The Gaping Holes in HTTPS and SSL Security!

Scott Ogrin, a blogger, who is a software engineer as well as an electrical and computer engineer with a BSEE and MSEE, breaks it down for you in the following article:

“ In this day and age of well-known NSA spying, everyone keeps saying that the only way to be safe is to use SSL/TLS, commonly known as "browsing with https://".

The sad reality is that HTTPS does virtually nothing to protect you from the prying eyes of alphabet soup agencies - or anybody else with enough knowledge about how these supposedly "secure" connections actually work.

It's true that connecting to web sites with SSL will certainly prevent "script kiddies" and other more winky opponents from eavesdropping on your surfing or otherwise interfering in your affairs. But as for the Real Bad Guys, forget it...

We shall begin by taking a brief dive down the rabbit hole of SSL, hopefully in a way that will make sense to even the least technically inclined among us.

This issue is, after all, so extremely important that I think everyone needs to understand what is really going on, and how web security actually works, without needing a PhD in cryptography, computer science, or engineering!

Our story begins with a little e-mail I received the other day. The basic message can be found here:

Microsoft Security Advisory (2880823)

Of course, the idea that Microsoft of all companies is warning me about security is kind of laughable, so I didn't pay much attention. Nevertheless, there was this little voice in the back of my mind that kept pestering me, so I decided to dig in and see what all the hoopla was about... or indeed if any hoopla was even warranted.

“Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy will no longer allow root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of SSL and code signing after January 1, 2016. Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.

Microsoft recommends that certificate authorities no longer sign newly generated certificates using the SHA-1 hashing algorithm and begin migrating to SHA-2. Microsoft also recommends that customers replace their SHA-1 certificates with SHA-2 certificates at the earliest opportunity. Please see the Suggested Actions section of this advisory for more information.

Okay, so that's probably like trying to read a foreign language to most people. Even I didn't understand exactly how these hashing algorithms were used with SSL. So, I started digging. What I found nearly floored me:

MD5 considered harmful today: Creating a rogue CA certificate

Now, if you thought the M$ advisory was confusing, take a peek at the above link.

WOW! That's wild.

In summary, way back in 2008, some smart people figured out a way to make themselves a Fake SSL Certificate Authority, and they accomplished this feat by using a weakness in the MD5 hashing algorithm.  [...]

First, let's define some terms - hopefully in Plain English:

SSL Web Site Certificate

This is a digital certificate, with a digital signature, that verifies that a website is who they say they are. When you connect to a web site using SSL (HTTPS), your browser says, "Papers, please!" The remote site then sends the SSL Web Site Certificate to your browser. Your browser then verifies the authenticity of this "passport". Once verified, encrypted communications ensue. The point of the SSL Web Site Certificate is that under no circumstances should anyone else be able to create a valid, signed certificate for a web site that they do not own and operate. In order to obtain an SSL Web Site Cert, you must verify by varied means that you are the owner and operator of the web site involved. So, using HTTPS is not only for encryption of communications, but also a way to verify that the site you are communicating with is the Real Thing, and not an imposter. And of course you must pay for the certificate!

Certificate Authority (CA) Root Certificate

This is also a digital certificate, with a digital signature... But in this case, this certificate can be used to create and digitally sign normal SSL Web Site Certificates. This is the kind of certificate that a CA (Certificate Authority) has. These certificates also get passed to browser makers, and are then included in your web browser. This is so that when your browser receives an SSL Web Site cert, it can use the CA Root Certificate to verify that the Web Site Cert is in fact valid.

Certificate Authority (CA)

A CA is the kind of web site from which you would buy a valid, secure SSL Web Site Certificate to use for HTTPS on your site. For example: Verisign.com, RapidSSL.com, Geotrust.com, etc. are Certificate Authorities. They have CA Root Certificates for generating and signing valid SSL Web Site Certificates.

It's helpful to understand that with all these certificates, there is a "chain of command". SSL Web Site Certificates are validated and authenticated using CA Root Certificates. CA Root Certificates are validated with yet higher-authority certificates, all the way up the pyramid to The One Great Root Certificate, which is like the God of Certificates. Thus, each lower-ranking certificate is verified up the chain of command. This all happens behind the scenes, and you have no idea it's occurring.

Piece of cake, right?

Now, where do these hash algorithms like MD5, SHA-1, and SHA-2 come into play?

All certificates contain information, like:

• Web site domain (www.mysite.com)
• Site location (country, state, etc.)
• Site owner info (company name)
• Period of validity

This information is verified before a certificate is issued. Once verified, a hash of the data is generated. This hash acts as the digital signature for the certificate. The only thing you really need to understand about hash algorithms is that what is supposed to happen is this:

1. Data of any length (30 characters, 3000 characters, 40MB, whatever) is passed into the hash algorithm
2. The hash algorithm chops up the data and mathematically processes it, thereby spitting out a signature – or digital fingerprint – of the data
3. The hash of no two chunks of data should ever be the same – just as the fingerprints of no two people should ever be the same
4. The hash output is always the same size, regardless of the size of the input data (just like a fingerprint – no matter the size of the person)

Right. There is such a thing as a “hash collision”. This is when you have 2 hashes that are identical, but they were generated from different data. That’s like if you and your neighbor suddenly had the same thumbprint. OOPS!

Now, think about that for a minute... If the police were using these hashes, or thumbprints, to verify your identity, they might mistake you for your neighbor, or your neighbor for you, if you "had the same thumbprint". If they did no other checking, and just relied on that thumbprint, they might very well "authenticate" your identities completely incorrectly. BIG OOPS!

This is exactly what happened with the MD5 SSL attack outlined at the above link.

These smarty-pants people were able to carefully buy a valid SSL Web Site Certificate from RapidSSL in 2008. Before they did that, they created their own CA Root Certificate in such a way that the hash (fingerprint) of their valid, just-purchased Web Site Cert was identical to the hash of the FAKE CA Root Certificate that they created out of thin air.

Since RapidSSL had just said, "Dudes, this Web Site Certificate fingerprint is valid!", and since this was the same fingerprint on the fake CA Root Cert, the forged CA Root Certificate becomes valid.

Now, recall that a CA Root Certificate - as long as it has a valid hash/fingerpint that will validate up the "chain of authority" - can be used to generate a valid SSL Web Site Certificate for any web site in the world... And neither you, nor RapidSSL, nor your browser will ever know that anything is amiss.

