour increase in wages for each of the six years of a new ILA-USMX Master Contract. Plus, we want absolute airtight language that there will be no automation or semi-automation, and we are demanding all Container Royalty monies go to the ILA.”

A strong majority of Americans across the political spectrum sympathize more with Ukraine than Russia in the ongoing war: 62% of respondents express more sympathy with Ukraine than Russia, including 58% of Republicans and 76% of Democrats. At the same time, just 2% of respondents said they sympathized more with Russia in the conflict, including 4% of Republicans and 1% of Democrats. Republicans (20%) were more likely than Democrats (7%) to say they sympathized with neither side, while equal numbers of Republicans and Democrats (5%) said they sympathized with both sides equally.

The percentage of respondents who said they want the United States to stay the course in supporting Ukraine grew from our October 2023 poll, reaching the highest level in our tracking since the spring of 2023. In our latest survey, 48% of all respondents said that the United States should support Ukraine as long as the conflict lasts, including 37% of Republicans and 63% of Democrats. All these numbers are new highs in our four polls since March-April 2023.

Highlights

“Now, there’s no question China has been trying to crack down on the internet.” (Chuckles.) “Good luck!” (Laughter.) “That’s sort of like trying to nail Jell-O to the wall.” (Laughter.)

While we were still rhapsodizing about the many ways in which the internet could spread democracy, the Chinese were designing what’s become known as the Great Firewall of China.

Even in a state where surveillance is almost total, the experience of tyranny and injustice can radicalize people. Anger at arbitrary power will always lead someone to start thinking about another system, a better way to run society. The strength of these demonstrations, and the broader anger they reflected, was enough to spook the Chinese Communist Party into lifting the quarantine and allowing the virus to spread. The deaths that resulted were preferable to public anger and protest.

If people are naturally drawn to the image of human rights, to the language of democracy, to the dream of freedom, then those concepts have to be poisoned. That requires more than surveillance, more than close observation of the population, more than a political system that defends against liberal ideas. It also requires an offensive plan: a narrative that damages both the idea of democracy everywhere in the world and the tools to deliver it.

This is the core problem for autocracies: The Russians, the Chinese, the Iranians, and others all know that the language of transparency, accountability, justice, and democracy appeals to some of their citizens, as it does to many people who live in dictatorships. Even the most sophisticated surveillance can’t wholly suppress it. The very ideas of democracy and freedom must be discredited—especially in the places where they have historically flourished.

Instead of portraying China as the perfect society, modern Chinese propaganda seeks to inculcate nationalist pride, based on China’s real experience of economic development, and to promote a Beijing model of progress through dictatorship and “order” that’s superior to the chaos and violence of democracy.

In September 2022, when Putin held a ceremony to mark his illegal annexation of southern and eastern Ukraine, he claimed that he was protecting Russia from the “satanic” West and “perversions that lead to degradation and extinction.” He did not speak of the people he had tortured or the Ukrainian children he had kidnapped.

Another strange actor in this field is RRN—the company’s name is an acronym, originally for Reliable Russian News, later changed to Reliable Recent News. Created in the aftermath of Russia’s invasion of Ukraine, RRN, part of a bigger information-laundering operation known to investigators as Doppelganger, is primarily a “typosquatter”: a company that registers domain names that look similar to real media domain names—Reuters.cfd instead of Reuters.com, for example—as well as websites with names that sound authentic (like Notre Pays, or “Our Country”) but are created to deceive.

None of these efforts would succeed without local actors who share the autocratic world’s goals. Russia, China, and Venezuela did not invent anti-Americanism in Mexico. They did not invent Catalan separatism, to name another movement that both Russian and Venezuelan social-media accounts supported, or the German far right, or France’s Marine Le Pen. All they do is amplify existing people and movements—whether anti-LGBTQ, anti-Semitic, anti-Muslim, anti-immigrant, anti-Ukrainian, or, above all, antidemocratic.

Here is a difficult truth: A part of the American political spectrum is not merely a passive recipient of the combined authoritarian narratives that come from Russia, China, and their ilk, but an active participant in creating and spreading them. Like the leaders of those countries, the American MAGA right also wants Americans to believe that their democracy is degenerate, their elections illegitimate, their civilization dying.

Highlights

We may be close to rediscovering thousands of texts that had been lost for millennia. Their contents may reshape how we understand the Ancient World.

