OSI Layer 8 again: Childporn Darknet Compromised through IPs in HTML Source.

Why we don’t need more surveillance: All major coups of law enforcement in the darknet where achieved by classical  investigation methods. Well done, dear cops, and I mean that. OSI Layers 8 and above have enough loopholes to offer. 

Reality update: Inside the shutdown of the ‘world’s largest’ child sex abuse website – TechCrunch … :

According to the indictment, federal agents began investigating the site in September 2017, two months before the hackers breached the site. The site’s administrator, Jong Woo Son, had been running the operation from his residence in South Korea since 2015.

The indictment said the main landing page to the site contained a security flaw that let investigators discover some of the IP addresses of the dark web site — simply by right-clicking the page and viewing the source of the website. It was a major error, one that would trigger a chain of events that would ensnare the entire site and its users.

Prosecutors said in the indictment that they found several IP addresses: and One of the IP addresses the hackers gave me was — an address on the same network subnet as the dark web site. It was long-awaited confirmation that the hackers were telling the truth. They did in fact breach the site. But whether or not the government knew about the breach remains a mystery.


“The hacker group has not been in touch since we broke off communications. Publishing a story about the hack two years ago may have caused irreparable harm to the government’s investigation, potentially sinking it entirely. It was a frustrating time, not least being in the dark and not knowing if anyone was doing anything.

I’ve never been so glad to walk away from a story.”


The Impact of Social Media on Trust (Fake News)

Who Shared It?: Deciding What News to Trust on Social Media: Digital Journalism: Vol 7, No 6

The findings highlight the impact elites sharing a story has on views toward an article on social media compared with the effects of the news outlet reporting the story. The study has significant implications for researchers, citizens, and publishers trying to understand how people evaluate the trustworthiness of news on social media and the potential impact of fake news.

McKinsey’s view on the automotive Revolution…

Reality update: The automotive revolution is speeding up | McKinsey … :

For more than two years, the industry has been talking about the four disruptive trends changing the rules in the mobility sector: autonomous driving, shared mobility, connectivity, and electrification. A McKinsey report from January 2016 integrated the impact of these trends into a single picture for the first time. Today, we can offer a perspective on three questions that are a top priority: What is the speed of change? What do the new value pools look like? What is required to succeed in the future? This article addresses the first two questions; the third question will be covered in a forthcoming piece (for more on how we developed our perspective, see sidebar “How we derive insights”).

Considering our base case, by 2030, about 20 percent of value generated from classic vehicle sales might shift toward new technologies, such as xEV powertrains or autonomous-vehicle software and components. But more than 60 percent of revenue from disruptive business models could still be carried by traditional elements, such as the shared vehicle itself or fleet operations

While same-day delivery still seems like a novelty to many, automotive, e-commerce, and logistics players are already working on solutions that use data from fully connected vehicles to have packages delivered to car trunks, regardless of where the driver is.

The increasing momentum of all disruptive trends, the shifts in value pools and corresponding capabilities, and the growing need for more granular perspectives on consumers requires we rethink our view of the automotive industry. The new personal-mobility landscape that is emerging is much broader than the traditional automotive industry; it is extending to include, among many others, tech players and new entrants from other industries such as software and utilities. Whether incumbents or challengers, all players will find themselves part of an increasingly diverse playing field (Exhibit 5).

Use Open Street Map, Dudes! Flaw in Google Maps uncovers Massive Cocaine Deals

Reality update: Prozess in Landshut: Die Tricks der Westbalkan-Mafia – Panorama – Süddeutsche.de … :

Bavaria, Albanians, and they trusted their IT systems. Sigh. I just added the #securitytheater tag, since I realized that. 

Der Plan war aufgeflogen, weil Helfer der Bande im oberbayerischen Eitting in die falsche Halle eingebrochen waren. Auf Google Maps waren zwei benachbarte Gebäude vertauscht und falsch beschriftet gewesen. Das Kokain blieb in den Obstkisten, die gelangten in den Einzelhandel, wo es im September 2017 von überraschten Rewe-Mitarbeitern ausgepackt wurde. Die Ermittler erinnerten sich an weitere, bis dahin mysteriöse Einbrüche in Reifehallen und machten sich auf die Suche nach den Tätern. Telefonüberwachung, scheinbar zufällige Straßenkontrollen, Observationen: Das Treiben der Albaner fand am Ende unter den Augen und Ohren von zuletzt rund 500 Ermittlern statt. Im März vergangenen Jahres schnappte die Falle dann zu.

(Danke, Fefe! … selten so gelacht. Welcome to Bavaria! )

Still manufacturing consent – 30 years later…

Reality update: Still Manufacturing Consent: An Interview With Noam Chomsky | FAIR … :

Alan MacLeod interviewed Noam Chomsky via Skype on March 13, 2018, for MacLeod’s new book Propaganda in the Information Age: Still Manufacturing Consent. They discussed the origins of the classic work of media criticism (co-authored with Edward Herman) Manufacturing Consent, the role of that book’s “propaganda model” today, Google and Facebook, Donald Trump and Russia, fake news and Syria. This is a lightly edited transcript.

7 Best Practices for Managing Open Source Components

Best Practices for Managing Open Source Components  | AltexSoft … :

Open-source software and components are important enablers of agility in modern development environments. Practically all developers use open-source components in applications, whether at the front or back end; there is a library for pretty much any stack you can think of. Developers can use these components to make their jobs easier and allow them to focus on organization-specific challenges, including building the core proprietary software features that add value to enterprise applications.   Developers who understand open-source security and how to best manage open-source components are more likely to efficiently and prudently use these components when building proprietary software.