Why is this a problem? For starters, consider a man-in-the-middle attack.

 You want to go to https://www.gmail.com. But some "hackers" have used another type of hack to insert their server between you and Gmail. Normally, this would not be possible, because you're using HTTPS! You're SAFE!

WRONG!

As far as anyone knows, you are connected to gmail.com over HTTPS. But in reality, what's happening is this:

1. You try to connect to https://www.gmail.com
2. The attacker diverts your request (perhaps using DNS cache poisoning or some other such attack) to a fake server
3. Since Attacker's Server contains a falsely generated, perfectly valid SSL Web Site Certificate using the tricks outlined above, your browser doesn't know any better. Everything appears to be legit.
4. You begin doing e-mail, but all your data is actually going encrypted to Attacker's Server, being decrypted and recorded/modified, and then Attacker's Server then passes the data on to the real https://www.gmail.com (using Gmail's actual, valid SSL cert).
5. You have absolutely no clue that your "secure" communications are not secure in the least!

In other words, SSL / HTTPS means that the connection between your browser and the destination server at the URL you're visiting is supposed to be encrypted. But due to the fact the certain types of SSL certificates (which help handle the encryption) can be forged, an attacker could set up their fake server that pretends to the be the real destination server, and thus insert themselves in the middle of the connection. When that is done, the attacker has control over the connection and the data, and can thus decrypt your data, manipulate it, and/or pass it on to the real intended destination server.

Now, isn't that a daisy?

"But wait!" you say. "Isn't it therefore good for Microsoft to recommend changing the hash function to SHA-256 if SHA-1 has the same potential problem as MD5 did back in 2008?"

An excellent question! Unfortunately, yes and no. Even if you, as a web site owner, change your SSL Web Site Certificate from one that is signed using SHA-1 to a new cert that is signed using SHA-2, you are still unsafe.

Why?

Because all it takes is for ONE Certificate Authority to use a "weak" hash algorithm, and someone who is up to no good can generate a forged CA Root Certificate. Once they have that, they can generate as many SSL Web Site Certs as they want - using any hashing algorithm they please - including a fake-yet-valid cert that they can use to impersonate your "secure" site!

In other words, the weakness in the hashing algorithm is just the tip of the iceberg. Due to the hierarchical "chain of authority" in the whole certificate system, if anyone manages to create a false CA Root Cert, they are more or less god in terms of creating false SSL Web Site Certs.

Thus, in order for Microsoft's words to have an effect, there must not be ANY Certificate Authority (Web Site Cert issuer) in the whole world that still uses SHA-1. In order for the "security" to actually be more secure, everyone must upgrade right now. But this isn't going to happen.

Now, if that isn't bad enough, think about all the NSA spying. Think about how many people said, "Naw, man, I just surf using HTTPS, and I'm totally safe!"

You think so?

I don't. You know why? Well, you should, by now... But there's more!

Guess who invented the SHA-1 hash algorithm in 1995?

The NSA.

Guess who invented SHA-2 in 2001?

The NSA.

So, why should all the Certificate Authorities switch from the NSA's SHA-1 to the NSA's SHA-2? Why, because the NSA created it the way they did for a reason!

SHA-1 already has been theoretically breached, and there are a few indications that SHA-2 isn't quite as super-duper-safe as everyone thinks.

Imagine you are the NSA. You want to spy on everyone, everyone's grandmother, the grandmothers' cats, and the mice that are currently being digested inside the cats. SSL is kind of a problem... It can use pretty annoying encryption. Well, hell! No problem. Just compromise the "certificate authority chain" by forging one little CA Root Certificate, and blammo! You can eavesdrop and man-in-the-middle anybody you darn well please, SSL or not!

Web sites over SSL? No problem.

E-mail over SSL? No problem.

I have said it before, and I'll say it again: There never was security or privacy on the internet, there is no security or privacy on the internet now, and most likely there never will be. Not unless some very big changes are made...

And do you know why all this (and much, much more) is possible?

Because just like you, I had no knowledge of the gaping holes in SSL. Awareness of this and many other issues - technological, political, psychological, social, etc. - is absolutely essential.

Otherwise, frankly, we're screwed.

Links:

Fake SSL certificates deployed across the internet

The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software

Read more...

Ten Places Around the World You Are Not Allowed to Visit.

10. RAF Menwith Hill (U.K) – Worlds largest electronic monitoring site. If a plot is hatched, or missle launched, this place will know about it first.

9. Club 33 (Disneyland California, USA) – Located in the New Orleans Square part of the theme park , it is a club exclusively for VIPs with a membership.  It has a decades long waiting list.

8. Bohemian Grove (California, USA) – A secret place in the woods reserved only for the worlds most powerful people.

7. Vatican Secret Archive (Vatican City) – You can request texts to be delivered to you from the archive for browsing, you may never enter.

6. Lascaux Caves (France) – Part of our human heritage, only a few hand-picked scientists are allowed in the caves due to the ancient age and nature of the artwork contained within.

5. Pine Gap (Australia) – Only place in Australia designated as a No Fly Zone.

4. Metro 2 (Moscow, Russia) – Built by Stalin, a secret underground train system in Moscow supposedly reserved for use by Russian secret services and top government officials.

3. Room 39 (Pyongyang, North Korea) – Supposedly a government controlled operation that deals in illegal drug trafficking and smuggling.

2. Mezghhorye (Russia) – The supposed location of Russia’s 'dead hand' nuclear missile site. 

1. Area 51 (Nevada, USA) –  This is the rumored location of alien corpses, the Roswell crash remains, and secret weapon research.

Read more...

Biometric Database of All Americans Buried in 800 Pages of Immigration Reform

Republicans and Democrats may not agree on much, but they certainly do agree on ever-increasing government intrusion and power.  One of the big problem with all the so-called "security” legislation created since 9/11 is that it, unquestionably, will be used against American citizens who stand up to power. That's already happening.

Our Orwellian government already tracks and monitors everything we do, but apparently the political class is not satisfied. Hidden in the 800 pages of immigration reform " is a mandate for the creation of a national biometric database of virtually every American (take notice that the question of fining the corporations for employing illegal immigrants never comes up, because corporations thrive on cheap labor and our government is all about keeping corporations profitable as possible).

"The immigration reform measure the Senate began debating yesterday would create a national biometric database of virtually every adult in the U.S., in what privacy groups fear could be the first step to a ubiquitous national identification system.