We don’t have original copies of anything, not of the Iliad, or the Aeneid, or Herodotus, or the Bible. Instead of originals, we find ourselves dealing with copies. These were first written on scrolls but later in books – the Romans called books codexes – starting in the first century AD. Did I say copies? That’s actually not correct either. We don’t have first copies of anything. What we do have is copies of copies, most of which date hundreds of years after the original was penned. Even many of our copies are not complete copies.

To most fully acclimate the reader to how tenuous this process is, this essay will focus on three different texts. The first will be a very well-known work that was never lost. Nevertheless, almost no one read it in earnest until the nineteenth century. I will then focus on a text that was lost to history, but that we were able to recover from the annals of time. Such examples are fortuitous. Our third example will be a text that we know existed, but of which we have no copies, and consider what important ramifications its discovery could hold. Finally, we’ll turn our attention again to the Villa of the Papyri and the gold mine of texts discovered there that new technologies are currently making available to classicists.

However, many of the scrolls from the Villa of the Papyri remain not only unread, but also unopened. This is because the eruption of Vesuvius left the scrolls carbonized, making it nearly impossible to open them. Despite this obstacle, Dr. Brent Seales pioneered a new technology in 2015 that allowed him and his team to read a scroll without opening it. The technique, using X-ray tomography and computer vision, is known as virtual unwrapping, and it was first used on one of the famous Dead Sea Scrolls, specifically the En-Gedi scroll, the earliest known copy of the Book of Leviticus (likely 210–390 CE). The X-rays allow scholars to create a virtual copy of the text that can then be read like any other ancient document by those with the proper language and paleography skills. Using Dr. Seales’s technique, scholars have been able to upload many of the texts online. A group of donors led by Nat Friedman and Daniel Gross have offered cash prizes to teams of classicists who can decipher the writings. The race to read the virtually unwrapped scrolls is known as the Vesuvius Challenge.

Highlights

When seawater gets cold, it gets viscous. This fact could explain how single-celled ocean creatures became multicellular when the planet was frozen during “Snowball Earth,” according to experiments.

A series of papers from the lab of Carl Simpson proposes an answer linked to a fundamental physical fact: As seawater gets colder, it gets more viscous, and therefore more difficult for very small organisms to navigate. Imagine swimming through honey rather than water. If microscopic organisms struggled to get enough food to survive under these conditions, as Simpson’s modeling work has implied, they would be placed under pressure to change — perhaps by developing ways to hang on to each other, form larger groups, and move through the water with greater force. Maybe some of these changes contributed to the beginning of multicellular animal life.

The experiment comes with a few caveats, and the paper has yet to be peer-reviewed; Simpson posted a preprint on biorxiv.org earlier this year. But it suggests that if Snowball Earth did act as a trigger for the evolution of complex life, it might be due to the physics of cold water.

It is difficult to precisely date when animals arose, but an estimate from molecular clocks — which use mutation rates to estimate the passage of time — suggests that the last common ancestor of multicellular animals emerged during the era known as the Sturtian Snowball Earth, sometime between 717 million and 660 million years ago. Large, unmistakably multicellular animals appear in the fossil record tens of millions of years after the Earth melted following another, shorter Snowball Earth period around 635 million years ago.

The paradox — a planet seemingly hostile to life giving evolution a major push — continued to perplex Simpson throughout his schooling and into his professional life. In 2018, as an assistant professor, he had an insight: As seawater gets colder, it grows thicker. It’s basic physics — the density and viscosity of water molecules rises as the temperature drops. Under the conditions of Snowball Earth, the ocean would have been twice or even four times as viscous as it was before the planet froze over.

As large creatures, we don’t think much about the thickness of the fluids around us. It’s not a part of our daily lived experience, and we are so big that viscosity doesn’t impinge on us very much. The ability to move easily — relatively speaking — is something we take for granted. From the time Simpson first realized that such limits on movement could be a monumental obstacle to microscopic life, he hasn’t been able to stop thinking about it. Viscosity may have mattered quite a lot in the origins of complex life, whenever that was.

“Putting this into our repertoire of thinking about why these things evolved — that is the value of the entire thing,” he said. “It doesn’t matter if it was Snowball Earth. It doesn’t matter if it happened before or after. Just the idea that it can happen, and happen quickly.”