Buried in the more than 800 pages of the bipartisan legislation (.pdf) is language mandating the creation of the innocuously-named “photo tool,” a massive federal database administered by the Department of Homeland Security and containing names, ages, Social Security numbers and photographs of everyone in the country with a driver’s license or other state-issued photo ID.

Employers would be obliged to look up every new hire in the database to verify that they match their photo.

This piece of the Border Security, Economic Opportunity, and Immigration Modernization Act is aimed at curbing employment of undocumented immigrants. But privacy advocates fear the inevitable mission creep, ending with the proof of self being required at polling places, to rent a house, buy a gun, open a bank account, acquire credit, board a plane or even attend a sporting event or log on the internet. Think of it as a government version of Foursquare, with Big Brother cataloging every check-in.

“It starts to change the relationship between the citizen and state, you do have to get permission to do things,” said Chris Calabrese, a congressional lobbyist with the American Civil Liberties Union. “More fundamentally, it could be the start of keeping a record of all things.”

For now, the legislation allows the database to be used solely for employment purposes. But historically such limitations don’t last. The Social Security card, for example, was created to track your government retirement benefits. Now you need it to purchase health insurance.

“The Social Security number itself, it’s pretty ubiquitous in your life,” Calabrese said.

David Bier, an analyst with the Competitive Enterprise Institute, agrees with the ACLU’s fears.

“The most worrying aspect is that this creates a principle of permission basically to do certain activities and it can be used to restrict activities,” he said. “It’s like a national ID system without the card.”

For the moment, the debate in the Senate Judiciary Committee is focused on the parameters of legalization for unauthorized immigrants, a border fence and legal immigration in the future.

Read more...

Neo-Empire: The Myth of Pax Americana.

Empires are built on crushed armies, destroyed cities, incinerated crops, slaughtered herds, raped women, enslaved prisoners of war, oppressively over-taxed population, and even genocide. To the contrary of what we've been told, the American empire also rose out of these ashes. But ours is more of a neo-empire, built on neo-imperialism and/or neo-colonialism, which, allows for the husk or shell of independence--the illusion of independence--but takes the substance-- control over that nation's industry,  imports and exports and relationships with other nations.  We allow conquered countries to fly their own flag, use their own currency, speak their own language, on the condition that our military can enter at any time to do whatever we want.

The empire builders of today tell us "we’re" fighting for the security and survival of our nation. They tell us "we’re" fighting for democracy...to spread democracy. They tell us "we’re" fighting for humanitarian reasons. They tell us "we're" fighting to oppose dictators that we put in power.  If this is true, then why, the larger the military industrial complex gets, and the larger the security industrial complex gets, are we, the people finding ourselves increasingly less secure, less free, less humanitarian, not to mention, exceedingly falling under the absolute or supreme power of government?  And why, since the implementation of the Patriot Act I and II, the NDAA, super-advanced technology, unprecedented military power, more than 1,000 global military bases, not to mention trillion-dollar undeclared  "wars", not to mention, our domestic wars:  "war on terror",  "war on drugs" etc., do they continue to tell us the world is even more dangerous than ever?  The bottom line is there is only one beneficiary of empire, and it's not us as the following chart clearly demonstrates.

Cui Bono? To whose benefit is the empire arranged?

So now  the global establishment war drums beat for Syria, the new face of the "war on terror", or, it could be said, indirectly beating for Iran. The U.S. claims that if evidence surfaces showing Syria used chemical weapons...well, it's a game changer. Despite the fact that within the last decade,  the U.S./Israel has used depleted uranium and white phosphorus against Iraqi civilians.  Nevertheless, the telescopic sight or scope is being adjusted until the cross-hairs are centered on the bullseye: Syria in an on-going regional escalation. Perhaps WWIII.

"...we’re going to attack and destroy the governments in 7 countries in five years – we’re going to start with Iraq, and then we’re going to move to Syria, Lebanon, Libya, Somalia, Sudan and Iran.” -- Gen. Wesley Clark

“The Romans have constantly had the same cause, a cause for making war upon all nations, peoples and kings. The insatiable desire for empire and wealth.” -- King Mithridates, one of the Roman Republic’s most formidable and successful enemies, who engaged three of the prominent generals from the late Roman Republic in the Mithridatic Wars

“You find in the Romans an arrogance which no reasonable submission can elude. Briggons of the world, they have exhausted the land by their indiscriminate plunder. They create a desolation and call it peace. Our goods and money are consumed by taxation. Our land is stripped of its harvest to fill their granaries.” -- Chief Calgacus, chieftain of the Caledonian Confederacy (present day Scotland)  who fought the Roman army of Gnaeus Julius Agricola at the Battle of Mons Graupius in northern Scotland in AD 83 or 84.

Read more...

Another Boston-Like Lockdown: Students Had to Use Buckets Instead of Bathrooms

Several schools in the Madison Wisconsin area went into lockdown after a Chicago fugitive, Paris Poe,  wanted for parole violation and questioning in a murder investigation, was spotted at a hotel in Madison, WI.  Poe had previously been imprisoned for armed robbery. Because of the sighting, a large area  was then locked down and swarmed with SWAT teams in what resulted in a day-long manhunt.

Reverse 911 calls were made to all landlines asking residents to lock their doors and remain inside. Police asked all the businesses in their area to close and lock their doors. All six schools in the area were placed on lockdown and surrounded by police. In Verona, no-one could enter or exit the schools. In some classrooms, children were told to crouch under their desks for hours.  Children were prohibited from using the bathroom, and were told to urinate in buckets.. Parents could not pick up their children since entry or exit was prohibited. Once the lockdown was ended, parents were required to present ID to take their children home.

Later in the day, Poe was arrested far outside the locked down area. He faces no charges in WI and will be transported back to IL.

All of this for a man wanted for questioning and a parole violation? I don't think so. More like any excuse to instill fear in the hearts of children and condition the people to accept "martial law" as the new normal.

Read more...

Resubmitting CISPA Under the Guise of National Security

Imagine, if you will, an Internet surveillance grid of the future that includes an Internet ID system, Internet licenses, Internet blacklists, an Internet taxation system, giant firewalls used as a blockade to information, etc. Imagine biometric gate-keeping sensors that control and watch everything you do on the Internet. Imagine being accountable and responsible to the Big Brother Internet. This might sound far out, but that's what DARPA had in mind when they created the Internet. Now, they just need the legislation in place to make it happen. What's more is that the same tech corporations that claim they believe in an open Internet and online freedom--Facebook (who overtly supports CISPA) Google, Yahoo, etc.-- will aid and abet the government when it comes time to install these restrictions. However, the powers that be, know that in order to accomplish this goal, they must gradually increase the heat on the proverbial pot of water, rather than switch it to boil right away.

Which brings us to the latest State of the Union address, where President Obama said he signed an executive order to strengthen the nation's cyber defenses by increasing information sharing and by developing standards to protect our national security, our jobs and our privacy. Sure, on the surface, that sounds good, because, of course, our national security infrastructure should be protected. But, guess what? It already is. I mean, do you really think our national security infrastructure is available online...on the same Internet, we the people, surf? Hell no! So what is this CISPA (Cyber Intelligence Sharing Protection Act) legislation the Obama administration claims must be passed to secure our networks and prevent attacks? Well, it basically provides a framework of legal authority to, for example, give the "trustworthy" corporations, immunity from their actions. In fact, the text of this legislation states that private information may be shared "notwithstanding any other provision of law."
You know, provisions of law like the the Fourth amendment.

Anyway, the very next day, after the State of the Union address, Mike Rogers, chairman of the House Intelligence Committee, along with other members of Congress resubmitted CISPA--a rehashed version that has not been released yet. Yes, the one that failed to reach the Senate during the last Capitol Hill session. The problem is that the language of this bill is so vague and so broad that once this framework is put in place, the potential to destroy our civil liberties--yes, even more than they've already been destroyed--is boundless, possibly resulting--at some time in the future-- in the aforementioned scenario.

As President Obama told us, he has already signed the executive order to lay the groundwork for the cooperation between the private and the public sectors, which like I said before, gives full immunity to the private sector, so if the private sector uses your information for whatever reason, you cannot sue them. And it's not just the government that has an interest in eliminating what's left of "freedom" on the Internet. The large corporations want to control what information is allowed to flow on the internet as well. They too don't want disgruntled consumers, dissenting opinions, whistle blowers, and fact checkers alerting the public of their nefarious activities. The bottom line is this bill is not about security, this is all about the wealthy and powerful struggling to maintain the status quo, to maintain their place of privilege and authority in a world that, given enough freedom, could severely threaten and/or undermine their sense of entitlement and position of great advantage.

"Shall the throne of iniquity have fellowship with thee which frameth mischief by a law." -- Psalm 94:20

From CISPA is Back:

Read more...

Risking Everything to Warn Americans About the Dangers of NSA Domestic Spying.

Following 9/11, the National Security Agency (NSA) began a top-secret surveillance program to spy on U.S. citizens without warrants. Code named "Stellar Wind" or "The Program," the full scope of the surveillance has not been made public.

William Binney, one of the whistle blowers risking everything to warn Americans about the domestic spying program worked for the NSA for 32 years and was known as the best mathematician and code-breaker in NSA's history. In July 2007, the FBI raided the homes of William Binney and two other NSA whistle blowers. Currently, the NSA is  building the country's largest data storage facility in Bluffdale, Utah, and Binney estimates that this structure will have the capacity to store over 100 years of the world's electronic communications.

The "USSID 18" stands for United States Signals Intelligence Directive. It is the is the NSA's top-secret manual of definitions and legal directives, the regulations which govern signals intelligence operations conducted by the United States government. According to USSID 18, you can spy on Americans--if it's approved by the Attorney General and there are very few occasions where the AG is allowed to grant permission. Think terrorist acts and grave dangers to lives, limbs and private property and there are no alternatives to  direct emergency efforts. Well, since 9/11 violations of this strict charter abound.



Links:

The Growth of Homeland Security’s Domestic Intelligence Enterprise

Fusion Centers Map, Locations, Contact Information

DHS Social Media Monitoring and Situational Awareness Initiative Privacy Compliance Review

Read more...

Security for 2012 London Olympics Designed to Fail?

Undercover reporter, Lee Hazledean, a filmmaker and TV journalist, infiltrated the private security firm, G4S to train as a security guard for the 2012 London Olympics that start in 4 weeks. Of course, the reason for private security contractors is to reap enormous profits because it's certainly not to ensure the safety of athletes, employees, and spectators, as you will see if read on, or listen to the video below.

Hazledean reports (video below) that training is woefully inadequate; that it's easy to get knives, guns, IEDs, through the security screening; uniforms are going missing or being stolen from the uniform distribution centre/training facility; cheap equipment does not work, such as metal detectors; people are taking photos on their mobile phones in the training facility; 200,00 casket linings (hold 4-5 bodies each) delivered...

Also there are plans for the evacuation of London, G4S are going to be at the forefront, as well as 100,000 troops coming in via Woolwich barracks made up of regular British Forces, American regular army and European troops. Lee was not told why there would be any need for an evacuation of the whole of London, they just said it was to be a “defining moment in the history of London”. This could just be a precaution but the public should be made aware of the foreign invasion which is taking place right now. The troops are being held across London in various barracks once they’ve been through Woolwich. Lee also had this information confirmed by an army doctor who was shocked at all the foreign troops coming into London. There is also a shipment of what are being described as casket linings, each casket can hold four or five people and 200,000 casket linings have been delivered we believe from America. This could all be precautionary in the event of a major terrorist attack. Also we were shown videos of drones attacking targets in Afghanistan and were told that drones will be patrolling the sky’s over London during the Olympics carrying out surveillance and search and destroy missions if necessary. Lee believes there is something fundamentally wrong with how the security for the Olympics is being implemented by G4S. With exactly 4 weeks to go until the games Lee feels he needs to expose the inadequate security in place in the hope that it can be improved so that the London 2012 Olympics can be a safe environment for spectators and Athletes alike, and not a cause for national and international embarrassment for Great Britain.

Read more...

Provoking Revolution While Rapidly Ramping up the Internal Security Apparatus.

I have a collection of National Geographic magazines that date back to the late 1950s. Sometimes it's interesting to go back and read old articles to see how far we've come, or, in some cases, how much we've apparently stagnated.  For instance, in the case of "remote sensing", which basically means gathering information about things from enormous distances made possible by radiant energy traveling in visible and invisible wavelengths. What I mean is, that gauging from the 1969 article, "Remote Sensing: New Eyes to See the World" [National Geographic Jan.1969: 46-73] which explains the revolutionary technology at the time regarding the development of surveillance--hot and cold-war reconnaissance--that enables a far greater ability to probe the mysteries of the world, from what they're telling us, our capabilities have not progressed all that much in four decades. 

This is especially apparent in the unexplained fate of Malaysia Airlines flight MH370, where the plane supposedly vanished from radar screens on March 8 with 239 people aboard. One would think, considering the exponentially growing security and defense surveillance industry, that we would've surpassed the satellite and radar technology available in the late 1960s. That by 2014, it would be impossible for a huge state of the art Boeing 777-200 to disappear from the face of the earth.

They tell us, at present, only 10% of the Earth's surface has radar infrastructure, leaving huge gaps in coverage in places like certain regions of Australia, deserts or oceans.

I mean, it's no secret that the technology we see in use today is decades behind what has actually been developed behind closed doors.  And I suspect even less is disclosed to the general public today than it was back then.  You know, the progressive dumbing down of America. What you don't know can hurt you.

Which makes the fact that police are employing Predator drone spy planes on the home front even scarier. What's more, these killer drones were launched to track down cow thieves.  Really?  Couldn't they have waited for something a little more dreadful sounding than the mystery of six missing cows? It sounds like a job for Nancy Drew, not predator drones, capable of the indiscriminate slaughter of civilians.

There is no doubt that our current administration is overly concerned about "homegrown terrorism" as it continuously ramps up ways to fight it.  But at the same time, it's heavy handed wars on everything from drugs to terror to crime is exactly what's creating more terrorists, here and abroad.  Not to mention, the definition of a terrorist gets broader everyday.

Consider for a moment, Fox News telling its listeners to educate themselves on whom their real enemies are: the political elites inside the beltway. Of course, that's true; however, when Fox News, an establishment mouthpiece of the first order, is dispensing this kind of advice, you've got to question the motive. Are they fueling the fire? If so, why?



* Weaver, Kenneth F. "Remote Sensing, New Eyes to See the World." National Geographic Jan.1969: 46-73.Print.

Links:

CIA Drones Kill Large Numbers of People Without Knowing Who They Are

Obama administration wants school teachers to snoop on their kids?

Read more...

Homeland Security is Recruiting Hotel Guests to Report You.

Ten years after the September 11 attacks on the Pentagon and World Trade Center, the advancement of police-state policies in America, and the continuous effort to exacerbate the reaction of fear and hostility amongst the citizenry, not only continues, but has steadily increased, as the Fatherland Department of Homeland Security ratchets up its squeal-on-your-neighbor campaign once again.

Yes,  DHS has partnered, in their "If You See Something, Say Something™" campaign, with hotel television providers in an effort to recruit hotel guests to rat out their "neighbor" in the never ending "war on terror".  Welcome screens on 1.2 million hotel TV sets in Marriortt, Hilton, Sheraton, Holiday Inn and other American hotels will show a DHS public service announcement encouraging viewers to call law enforcement if they witness any suspicious activity during their travels.

Secretary of Homeland Security Janet Napolitano today joined American Hotel & Lodging Association (AH&LA) President and CEO Joe McInerney, LodgeNet Interactive Corporation Chairman and CEO Scott Petersen, and W Hotel General Manager Ed Baten to announce the new partnership between the Department of Homeland Security’s (DHS) “If You See Something, Say Something™” public awareness campaign and the AH&LA and LodgeNet—highlighting the Department’s continued partnership with the private sector to ensure our nation’s safety and security.

“This private sector partnership is another example of how DHS and our nation’s hospitality industry are working together to protect our country, recognizing that security and economic prosperity often go hand-in-hand,” said Secretary Napolitano. “Each of us has a role to play in helping keep America safe, and time and again, we have seen the value of public vigilance in thwarting terrorism. Sending the simple but effective “If You See Something, Say Something™” message to the millions of guests that stay at hotels and motels each year is a significant step in engaging the full range of partners in our homeland security efforts. America’s hospitality industry is a vital engine for job growth and sustainment—and with partnerships like this it is also becoming an increasingly important partner in our nation’s security.”

With the theme of turning citizens against citizens, in times of economic hardship, where people are looking for others to target their frustration, which is what this campaign is designed to do, how long is it, before DHS starts encouraging children to report their parents for their anti-government views?

Read more...

Asteroids, Tsunamis, and Drills, Drills, Drills.

By this time most people are aware that the first ever Emergency Alert System Nationwide Test  scheduled for November 9, 2011. Coincidentally, or not so coincidentally, this test is occurring at the same time Asteroid 2005 YU55 will be passing between the moon and the earth. Fortunately, the asteroid is not supposed to make contact with either the earth or moon.

However, I found the following comment posted by a former NASA employee quite interesting.

In addition, the United Nations has scheduled a massive tsunami drill (below),  not to mention, over 200 agencies are involved - including the Department of Homeland Security, FEMA, TSA, National Guard, members of the health care community, and local police and first responders for a total of 8,000 people - in a drill that will simulate a devastating nuclear bomb being detonated in the heart of the capital city of Arizona.

Exercise Pacific Wave 11

PacWave11 will be held on 9-10 November 2011 as a multi-scenario exercise that will allow all PTWS countries to exercise using a destructive local or regional tsunami scenario. PacWave 11 will also be used to introduce new tsunami advisory products of the PTWC that were proposed by the PTWS Enhanced Tsunami Warning Products Task Team and approved by ICG/PTWS-XXIV. IOC Circular Letter 2390 was issued on 13 May 2011 announcing the exercise and requesting PTWS Countries to nominate a PacWave11 focal point. IOC Manual and Guides 58 on How to Plan, Conduct, and Evaluate Tsunami Exercises was issued in July 2011. The PacWave11 Exercise Manual (IOC TS 97) was published in August 2011. UNESCO will issue a press release on 1 November 2011.

Links:

A Pacific Wide Tsunami Warning and Communication Exercise 9-10 November 2011 Exercise Manual

Read more...

Where Did the HAARP Website Go?

Well, according to Press Core World News, the US government ordered  the HAARP (High Frequency Active Auroral Research Program) website down, three weeks ago, "to conceal US weather modification and earthquake inducing warfare activities against foreign states." 

The Environmental Modification Convention (ENMOD) prohibits the military or other hostile use of environmental modification techniques or weather warfare, "which is the use of weather modification techniques for the purposes of inducing damage or destruction."

Now, because HAARP is never mentioned by those in the mainstream media,  too many people assume - that is, if they've even heard of HAARP - that HAARP is nothing more than a benign weather monitoring station ...just another crazy conspiracy theory cooked up by those who have too much time on their hands.

Well, these patents should prove otherwise:

HAARP Patents (Assigned to APTI, Inc. Los Angeles, CA, Washington, DC)

U.S. Patent 4686605: Method And Apparatus For Altering A Region In The Earth’s Atmosphere, Ionosphere, And/Or Magnetosphere Issued: Aug. 11, 1987 Filed: Jan. 10, 1985

U.S. Patent 5038664: Method For Producing A Shell Of Relativistic Particles At An Altitude Above The Earth’s Surface ~ Issued: Aug. 13, 1991 Filed: Jan. 10, 1985

U.S. Patent 4712155:M ethod And Apparatus For Creating An Artificial Electron Cyclotron Heating Region Of Plasma ~ Issued: Dec. 8, 1987 Filed: Jan. 28, 1985

U.S. Patent 5068669: Power Beaming System ~ Issued: Nov. 26, 1991 Filed: Sep. 1, 1988

U.S. Patent 5218374: Power Beaming System With Printer Circuit Radiating Elements Having Resonating Cavities ~ Issued: June 8, 1993 Filed: Oct. 10, 1989

U.S. Patent 5293176: Folded Cross Grid Dipole Antenna Element ~ Issued: Mar. 8, 1994 Filed: Nov. 18, 1991

U.S. Patent 5202689: Lightweight Focusing Reflector For Space ~ Issued: Apr. 13, 1993 Filed: Aug. 23, 1991

U.S. Patent 5041834: Artificial Ionospheric Mirror Composed Of A Plasma Layer Which Can Be Tilted ~ Issued: Aug. 20, 1991 Filed: May. 17, 1990

U.S. Patent 4999637: Creation Of Artificial Ionization Clouds Above The Earth ~ Issued: Mar. 12, 1991 Filed: May. 14, 1987

U.S. Patent 4954709: High Resolution Directional Gamma Ray Detector ~ Issued: Sep. 4, 1990 Filed: Aug. 16, 1989

U.S. Patent 4817495: Defense System For Discriminating Between Objects In Space ~ Issued: Apr. 4, 1989 Filed: Jul. 7, 1986

U.S. Patent 4873928: Nuclear-Sized Explosions Without Radiation ~ Issued: Oct. 17, 1989 Filed: June 15, 1987

You see, time - and resources -  is something the ruling class does not want you to have; because, then, clandestine operations can easily be passed off as wacky conspiracy theories of the deranged and demented, when, in fact, those operations are very real and very lethal.

Read more...

Big Brother's Genetic Roundup for Top-Secret America?

8-year old Big Brother Homeland Security, "already has its own Special Access Programs, its own research arm, its own command center, its own fleet of armored cars and its own 230,000-person workforce, the third-largest after the departments of Defense and Veterans Affairs."

Do we really want them gathering information about us that we don't even know or have access?  As the Washington Post pointed out an "estimated 854,000 people, nearly 1.5 times as many people as live in Washington, D.C., hold top-secret security clearances". Whose to say how many of these unknown people know more about us than we know about ourselves. Whose to say one of these people is not our boss, spouse, next-door neighbor...or even worse, a psychopathic serial killer who targets specific DNA profiles.  Well, you never know.

Here are some of the latest developments in possibly mandatory invasive screening devices:

First, the latest. Under the guise of combating human trafficking, illegal immigration, and finding missing persons,  Homeland Security plans to roll out even more invasive screening at airports this summer. How? They plan on invading your genes with portable DNA scanners that will conduct on-site, real-time genetic testing, in addition too, or in place of, the groping session.   Richard Seldon of NetBio, creator of the scanners said, "DNA information has the potential to become part of the fabric of day-to-day life."  However, this is nothing new. Since 2009, police have already had the authority to conduct warrantless searches by taking blood and saliva during arrests, even from those not convicted of a crime, and the Pentagon maintains a database of over 80,000 DNA profiles.

Let's not forget the safer than safe biometric blueprint grabbing enhanced version of 1000D whole body scanners.

Iscon is introducing an enhanced version of the 1000D whole body scanner equipped with optional biometric technologies and identity verification techniques that will vastly improve security at corrections facilities, law enforcement as well as international airports.

The Iscon 1000D is the only whole body imaging portal that can be integrated with state of the art technologies to detect virtually any object, without radiation or privacy issues and confirm that the person is indeed who they claim to be. This is critical in prisons as inmates try to pose as others to escape as well as airport security to speed processing, identify terrorists and discover contraband.

Iscon1000D uses thermo-conductive infrared technology that completes a 360°scan in 30 seconds, reveals a multitude of objects, but doesn't penetrate clothing, so there's no privacy or radiation issues.

It can detect the thermal imprint of any object that many scanners miss, including:

* thin plastic
* wood
* powder (pills and drugs)
* paper (money)
* liquids
* ceramics (explosives)

Iscon 1000D is already been sold in the U.S., Europe, China, Japan, Iraq, Russia and the Ukraine.

The enhanced system offers stand alone or combined options for integrated security capabilities through identify verification using the following technologies:

Facial Recognition -- Can compare a person's facial attributes to existing databases and cross match with other systems.

Fingerprint Recognition -- Fingerprints are a highly reliable identification method and are a fast and easy way to determine identity. Large law enforcement databases can be accessed to cross match and verify a person's identity quickly and easily.

Iris Recognition -- Scans of a person's iris can be cross-matched to a database for identity verification.

Card/Barcode Reader -- For high traffic areas that need fast scans, the Iscon 1000D is equipped with a card and barcode reader. At manufacturing facilities and other high security operations, that require both scanning and verification, this system is ideal for people who are preapproved and can simply scan their card or barcode and go through safely.

"Facilities are facing significant privacy and health issues using scanners that expose a persons body parts that can be stored and shared digitally," explains Iscon Founder and President Izrail Gorian. Using existing databases available today, or using a proprietary system of employees or inmates, security will ultimately be enhanced for everyone and at the same time ease verification for those who are not suspect."

And as if we need anymore biometric grabbing devices, Sony's Finger Vein Authentication (Mofiria) technology for mobile apparatus  could appear within the year.  Mofiria is a compact camera based system that uses CMOS sensor to capture light scattered diagonally through finger veins.  Data from the pattern is compressed making it possible to store on gadgets for laptops, and mobile devices.  Supposedly, this technology has been in use for two years.

The use of new and highly-intrusive surveillance technology violates the normal expectation of privacy, dignity and respect of every individual, whether they know it or not. Mandatory screening is a direct infringement basic human rights and should not be tolerated.

Links:

Top Secret America

The top-secret world the government created in response to the terrorist attacks of Sept. 11, 2001, has become so large, so unwieldy and so secretive that no one knows how much money it costs, how many people it employs, how many programs exist within it or exactly how many agencies do the same work.

Read more...

You’re More Likely to Drown in a Toilet than Die by Terrorist.

And you are FAR more likely to die of a heart attack, cancer, or lack of health insurance than you are to be killed by a terrorist.

So, no, the TSA's program, put into place last November,  to molest America is not about security or safety at all. It is about the acquisition of power by the economic and political elite at the expense of our rights. Some even say this could be desensitization for what's to come.

And if you think the harassment is going to stop, think again. History has shown us that once the governing forces get a taste of power, it only fuels their appetite for more power until they have absolute power.

The following ratios were compiled using data from 2004 National Safety Council Estimates, a report based on data from The National Center for Health Statistics and the U.S. Census Bureau. In addition, 2003 mortality data from the Center for Disease Control was used.

You are 17,600 times more likely to die from heart disease than from a terrorist attack.

You are 12,571 times more likely to die from cancer than from a terrorist attack

You are 11,000 times more likely to die in an airplane accident than from a terrorist plot involving an airplane

You are 1048 times more likely to die from a car accident than from a terrorist attack

You are 404 times more likely to die in a fall than from a terrorist attack

You are 87 times more likely to drown than die in a terrorist attack

You are 13 times more likely to die in a railway accident than from a terrorist attack

You are 12 times more likely to die from accidental suffocation in bed than from a terrorist attack

You are 9 times more likely to choke to death on your own vomit than die in a terrorist attack

You are 8 times more likely to be killed by a police officer than by a terrorist

You are 8 times more likely to die from accidental electrocution than from a terrorist attack

You are 6 times more likely to die from hot weather than from a terrorist attack

Courageously, former Gov. Jesse Ventura is filing a lawsuit against the TSA and Homeland Security for "warrantless and suspicionless" scans and body searches.

Jesse Ventura filed the lawsuit Monday in a Minnesota federal court against the Department of Homeland Security and the TSA, claiming that his right to not be subject to unwarranted searches and seizures is consistently violated when he flies. The lawsuit claims that he is often stopped for “pat downs” because of a hip-replacement surgery that left a titanium implant in his side.

No Threat

In his complaint, obtained by The Associated Press, Ventura argues that the TSA and Dept. of Homeland Security “have no factual basis to support any reasonable suspicion that Governor Ventura poses any threat to airline safety, nor does he in fact pose any such threat.”
Unwarranted Searches

The argument set forth by the lawsuit is that the required searches are “unwarranted and unreasonable intrusions on Governor Ventura’s personal privacy and dignity," and are a justifiable cause for him to be concerned, specifically that he was subjected to “warrantless rubbing of the genitals” when a TSA agent conducted the pat-down. As a consequence of a 2008 hip replacement surgery, Ventura lives with a titanium plate that sets off the alarm in an airport screening magnetometer, requiring him to submit to a secondary search. He notes that prior to November, officials had always used a non-invasive hand-held wand, but during the November incident he wasn’t given that option.
How Does The US Compare Internationally

“The TSA has told us in the past that they were not able to gain the required visibility of other countries’ programs to see if they were commensurate with the U.S. screening procedures. This is the biggest challenge,” said Brandon Fried, executive director of the Airforwarders Association, which represents the $17 billion air cargo industry.

Washington Doesn’t Care

Too bad nobody in Washington cares. It’s easier to buckle under and live with the expensive waste of money rather than stand up for privacy. And before the GOP starts with their “privatize it” nonsense again, the private companies are following TSA procedures so the same would apply to them. Following the Tuscon shootings we heard one member of Congress talk about putting a shield around Congress for safety so brace yourself for more ridiculous ideas.

Read more...

WikiLeaks: Intelligence Agency of the People? Or Agency of the Powerful?

Update: Did the CIA use Sweden to launder the transfer of carefully screened and redacted State Department cables to WikiLeaks...and the subsequent release of the cables to pre-selected corporate news media entities?

------------------------------------------------------------------------------------------------------------------------------
Did you ever wonder why so many things that clearly happened, never happened, even while they were happening? And, other things, that appear to be happening, make little to absolutely no sense at all? Or, why does it appear that governments and mainstream media seem to believe that we the people are too stupid to notice what’s really going on...as if we swallow what we're told with the "stupidity of an animal".

Well, as far as the mainstream media goes,  we can thank  The Telecommunications Act of 1996, the most important step toward allowing media consolidation. Fifteen years later, the mass media - television networks, newspapers, cable channels, movie studios, magazines, and even many websites - is under the control of only a handful of  huge corporations, and no doubt, mainstream media was made to conform to the agenda of these mega-corporations.  Now, as far as mindlessly swallowing what we're told, let's just say it serves us well to be skeptical of everything we see, hear and read. And, fortunately, for us, information and knowledge is at our fingertips, leveling the playing field, somewhat.

However, as useful as the Internet is to we the people, it has created a monumental problem for those in power (wealthiest one-tenth of one percent). Why? It severely limits their ability to control the one thing absolutely necessary to stay in power, and control the money supply, in a top-down society: information and knowledge.

Which raises the question of whether the WikiLeaks "cat and mouse" game playing out before our very eyes... that  just so happens to center on the so-called "problem" the Internet poses to national security, is a real "wikipedia for whistle-blowers" or something else, entirely.  While it certainly appears that WikiLeaks is operating in the interest of the people,  appearances can be, and often are very deceiving.

Having said that, there are rumors that surround WikiLeaks; from accusing Israeli security of using WikiLeaks to create  a  'false flag' operation aimed at furthering the US/Israeli agenda to demonize and eventually attack Iran to WikiLeaks serving as a CIA conduit.  Or maybe WikiLeaks will provide the perfect excuse to clamp down on the biggest threat to our current power structure: the Internet.

As Tom Ashbrook (On Point) said, regarding our government's concern over WikiLeaks,  "they're talking about going back to laws from nineteen-teen in this country..." Moreover,  Jack Beatty, on the same program, said that the WikiLeaks "revelations" are essentially "making apparent what we already know".   In other words, if it turns out they use the WikiLeaks "revelations" that might be noteworthy, but certainly not earth shattering, as an excuse to curtail the flow of information and curb our access to the Internet,  WikiLeaks may not be an agency of the people at all.

Read more...

In Check or Checkmate?

While obviously, there are worse atrocities then the TSA's invasive molesting procedures, it sticks out as one of the more blatant abuses of constitutional liberty, as it stands in direct violation of the fourth amendment: protection against unreasonable searches and seizure!

So, where is the outrage? Since when is it okay to violate someone's privacy and dignity in such an egregious manner? Since when is it okay for complete strangers to place their hands on you or your child's most intimate parts?

And why does the TSA have so much authority? Consider the man who tried to leave the airport after refusing a screening and pat-down. You know, the guy, who stated, "Don't touch my junk".  They threatened him with a lawsuit if he didn't submit.  Why couldn't he leave the airport? He wasn't trying to board a plane.

When in doubt, follow the money.

And when you follow the money, start with the Republicans.  What are they doing, saying, suggesting?  Well, they're pushing privatization, as usual. We all know profits are much more important than safety.

It just may be that this TSA horror show is meant to, once again, show Americans just how bad government is, in order to get Americans to accept privatization. Or the TSA "horror show" might serve to get us to accept something new, that will seem benign in comparison.   Maybe, new technology that authenticates identity via iris recognition (bio-metric screening).  Either way, the motive is power and/or profit, and more than likely, both.  Rest assured it has nothing to do with protecting American citizens from the big bad terrorist.

Is the game over? Is the last piece in place...have we been checkmated? Or is still possible to capture the queen? Or, do we wipe them off the board completely, level it, and devise our own rules?

Read more...

Protect Your Computer From the Bad Guys Links

Unfortunately, in cyberworld, the bad guys are only getting worse. They tend to stay one or two steps ahead of the good guys, and sometimes the biggest problem in computer security isn't necessarily the computer itself, but computer operator ignorance

"It really speaks to a Web 2.0 world. People communicate differently today, people transact and pay their bills differently today, and that drives today's criminals." -- David Marcus, director of security research and communications for McAfee Labs

Enlightening links:

Protecting you computer from online bad guys is no joke

Watch Out: Cyber Threats to Expect in 2010

12 things computer users should fear in 2010

End-to-end encryption: The PCI security holy grail

Seven reasons websites are not secure - Many sites you visit are laden with malware.This is advice on how to protect your systems.

How to Secure Windows and Your Privacy -- with Free Software

Although safer, Linux Ubuntu is not immune to dangerous attacks from malicious software.

Mac Security Reality-check: Scams

Who Knows Who Your Facebook Friends Are?

The Complete Guide to Facebook Privacy

Read more...

President Obama Will Choose Cyber Czar.

Tomorrow, after President Barack Obama releases the final report following a 60-day review of U.S. cyber security policy, he will announce the creation of a "cyber czar" position, in order to protect the nation's computer networks living up to his presidential campaign pledge to
"elevate the issue of cybersecurity to a "top priority" and to appoint a national cybersecurity adviser "who will report directly to me."

Read more...

How Secure Is Cyberspace?

From CERT:

Cyberspace has become so woven into the fabric of our society that it's almost impossible to separate the "real" world from virtual reality without experiencing enormous loss qualitatively and quantitatively.

We shop, bank, pay bills, communicate, learn, research, plan, organize, collaborate, store photos, entertain ourselves, support ourselves, etc. in cyberspace. Our growing dependence on the virtual world presents risks and security challenges we've never seen before, so much so that securing cyberspace has become crucial to our everyday lives as well as our national security. Our nation is becoming more and more dependent on it for operating its critical infrastructures such as transportation, communication, finance, energy distribution etc. Currently our nation's vulnerability to attack and susceptibility to disaster is much too high.

The Committee on Improving Cybersecurity Research in the United States, responsible for publishing "Toward a Safer and More Secure Cyberspace" which can be read online for free, presents a better understanding of why cyberspace is as vulnerable as it is, and the research on new technologies and policies and their effective implementation to make things safer.

Read more...

If Catastrophic Emergency Should Occur, Bush Wants Full Control of Federal Government

This piece of news is not surprising at all as we are all familiar with President Bush's enormous appetite for power and control. What is surprising is the lack of response and/or reaction from the media to this alarming piece of news.

The Framers designed our system of government with the knowledge that there never was a democracy that did not commit suicide. During a time when distractions were few and politics were almost a form of entertainment the way sports are today, the Framers were well aware of the importance of a vigilant, informed and educated citizenry to maintain what they created. Considering the technological advances that have taken place since that time, it's amazing our republic is still in existence but it's only a matter of time before this "timeless" masterpiece, our Constitution, is destroyed if we continue to ignore what our leaders are up to.

With scarcely a mention in the mainstream media, President Bush has ordered up a plan for responding to a catastrophic attack.

In a new National Security Presidential Directive, Bush lays out his plans for dealing with a “catastrophic emergency.”

Under that plan, he entrusts himself with leading the entire federal government, not just the Executive Branch. And he gives himself the responsibility “for ensuring constitutional government.”

He laid this all out in a document entitled “National Security Presidential Directive/NSPD 51” and “Homeland Security Presidential Directive/HSPD-20.”

The White House released it on May 9.

Other than a discussion on Daily Kos led off by a posting by Leo Fender, and a pro-forma notice in a couple of mainstream newspapers, this document has gone unremarked upon.

The subject of the document is entitled “National Continuity Policy.”

It defines a “catastrophic emergency” as “any incident, regardless of location, that results in extraordinary levels of mass casualties, damage, or disruption severely affecting the U.S. population, infrastructure, environment, economy, or government function.”

This could mean another 9/11, or another Katrina, or a major earthquake in California, I imagine, since it says it would include “localized acts of nature, accidents, and technological or attack-related emergencies.” Read more...

Read more...